Merge pull request #9 from mosheco/master

No refresh token for client_credentials grant
RichardKnop · Mar 29, 2016 · fcc6e59 · fcc6e59
2 parents d893c78 + ee7912d
commit fcc6e59
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 6 deletions.
diff --git a/oauth/grant_type_client_credentials.go b/oauth/grant_type_client_credentials.go
@@ -14,8 +14,13 @@ func (s *Service) clientCredentialsGrant(w http.ResponseWriter, r *http.Request,
 		return
 	}
 
-	// Log in the user
-	accessToken, refreshToken, err := s.Login(client, new(User), scope)
+	// Create a new access token
+	accessToken, err := s.GrantAccessToken(
+		client,
+		new(User), // empty user
+		s.cnf.Oauth.AccessTokenLifetime, // expires in
+		scope,
+	)
 	if err != nil {
 		response.Error(w, err.Error(), http.StatusInternalServerError)
 		return
@@ -28,7 +33,6 @@ func (s *Service) clientCredentialsGrant(w http.ResponseWriter, r *http.Request,
 		ExpiresIn:    s.cnf.Oauth.AccessTokenLifetime,
 		TokenType:    TokenType,
 		Scope:        accessToken.Scope,
-		RefreshToken: refreshToken.Token,
 	}
 	response.WriteJSON(w, accessTokenRespone, 200)
 }
diff --git a/oauth/grant_type_client_credentials_test.go b/oauth/grant_type_client_credentials_test.go
@@ -30,7 +30,7 @@ func (suite *OauthTestSuite) TestClientCredentialsGrant() {
 	accessToken := new(AccessToken)
 	assert.False(suite.T(), suite.db.First(accessToken).RecordNotFound())
 	refreshToken := new(RefreshToken)
-	assert.False(suite.T(), suite.db.First(refreshToken).RecordNotFound())
+	assert.True(suite.T(), suite.db.First(refreshToken).RecordNotFound())
 
 	// Check the response body
 	expected, err := json.Marshal(&AccessTokenResponse{
@@ -39,7 +39,6 @@ func (suite *OauthTestSuite) TestClientCredentialsGrant() {
 		ExpiresIn:    3600,
 		TokenType:    TokenType,
 		Scope:        "read_write",
-		RefreshToken: refreshToken.Token,
 	})
 	if assert.NoError(suite.T(), err, "JSON marshalling failed") {
 		assert.Equal(suite.T(), string(expected), strings.TrimSpace(w.Body.String()))

diff --git a/oauth/response.go b/oauth/response.go
@@ -7,7 +7,7 @@ type AccessTokenResponse struct {
 	ExpiresIn    int    `json:"expires_in"`
 	TokenType    string `json:"token_type"`
 	Scope        string `json:"scope"`
-	RefreshToken string `json:"refresh_token"`
+	RefreshToken string `json:"refresh_token,omitempty"`
 }
 
 // IntrospectResponse ...