From b643dcba174de7fa5ae6346e3be567734164f871 Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Tue, 16 Apr 2019 19:35:18 +0200 Subject: [PATCH] [FIX] Custom Oauth store refresh and id tokens with expiresIn (#14121) * Fix #13693 Custom Oauth does not register the refreshToken nor respect the accessToken lifetime * Update app/custom-oauth/server/custom_oauth_server.js Co-Authored-By: ralfbecker * Update app/custom-oauth/server/custom_oauth_server.js Co-Authored-By: ralfbecker * Update app/custom-oauth/server/custom_oauth_server.js Co-Authored-By: ralfbecker * Update custom_oauth_server.js --- app/custom-oauth/server/custom_oauth_server.js | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/app/custom-oauth/server/custom_oauth_server.js b/app/custom-oauth/server/custom_oauth_server.js index 7f4428e15311..df7794f1094a 100644 --- a/app/custom-oauth/server/custom_oauth_server.js +++ b/app/custom-oauth/server/custom_oauth_server.js @@ -141,7 +141,7 @@ export class CustomOAuth { if (data.error) { // if the http response was a json object with an error attribute throw new Error(`Failed to complete OAuth handshake with ${ this.name } at ${ this.tokenPath }. ${ data.error }`); } else { - return data.access_token; + return data; } } @@ -183,15 +183,24 @@ export class CustomOAuth { registerService() { const self = this; OAuth.registerService(this.name, 2, null, (query) => { - const accessToken = self.getAccessToken(query); - const identity = self.getIdentity(accessToken); + const response = self.getAccessToken(query); + const identity = self.getIdentity(response.access_token); const serviceData = { _OAuthCustom: true, - accessToken, + accessToken: response.access_token, + idToken: response.id_token, + expiresAt: (+new Date) + (1000 * parseInt(response.expires_in, 10)), }; + // only set the token in serviceData if it's there. this ensures + // that we don't lose old ones (since we only get this on the first + // log in attempt) + if (response.refresh_token) { + serviceData.refreshToken = response.refresh_token; + } + _.extend(serviceData, identity); const data = {