You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The documentation recommends refreshing an access token prior to it expiring. However, while the refresh is successful, refreshing an access token before it expires generates an error in the log.
To Reproduce
POST to the login API with content of user id and password. The API responds with a JSON object containing both the refresh and access tokens.
Just prior to the access token expiring (in my case I used 5 minutes before expiration), GET the login API with the refresh token as the query parameter (i.e. /zm/api/host/login.json?token=. The API responds with a JSON object containing the new access token.
The access token is successfully refreshed, but an error is logged.
03/03/20 07:40:34.255301 web_php[22152].ERR [192.168.xxx.yyy] [Token type mismatch. Expected access but got refresh] at /usr/share/zoneminder/www/includes/auth.php line 129
Here's the decoded refresh token used in step 2 above.
The documentation recommends refreshing an access token prior to it expiring. However, while the refresh is successful, refreshing an access token before it expires generates an error in the log.
To Reproduce
Here's the decoded refresh token used in step 2 above.
I'm not sure why it's expecting the access token. The code looks like it's setting the allowed token type to
refresh
in the call tovalidateToken
.Expected behavior
Refreshing an access token should not generate an error in the log
The text was updated successfully, but these errors were encountered: