-
Notifications
You must be signed in to change notification settings - Fork 44
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ActiveRecord::RecordInvalid already taken (token already exists) #18
Comments
Hi @delphaber, there is a direct correlation between the token generated and the parameters you generate it with, meaning that if you're passing the same payload, secret key, etc. as you've done for a previous token, you'll get the same output. You can easily test that here: https://jwt.io/ You'll find that if you change the So, to make your token more unique you can do something like this in your config: Doorkeeper::JWT.configure do
# Set the payload for the JWT token. This should contain unique information
# about the user.
# Defaults to a randomly generated token in a hash
# { token: "RANDOM-TOKEN" }
token_payload do |opts|
user = User.find(opts[:resource_owner_id])
{
exp: (opts[:created_at] + opts[:expires_in]).utc.to_i,
iss: "api.yourcooldomain.com",
iat: opts[:created_at].utc.to_i,
jti: SecureRandom.uuid,
sub: user.id,
user: {
id: user.id,
name: user.name,
email: user.email,
email_md5: user.email_md5,
admin: user.admin?
}
}
end
# Use the application secret specified in the Access Grant token
# Defaults to false
# If you specify `use_application_secret true`, both secret_key and secret_key_path will be ignored
use_application_secret true
# Set the encryption secret. This would be shared with any other applications
# that should be able to read the payload of the token.
# Defaults to "secret"
secret_key Rails.application.secrets.secret_key_base
# If you want to use RS* encoding specify the path to the RSA key
# to use for signing.
# If you specify a secret_key_path it will be used instead of secret_key
# secret_key_path "path/to/file.pem"
# Specify encryption type. Supports any algorithim in
# https://github.com/progrium/ruby-jwt
# defaults to nil
encryption_method :hs512
end Notice that the You can find more information about the those keys (JWT Claims) and more from here: https://tools.ietf.org/html/rfc7519#section-4 @chriswarren This might be a good note to add to the readme. |
Very kind and professional, thank you! |
Hi :)
while using this access token generator, the second time my client try to authorize against my oauth provider, I get a validation error from Rails, telling me that the
token is already taken
. This does not happen when I'm using the default doorkeeper token generator.I think it happens because the JWT is not unique. What am I doing wrong? Is this the right place to post or should I ask directly in
doorkeeper
github page?I'm using these versions:
And this is my doorkeeper configuration:
Thanks :)
The text was updated successfully, but these errors were encountered: