You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm trying to figure out if my need below is possible. The internet and StackOverflow were both dead ends, so I'm hoping a maintainer can help point me in a direction.
My goal is to store a user-selected account_id on the access token during initial grant creation and ensure that the same account_id is continually passed during the refresh_token process.
My thought was to allow users to select an account during authorization, but I can't work out what is actually creating the token and if it shares context with the grant to be aware of the form data submitted with the authorization grant
The account_id needs to be on the AccessToken so I can reference it in the payload. I can't access it based on the current_resource_owner because the user can swap between accounts. This means the user's current_account could have changed since the OAuth grant/token were created.
Is this possible? can someone point me in a direction?
The text was updated successfully, but these errors were encountered:
To be clear, I know that I can override the Doorkeeper::AccessToken model, and I'm happy to. My question is more related to understanding where the token creation is happening and if I can pass it values from the authorization grant flow.
This looks to be exactly what I was hoping for, implemented as a doorkeeper config option.
This PR gives me some insight into what I'd need to do to modify the doorkeeper to have this functionality manually, but I'd prefer not to break form the released gem if possible. I'll move my comments to the PR.
I'm trying to figure out if my need below is possible. The internet and StackOverflow were both dead ends, so I'm hoping a maintainer can help point me in a direction.
My goal is to store a user-selected account_id on the access token during initial grant creation and ensure that the same account_id is continually passed during the refresh_token process.
My thought was to allow users to select an account during authorization, but I can't work out what is actually creating the token and if it shares context with the grant to be aware of the form data submitted with the authorization grant
The account_id needs to be on the AccessToken so I can reference it in the payload. I can't access it based on the
current_resource_owner
because the user can swap between accounts. This means the user'scurrent_account
could have changed since the OAuth grant/token were created.Is this possible? can someone point me in a direction?
The text was updated successfully, but these errors were encountered: