Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Changes in oauth2:refresh_access_token #27

Closed
wants to merge 6 commits into from
Closed

Changes in oauth2:refresh_access_token #27

wants to merge 6 commits into from

Conversation

IvanMartinez
Copy link
Contributor

WARNING: BREAKS THE COMPATIBILITY WITH PREVIOUS CODE USING oauth2:refresh_acess_token AND PREVIOUS BACKEND IMPLEMENTATIONS.

IvanMartinez
IvanMartinez reviewed Jul 5, 2013
View reviewed changes
src/oauth2_backend.erl
%% @doc Verifies that Scope is a valid scope of the set of scopes defined
%% by ValidScopes.
%% @end
-callback verify_scope(ValidScopes, Scope) -> {ok, Scope2} | {error, Reason} when
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I needed to add another verify_scope function to check the requested scope with that associated with the refresh token, see line 311 in oauth2.erl. I looked for a way of substituting the existing verify_client_scope and verify_resowner_scope with this more generic function; but the library can't get the scope from a client or resource-owner because the data structures representing these are defined in the particular back-end implementation.

@bipthelin
Copy link

I'm on vacation for another week. Will look and merge after that. Great work!

@IvanMartinez
Copy link
Contributor Author

Great. This is my last big change, the implicit flow can be implemented using oauth2:authorize_password as it is. Have a good time.

@IvanMartinez IvanMartinez mentioned this pull request Jul 23, 2013
Closed
@bipthelin
Copy link

Merged!

@bipthelin bipthelin closed this Aug 8, 2013
@IvanMartinez IvanMartinez deleted the refresh_token branch July 7, 2014 18:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@IvanMartinez @bipthelin