You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
But when the response comes back it calls: this.create which doesn’t preserve the refresh_token property. Many OAuth servers don’t send back the refresh_token property after refreshing the token. They only send back the access token itself.
As a result, refresh functionality works only once.
The text was updated successfully, but these errors were encountered:
Hi! I was looking into this, but from my understanding when refreshing a token the OAuth2 server have to return a new refresh_token, without it there isn´t way to refresh the token again, like happened to you. What do you expect to happen if the refresh_token isn´t returned?
Some oAuth servers don’t return new tokens, they just expect the previous token to be used for refreshing. In that case the code stops working. Thanks.
Hi @sallar I just looked at the OAuth specs, and it´s not clear to me that the behaviour you described is the expected one. Like you said the refresh token is optional, but the spec is not clear about if we should send the old refresh token in those cases. Do you have a better understanding of that behaviour?
@jonathansamines Hi :) We have an oAuth server at work. The first time we get access_token we get refresh_token alongside with it, and we have to resend that token on every request after the first one, because those request never send back a refresh_token. So we have to keep that somewhere for re-using. Thanks!
This function uses
refresh_token
property to send the refresh request:But when the response comes back it calls:
this.create
which doesn’t preserve therefresh_token
property. Many OAuth servers don’t send back the refresh_token property after refreshing the token. They only send back the access token itself.As a result, refresh functionality works only once.
The text was updated successfully, but these errors were encountered: