Support for OAuth RefreshToken

[ghost]

Issue details

When asking for an access token, the API already submits an refresh_token. Unfortunately there's no way to make use of it as the grant type refresh_token is not supported yet.

From the perspective of security, it would be nice to see this feature asap :)

I don't know if it can help you, but here is a blog entry describing the implementation in Symfony: https://bitgandtter.wordpress.com/2015/09/10/symfony-a-restful-app-security-fosoauthserverbundle/

Environment

• wallabag version (or git revision) that exhibits the issue: v2-beta-2
• How did you install wallabag? composer create-project
• Last wallabag version that did not exhibit the issue (if applicable):
• php version: the latest version of PHP 5
• OS: Linux
• type of hosting (shared or dedicated): shared
• which storage system you choose at install (SQLite, MySQL/MariaDB or PostgreSQL): SQLite

[ghost]

BTW, if this feature is added I can finally push an update for the Windows app. I already could but I don't want to save the user credentials (username & password) 😄