Based on the v7 upgrade guide, specifically Refreshing a loaded session, you should be able to do:
result = session.refresh
result.sealed_session
However, that seems to always return "", and I believe it's because of auth_response does not have a sealed_session key:
|
response = @client.request(method: :post, path: "/user_management/authenticate", auth: true, body: body) |
|
auth_response = JSON.parse(response.body) |
|
sealed = auth_response["sealed_session"].to_s |
|
@seal_data = sealed |
In v6.2.0, the sealing of the newly refreshed session was done like this:
|
@sealed_session = |
|
if session && session[:seal_session] |
|
WorkOS::Session.seal_data( |
|
{ |
|
access_token: access_token, |
|
refresh_token: refresh_token, |
|
user: user.to_json, |
|
organization_id: organization_id, |
|
impersonator: impersonator.to_json, |
|
}, |
|
session[:cookie_password], |
|
encryptor: session[:encryptor], |
|
) |
|
end |
I'm wondering if there was an inconsistency created, since elsewhere in the upgrade guide it states that sealing the cookie is now expected to be done manually.
Based on the v7 upgrade guide, specifically Refreshing a loaded session, you should be able to do:
However, that seems to always return
"", and I believe it's because ofauth_responsedoes not have asealed_sessionkey:workos-ruby/lib/workos/session.rb
Lines 98 to 101 in a4febaf
In v6.2.0, the sealing of the newly refreshed session was done like this:
workos-ruby/lib/workos/refresh_authentication_response.rb
Lines 23 to 36 in 8960944
I'm wondering if there was an inconsistency created, since elsewhere in the upgrade guide it states that sealing the cookie is now expected to be done manually.