This repository was archived by the owner on Jun 23, 2023. It is now read-only.
Add parameter to revoke old refresh token upon issuing new#137
Merged
peppelinux merged 1 commit intoIdentityPython:developfrom Oct 6, 2021
Merged
Conversation
nsklikas
reviewed
Sep 23, 2021
ctriant
force-pushed
the
revoke_refresh_token_on_issue
branch
from
72c3b74 to
3ceea51
Compare
nsklikas
reviewed
Sep 28, 2021
ctriant
force-pushed
the
revoke_refresh_token_on_issue
branch
from
3ceea51 to
1a0b5b5
Compare
rohe
approved these changes
Sep 30, 2021
nsklikas
reviewed
Sep 30, 2021
src/oidcop/oidc/token.py
Outdated
Comment on lines
84
to
87
| issue_refresh = kwargs.get("issue_refresh", False) | ||
| if "offline_access" in grant.scope: | ||
| issue_refresh = True |
Contributor
There was a problem hiding this comment.
The logic is reversed here as well. issue_refresh used to override offline_access, which IMHO is the correct behavior. Maybe this is better:
issue_refresh = kwargs.get("refresh_token", None)
# The existence of offline_access scope overwrites issue_refresh
if issue_refresh is None and "offline_access" in scope:
issue_refresh = True
nsklikas
reviewed
Sep 30, 2021
ctriant
force-pushed
the
revoke_refresh_token_on_issue
branch
from
1a0b5b5 to
d96cddc
Compare
ctriant
force-pushed
the
revoke_refresh_token_on_issue
branch
from
d96cddc to
16e99e6
Compare
peppelinux
approved these changes
Oct 1, 2021
Member
peppelinux
left a comment
peppelinux
left a comment
There was a problem hiding this comment.
I like this feature, thank you guys!
@ctriant let us know when this PR would be ready to be merged, we're watching many integrations, take your time and give us a know when ready for merge
Contributor
Author
@peppelinux i think we are ready, i integrated the suggestions of @nsklikas |
nsklikas
approved these changes
Oct 6, 2021
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Introduce parameter
revoke_refresh_on_issuein order to revoke the Refresh Token used to issue a new one.