-
Notifications
You must be signed in to change notification settings - Fork 145
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(rp): return oidc.Tokens on token refresh #423
Conversation
BREAKING CHANGE: - rename RefreshAccessToken to RefreshToken - RefreshToken returns *oidc.Tokens instead of *oauth2.Token This change allows the return of the id_token in an explicit manner, as part of the oidc.Tokens struct. The return type is now consistent with the CodeExchange function. When an id_token is returned, it is verified. In case no id_token was received, RefreshTokens will not return an error. As per specifictation: https://openid.net/specs/openid-connect-core-1_0.html#RefreshTokenResponse Upon successful validation of the Refresh Token, the response body is the Token Response of Section 3.1.3.3 except that it might not contain an id_token. Closes #364
Codecov Report
@@ Coverage Diff @@
## next #423 +/- ##
==========================================
+ Coverage 52.96% 53.34% +0.38%
==========================================
Files 74 74
Lines 5623 5635 +12
==========================================
+ Hits 2978 3006 +28
+ Misses 2389 2376 -13
+ Partials 256 253 -3
|
@muir I would like your opinion on this PR. Is this what you had in mind? I'm adding it to |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks fine and is a cleaner solution that we've got now.
🎉 This PR is included in version 3.0.0-next.9 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
🎉 This PR is included in version 3.0.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
BREAKING CHANGE:
This change allows the return of the id_token in an explicit manner,
as part of the oidc.Tokens struct.
The return type is now consistent with the CodeExchange function.
When an id_token is returned, it is verified.
In case no id_token was received,
RefreshTokens will not return an error.
As per specifictation:
https://openid.net/specs/openid-connect-core-1_0.html#RefreshTokenResponse
Upon successful validation of the Refresh Token,
the response body is the Token Response of Section 3.1.3.3
except that it might not contain an id_token.
Closes #364