fix(oidc): correctly return new refresh token on refresh token grant (#7707)

* fix(oidc): correctly return new refresh token on refresh token grant

* fix import
This commit is contained in:
Livio Spring 2024-04-04 17:58:40 +02:00 committed by GitHub
parent a988b9cc05
commit 29ad51b0e3
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 5 additions and 4 deletions

View File

@ -15,14 +15,14 @@ import (
"github.com/zitadel/oidc/v3/pkg/client/tokenexchange" "github.com/zitadel/oidc/v3/pkg/client/tokenexchange"
"github.com/zitadel/oidc/v3/pkg/crypto" "github.com/zitadel/oidc/v3/pkg/crypto"
"github.com/zitadel/oidc/v3/pkg/oidc" "github.com/zitadel/oidc/v3/pkg/oidc"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/status"
"google.golang.org/protobuf/proto"
oidc_api "github.com/zitadel/zitadel/internal/api/oidc" oidc_api "github.com/zitadel/zitadel/internal/api/oidc"
"github.com/zitadel/zitadel/internal/integration" "github.com/zitadel/zitadel/internal/integration"
"github.com/zitadel/zitadel/pkg/grpc/admin" "github.com/zitadel/zitadel/pkg/grpc/admin"
feature "github.com/zitadel/zitadel/pkg/grpc/feature/v2beta" feature "github.com/zitadel/zitadel/pkg/grpc/feature/v2beta"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/status"
"google.golang.org/protobuf/proto"
) )
func setTokenExchangeFeature(t *testing.T, value bool) { func setTokenExchangeFeature(t *testing.T, value bool) {
@ -107,6 +107,7 @@ func refreshTokenVerifier(ctx context.Context, provider rp.RelyingParty, subject
require.NotNil(t, tokens.IDTokenClaims.Actor) require.NotNil(t, tokens.IDTokenClaims.Actor)
assert.Equal(t, actorSubject, tokens.IDTokenClaims.Actor.Subject) assert.Equal(t, actorSubject, tokens.IDTokenClaims.Actor.Subject)
} }
assert.NotEmpty(t, tokens.RefreshToken)
} }
} }

View File

@ -99,7 +99,7 @@ func (c *Commands) RenewRefreshTokenAndAccessToken(
if err != nil { if err != nil {
return nil, "", err return nil, "", err
} }
return accessToken, newRefreshToken, nil return accessToken, renewed.token, nil
} }
func (c *Commands) RevokeRefreshToken(ctx context.Context, userID, orgID, tokenID string) (*domain.ObjectDetails, error) { func (c *Commands) RevokeRefreshToken(ctx context.Context, userID, orgID, tokenID string) (*domain.ObjectDetails, error) {