-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OIDC stubbing #5
Conversation
|
||
// copy over the refresh token if its not there | ||
// unsure if we still need the !== string 'null' check anymore | ||
if (refreshToken && refreshToken !== 'null') { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure if that's actually needed cause you handle the refresh token further down?
tokenResponse.access_token = generateToken(request.keys, session) | ||
|
||
// the example only checked the first item in the scope, unsure if this is correct or an oversight? | ||
if (session.scopes[0] === 'openid') { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's correct. Similarly, you only generate a refresh token if scope offline
is passed.
|
||
if (grantType !== 'refresh_token') { | ||
logger.info('generating a refresh token') | ||
tokenResponse.refresh_token = generateRefreshToken(request.keys, session) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Check my comment above on offline
scope
Very very nice, looking good 😎 |
… endpoint for debugging
No description provided.