From 2dfbd235c9ff060606a87117c71cf7f8fe4039c6 Mon Sep 17 00:00:00 2001 From: tigerbot Date: Mon, 24 Jul 2017 14:49:28 -0600 Subject: [PATCH] implemented getting new access tokens from refresh tokens --- rest.js | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/rest.js b/rest.js index fca54f4..9384e23 100644 --- a/rest.js +++ b/rest.js @@ -386,6 +386,9 @@ module.exports.create = function (bigconf, deps, app) { if (req.body.grant_type === 'issuer_token') { return Accounts.restful.createToken.issuerToken(req); } + if (req.body.grant_type === 'refresh_token') { + return Accounts.restful.createToken.refreshToken(req); + } throw new OpErr("unknown or un-implemented grant_type '"+req.body.grant_type+"'"); }).then(function (token_info) { @@ -448,7 +451,11 @@ module.exports.create = function (bigconf, deps, app) { result.scope = token_info.scope; result.access_token = jwt.sign(payload, pem, Object.assign({expiresIn: req.body.exp || '1d'}, opts)); if (req.body.refresh_token) { - result.refresh_token = jwt.sign(payload, pem, Object.assign({expiresIn: req.body.refresh_exp}, opts)); + if (token_info.refresh_token) { + result.refresh_token = token_info.refresh_token; + } else { + result.refresh_token = jwt.sign(payload, pem, Object.assign({expiresIn: req.body.refresh_exp}, opts)); + } } return result; }); @@ -494,6 +501,23 @@ module.exports.create = function (bigconf, deps, app) { }; }); }; + Accounts.restful.createToken.refreshToken = function (req) { + return PromiseA.resolve().then(function () { + if (!req.body.refresh_token) { + throw new OpErr("missing refresh token"); + } + + return req.oauth3.verifyAsync(req.body.refresh_token).then(function (token) { + return { + sub: token.sub, + aud: token.aud, + azp: token.azp, + exp: token.exp, + refresh_token: req.body.refresh_token, + }; + }); + }); + }; app.get( '/jwks/:sub/:kid.json', Jwks.restful.get);