devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

fix: refresh token login method claim

Browse Source
This commit is contained in:
Lakhan Samani
2022-11-04 01:40:18 +05:30
parent bbc6394cf3
commit 307c6f7d15
2 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
server/handlers/token.go
View File

@@ -167,7 +167,7 @@ func TokenHandler() gin.HandlerFunc {
return
}
userID = claims["sub"].(string)
loginMethod := claims["login_method"]
claimLoginMethod := claims["login_method"]
rolesInterface := claims["roles"].([]interface{})
scopeInterface := claims["scope"].([]interface{})
for _, v := range rolesInterface {
@@ -178,9 +178,11 @@ func TokenHandler() gin.HandlerFunc {
}
sessionKey = userID
if loginMethod != nil && loginMethod != "" {
sessionKey = loginMethod.(string) + ":" + sessionKey
if claimLoginMethod != nil && claimLoginMethod != "" {
sessionKey = claimLoginMethod.(string) + ":" + sessionKey
loginMethod = claimLoginMethod.(string)
}
// remove older refresh token and rotate it for security
go memorystore.Provider.DeleteUserSession(sessionKey, claims["nonce"].(string))
}
@@ -213,6 +215,7 @@ func TokenHandler() gin.HandlerFunc {
})
return
}
memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeSessionToken+"_"+authToken.FingerPrint, authToken.FingerPrintHash)
memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeAccessToken+"_"+authToken.FingerPrint, authToken.AccessToken.Token)
cookie.SetSession(gc, authToken.FingerPrintHash)