| |
@@ -227,10 +227,21 @@
|
| |
int(time.time()) + self.token_lifetime['refresh']
|
| |
)
|
| |
|
| |
+ client_data=self.getClient(client_id)
|
| |
+
|
| |
+ if 'grant_types' in client_data:
|
| |
+ if 'refresh_token' not in client_data['grant_types']:
|
| |
+ token['refreshable']=False
|
| |
+ del token['refreshable_until']
|
| |
+
|
| |
+
|
| |
self.update_token(token)
|
| |
|
| |
new_token = '%s_%s' % (token['token_id'], token_security_check)
|
| |
- refresh_token = 'R_%s_%s' % (token['token_id'], refresh_security_check)
|
| |
+ if token['refreshable']:
|
| |
+ refresh_token = 'R_%s_%s' % (token['token_id'], refresh_security_check)
|
| |
+ else:
|
| |
+ refresh_token = None
|
| |
|
| |
return {
|
| |
'access_token': new_token,
|
| |
@@ -348,9 +359,10 @@
|
| |
# request.
|
| |
self.invalidateToken(token['issued_token'])
|
| |
return None
|
| |
+ client_data=self.getClient(token['client_id'])
|
| |
|
| |
new_token = self.issueToken(token['client_id'], token['username'],
|
| |
- token['scope'], True,
|
| |
+ token['scope'], 'refresh_token' in client_data['grant_types'] if 'grant_types' in client_data else True,
|
| |
token['userinfocode'])
|
| |
if not new_token:
|
| |
return None
|
| |
vitoshalabs
commented a year ago
issue non-refreshable tokens if refresh_token grant type is not allowed for this client