cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

docs(example): check and extend refresh token expiration (#698)

Browse source 
* extend refresh token expiration

* check refresh token expiration

* check refresh token expiration (fixed logic)

* formatting

---------

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
This commit is contained in:
mqf20 2025-02-13 19:48:04 +08:00 committed by GitHub
parent c03a8c59ca
commit b1e5aca629
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 7 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
example/server/storage/storage.go
View file

@ -615,12 +615,19 @@ func (s *Storage) renewRefreshToken(currentRefreshToken string) (string, string,
} }
// deletes the refresh token // deletes the refresh token
delete(s.refreshTokens, currentRefreshToken) delete(s.refreshTokens, currentRefreshToken)
// delete the access token which was issued based on this refresh token // delete the access token which was issued based on this refresh token
delete(s.tokens, refreshToken.AccessToken) delete(s.tokens, refreshToken.AccessToken)
if refreshToken.Expiration.Before(time.Now()) {
return "", "", fmt.Errorf("expired refresh token")
}
// creates a new refresh token based on the current one // creates a new refresh token based on the current one
token := uuid.NewString() token := uuid.NewString()
refreshToken.Token = token refreshToken.Token = token
refreshToken.ID = token refreshToken.ID = token
refreshToken.Expiration = time.Now().Add(5 * time.Hour)
s.refreshTokens[token] = refreshToken s.refreshTokens[token] = refreshToken
return token, refreshToken.ID, nil return token, refreshToken.ID, nil
} }