cdf2af6c2c
* Add an additional, optional, op.Storage interface so that refresh tokens
that are not JWTs do not cause failures when they randomly, sometimes, decrypt
without error
```go
// CanRefreshTokenInfo is an optional additional interface that Storage can support.
// Supporting CanRefreshTokenInfo is required to be able to revoke a refresh token that
// does not happen to also be a JWTs work properly.
type CanRefreshTokenInfo interface {
// GetRefreshTokenInfo must return oidc.ErrInvalidRefreshToken when presented
// with a token that is not a refresh token.
GetRefreshTokenInfo(ctx context.Context, clientID string, token string) (userID string, tokenID string, err error)
}
```
* add comment suggested in code review
* review feedback: return an error defined in op rather than adding a new error to oidc
* move ErrInvalidRefresToken to op/storage.go
7 lines
270 B
Markdown
7 lines
270 B
Markdown
|
|
# Backwards-incompatible changes to be made in the next major release
|
|
|
|
- Add `rp/RelyingParty.GetRevokeEndpoint`
|
|
- Rename `op/OpStorage.GetKeyByIDAndUserID` to `op/OpStorage.GetKeyByIDAndClientID`
|
|
- Add `CanRefreshTokenInfo` (`GetRefreshTokenInfo()`) to `op.Storage`
|
|
|