lwestfall
commented
6 months ago I'm going to attempt a PR on this this week. There's quite a few issues with the google provider that make it borderline unusable
Open andrei-lifchits opened 6 months ago
lwestfall
commented
6 months ago I'm going to attempt a PR on this this week. There's quite a few issues with the google provider that make it borderline unusable
I'm seeing this behaviour in both my code using this library and in the demo app provided in this repository: when calling refreshAuthToken(), the subscriber to the authState receives a new SocialUser object, but the idToken inside the new user object stays the same. Because this idToken expires after 1 hour, and refreshAuthToken() does not actually fetch a new idToken, my backend rejects the JWT as expired. Looking at the library code, I see that all it does in refreshAuthToken() is call the .revoke endpoint on Google, which doesn't sound like an action that would lead to refreshing of any tokens. Am I missing something here?