Open babelouest opened 7 years ago
@andreareginato , @m00s , if you're interested, I've completed my pull request to add code
and password
response_type handling.
I added the following options to the directive:
tokenPath
to specify the token path (similar to authorizePath
), required only for response types code
and password
disableCheckSession
, default false, to disable the token check at startup. It's not necessary if the token contains its check using a signature for exampleI also added a simple login form in the view.html
for password
response_type.
Then, the main modifications are in the file access_token
with the support of the new response_type and the token refresh in an interval.
Concerning the password response_type, if the user checks the "Keep connection" checkbox, the directive will try to reconnect if the refresh_token becomes expired.
Some feedback would be appreciated :)
I've made some changes to implement code response type with a
refresh_token
.If a
refresh_token
is present, then an interval is launched to get a newaccess_token
before expiration.Shouldn't be too long to implement oauth2
response_type
password with that base.