Open ikb42 opened 8 years ago
I also have problem with refresh tokens, but I don't see how rt
or at
can be same. Will be great if you provide unit test.
Can't remember the reason, but I needed to keep the refresh token the same which lead to a bug for me with my refresh token being deleted after the new access token was created. With the random refresh token this should not happen.
This currently does
The problem with doing the delete after the insert is that if for example the
rt
or perhaps even theat
is the same as before then it would be deleted right after being created - or worse perhaps parts could be deleted, such as thert
. In my case this is happening because I am preserving thert
but it could happen in the general case too, although unlikely.