search

anvilresearch / connect

A modern authorization server built to authenticate your users and protect your APIs
http://anvil.io
MIT License
361 stars 85 forks source link

grant_type refresh_token don't return new refresh token #334

Open PetrSnobelt opened 8 years ago

PetrSnobelt commented 8 years ago

Hello, when I try to use grant_type:refresh_token it returns only this keys in json: access_token, token_type, expires_in, id_token,session_state new refresh token is missing from response and old one is invalidated. So it looks like there is no way how to refresh access_token more then once.

I try it using postman or with js function anvil.refresh but both don't return refresh_token (I use scope: openid profile realm email)

When I try search issues about refresh_token I found only this issue https://github.com/anvilresearch/connect/pull/314

Is there any trick how to obtain new refresh token?

Thank you

christiansmith commented 8 years ago

Hi @PetrSnobelt,

We merged a fix for this earlier and it will be in the next release (intended for the near future). In the meantime, you can run directly from master by changing your dependency in package.json to:

"anvil-connect": "anvilresearch/connect#master"

Let us know if that works for you!

PetrSnobelt commented 8 years ago

Hello @christiansmith I try it on my local anvil, and it looks fine. Refresh token is here and works!

Thank you