Closed adisazhar123 closed 3 years ago
Answering issue #976
I propose creating a new Refresh Token grant type under OpenID which'll allow returning ID token only if, both of these are fulfilled:
use_openid_connect
issue_id_token_on_token_refresh
I'm thinking of adding a id_token column in table oauth_refresh_tokens to hold the ID token tied to that refresh token. This column will be nullable.
id_token
oauth_refresh_tokens
The code isn't done and I would like people's opinion on the approach I've taken.
Cheers, Adis
Answering issue #976
I propose creating a new Refresh Token grant type under OpenID which'll allow returning ID token only if, both of these are fulfilled:
use_openid_connectis set to true in Server objectissue_id_token_on_token_refreshis set to true in Server object. This will be a new parameterI'm thinking of adding a
id_tokencolumn in tableoauth_refresh_tokensto hold the ID token tied to that refresh token. This column will be nullable.The code isn't done and I would like people's opinion on the approach I've taken.
Cheers, Adis