When loading a session from storage on the server (using getSessionIdFromStorage), the token type (i.e. DPoP-bound or not, referred to as Bearer) is now consistent with the token type initially associated with the session.
~[ ] I've added a unit test to test for potential regressions of this bug.~ Due to the mocking setup, properly testing this would require a non-trivial refactor, which is untimely considering this fix is required rather urgently. This will be fixed later.
[X] The changelog has been updated, if applicable.
When loading a session from storage on the server (using
getSessionIdFromStorage
), the token type (i.e. DPoP-bound or not, referred to as Bearer) is now consistent with the token type initially associated with the session.