No refresh token coming back

[alextoombs]

Hi,

Trying to integrate Okta with my application. I've used omniauth for other providers with no problems.

My client configuration is as follows:

  config.omniauth :oktaoauth, OKTA_OAUTH2_CLIENT_ID, OKTA_OAUTH2_CLIENT_SECRET, {
    scope: 'openid profile email offline_access',
    fields: ['profile', 'email'],
    client_options: {
      site: OKTA_ISSUER,
      authorize_url: OKTA_ISSUER + '/oauth2/v1/authorize',
      token_url: OKTA_ISSUER + '/oauth2/v1/token',
      response_type: 'code',
    },
    redirect_uri: <snip>,
    issuer: OKTA_ISSUER,
    strategy_class: OmniAuth::Strategies::Oktaoauth,
   }

However, when I inspect the auth_hash coming back, there's no refresh_token present. There is an id_token/token present.

The corresponding application on Okta's end has refresh tokens enabled. When I use curl to perform the authorize and corresponding token flow, I get back a refresh_token.

What am I missing to enable this Ruby-side?

Thanks!

[alextoombs]

Looks like this was fixed here: https://github.com/dandrews/omniauth-okta/commit/a082056e24151798129c9c781c8646ff0899a2c6

I ran into the same deficiency locally. I just think you haven't re-released the gem in a few years so it's _very_stale.

[alextoombs]

I plan on fixing it by referencing the gem by git hash, but it'd be awesome if you re-released the gem, too. Thanks for making the repo!