Open mitar opened 3 months ago
I added to my introspect endpoint handler:
if ir.GetTokenUse() == "refresh_token" {
w.Header().Set("Content-Type", "application/json;charset=UTF-8")
w.Header().Set("Cache-Control", "no-store")
w.Header().Set("Pragma", "no-cache")
if !ir.IsActive() {
_ = json.NewEncoder(w).Encode(&struct {
Active bool `json:"active"`
}{Active: false})
return
}
response := map[string]interface{}{
"active": true,
}
if !ir.GetAccessRequester().GetSession().GetExpiresAt(fosite.RefreshToken).IsZero() {
response["exp"] = ir.GetAccessRequester().GetSession().GetExpiresAt(fosite.RefreshToken).Unix()
}
_ = json.NewEncoder(w).Encode(response)
return
}
Preflight checklist
Ory Network Project
No response
Describe your problem
There seems to be no way to obtain expiration time of refresh tokens. Refresh tokens are opaque (and not JWT) and introspection endpoint returns the associated access token claims and not refresh tokens claims.
Describe your ideal solution
I think introspection endpoint should return refresh token claims for the refresh token, not the access token claims. Ping identity does so and returns:
Workarounds or alternatives
None I could find.
Version
latest master
Additional Context
No response