Closed danjboyd closed 3 years ago
In my code, I have just replaced
return $rt;
with
return ( $rt, undef, $rt->{scope}, $rt->{user+id} );
but wanted to confirm that's how things were intended to work
Yeah, this is probably a failure to update the example code after changes to the lib. Will fix shortly.
I was noticing that the user_id was getting dropped from the JWT/access token after I refreshed with a refresh token.
Looking at the sample code, under
if it's a refresh token, we ultimately just return $rt.
But, that method is ultimately called from Mojolicious::Plugin::OAuth2::Server.pm in the _verify_credentials sub: