search

stormpath / express-stormpath

Build simple, secure web applications with Stormpath and Express!
http://docs.stormpath.com/nodejs/express/
Apache License 2.0
325 stars 106 forks source link

Optionally include offline_access scope #627

Open nbarbettini opened 7 years ago

nbarbettini commented 7 years ago

Clients that are expecting to get a refresh token from /oauth/token will no longer get one unless they request scope offline_access.

A configuration option in express-stormpath to automatically attach that scope to requests would be helpful, because older clients can't always be updated.

passatgt commented 7 years ago

Yes. For now, i forked the repo and added it myself: https://github.com/passatgt/express-stormpath/commit/1bfa3e4c80c69af9016b995c54ad53d93cf01492#diff-e42c26eb9b776c9528853e7075a82b48