acoumb
commented
1 year ago Looks good, no impacts on the authorization process. I've moved the intervals as properties of the service detail.
Closed acoumb closed 1 year ago
acoumb
commented
1 year ago Looks good, no impacts on the authorization process. I've moved the intervals as properties of the service detail.
Current PR contains the implementation of an addon to the authorization flow, that will allow services to exchange the access token received in the authorization flow with a new one with an extended life span. The model used for the implementation was the one of Instagram, described here.
With Instagram, the initial access token is valid for one hour, but no access token is received (requests are authenticated, IG resources can be accessed with this token). The access token then is exchanged for a new one, valid for 60 days, that can be refreshed as long as they are at least 24 hours old.
Particularly to the package, the exchange flow will run when handling the response received from the authorization server in
AuthorizedServiceResponseController.HandleIdentityResponse.After receiving the access token, a service will have the possibility to exchange it for one with a longer expiration date by setting the flag
CanExchangeTokentotrue. The exchange configuration will then be provided in theExchangeTokenProvisionobject.The provisioning object consists of properties intended to provide:
This was built using the Instagram model, for other services in the future, the object might need extending
Updates:
IAuthorizationParametersBuilder.BuildParametesForOAuth2AccessTokenExchangeIAuthorizationRequestSender.SendExchangeRequestIAuthorizedServiceAuthorizer.ExchangeOAuth2AccessTokenAsyncIRefreshTokenParametersBuilder.BuildParametesForOAuth2AccessTokenExchangeAuthorizedServiceCalleris adapted to use request parameters and get response for exchange token use cases.