wagnerdelima / drf-social-oauth2

drf-social-oauth2 makes it easy to integrate Django social authentication with major OAuth2 providers, i.e., Facebook, Twitter, Google, etc.
https://drf-social-oauth2.readthedocs.io/en/latest/
MIT License
274 stars 34 forks source link

Get new acess token #107

Closed pear9 closed 2 years ago

pear9 commented 2 years ago

What is the URL to get new access token by providing refresh token. I found out only new refresh token can be generated by previous refresh token.

wagnerdelima commented 2 years ago

So far this endpoint doesn't exist. It should be implemented in the future. You can send another /convert-token request and get another access token. If you use the latest version 1.2.0, there will be no duplicate valid access tokens in your database, therefore saving space.

pear9 commented 2 years ago

can you please provide a little more detail of URL and what is the body parameters plus headers

wagnerdelima commented 2 years ago

You can get more details from the readme file, specifically this paragraph: https://github.com/wagnerdelima/drf-social-oauth2#testing-the-setup.

Also, you can launch the oas swagger and get even more detais: https://github.com/wagnerdelima/drf-social-oauth2#run-swagger-editor

krishnanpandya007 commented 2 years ago

So far this endpoint doesn't exist. It should be implemented in the future. You can send another /convert-token request and get another access token. If you use the latest version 1.2.0, there will be no duplicate valid access tokens in your database, therefore saving space.

So what if we saved refresh token and access token only on client side and if access token expires isnt't that possible to get new access token based upon refresh token?

i've tried using url localhost:8000/auth/token passing values like refresh_token, grant_type, client_id etc... but it generated new access token as well as new refresh token

wagnerdelima commented 2 years ago

@krishnanpandya007 yes, as it is a new access token and refresh tokens will be generated. You will have to sign in again.