itsscb/df
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix/gapi.refresh_token generates invalid access_token

Browse Source
This commit is contained in:
itsscb 2023-11-03 13:43:47 +01:00
parent 2b44a10858
commit 06d3b4bc19
1 changed files with 1 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
bff/gapi/rpc_refresh_token.go
View File

@ -54,14 +54,9 @@ func (server *Server) RefreshToken(ctx context.Context, req *pb.RefreshTokenRequ
return nil, status.Error(codes.PermissionDenied, "session expired") return nil, status.Error(codes.PermissionDenied, "session expired")
} }
id, err := server.tokenMaker.NewTokenID()
if err != nil {
slog.Error("refresh_token (token_id)", slog.Int64("invoked_by", int64(refreshPayload.AccountID)), slog.String("error", err.Error()))
return nil, status.Error(codes.Internal, "failed to create session token")
}
accessToken, accessPayload, err := server.tokenMaker.CreateToken( accessToken, accessPayload, err := server.tokenMaker.CreateToken(
refreshPayload.AccountID, refreshPayload.AccountID,
id, session.ID,
server.config.AccessTokenDuration, server.config.AccessTokenDuration,
) )
if err != nil { if err != nil {