Skip to content

Fix refresh token issue when using password flow #1205

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
lmarini merged 4 commits into from
Nov 5, 2024
Merged

Fix refresh token issue when using password flow #1205

lmarini merged 4 commits into from
Nov 5, 2024

Conversation

@GalMunGral
Copy link
Collaborator

@GalMunGral GalMunGral commented Oct 24, 2024

  • Related: ncsa/idot-pma#173
  • POST /login and POST /auth/login have the exact same logic. @longshuicy suggested deprecating the POST /login endpoint.
  • Applied the same logic for refresh tokens as used in the authorization code flow (GET /auth) so that access tokens obtained through the password flow (POST /auth/login) can also be refreshed by GET /auth/refresh_token.

@GalMunGral GalMunGral requested a review from max-zilla as a code owner October 24, 2024 20:47
@CLAassistant
Copy link

CLAassistant commented Oct 24, 2024
edited
Loading

CLA assistant check
All committers have signed the CLA.

longshuicy
longshuicy requested changes Oct 25, 2024
View reviewed changes
Copy link
Member

@longshuicy longshuicy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code looks good and tested.
One thing I noticed is the "deprecated" not seems to work? I can still POST to the /api/v2/login endpoint with no issue. And i didn't see any notification either.
Could you look into that? if it's not straightforward, maybe we can just delete this endpoint. But we might be careful, a quick search I found there are some scripts (in the scripts folder) still uses this endpoint.

@longshuicy
Copy link
Member

longshuicy commented Oct 25, 2024
edited
Loading

After we discussed, could you try below: @GalMunGral

  1. Make a utility function of that tokenDB logic. You can put it in backend/app/routers/utils.py.
  2. Then revert the deprecate. We might want to keep both endpoints. (so you don't need to worry about making deprecating work)
  3. Put the logic in /auth/login and /login

@max-zilla if I've missed anything, please chime in.

@GalMunGral
Copy link
Collaborator Author

GalMunGral commented Oct 25, 2024

After we discussed, could you try below: @GalMunGral

  1. Make a utility function of that tokenDB logic. You can put it in backend/app/routers/utils.py.
  2. Then revert the deprecate. We might want to keep both endpoints. (so you don't need to worry about making deprecating work)
  3. Put the logic in /auth/login and /login

@max-zilla if I've missed anything, please chime in.

Will do!

@max-zilla max-zilla requested a review from longshuicy October 30, 2024 14:04
@max-zilla
Copy link
Contributor

max-zilla commented Oct 30, 2024

@longshuicy i will take a look at this also but it's ready for another look, thanks.

longshuicy
longshuicy approved these changes Oct 31, 2024
View reviewed changes
Copy link
Member

@longshuicy longshuicy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code looks good and functionality works. Approve.

@lmarini lmarini merged commit 15c47d2 into release/v2.0-beta-3 Nov 5, 2024
@lmarini lmarini deleted the 1204-save-refresh-token-when-using-password-grant-flow branch November 5, 2024 15:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@longshuicy longshuicy longshuicy approved these changes

@max-zilla max-zilla Awaiting requested review from max-zilla

@lmarini lmarini Awaiting requested review from lmarini

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@GalMunGral @CLAassistant @longshuicy @max-zilla @lmarini