providers/oauth2: ensure refresh tokens are URL safe

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #3185
2022-06-30 12:43:04 +02:00 · 2022-06-30 12:43:04 +02:00 · 983882f5a0
parent a6d3fd92df
commit 983882f5a0
1 changed files with 1 additions and 1 deletions
--- a/authentik/providers/oauth2/models.py
+++ b/authentik/providers/oauth2/models.py
@ -239,7 +239,7 @@ class OAuth2Provider(Provider):
        token = RefreshToken(
            user=user,
            provider=self,
-            refresh_token=generate_key(),
+            refresh_token=base64.urlsafe_b64encode(generate_key().encode()).decode(),
            expires=timezone.now() + timedelta_from_string(self.token_validity),
            scope=scope,
        )