providers/oauth2: fix old id_token being sent when using token endpoint with grant_type=refresh_token
This commit is contained in:
parent
885fcff495
commit
b747022bc1
|
@ -7,7 +7,12 @@ from django.views import View
|
|||
from structlog import get_logger
|
||||
|
||||
from authentik.core.models import Application
|
||||
from authentik.providers.oauth2.constants import ACR_AUTHENTIK_DEFAULT, SCOPE_OPENID
|
||||
from authentik.providers.oauth2.constants import (
|
||||
ACR_AUTHENTIK_DEFAULT,
|
||||
GRANT_TYPE_AUTHORIZATION_CODE,
|
||||
GRANT_TYPE_REFRESH_TOKEN,
|
||||
SCOPE_OPENID,
|
||||
)
|
||||
from authentik.providers.oauth2.models import GrantTypes, OAuth2Provider, ScopeMapping
|
||||
|
||||
LOGGER = get_logger()
|
||||
|
@ -56,9 +61,9 @@ class ProviderInfoView(View):
|
|||
)
|
||||
),
|
||||
"grant_types_supported": [
|
||||
GrantTypes.AUTHORIZATION_CODE,
|
||||
GRANT_TYPE_AUTHORIZATION_CODE,
|
||||
GRANT_TYPE_REFRESH_TOKEN,
|
||||
GrantTypes.IMPLICIT,
|
||||
GrantTypes.HYBRID,
|
||||
],
|
||||
"id_token_signing_alg_values_supported": [provider.jwt_alg],
|
||||
# See: http://openid.net/specs/openid-connect-core-1_0.html#SubjectIDTypes
|
||||
|
|
|
@ -248,9 +248,7 @@ class TokenView(View):
|
|||
"expires_in": timedelta_from_string(
|
||||
refresh_token.provider.token_validity
|
||||
).seconds,
|
||||
"id_token": self.params.provider.encode(
|
||||
self.params.refresh_token.id_token.to_dict()
|
||||
),
|
||||
"id_token": self.params.provider.encode(refresh_token.id_token.to_dict()),
|
||||
}
|
||||
|
||||
return dic
|
||||
|
|
Reference in a new issue