Forget old token when a refresh token is used
This commit is contained in:
parent
8d672cc1ba
commit
f4dfa7303f
|
@ -163,9 +163,8 @@ class TokenEndpoint(object):
|
||||||
# Store the token.
|
# Store the token.
|
||||||
token.save()
|
token.save()
|
||||||
|
|
||||||
# We don't need to store the code anymore.
|
# Forget the old token.
|
||||||
self.token.refresh_token = None
|
self.token.delete()
|
||||||
self.token.save()
|
|
||||||
|
|
||||||
dic = {
|
dic = {
|
||||||
'access_token': token.access_token,
|
'access_token': token.access_token,
|
||||||
|
|
|
@ -100,6 +100,13 @@ class TokenTestCase(TestCase):
|
||||||
SIGKEYS.load_dict(jwks_dic)
|
SIGKEYS.load_dict(jwks_dic)
|
||||||
return SIGKEYS
|
return SIGKEYS
|
||||||
|
|
||||||
|
def _get_userinfo(self, access_token):
|
||||||
|
url = reverse('oidc_provider:userinfo')
|
||||||
|
request = self.factory.get(url)
|
||||||
|
request.META['HTTP_AUTHORIZATION'] = 'Bearer ' + access_token
|
||||||
|
|
||||||
|
return userinfo(request)
|
||||||
|
|
||||||
@override_settings(OIDC_TOKEN_EXPIRE=720)
|
@override_settings(OIDC_TOKEN_EXPIRE=720)
|
||||||
def test_authorization_code(self):
|
def test_authorization_code(self):
|
||||||
"""
|
"""
|
||||||
|
@ -170,6 +177,10 @@ class TokenTestCase(TestCase):
|
||||||
response = self._post_request(post_data)
|
response = self._post_request(post_data)
|
||||||
self.assertIn('invalid_grant', response.content.decode('utf-8'))
|
self.assertIn('invalid_grant', response.content.decode('utf-8'))
|
||||||
|
|
||||||
|
# Old access token is invalidated
|
||||||
|
self.assertEqual(self._get_userinfo(response_dic1['access_token']).status_code, 401)
|
||||||
|
self.assertEqual(self._get_userinfo(response_dic2['access_token']).status_code, 200)
|
||||||
|
|
||||||
# Empty refresh token is invalid
|
# Empty refresh token is invalid
|
||||||
post_data = self._refresh_token_post_data('')
|
post_data = self._refresh_token_post_data('')
|
||||||
response = self._post_request(post_data)
|
response = self._post_request(post_data)
|
||||||
|
|
Loading…
Reference in a new issue