Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OAuth2 authentication fetches expiration from the refresh token on non-standard implementations #3076

Closed
Bionus opened this issue Dec 21, 2023 · 0 comments
Closed

OAuth2 authentication fetches expiration from the refresh token on non-standard implementations #3076

Bionus opened this issue Dec 21, 2023 · 0 comments
Assignees
@Bionus
Labels
bug
Milestone
7.12.0

Comments

@Bionus
Copy link
Owner

Bionus commented Dec 21, 2023

When a source's OAuth2 token endpoint does not use expires or expires_in in its response, Grabber will try to get the expiration time from the refresh token's exp JWT claim, instead of the access token's.

Both expirations should be treated separately, but we should also consider that in most cases, refresh tokens aren't JWT and their expiration is not often indicated in responses, so we should gracefully handle the case where only the access token's expiration is known.
@Bionus Bionus added the bug label Dec 21, 2023
@Bionus Bionus self-assigned this Dec 21, 2023
@Bionus Bionus added this to the 7.12.0 milestone Dec 30, 2023
@Bionus Bionus modified the milestones: 7.13.0, 7.12.0 May 12, 2024
@Bionus Bionus closed this as completed in fcc6e59 May 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Bionus Bionus

Labels
bug
Projects
None yet
Milestone
7.12.0
Development

No branches or pull requests
1 participant
@Bionus