From f5bdc8db39a71e4a4b3b4da630a5fab5bad09c85 Mon Sep 17 00:00:00 2001 From: Lakhan Samani Date: Tue, 8 Mar 2022 21:13:23 +0530 Subject: [PATCH] fix: refresh token store info --- server/handlers/authorize.go | 2 +- server/handlers/oauth_callback.go | 2 +- server/handlers/token.go | 12 +++++++++--- server/handlers/verify_email.go | 2 +- server/resolvers/login.go | 2 +- server/resolvers/session.go | 2 +- 6 files changed, 14 insertions(+), 8 deletions(-) diff --git a/server/handlers/authorize.go b/server/handlers/authorize.go index c9b5a46..53c94ee 100644 --- a/server/handlers/authorize.go +++ b/server/handlers/authorize.go @@ -293,7 +293,7 @@ func AuthorizeHandler() gin.HandlerFunc { if authToken.RefreshToken != nil { res["refresh_token"] = authToken.RefreshToken.Token params += "&refresh_token=" + authToken.RefreshToken.Token - sessionstore.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID) + sessionstore.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID) } if isQuery { diff --git a/server/handlers/oauth_callback.go b/server/handlers/oauth_callback.go index 2d7a268..1d28234 100644 --- a/server/handlers/oauth_callback.go +++ b/server/handlers/oauth_callback.go @@ -159,7 +159,7 @@ func OAuthCallbackHandler() gin.HandlerFunc { if authToken.RefreshToken != nil { params = params + `&refresh_token=` + authToken.RefreshToken.Token - sessionstore.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID) + sessionstore.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID) } go utils.SaveSessionInDB(c, user.ID) diff --git a/server/handlers/token.go b/server/handlers/token.go index 399f10d..45c66e7 100644 --- a/server/handlers/token.go +++ b/server/handlers/token.go @@ -141,8 +141,14 @@ func TokenHandler() gin.HandlerFunc { }) } userID = claims["sub"].(string) - roles = claims["roles"].([]string) - scope = claims["scope"].([]string) + rolesInterface := claims["roles"].([]interface{}) + scopeInterface := claims["scope"].([]interface{}) + for _, v := range rolesInterface { + roles = append(roles, v.(string)) + } + for _, v := range scopeInterface { + scope = append(scope, v.(string)) + } // remove older refresh token and rotate it for security sessionstore.RemoveState(refreshToken) } @@ -179,7 +185,7 @@ func TokenHandler() gin.HandlerFunc { if authToken.RefreshToken != nil { res["refresh_token"] = authToken.RefreshToken.Token - sessionstore.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID) + sessionstore.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID) } gc.JSON(http.StatusOK, res) diff --git a/server/handlers/verify_email.go b/server/handlers/verify_email.go index 99e7e68..9544046 100644 --- a/server/handlers/verify_email.go +++ b/server/handlers/verify_email.go @@ -91,7 +91,7 @@ func VerifyEmailHandler() gin.HandlerFunc { if authToken.RefreshToken != nil { params = params + `&refresh_token=${refresh_token}` - sessionstore.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID) + sessionstore.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID) } if redirectURL == "" { diff --git a/server/resolvers/login.go b/server/resolvers/login.go index 5a099b5..355c77c 100644 --- a/server/resolvers/login.go +++ b/server/resolvers/login.go @@ -84,7 +84,7 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes if authToken.RefreshToken != nil { res.RefreshToken = &authToken.RefreshToken.Token - sessionstore.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID) + sessionstore.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID) } go utils.SaveSessionInDB(gc, user.ID) diff --git a/server/resolvers/session.go b/server/resolvers/session.go index 3d9c668..151321d 100644 --- a/server/resolvers/session.go +++ b/server/resolvers/session.go @@ -80,7 +80,7 @@ func SessionResolver(ctx context.Context, params *model.SessionQueryInput) (*mod if authToken.RefreshToken != nil { res.RefreshToken = &authToken.RefreshToken.Token - sessionstore.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID) + sessionstore.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID) } return res, nil