Return valid JWT access token from password grant
This change updates the password grant handler to issue a valid JWT access token instead of just returning a random value as the access token. This makes it possible to use the access token against the user info endpoint. Signed-off-by: Monis Khan <i@monis.app>
This commit is contained in:
parent
0e2459c230
commit
3009ae3b5d
@ -1105,10 +1105,17 @@ func (s *Server) handlePasswordGrant(w http.ResponseWriter, r *http.Request, cli
|
|||||||
Groups: identity.Groups,
|
Groups: identity.Groups,
|
||||||
}
|
}
|
||||||
|
|
||||||
accessToken := storage.NewID()
|
accessToken, err := s.newAccessToken(client.ID, claims, scopes, nonce, connID)
|
||||||
|
if err != nil {
|
||||||
|
s.logger.Errorf("password grant failed to create new access token: %v", err)
|
||||||
|
s.tokenErrHelper(w, errServerError, "", http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
idToken, expiry, err := s.newIDToken(client.ID, claims, scopes, nonce, accessToken, "", connID)
|
idToken, expiry, err := s.newIDToken(client.ID, claims, scopes, nonce, accessToken, "", connID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
s.tokenErrHelper(w, errServerError, fmt.Sprintf("failed to create ID token: %v", err), http.StatusInternalServerError)
|
s.logger.Errorf("password grant failed to create new ID token: %v", err)
|
||||||
|
s.tokenErrHelper(w, errServerError, "", http.StatusInternalServerError)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Reference in New Issue
Block a user