Merge pull request #1678 from Teeed/auto_consistency_fix

Automatic consistency fixing in case of missing refresh token in db
This commit is contained in:
Nándor István Krácser 2020-04-03 14:17:58 +02:00 committed by GitHub
commit ebef257dcd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -1344,12 +1344,16 @@ func (s *Server) handlePasswordGrant(w http.ResponseWriter, r *http.Request, cli
if oldTokenRef, ok := session.Refresh[tokenRef.ClientID]; ok {
// Delete old refresh token from storage.
if err := s.storage.DeleteRefresh(oldTokenRef.ID); err != nil {
if err == storage.ErrNotFound {
s.logger.Warnf("database inconsistent, refresh token missing: %v", oldTokenRef.ID)
} else {
s.logger.Errorf("failed to delete refresh token: %v", err)
s.tokenErrHelper(w, errServerError, "", http.StatusInternalServerError)
deleteToken = true
return
}
}
}
// Update existing OfflineSession obj with new RefreshTokenRef.
if err := s.storage.UpdateOfflineSessions(session.UserID, session.ConnID, func(old storage.OfflineSessions) (storage.OfflineSessions, error) {