Handle sessions without refresh token

2025-07-13 21:36:36 +03:00
parent e55773266b
commit afc439e245
1 changed files with 3 additions and 0 deletions
--- a/inventory-app/oidc.py
+++ b/inventory-app/oidc.py
@@ -71,6 +71,9 @@ def login_callback():
    return redirect(session.pop("original_url", "/"))

 def do_refresh():
+    if "refresh_token" not in session:
+        print("no refresh token, skipping refresh")
+        return False
    print("doing refreesh")
    r = requests.post(metadata["token_endpoint"], {
        "client_secret": os.getenv("OIDC_CLIENT_SECRET"),