oauth2 icon indicating copy to clipboard operation
oauth2 copied to clipboard
verified publisher icon dart-lang

Handle credentials refresh with clientCredentialsGrant

Open moorl opened this issue 2 years ago • 0 comments

Hello, I use clientCredentialsGrant and just have a 10m token that expires fast. Suddenly I can't refresh/replace the whole client, so I need an refresh alternative.

I have changed

bool get canRefresh => tokenEndpoint != null;

and

Future<Credentials> refresh(
      {String? identifier,
      String? secret,
      Iterable<String>? newScopes,
      bool basicAuth = true,
      http.Client? httpClient}) async {

    ...

    var body = {};

    if (refreshToken != null && tokenEndpoint != null) {
      body['grant_type'] = 'refresh_token';
      body['refresh_token'] = refreshToken;
    } else if (refreshToken == null && tokenEndpoint != null) {
      body['grant_type'] = 'client_credentials';
    } else {
      throw StateError("Can't refresh credentials without a token "
          'endpoint.');
    }

    ...    

    return Credentials(credentials.accessToken,
        refreshToken: refreshToken,
        idToken: credentials.idToken,
        tokenEndpoint: credentials.tokenEndpoint,
        scopes: credentials.scopes,
        expiration: credentials.expiration);
  }

This works fine for me, should I create a MR?

moorl avatar Feb 14 '23 07:02 moorl