Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a way to refresh token #55

Open
LuchoTurtle opened this issue Apr 18, 2024 · 0 comments
Open

Add a way to refresh token #55

LuchoTurtle opened this issue Apr 18, 2024 · 0 comments
Assignees
@LuchoTurtle
Labels
documentation Improvements or additions to documentation elixir Pull requests that update Elixir code enhancement New feature or enhancement of existing functionality

Comments

@LuchoTurtle
Copy link
Member

LuchoTurtle commented Apr 18, 2024
edited
Loading

As per #54 , this package should have a way for people to refresh their tokens and a way of knowing if they are invalid or expired.

Typically, when a token is expired, the web application should try to refresh it and get the new one seamlessly in case a request to a protected resource fails. Having a function that refreshes the token given an access token should make it easy for people to do so.
The package calls the /authorize end point and receives an access token.

{
   "token_type":"Bearer",
   "scope":"https://graph.microsoft.com/User.Read",
   "expires_in":3600,
   "ext_expires_in":3600,
   "access_token":"xxxxxxx"
}

According to https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-auth-code-flow, we should be able to also return the refresh token.

An OAuth 2.0 refresh token. The app can use this token to acquire other access tokens after the current access token expires. Refresh tokens are long-lived. They can maintain access to resources for extended periods. For more detail on refreshing an access token, refer to Refresh the access token later in this article.
Note: Only provided if offline_access scope was requested.

The client user should have access to the refresh token, as well.
@LuchoTurtle LuchoTurtle added enhancement New feature or enhancement of existing functionality documentation Improvements or additions to documentation elixir Pull requests that update Elixir code labels Apr 18, 2024
@LuchoTurtle LuchoTurtle self-assigned this Apr 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@LuchoTurtle LuchoTurtle

Labels
documentation Improvements or additions to documentation elixir Pull requests that update Elixir code enhancement New feature or enhancement of existing functionality
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@LuchoTurtle