Skip to content

Commit

Permalink
Merge changes with master
Browse files Browse the repository at this point in the history
  • Loading branch information
jonathansamines committed Jun 30, 2024
2 parents 7624c0a + a4a4486 commit 23aca64
Show file tree
Hide file tree
Showing 6 changed files with 44 additions and 3 deletions.
5 changes: 5 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
# Changelog

## 5.1.0

### Fixes
- [#434](https://github.com/lelylan/simple-oauth2/pull/434) Preserve existing refresh token when refreshed token doesn't contain a new refresh token

## 5.0.1

### Fixes
Expand Down
3 changes: 3 additions & 0 deletions lib/access-token.js
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,9 @@ module.exports = class AccessToken {
const parameters = GrantTypeParams.forGrantType(REFRESH_TOKEN_PROPERTY_NAME, this.#config.options, refreshParams);
const response = await this.#client.request(this.#config.auth.refreshPath, parameters.toObject(), httpOptions);

if (response[REFRESH_TOKEN_PROPERTY_NAME] === undefined) {
response.refresh_token = this.refresh_token;
}
return new AccessToken(this.#config, this.#client, response);
}

Expand Down
4 changes: 2 additions & 2 deletions package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "simple-oauth2",
"version": "5.0.1",
"version": "5.1.0",
"support": true,
"description": "Node.js client for OAuth2",
"author": "Andrea Reginato <[email protected]>",
Expand Down
9 changes: 9 additions & 0 deletions test/_authorization-server-mock.js
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,14 @@ function createAuthorizationServer(authorizationServerUrl) {
});
}

function tokenSuccessWithoutRefreshToken(scopeOptions, params) {
return nock(authorizationServerUrl, scopeOptions)
.post('/oauth/token', params)
.reply(200, { ...accessToken, refresh_token: undefined }, {
'Content-Type': 'application/json',
});
}

return {
tokenError,
tokenAuthorizationError,
Expand All @@ -98,6 +106,7 @@ function createAuthorizationServer(authorizationServerUrl) {
tokenSuccessWithNonJSONContent,
tokenSuccessWithCustomPath,
tokenSuccess,
tokenSuccessWithoutRefreshToken,
};
}

Expand Down
24 changes: 24 additions & 0 deletions test/access-token-refresh.js
Original file line number Diff line number Diff line change
Expand Up @@ -271,3 +271,27 @@ test.serial('@refresh => creates a new access token with custom (inline) http op
scope.done();
t.true(has(refreshAccessToken.token, 'access_token'));
});

test.serial('@refresh => creates a new access token with keeping the old refresh token if refresh did not provide a new refresh token', async (t) => {
const config = createModuleConfig();

const accessTokenResponse = chance.accessToken({
expireMode: 'expires_in',
});

const client = new Client(config);

const refreshParams = {
grant_type: 'refresh_token',
refresh_token: accessTokenResponse.refresh_token,
};

const server = createAuthorizationServer('https://authorization-server.org:443');
const scope = server.tokenSuccessWithoutRefreshToken(scopeOptions, refreshParams);

const accessToken = new AccessToken(config, client, accessTokenResponse);
const refreshAccessToken = await accessToken.refresh();

scope.done();
t.true(has(refreshAccessToken.token, 'refresh_token'));
});

0 comments on commit 23aca64

Please sign in to comment.