Merge pull request #1670 from klarose/handle-refresh-no-present

handlers: do not fail login if refresh token gone
This commit is contained in:
Nándor István Krácser 2020-03-19 13:44:22 +01:00 committed by GitHub
commit 741bf029a1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -905,7 +905,7 @@ func (s *Server) handleAuthCode(w http.ResponseWriter, r *http.Request, client s
} else {
if oldTokenRef, ok := session.Refresh[tokenRef.ClientID]; ok {
// Delete old refresh token from storage.
if err := s.storage.DeleteRefresh(oldTokenRef.ID); err != nil {
if err := s.storage.DeleteRefresh(oldTokenRef.ID); err != nil && err != storage.ErrNotFound {
s.logger.Errorf("failed to delete refresh token: %v", err)
s.tokenErrHelper(w, errServerError, "", http.StatusInternalServerError)
deleteToken = true