Arsharth/dex
1
0
Fork 0
forked from mystiq/dex
Code Issues Pull requests Projects Releases Packages Wiki Activity

Automatic consistency fixing in case of missing refresh token in db

Browse source
This commit is contained in:
Tadeusz Magura-Witkowski 2020-03-25 13:43:53 +01:00
parent 3693b74791
commit 7b7e2a040d
1 changed files with 8 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
server/handlers.go
View file

@ -1344,10 +1344,14 @@ func (s *Server) handlePasswordGrant(w http.ResponseWriter, r *http.Request, cli
if oldTokenRef, ok := session.Refresh[tokenRef.ClientID]; ok { if oldTokenRef, ok := session.Refresh[tokenRef.ClientID]; ok {
// Delete old refresh token from storage. // Delete old refresh token from storage.
if err := s.storage.DeleteRefresh(oldTokenRef.ID); err != nil { if err := s.storage.DeleteRefresh(oldTokenRef.ID); err != nil {
s.logger.Errorf("failed to delete refresh token: %v", err) if err == storage.ErrNotFound {
s.tokenErrHelper(w, errServerError, "", http.StatusInternalServerError) s.logger.Warnf("database inconsistent, refresh token missing: %v", oldTokenRef.ID)
deleteToken = true } else {
return s.logger.Errorf("failed to delete refresh token: %v", err)
s.tokenErrHelper(w, errServerError, "", http.StatusInternalServerError)
deleteToken = true
return
}
} }
} }