forked from mystiq/dex
Automatic consistency fixing in case of missing refresh token in db
This commit is contained in:
parent
3693b74791
commit
7b7e2a040d
1 changed files with 8 additions and 4 deletions
|
@ -1344,10 +1344,14 @@ func (s *Server) handlePasswordGrant(w http.ResponseWriter, r *http.Request, cli
|
|||
if oldTokenRef, ok := session.Refresh[tokenRef.ClientID]; ok {
|
||||
// Delete old refresh token from storage.
|
||||
if err := s.storage.DeleteRefresh(oldTokenRef.ID); err != nil {
|
||||
s.logger.Errorf("failed to delete refresh token: %v", err)
|
||||
s.tokenErrHelper(w, errServerError, "", http.StatusInternalServerError)
|
||||
deleteToken = true
|
||||
return
|
||||
if err == storage.ErrNotFound {
|
||||
s.logger.Warnf("database inconsistent, refresh token missing: %v", oldTokenRef.ID)
|
||||
} else {
|
||||
s.logger.Errorf("failed to delete refresh token: %v", err)
|
||||
s.tokenErrHelper(w, errServerError, "", http.StatusInternalServerError)
|
||||
deleteToken = true
|
||||
return
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue