dex/db/migrations/0013_add_scopes_to_refresh_tokens.sql
Bobby Rullo 32a1994a5e refresh tokens: store and validate scopes.
A refresh request must fail if it asks for scopes that were not
originally granted when the refresh token was obtained.

This Commit:

* changes repo to store scopes with tokens
* changes repo interface signatures so that scopes can be stored and
  verified
* updates dependent code to pass along scopes
2016-06-14 14:14:36 -07:00

4 lines
141 B
SQL

-- +migrate Up
ALTER TABLE refresh_token ADD COLUMN "scopes" text;
UPDATE refresh_token SET scopes = 'openid profile email offline_access';