32a1994a5e
A refresh request must fail if it asks for scopes that were not originally granted when the refresh token was obtained. This Commit: * changes repo to store scopes with tokens * changes repo interface signatures so that scopes can be stored and verified * updates dependent code to pass along scopes
4 lines
141 B
SQL
4 lines
141 B
SQL
-- +migrate Up
|
|
ALTER TABLE refresh_token ADD COLUMN "scopes" text;
|
|
|
|
UPDATE refresh_token SET scopes = 'openid profile email offline_access';
|