Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adds new refresh tokens to OutstandingToken db. #866

Merged
merged 2 commits into from
Feb 21, 2025
Merged

Adds new refresh tokens to OutstandingToken db. #866

merged 2 commits into from
Feb 21, 2025

Conversation

thecarpetjasp
Copy link
Contributor

@thecarpetjasp thecarpetjasp commented Feb 20, 2025
edited
Loading

Fixes the issue #363 where new refresh tokens issued out do not get added to the OutstandingToken db.

The issue was resolved by adding a method to the Token class called outstand, which checks if the token is in the outstanding table, and adds it if not.

When ROTATE_REFRESH_TOKENS is set to True, the TokenRefreshSerializer calls the .outstand() method on the new refresh token that is issued.

All tests ran fine, except for test test_it_should_blacklist_refresh_token_if_tokens_should_be_rotated_and_blacklisted. The reason for this was it was asserting that outstanding table has 1 token.

However, since this bug is now fixed, there should be in fact 2 tokens in the outstanding table. One for the initial refresh token issued during authentication, and the second token which is issued during a refresh, which was implemented in this PR with .outstand(). So I have changed that test to assert two tokens in the table, which is now correct.

@thecarpetjasp thecarpetjasp mentioned this pull request Feb 20, 2025
Closed
This was linked to issues Feb 21, 2025
OustandingToken only created when refresh token is used to get a new key pair and not at creation ? Bug ? #363
Closed
Avoid using ROTATE_REFRESH_TOKENS. BUG. #863
Closed
@thecarpetjasp thecarpetjasp merged commit b962aca into jazzband:master Feb 21, 2025
23 checks passed
@thecarpetjasp thecarpetjasp linked an issue Feb 21, 2025 that may be closed by this pull request
Refresh token rotation not storing the valid one on Outstanding token table #25
Closed
@vainu-arto vainu-arto mentioned this pull request Feb 24, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@21stPhenom 21stPhenom 21stPhenom approved these changes

@0xCR-Tech 0xCR-Tech 0xCR-Tech approved these changes

@Andrew-Chen-Wang Andrew-Chen-Wang Awaiting requested review from Andrew-Chen-Wang

@1ace 1ace Awaiting requested review from 1ace

@510908220 510908220 Awaiting requested review from 510908220

@2ykwang 2ykwang Awaiting requested review from 2ykwang

@2019342a 2019342a Awaiting requested review from 2019342a

@29rou 29rou Awaiting requested review from 29rou

@1806exe 1806exe Awaiting requested review from 1806exe

@0xpranjal 0xpranjal Awaiting requested review from 0xpranjal

@0xsirsaif 0xsirsaif Awaiting requested review from 0xsirsaif

@3ru 3ru Awaiting requested review from 3ru

@0xMRTT 0xMRTT Awaiting requested review from 0xMRTT

@0xCode7 0xCode7 Awaiting requested review from 0xCode7

@29deepanshutyagi 29deepanshutyagi Awaiting requested review from 29deepanshutyagi

Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
3 participants
@thecarpetjasp @21stPhenom @0xCR-Tech