llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-07-08 00:50:28 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: Add distinctions between access_token and refresh_token (#1280)

Browse Source
This commit is contained in:
cofecatt
2022-11-13 13:00:25 +08:00
committed by GitHub
parent 262aeba7e2
commit 462a82a3d5
1 changed files with 13 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
object/token_jwt.go
View File

@ -24,9 +24,10 @@ import (
type Claims struct { type Claims struct {
*User *User
Nonce string `json:"nonce,omitempty"` TokenType string `json:"tokenType,omitempty"`
Tag string `json:"tag,omitempty"` Nonce string `json:"nonce,omitempty"`
Scope string `json:"scope,omitempty"` Tag string `json:"tag,omitempty"`
Scope string `json:"scope,omitempty"`
jwt.RegisteredClaims jwt.RegisteredClaims
} }
@ -37,8 +38,9 @@ type UserShort struct {
type ClaimsShort struct { type ClaimsShort struct {
*UserShort *UserShort
Nonce string `json:"nonce,omitempty"` TokenType string `json:"tokenType,omitempty"`
Scope string `json:"scope,omitempty"` Nonce string `json:"nonce,omitempty"`
Scope string `json:"scope,omitempty"`
jwt.RegisteredClaims jwt.RegisteredClaims
} }
@ -53,6 +55,7 @@ func getShortUser(user *User) *UserShort {
func getShortClaims(claims Claims) ClaimsShort { func getShortClaims(claims Claims) ClaimsShort {
res := ClaimsShort{ res := ClaimsShort{
UserShort: getShortUser(claims.User), UserShort: getShortUser(claims.User),
TokenType: claims.TokenType,
Nonce: claims.Nonce, Nonce: claims.Nonce,
Scope: claims.Scope, Scope: claims.Scope,
RegisteredClaims: claims.RegisteredClaims, RegisteredClaims: claims.RegisteredClaims,
@ -72,8 +75,9 @@ func generateJwtToken(application *Application, user *User, nonce string, scope
jti := fmt.Sprintf("%s/%s", application.Owner, name) jti := fmt.Sprintf("%s/%s", application.Owner, name)
claims := Claims{ claims := Claims{
User: user, User: user,
Nonce: nonce, TokenType: "access-token",
Nonce: nonce,
// FIXME: A workaround for custom claim by reusing `tag` in user info // FIXME: A workaround for custom claim by reusing `tag` in user info
Tag: user.Tag, Tag: user.Tag,
Scope: scope, Scope: scope,
@ -97,10 +101,12 @@ func generateJwtToken(application *Application, user *User, nonce string, scope
token = jwt.NewWithClaims(jwt.SigningMethodRS256, claimsShort) token = jwt.NewWithClaims(jwt.SigningMethodRS256, claimsShort)
claimsShort.ExpiresAt = jwt.NewNumericDate(refreshExpireTime) claimsShort.ExpiresAt = jwt.NewNumericDate(refreshExpireTime)
claimsShort.TokenType = "refresh-token"
refreshToken = jwt.NewWithClaims(jwt.SigningMethodRS256, claimsShort) refreshToken = jwt.NewWithClaims(jwt.SigningMethodRS256, claimsShort)
} else { } else {
token = jwt.NewWithClaims(jwt.SigningMethodRS256, claims) token = jwt.NewWithClaims(jwt.SigningMethodRS256, claims)
claims.ExpiresAt = jwt.NewNumericDate(refreshExpireTime) claims.ExpiresAt = jwt.NewNumericDate(refreshExpireTime)
claims.TokenType = "refresh-token"
refreshToken = jwt.NewWithClaims(jwt.SigningMethodRS256, claims) refreshToken = jwt.NewWithClaims(jwt.SigningMethodRS256, claims)
} }