llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-07-03 20:50:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: refresh token does not return (#401)

Browse Source 
Signed-off-by: 0x2a <stevesough@gmail.com>
This commit is contained in:
Steve0x2a
2021-12-28 19:44:17 +08:00
committed by GitHub
parent d5f802ec7d
commit 4f124ff140
1 changed files with 24 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
object/token.go
View File

@ -48,6 +48,7 @@ type Token struct {
type TokenWrapper struct { type TokenWrapper struct {
AccessToken string `json:"access_token"` AccessToken string `json:"access_token"`
IdToken string `json:"id_token"` IdToken string `json:"id_token"`
RefreshToken string `json:"refresh_token"`
TokenType string `json:"token_type"` TokenType string `json:"token_type"`
ExpiresIn int `json:"expires_in"` ExpiresIn int `json:"expires_in"`
Scope string `json:"scope"` Scope string `json:"scope"`
@ -190,6 +191,12 @@ func GetOAuthCode(userId string, clientId string, responseType string, redirectU
Code: "", Code: "",
} }
} }
if user.IsForbidden {
return &Code{
Message: "error: the user is forbidden to sign in, please contact the administrator",
Code: "",
}
}
msg, application := CheckOAuthLogin(clientId, responseType, redirectUri, scope, state) msg, application := CheckOAuthLogin(clientId, responseType, redirectUri, scope, state)
if msg != "" { if msg != "" {
@ -286,6 +293,7 @@ func GetOAuthToken(grantType string, clientId string, clientSecret string, code
tokenWrapper := &TokenWrapper{ tokenWrapper := &TokenWrapper{
AccessToken: token.AccessToken, AccessToken: token.AccessToken,
IdToken: token.AccessToken, IdToken: token.AccessToken,
RefreshToken: token.RefreshToken,
TokenType: token.TokenType, TokenType: token.TokenType,
ExpiresIn: token.ExpiresIn, ExpiresIn: token.ExpiresIn,
Scope: token.Scope, Scope: token.Scope,
@ -339,6 +347,12 @@ func RefreshToken(grantType string, refreshToken string, scope string, clientId
} }
// generate a new token // generate a new token
user := getUser(application.Owner, token.User) user := getUser(application.Owner, token.User)
if user.IsForbidden {
return &Code{
Message: "error: the user is forbidden to sign in, please contact the administrator",
Code: "",
}
}
newAccessToken, newRefreshToken, err := generateJwtToken(application, user, "") newAccessToken, newRefreshToken, err := generateJwtToken(application, user, "")
if err != nil { if err != nil {
panic(err) panic(err)