<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Hello,<br>
<br>
I'm using 1.2.0-SNAPSHOT of MITREID server, downloaded and build
today.<br>
<br>
I'm trying to authorize user using authorization code flow. It works
fine, the correct access token and id token are issued.<br>
However I'm not able to obtain a refresh token.<br>
<br>
I'm using the following client configuration:<br>
<br>
In the administration panel, Manage Clients -> Edit<br>
<br>
Access tab:<br>
redelegate - checked<br>
<br>
Tokens tab:<br>
Refresh tokens are issued for this client - checked<br>
Refresh tokens for this client are re-used - checked<br>
Refresh tokens do not time out - checked<br>
<br>
I'm making REST call to obtain an access token:
/openid-connect-server-webapp/token <br>
using following parameters:<br>
grant_type=authorization_code<br>
code=[codeValue]<br>
client_secret=[secret]<br>
client_id=[client_id]<br>
redirect_uri=[redirect_uri]<br>
<br>
The server returns JSON object:<br>
{<br>
"expires_in" : 3599,<br>
"id_token" : "valid_id_token",<br>
"access_token" : "valid_access_token",<br>
"token_type" : "Bearer",<br>
"scope" : "phone email address openid profile"<br>
}<br>
The "refresh_token" parameter is missing. <br>
<br>
I know that refresh_token is an optional parameter, however based on
the presented configuration server should issue a refresh_token. Is
that right or I'm missing something?<br>
<br>
best<br>
Marcin <br>
<br>
<br>
<br>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</body>
</html>