[mitreid-connect] missing refresh token
Marcin Krystek
mkrystek at man.poznan.pl
Thu Jan 22 10:42:08 EST 2015
Thank you Justin, it works as you suggested.
redelegate Grant Type is not required in this case.
On 22/01/15 16:26, Richer, Justin P. wrote:
> You must include the "offline_access" scope in the token request, and the client must be registered to allow the "offline_access" scope and/or have its "issue refresh tokens" checkbox checked in the admin UI. See this issue here:
>
> https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/issues/751
>
> -- Justin
>
> On Jan 22, 2015, at 10:22 AM, Marcin Krystek <mkrystek at man.poznan.pl> wrote:
>
>> Hello,
>>
>> I'm using 1.2.0-SNAPSHOT of MITREID server, downloaded and build today.
>>
>> I'm trying to authorize user using authorization code flow. It works fine, the correct access token and id token are issued.
>> However I'm not able to obtain a refresh token.
>>
>> I'm using the following client configuration:
>>
>> In the administration panel, Manage Clients -> Edit
>>
>> Access tab:
>> redelegate - checked
>>
>> Tokens tab:
>> Refresh tokens are issued for this client - checked
>> Refresh tokens for this client are re-used - checked
>> Refresh tokens do not time out - checked
>>
>> I'm making REST call to obtain an access token: /openid-connect-server-webapp/token
>> using following parameters:
>> grant_type=authorization_code
>> code=[codeValue]
>> client_secret=[secret]
>> client_id=[client_id]
>> redirect_uri=[redirect_uri]
>>
>> The server returns JSON object:
>> {
>> "expires_in" : 3599,
>> "id_token" : "valid_id_token",
>> "access_token" : "valid_access_token",
>> "token_type" : "Bearer",
>> "scope" : "phone email address openid profile"
>> }
>> The "refresh_token" parameter is missing.
>>
>> I know that refresh_token is an optional parameter, however based on the presented configuration server should issue a refresh_token. Is that right or I'm missing something?
>>
>> best
>> Marcin
>>
>>
>>
>> _______________________________________________
>> mitreid-connect mailing list
>> mitreid-connect at mit.edu
>> http://mailman.mit.edu/mailman/listinfo/mitreid-connect
More information about the mitreid-connect
mailing list