Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add scope to refresh_token #256

Merged
merged 3 commits into from
Mar 29, 2021
Merged

Add scope to refresh_token #256

merged 3 commits into from
Mar 29, 2021

Conversation

criles25
Copy link
Contributor

@criles25 criles25 commented Mar 8, 2021
edited
Loading

Changes

Adding scope param to refresh_token.

References

The auth0 API supports the scope param when refreshing token. https://auth0.com/docs/api/authentication#refresh-token

Testing

  • This change adds unit test coverage

Checklist

@criles25 criles25 requested a review from a team as a code owner March 8, 2021 21:21
@criles25 criles25 mentioned this pull request Mar 9, 2021
Closed
lbalmaceda
lbalmaceda suggested changes Mar 10, 2021
View reviewed changes
Copy link
Contributor

@lbalmaceda lbalmaceda left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, the addition is correct 👍 left a comment

auth0/v3/authentication/get_token.py Outdated
@@ -164,7 +164,8 @@ def login(self, client_id, client_secret, username, password, scope, realm,
}
)

def refresh_token(self, client_id, client_secret, refresh_token, grant_type='refresh_token'):
def refresh_token(self, client_id, client_secret, refresh_token, scope,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe this will be a breaking change for those calling it without named arguments. We should place the new value on the last place.

@criles25
Copy link
Contributor Author

the empty string default scope='' behaves the same as it being left out when calling the auth0 API

# scope=""
charlesriley@Charless-MBP auth0-python % curl --request POST \                                                                    
--url 'https://xometry-monolith-development.us.auth0.com/oauth/token' \
--header 'content-type: application/x-www-form-urlencoded' \
--data 'grant_type=refresh_token&client_id=foo&client_secret=bar&scope=""&refresh_token=baz'
{"access_token":"JWT","scope":"offline_access","expires_in":86400,"token_type":"Bearer"}%                                                                 

# scope left out 
charlesriley@Charless-MBP auth0-python % curl --request POST \                                                                    
--url 'https://xometry-monolith-development.us.auth0.com/oauth/token' \
--header 'content-type: application/x-www-form-urlencoded' \
--data 'grant_type=refresh_token&client_id=foo&client_secret=bar&refresh_token=baz' 
{"access_token":"JWT","scope":"offline_access","expires_in":86400,"token_type":"Bearer"}%

@lbalmaceda lbalmaceda self-requested a review March 29, 2021 11:15
@lbalmaceda lbalmaceda merged commit 86e5c7d into auth0:master Mar 29, 2021
@lbalmaceda lbalmaceda added this to the v3-Next milestone Mar 29, 2021
@lbalmaceda lbalmaceda modified the milestones: v3-Next, 3.16.0 Apr 9, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lbalmaceda lbalmaceda lbalmaceda approved these changes

Assignees
No one assigned
Labels
CH: Added
Projects
None yet
Milestone
3.16.0
Development

Successfully merging this pull request may close these issues.
2 participants
@criles25 @lbalmaceda