Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Store ID token not access token for ID token in extra info #24

Closed
wants to merge 1 commit into from
Closed

Store ID token not access token for ID token in extra info #24

wants to merge 1 commit into from

Conversation

ryanswood
Copy link

Followup to #17 which replaces the access token with the ID token in the extra info.

This PR slightly changes the solution and includes a spec.

@ryanswood ryanswood mentioned this pull request Mar 15, 2022
Closed
@rockorequin
Copy link

+1 for this.

Btw, should it check oauth2_access_token['id_token'] is not nil as well as oauth2_access_token?

@ryanswood
Copy link
Author

@rockorequin

Btw, should it check oauth2_access_token['id_token'] is not nil as well as oauth2_access_token?

I am not sure though I do prefer to leave as is. It is much more clear to have the extra info hash contain the key id_token with a nil value as a way to explain the ID's absence rather than not having the key. Plus, this code has worked this way for ~5 years so it would be problematic if the key were not to exist on the next release.

@rockorequin Thoughts?

@BobbyMcWho What are the steps to get this merged? Let me know if there is anything else needed.

1 similar comment
@ryanswood
Copy link
Author

@rockorequin

Btw, should it check oauth2_access_token['id_token'] is not nil as well as oauth2_access_token?

I am not sure though I do prefer to leave as is. It is much more clear to have the extra info hash contain the key id_token with a nil value as a way to explain the ID's absence rather than not having the key. Plus, this code has worked this way for ~5 years so it would be problematic if the key were not to exist on the next release.

@rockorequin Thoughts?

@BobbyMcWho What are the steps to get this merged? Let me know if there is anything else needed.

@rockorequin
Copy link

@ryanswood Good points, I agree.

Also, fwiw I tested the patch and it works fine with my logout code.

Is it possible that someone might be using the access token (that is currently mislabeled as id_token)? In which case, would it be a good idea to at least add a note to the readme file saying that the id_token key now actually refers to the id_token instead of the access_token?

@BobbyMcWho
Copy link
Member

Yeah, when this gets merged it'll be a major version bump most likely since it breaks the existing expected data

@ryanswood
Copy link
Author

@BobbyMcWho PR look good? Anything else needed? I am assuming the PR would be merged and you would bump the version and do a release?

1 similar comment
@ryanswood
Copy link
Author

@BobbyMcWho PR look good? Anything else needed? I am assuming the PR would be merged and you would bump the version and do a release?

@BobbyMcWho BobbyMcWho mentioned this pull request Apr 14, 2022
Merged
@BobbyMcWho
Copy link
Member

@ryanswood @rockorequin please check out #25

@BobbyMcWho
Copy link
Member

I appreciate your patience on this folks, this has been released in v2.0.0. Released on rubygems.

@BobbyMcWho BobbyMcWho closed this Apr 18, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ryanswood @rockorequin @BobbyMcWho