Skip to content

Add a way to refresh token #55

New issue
New issue
Open
Open
Add a way to refresh token#55
Assignees
LuchoTurtle
Labels
documentationImprovements or additions to documentationelixirPull requests that update Elixir codeenhancementNew feature or enhancement of existing functionality
@LuchoTurtle

Description

@LuchoTurtle
LuchoTurtle
opened on Apr 18, 2024

As per #54 , this package should have a way for people to refresh their tokens and a way of knowing if they are invalid or expired.

Typically, when a token is expired, the web application should try to refresh it and get the new one seamlessly in case a request to a protected resource fails. Having a function that refreshes the token given an access token should make it easy for people to do so.
The package calls the /authorize end point and receives an access token.

{
   "token_type":"Bearer",
   "scope":"https://graph.microsoft.com/User.Read",
   "expires_in":3600,
   "ext_expires_in":3600,
   "access_token":"xxxxxxx"
}

According to https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-auth-code-flow, we should be able to also return the refresh token.

An OAuth 2.0 refresh token. The app can use this token to acquire other access tokens after the current access token expires. Refresh tokens are long-lived. They can maintain access to resources for extended periods. For more detail on refreshing an access token, refer to Refresh the access token later in this article.
Note: Only provided if offline_access scope was requested.

The client user should have access to the refresh token, as well.

Metadata

Metadata

Assignees

Labels

documentationImprovements or additions to documentationelixirPull requests that update Elixir codeenhancementNew feature or enhancement of existing functionality

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions