ego icon indicating copy to clipboard operation
ego copied to clipboard
verified publisher icon overture-stack

BUG - Endpoint GET /oauth/refresh is not returning passport permissions

Open leoraba opened this issue 2 years ago • 1 comments

Steps how to reproduce the issue:

Prerequisites: Have an active login session in Ego with a user registered with a Passport broker:

  1. EGO JWT token
  2. EGO refresh token cookie stored in browser as refreshId

Steps: Call POST /oauth/refresh (using POSTMAN) Header: Cookie: refreshId=[REFRESH_TOKEN_HERE] Authorization: bearer [EGO_TOKEN_HERE]

Expected Response:

  • a new EGO JWT token that includes scopes based on passport permission.
  • a new EGO refresh token

Actual response:

  • a new EGO JWT token that does not include scopes based on passport permission.
  • a new EGO refresh token

Tentative solution: use refresh token provided by Passport broker instead of the usual EGO refresh token

Endpoint used by: platform-api and workflow-ui

leoraba avatar Jun 29 '23 15:06 leoraba

PR #718

leoraba avatar Jun 29 '23 19:06 leoraba