[FTS-1846] FTS should include "requested_token_type" claim in OAuth2 Token Exchange - CERN Central Jira

XML

Word

Printable

Details

Type: Improvement
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: fts-rest-server 3.12.0
Fix Version/s: fts-rest-server 3.12.1
Component/s: FTS-Flask
Security Level: Public Data (This ticket is visible to anyone on the internet and will be indexed by search engines)
Labels:
None

Description

Discovered during FTS + CILogon TokenProvider integration.

FTS should include the "requested_token_type:
urn:ietf:params:oauth:token-type:refresh_token" claim during the token exchange request to ensure he TokenProvider will return a refresh token. Without this claim, the TokenProvider is free to also return a new access token.

Attachments

Issue Links

mentioned on

Commit - FTS-1846: Add the "requested_token_type" claim in the token exchange request

Activity

People

Assignee:: Mihai Patrascoiu

Reporter:: Mihai Patrascoiu

Component Watchers:

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 20/Oct/22 9:55 AM

Updated:: 02/Dec/22 2:37 PM

Resolved:: 20/Oct/22 10:09 AM