Skip to content

feat: allow configuring revocation of refresh tokens #213

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Mar 30, 2025
Merged

feat: allow configuring revocation of refresh tokens #213

merged 1 commit into from
Mar 30, 2025

Conversation

fschmtt
Copy link
Contributor

@fschmtt fschmtt commented Feb 24, 2025
edited
Loading

adds a configuration for disabling revocation of refresh token after they were used. this configuration applies to all grant types that will be enabled.

complies with league/oauth2-server: https://github.com/thephpleague/oauth2-server/blob/master/src/AuthorizationServer.php#L209-L215

# config/packages/league_oauth2_server.yaml

league_oauth2_server:
    authorization_server:
        revoke_refresh_tokens: false

@fschmtt fschmtt changed the title feat: allow configuring revocation of refresh tokens #211 feat: allow configuring revocation of refresh tokens Feb 24, 2025
@chalasr
Copy link
Member

chalasr commented Mar 11, 2025

Can you rebase your PR and add a test case for this?

@fschmtt
Copy link
Contributor Author

fschmtt commented Mar 13, 2025

Yes, will do. Please allow me some days to get back to this! 😄

@chalasr
Copy link
Member

chalasr commented Mar 13, 2025

Of course, thank you.

@fschmtt fschmtt force-pushed the revoke-refresh-tokens-config branch from 0e7586f to de2f214 Compare March 20, 2025 13:49
@fschmtt
Copy link
Contributor Author

fschmtt commented Mar 21, 2025

Hey @chalasr I'm honestly struggling to execute the PHPUnit tests locally.

Any tips, guide or README I can consult?

@chalasr
Copy link
Member

chalasr commented Mar 21, 2025

@fschmtt Here you go, https://github.com/thephpleague/oauth2-server-bundle/blob/master/CONTRIBUTING.md#testing.
Please tell me if it's not enough

@fschmtt
Copy link
Contributor Author

fschmtt commented Mar 22, 2025

Hey thanks for your reply. I got the local setup for running the tests working.

I suppose you'd like me to to test that setting the option in the YAML configuration properly configures the AuthorizationServer, am I correct?

I'm not super familiar with testing a bundle or its configuration and couldn't find a similar test case, so I'm a bit at loss how and where to start 😅 I'd appreciate a helping hand if possible.

@fschmtt
Copy link
Contributor Author

fschmtt commented Mar 22, 2025

Oh wait, I overlooked the ExtensionTest, which seems what I should have been looking for!

@fschmtt fschmtt force-pushed the revoke-refresh-tokens-config branch 2 times, most recently from b3ea720 to 6b94e36 Compare March 22, 2025 17:43
@fschmtt fschmtt force-pushed the revoke-refresh-tokens-config branch from 6b94e36 to e238516 Compare March 23, 2025 19:37
@chalasr
Copy link
Member

chalasr commented Mar 30, 2025

Thank you @fschmtt.

@chalasr chalasr merged commit 03911d8 into thephpleague:master Mar 30, 2025
23 checks passed
@justim justim mentioned this pull request Apr 25, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@fschmtt @chalasr