Skip to content

Commit

Permalink
Store offline sessions only if they were requested by the user (dexid…
Browse files Browse the repository at this point in the history
…p#3125)

Signed-off-by: MM53 <2821Signed-off-by: MM53 <28218664+MM53@users.noreply.github.com>
  • Loading branch information
MM53 authored and orange-hbenmabrouk committed Oct 23, 2023
1 parent 7309266 commit 84c9123
Show file tree
Hide file tree
Showing 2 changed files with 249 additions and 126 deletions.
11 changes: 11 additions & 0 deletions server/handlers.go
Original file line number Diff line number Diff line change
Expand Up @@ -539,6 +539,17 @@ func (s *Server) finalizeLogin(identity connector.Identity, authReq storage.Auth
return returnURL, false, nil
}

offlineAccessRequested := false
for _, scope := range authReq.Scopes {
if scope == scopeOfflineAccess {
offlineAccessRequested = true
break
}
}
if !offlineAccessRequested {
return returnURL, false, nil
}

// Try to retrieve an existing OfflineSession object for the corresponding user.
session, err := s.storage.GetOfflineSessions(identity.UserID, authReq.ConnectorID)
if err != nil {
Expand Down
Loading

0 comments on commit 84c9123

Please sign in to comment.