We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Describe the bug When using the Device Authorization Flow, including the offline_access scope won't include a refresh_token in the token response.
offline_access
refresh_token
To Reproduce Steps to reproduce the behavior:
Expected behavior Token response contains a refresh_token
Version and Deployment (please complete the following information):
Additional context I think, there is an error in the https://github.com/goauthentik/authentik/blame/main/authentik/providers/oauth2/views/token.py#L714 Current implementation requires the token request to contain the offline_access scope, however, I think it must be included in the initial device authorization request.
if SCOPE_OFFLINE_ACCESS in self.params.scope
vs.
if SCOPE_OFFLINE_ACCESS in self.params.device_code.scope
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Describe the bug
When using the Device Authorization Flow, including the
offline_access
scope won't include arefresh_token
in the token response.To Reproduce
Steps to reproduce the behavior:
offline_access
scopeExpected behavior
Token response contains a
refresh_token
Version and Deployment (please complete the following information):
Additional context
I think, there is an error in the https://github.com/goauthentik/authentik/blame/main/authentik/providers/oauth2/views/token.py#L714
Current implementation requires the token request to contain the
offline_access
scope, however, I think it must be included in the initial device authorization request.vs.
The text was updated successfully, but these errors were encountered: