feat: update service session on refresh

2025-06-15 21:13:33 +02:00
parent b3ef96a0ce
commit 0db54e0268
1 changed files with 31 additions and 0 deletions
--- a/internal/oauth/token.go
+++ b/internal/oauth/token.go
@ -269,6 +269,26 @@ func (h *OAuthHandler) tokenEndpoint(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 		refreshJTI, err := uuid.Parse(claims.ID)
 		if err != nil {
 			log.Printf("ERR: Failed to parse refresh token JTI as uuid: %v\n", err)
 			web.Error(w, "failed to refresh token", http.StatusInternalServerError)
 			return
 		}
 		session, err := h.repo.GetServiceSessionByRefreshJTI(r.Context(), &refreshJTI)
 		if err != nil {
 			log.Printf("ERR: Failed to find session by '%s' refresh jti: %v\n", refreshJTI.String(), err)
 			web.Error(w, "session invalid", http.StatusUnauthorized)
 			return
 		}
 		if !session.IsActive {
 			log.Printf("INFO: Session with id '%s' is not active", session.ID.String())
 			web.Error(w, "session ended", http.StatusUnauthorized)
 			return
 		}
 		userID, err := uuid.Parse(claims.UserID)
 		if err != nil {
 			web.Error(w, "invalid user credentials in refresh token", http.StatusBadRequest)
@ -284,6 +304,17 @@ func (h *OAuthHandler) tokenEndpoint(w http.ResponseWriter, r *http.Request) {
 		id, access, refresh, err := h.signApiTokens(&user, &apiService, nil)
 		if err := h.repo.UpdateServiceSessionTokens(r.Context(), repository.UpdateServiceSessionTokensParams{
 			ID:             session.ID,
 			AccessTokenID:  &access.ID,
 			RefreshTokenID: &refresh.ID,
 			ExpiresAt:      &refresh.ExpiresAt,
 		}); err != nil {
 			log.Printf("ERR: Failed to update service session with '%s' id: %v\n", session.ID.String(), err)
 			web.Error(w, "failed to update session", http.StatusInternalServerError)
 			return
 		}
 		type Response struct {
 			IdToken      string  `json:"id_token"`
 			TokenType    string  `json:"token_type"`