refresh token and client secret
I'm trying to implement token refresh in
But I get he error
python + fastapi + request-oauthlib using the PCKE flow as followed:
python
@router.get("/refresh-token")
async def refresh_token(request: Request, response: Response):
# Log to console
logger.info("Attempting to refresh access token.")
# Get the configuration
config = get_config()
print("TRACE 00001")
# Get the session refresh token
refresh_token = await request.state.session.get('refresh_token')
print("TRACE 00002")
# Check err
if not refresh_token:
logger.error("No refresh token available in session.")
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Refresh token not found.")
print("TRACE 00003")
# Create oauth client
oauth2 = OAuth2Session(
client_id=config['client_id'],
scope=config['scope']
)
print("TRACE 00004")
# Refresh the token
try:
new_token = oauth2.refresh_token(
token_url=config['oid_config']['token_endpoint'],
refresh_token=refresh_token,
client_id=config['client_id']
)
except Exception as e:
logger.error(f"Failed to refresh token: {str(e)}")
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail=str(e))
print("TRACE 00005")
# Store new refresh token
await request.state.session.put('refresh_token', new_token.get('refresh_token', refresh_token))
print("TRACE 00006")
# Store new access token
await request.state.session.put('access_token', new_token['access_token'])
print("TRACE 00007")
original_url = await request.state.session.get('original_url', '/dead')
response = RedirectResponse(url=original_url)
response.set_cookie(key="access_token", value=new_token['access_token'], httponly=True)
return response
python
@router.get("/refresh-token")
async def refresh_token(request: Request, response: Response):
# Log to console
logger.info("Attempting to refresh access token.")
# Get the configuration
config = get_config()
print("TRACE 00001")
# Get the session refresh token
refresh_token = await request.state.session.get('refresh_token')
print("TRACE 00002")
# Check err
if not refresh_token:
logger.error("No refresh token available in session.")
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Refresh token not found.")
print("TRACE 00003")
# Create oauth client
oauth2 = OAuth2Session(
client_id=config['client_id'],
scope=config['scope']
)
print("TRACE 00004")
# Refresh the token
try:
new_token = oauth2.refresh_token(
token_url=config['oid_config']['token_endpoint'],
refresh_token=refresh_token,
client_id=config['client_id']
)
except Exception as e:
logger.error(f"Failed to refresh token: {str(e)}")
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail=str(e))
print("TRACE 00005")
# Store new refresh token
await request.state.session.put('refresh_token', new_token.get('refresh_token', refresh_token))
print("TRACE 00006")
# Store new access token
await request.state.session.put('access_token', new_token['access_token'])
print("TRACE 00007")
original_url = await request.state.session.get('original_url', '/dead')
response = RedirectResponse(url=original_url)
response.set_cookie(key="access_token", value=new_token['access_token'], httponly=True)
return response
Failed to refresh token: (invalid_client) empty client secret but no client secret should be needed??2 Replies
Hm it sounds like your client throws that error already, right?
Yes and If I remove the client id from
I get:
So I'm in a catch 22
oauth2.refresh_token as so:
new_token = oauth2.refresh_token(
token_url=config['oid_config']['token_endpoint'],
refresh_token=refresh_token
)
new_token = oauth2.refresh_token(
token_url=config['oid_config']['token_endpoint'],
refresh_token=refresh_token
)
ERROR:auth:Failed to refresh token: (invalid_request) client_id or client_assertion must be provided
ERROR:auth:Failed to refresh token: (invalid_request) client_id or client_assertion must be provided