jwt_sessions 2.3.0 → 2.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/LICENSE +1 -1
- data/README.md +41 -41
- data/lib/jwt_sessions/access_token.rb +4 -4
- data/lib/jwt_sessions/authorization.rb +8 -8
- data/lib/jwt_sessions/refresh_token.rb +2 -2
- data/lib/jwt_sessions/session.rb +7 -7
- data/lib/jwt_sessions/store_adapters/memory_store_adapter.rb +10 -10
- data/lib/jwt_sessions/store_adapters/redis_store_adapter.rb +6 -6
- data/lib/jwt_sessions/token.rb +4 -4
- data/lib/jwt_sessions/version.rb +1 -1
- data/lib/jwt_sessions.rb +25 -25
- data/test/units/jwt_sessions/store_adapters/test_memory_store_adapter.rb +46 -46
- data/test/units/jwt_sessions/store_adapters/test_redis_store_adapter.rb +23 -23
- data/test/units/jwt_sessions/test_access_token.rb +3 -3
- data/test/units/jwt_sessions/test_csrf_token.rb +4 -4
- data/test/units/jwt_sessions/test_refresh_token.rb +3 -3
- data/test/units/jwt_sessions/test_session.rb +35 -24
- data/test/units/jwt_sessions/test_token.rb +48 -48
- data/test/units/test_jwt_sessions.rb +6 -6
- data/test/units/test_token_store.rb +7 -7
- metadata +4 -4
@@ -1,7 +1,7 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require
|
4
|
-
require
|
3
|
+
require "minitest/autorun"
|
4
|
+
require "jwt_sessions"
|
5
5
|
|
6
6
|
class TestMemoryStoreAdapter < Minitest::Test
|
7
7
|
attr_reader :store
|
@@ -12,105 +12,105 @@ class TestMemoryStoreAdapter < Minitest::Test
|
|
12
12
|
|
13
13
|
def test_error_on_unknown_option
|
14
14
|
assert_raises ArgumentError do
|
15
|
-
JWTSessions::StoreAdapters::MemoryStoreAdapter.new(something:
|
15
|
+
JWTSessions::StoreAdapters::MemoryStoreAdapter.new(something: "something")
|
16
16
|
end
|
17
17
|
end
|
18
18
|
|
19
19
|
def test_persist_and_fetch_access
|
20
|
-
store.persist_access(
|
21
|
-
assert_equal({ csrf:
|
20
|
+
store.persist_access("uid", "csrf", Time.now.to_i + 3600)
|
21
|
+
assert_equal({ csrf: "csrf" }, store.fetch_access("uid"))
|
22
22
|
|
23
|
-
store.persist_access(
|
24
|
-
assert_equal({}, store.fetch_access(
|
23
|
+
store.persist_access("uid", "csrf", Time.now.to_i - 3600)
|
24
|
+
assert_equal({}, store.fetch_access("uid"))
|
25
25
|
end
|
26
26
|
|
27
27
|
def test_persist_and_fetch_refresh
|
28
28
|
expiration = Time.now.to_i + 3600
|
29
29
|
store.persist_refresh(
|
30
|
-
uid:
|
30
|
+
uid: "uid",
|
31
31
|
access_expiration: expiration,
|
32
|
-
access_uid:
|
33
|
-
csrf:
|
32
|
+
access_uid: "access_uid",
|
33
|
+
csrf: "csrf",
|
34
34
|
expiration: expiration,
|
35
|
-
namespace:
|
35
|
+
namespace: ""
|
36
36
|
)
|
37
|
-
refresh = store.fetch_refresh(
|
38
|
-
assert_equal
|
37
|
+
refresh = store.fetch_refresh("uid", "")
|
38
|
+
assert_equal "csrf", refresh[:csrf]
|
39
39
|
|
40
40
|
expiration = Time.now.to_i - 3600
|
41
41
|
store.persist_refresh(
|
42
|
-
uid:
|
42
|
+
uid: "uid",
|
43
43
|
access_expiration: expiration,
|
44
|
-
access_uid:
|
45
|
-
csrf:
|
44
|
+
access_uid: "access_uid",
|
45
|
+
csrf: "csrf",
|
46
46
|
expiration: expiration,
|
47
|
-
namespace:
|
47
|
+
namespace: ""
|
48
48
|
)
|
49
|
-
refresh = store.fetch_refresh(
|
49
|
+
refresh = store.fetch_refresh("uid", "")
|
50
50
|
assert_nil refresh[:csrf]
|
51
51
|
end
|
52
52
|
|
53
53
|
def test_update_refresh
|
54
54
|
expiration = Time.now.to_i + 3600
|
55
55
|
store.persist_refresh(
|
56
|
-
uid:
|
56
|
+
uid: "uid",
|
57
57
|
access_expiration: expiration,
|
58
|
-
access_uid:
|
59
|
-
csrf:
|
58
|
+
access_uid: "access_uid",
|
59
|
+
csrf: "csrf",
|
60
60
|
expiration: expiration,
|
61
|
-
namespace:
|
61
|
+
namespace: ""
|
62
62
|
)
|
63
63
|
store.update_refresh(
|
64
|
-
uid:
|
64
|
+
uid: "uid",
|
65
65
|
access_expiration: expiration,
|
66
|
-
access_uid:
|
67
|
-
csrf:
|
68
|
-
namespace:
|
66
|
+
access_uid: "access_uid",
|
67
|
+
csrf: "csrf2",
|
68
|
+
namespace: ""
|
69
69
|
)
|
70
|
-
refresh = store.fetch_refresh(
|
71
|
-
assert_equal
|
70
|
+
refresh = store.fetch_refresh("uid", "")
|
71
|
+
assert_equal "csrf2", refresh[:csrf]
|
72
72
|
end
|
73
73
|
|
74
74
|
def test_all_refresh_tokens
|
75
75
|
expiration = Time.now.to_i + 3600
|
76
76
|
store.persist_refresh(
|
77
|
-
uid:
|
77
|
+
uid: "uid",
|
78
78
|
access_expiration: expiration,
|
79
|
-
access_uid:
|
80
|
-
csrf:
|
79
|
+
access_uid: "access_uid",
|
80
|
+
csrf: "csrf",
|
81
81
|
expiration: expiration,
|
82
|
-
namespace:
|
82
|
+
namespace: "ns"
|
83
83
|
)
|
84
84
|
store.persist_refresh(
|
85
|
-
uid:
|
85
|
+
uid: "uid",
|
86
86
|
access_expiration: expiration,
|
87
|
-
access_uid:
|
88
|
-
csrf:
|
87
|
+
access_uid: "access_uid",
|
88
|
+
csrf: "csrf",
|
89
89
|
expiration: expiration,
|
90
|
-
namespace:
|
90
|
+
namespace: "ns2"
|
91
91
|
)
|
92
|
-
refresh_tokens = store.all_refresh_tokens(
|
92
|
+
refresh_tokens = store.all_refresh_tokens("ns")
|
93
93
|
assert_equal 1, refresh_tokens.count
|
94
94
|
end
|
95
95
|
|
96
96
|
def test_destroy_refresh
|
97
97
|
expiration = Time.now.to_i + 3600
|
98
98
|
store.persist_refresh(
|
99
|
-
uid:
|
99
|
+
uid: "uid",
|
100
100
|
access_expiration: expiration,
|
101
|
-
access_uid:
|
102
|
-
csrf:
|
101
|
+
access_uid: "access_uid",
|
102
|
+
csrf: "csrf",
|
103
103
|
expiration: expiration,
|
104
|
-
namespace:
|
104
|
+
namespace: ""
|
105
105
|
)
|
106
|
-
store.destroy_refresh(
|
107
|
-
refresh = store.fetch_refresh(
|
106
|
+
store.destroy_refresh("uid", "")
|
107
|
+
refresh = store.fetch_refresh("uid", "")
|
108
108
|
assert_equal({}, refresh)
|
109
109
|
end
|
110
110
|
|
111
111
|
def test_destroy_access
|
112
|
-
store.persist_access(
|
113
|
-
store.destroy_access(
|
114
|
-
assert_equal({}, store.fetch_access(
|
112
|
+
store.persist_access("uid", "csrf", Time.now.to_i + 3600)
|
113
|
+
store.destroy_access("uid")
|
114
|
+
assert_equal({}, store.fetch_access("uid"))
|
115
115
|
end
|
116
116
|
end
|
@@ -1,7 +1,7 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require
|
4
|
-
require
|
3
|
+
require "minitest/autorun"
|
4
|
+
require "jwt_sessions"
|
5
5
|
|
6
6
|
class TestRedisStoreAdapter < Minitest::Test
|
7
7
|
def teardown
|
@@ -14,8 +14,8 @@ class TestRedisStoreAdapter < Minitest::Test
|
|
14
14
|
def test_error_on_mixed_redis_options
|
15
15
|
assert_raises ArgumentError do
|
16
16
|
JWTSessions::StoreAdapters::RedisStoreAdapter.new(
|
17
|
-
redis_url:
|
18
|
-
redis_port:
|
17
|
+
redis_url: "redis://127.0.0.1:6379/0",
|
18
|
+
redis_port: "8082"
|
19
19
|
)
|
20
20
|
end
|
21
21
|
end
|
@@ -23,53 +23,53 @@ class TestRedisStoreAdapter < Minitest::Test
|
|
23
23
|
def test_error_on_unknown_option
|
24
24
|
assert_raises ArgumentError do
|
25
25
|
JWTSessions::StoreAdapters::RedisStoreAdapter.new(
|
26
|
-
redis_url:
|
27
|
-
something:
|
26
|
+
redis_url: "redis://127.0.0.1:6379/0",
|
27
|
+
something: "something"
|
28
28
|
)
|
29
29
|
end
|
30
30
|
end
|
31
31
|
|
32
32
|
def test_default_url
|
33
33
|
adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new
|
34
|
-
assert_equal
|
34
|
+
assert_equal "redis://127.0.0.1:6379/0", adapter.storage.connection[:id]
|
35
35
|
end
|
36
36
|
|
37
37
|
def test_url_with_env_var
|
38
|
-
ENV[
|
38
|
+
ENV["REDIS_URL"] = "redis://locallol:2018/"
|
39
39
|
adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new
|
40
|
-
assert_equal
|
40
|
+
assert_equal "redis://locallol:2018/0", adapter.storage.connection[:id]
|
41
41
|
|
42
|
-
ENV.delete(
|
42
|
+
ENV.delete("REDIS_URL")
|
43
43
|
adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new
|
44
|
-
assert_equal
|
44
|
+
assert_equal "redis://127.0.0.1:6379/0", adapter.storage.connection[:id]
|
45
45
|
end
|
46
46
|
|
47
47
|
def test_configuration_via_host_port_and_db
|
48
48
|
adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new(
|
49
|
-
redis_host:
|
50
|
-
redis_port:
|
51
|
-
redis_db_name:
|
49
|
+
redis_host: "127.0.0.2",
|
50
|
+
redis_port: "6372",
|
51
|
+
redis_db_name: "2"
|
52
52
|
)
|
53
|
-
assert_equal
|
53
|
+
assert_equal "redis://127.0.0.2:6372/2", adapter.storage.connection[:id]
|
54
54
|
end
|
55
55
|
|
56
56
|
def test_configuration_via_host_port_and_db_in_module
|
57
|
-
JWTSessions.redis_host =
|
58
|
-
JWTSessions.redis_port =
|
59
|
-
JWTSessions.redis_db_name =
|
57
|
+
JWTSessions.redis_host = "127.0.0.2"
|
58
|
+
JWTSessions.redis_port = "6372"
|
59
|
+
JWTSessions.redis_db_name = "2"
|
60
60
|
|
61
61
|
adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new
|
62
|
-
assert_equal
|
62
|
+
assert_equal "redis://127.0.0.2:6372/2", adapter.storage.connection[:id]
|
63
63
|
end
|
64
64
|
|
65
65
|
def test_configuration_via_redis_url
|
66
|
-
adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new(redis_url:
|
67
|
-
assert_equal
|
66
|
+
adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new(redis_url: "redis://127.0.0.2:6322")
|
67
|
+
assert_equal "redis://127.0.0.2:6322/0", adapter.storage.connection[:id]
|
68
68
|
end
|
69
69
|
|
70
70
|
def test_configuration_via_redis_url_in_module
|
71
|
-
JWTSessions.redis_url =
|
71
|
+
JWTSessions.redis_url = "redis://127.0.0.2:6322"
|
72
72
|
adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new
|
73
|
-
assert_equal
|
73
|
+
assert_equal "redis://127.0.0.2:6322/0", adapter.storage.connection[:id]
|
74
74
|
end
|
75
75
|
end
|
@@ -1,13 +1,13 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require
|
4
|
-
require
|
3
|
+
require "minitest/autorun"
|
4
|
+
require "jwt_sessions"
|
5
5
|
|
6
6
|
class TestAccessToken < Minitest::Test
|
7
7
|
attr_reader :access_token, :uid
|
8
8
|
|
9
9
|
def setup
|
10
|
-
JWTSessions.encryption_key =
|
10
|
+
JWTSessions.encryption_key = "secret key"
|
11
11
|
@payload = { user_id: 1 }
|
12
12
|
@csrf = JWTSessions::CSRFToken.new
|
13
13
|
@uid = SecureRandom.uuid
|
@@ -1,13 +1,13 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require
|
4
|
-
require
|
3
|
+
require "minitest/autorun"
|
4
|
+
require "jwt_sessions"
|
5
5
|
|
6
6
|
class TestCSRFToken < Minitest::Test
|
7
7
|
attr_reader :csrf_token
|
8
8
|
|
9
9
|
def setup
|
10
|
-
JWTSessions.encryption_key =
|
10
|
+
JWTSessions.encryption_key = "65994c7b523a3232e7aba54d8cbf"
|
11
11
|
@csrf_token = JWTSessions::CSRFToken.new
|
12
12
|
end
|
13
13
|
|
@@ -15,6 +15,6 @@ class TestCSRFToken < Minitest::Test
|
|
15
15
|
assert_equal true, @csrf_token.valid_authenticity_token?(@csrf_token.encoded)
|
16
16
|
assert_equal false, @csrf_token.valid_authenticity_token?(nil)
|
17
17
|
assert_equal false, @csrf_token.valid_authenticity_token?(123)
|
18
|
-
assert_equal false, @csrf_token.valid_authenticity_token?(
|
18
|
+
assert_equal false, @csrf_token.valid_authenticity_token?("123abc")
|
19
19
|
end
|
20
20
|
end
|
@@ -1,13 +1,13 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require
|
4
|
-
require
|
3
|
+
require "minitest/autorun"
|
4
|
+
require "jwt_sessions"
|
5
5
|
|
6
6
|
class TestRefreshToken < Minitest::Test
|
7
7
|
attr_reader :csrf, :token, :access_uid
|
8
8
|
|
9
9
|
def setup
|
10
|
-
JWTSessions.encryption_key =
|
10
|
+
JWTSessions.encryption_key = "secure encryption"
|
11
11
|
@access_uid = SecureRandom.uuid
|
12
12
|
@csrf = JWTSessions::CSRFToken.new
|
13
13
|
@token = JWTSessions::RefreshToken.create(@csrf.encoded,
|
@@ -1,7 +1,7 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require
|
4
|
-
require
|
3
|
+
require "minitest/autorun"
|
4
|
+
require "jwt_sessions"
|
5
5
|
|
6
6
|
class TestSession < Minitest::Test
|
7
7
|
attr_reader :session, :payload, :tokens
|
@@ -9,42 +9,53 @@ class TestSession < Minitest::Test
|
|
9
9
|
REFRESH_KEYS = %i[access access_expires_at csrf].freeze
|
10
10
|
|
11
11
|
def setup
|
12
|
-
JWTSessions.encryption_key =
|
13
|
-
@payload = { test:
|
12
|
+
JWTSessions.encryption_key = "encrypted"
|
13
|
+
@payload = { test: "secret" }
|
14
14
|
@session = JWTSessions::Session.new(payload: payload)
|
15
15
|
@tokens = session.login
|
16
16
|
end
|
17
17
|
|
18
18
|
def teardown
|
19
19
|
redis = Redis.new
|
20
|
-
keys = redis.keys(
|
20
|
+
keys = redis.keys("jwt_*")
|
21
21
|
keys.each { |k| redis.del(k) }
|
22
22
|
end
|
23
23
|
|
24
24
|
def test_login
|
25
25
|
decoded_access = JWTSessions::Token.decode(tokens[:access]).first
|
26
26
|
assert_equal LOGIN_KEYS, tokens.keys.sort
|
27
|
-
assert_equal payload[:test], decoded_access[
|
27
|
+
assert_equal payload[:test], decoded_access["test"]
|
28
28
|
end
|
29
29
|
|
30
30
|
def test_refresh
|
31
31
|
refreshed_tokens = session.refresh(tokens[:refresh])
|
32
32
|
decoded_access = JWTSessions::Token.decode(refreshed_tokens[:access]).first
|
33
33
|
assert_equal REFRESH_KEYS, refreshed_tokens.keys.sort
|
34
|
-
assert_equal payload[:test], decoded_access[
|
34
|
+
assert_equal payload[:test], decoded_access["test"]
|
35
|
+
end
|
36
|
+
|
37
|
+
def test_refresh_expired
|
38
|
+
JWTSessions.refresh_exp_time = 0
|
39
|
+
session = JWTSessions::Session.new(payload: payload)
|
40
|
+
tokens = session.login
|
41
|
+
JWTSessions.refresh_exp_time = 604800
|
42
|
+
|
43
|
+
assert_raises JWTSessions::Errors::ClaimsVerification do
|
44
|
+
session.refresh(tokens[:refresh])
|
45
|
+
end
|
35
46
|
end
|
36
47
|
|
37
48
|
def test_refresh_by_access_payload
|
38
49
|
session = JWTSessions::Session.new(payload: payload, refresh_by_access_allowed: true)
|
39
50
|
session.login
|
40
|
-
access1 = session.instance_variable_get(
|
51
|
+
access1 = session.instance_variable_get("@_access")
|
41
52
|
sleep(1)
|
42
53
|
refreshed_tokens = session.refresh_by_access_payload
|
43
|
-
access2 = session.instance_variable_get(
|
54
|
+
access2 = session.instance_variable_get("@_access")
|
44
55
|
decoded_access = JWTSessions::Token.decode(refreshed_tokens[:access]).first
|
45
56
|
assert_equal REFRESH_KEYS, refreshed_tokens.keys.sort
|
46
|
-
assert_equal payload[:test], decoded_access[
|
47
|
-
assert_equal session.instance_variable_get(
|
57
|
+
assert_equal payload[:test], decoded_access["test"]
|
58
|
+
assert_equal session.instance_variable_get("@_refresh").uid, decoded_access["ruid"]
|
48
59
|
assert_equal access2.expiration > access1.expiration, true
|
49
60
|
end
|
50
61
|
|
@@ -56,8 +67,8 @@ class TestSession < Minitest::Test
|
|
56
67
|
decoded_access = JWTSessions::Token.decode!(refreshed_tokens[:access]).first
|
57
68
|
JWTSessions.access_exp_time = 3600
|
58
69
|
assert_equal REFRESH_KEYS, refreshed_tokens.keys.sort
|
59
|
-
assert_equal payload[:test], decoded_access[
|
60
|
-
assert_equal session.instance_variable_get(
|
70
|
+
assert_equal payload[:test], decoded_access["test"]
|
71
|
+
assert_equal session.instance_variable_get("@_refresh").uid, decoded_access["ruid"]
|
61
72
|
end
|
62
73
|
|
63
74
|
def test_refresh_by_access_payload_with_block_expired
|
@@ -70,8 +81,8 @@ class TestSession < Minitest::Test
|
|
70
81
|
decoded_access = JWTSessions::Token.decode!(refreshed_tokens[:access]).first
|
71
82
|
JWTSessions.access_exp_time = 3600
|
72
83
|
assert_equal REFRESH_KEYS, refreshed_tokens.keys.sort
|
73
|
-
assert_equal payload[:test], decoded_access[
|
74
|
-
assert_equal session.instance_variable_get(
|
84
|
+
assert_equal payload[:test], decoded_access["test"]
|
85
|
+
assert_equal session.instance_variable_get("@_refresh").uid, decoded_access["ruid"]
|
75
86
|
end
|
76
87
|
|
77
88
|
def test_refresh_by_access_payload_with_block_not_expired
|
@@ -87,7 +98,7 @@ class TestSession < Minitest::Test
|
|
87
98
|
def test_refresh_by_access_payload_invalid_uid
|
88
99
|
session = JWTSessions::Session.new(payload: payload, refresh_by_access_allowed: true)
|
89
100
|
session.login
|
90
|
-
access1 = session.instance_variable_get(
|
101
|
+
access1 = session.instance_variable_get("@_access")
|
91
102
|
# should execute the code block for the cases when access UID within the refresh token
|
92
103
|
# does not match access UID from the session payload
|
93
104
|
session2 = JWTSessions::Session.new(payload: access1.payload, refresh_by_access_allowed: true)
|
@@ -148,8 +159,8 @@ class TestSession < Minitest::Test
|
|
148
159
|
end
|
149
160
|
|
150
161
|
assert_equal REFRESH_KEYS, refreshed_tokens.keys.sort
|
151
|
-
assert_equal payload[:test], decoded_access[
|
152
|
-
assert_equal session.instance_variable_get(
|
162
|
+
assert_equal payload[:test], decoded_access["test"]
|
163
|
+
assert_equal session.instance_variable_get("@_refresh").uid, decoded_access["ruid"]
|
153
164
|
end
|
154
165
|
|
155
166
|
def test_refresh_with_block_not_expired
|
@@ -170,7 +181,7 @@ class TestSession < Minitest::Test
|
|
170
181
|
end
|
171
182
|
decoded_access = JWTSessions::Token.decode(refreshed_tokens[:access]).first
|
172
183
|
assert_equal REFRESH_KEYS, refreshed_tokens.keys.sort
|
173
|
-
assert_equal payload[:test], decoded_access[
|
184
|
+
assert_equal payload[:test], decoded_access["test"]
|
174
185
|
end
|
175
186
|
|
176
187
|
def test_flush_by_token
|
@@ -210,7 +221,7 @@ class TestSession < Minitest::Test
|
|
210
221
|
end
|
211
222
|
|
212
223
|
def test_flush_namespaced
|
213
|
-
namespace =
|
224
|
+
namespace = "test_namespace"
|
214
225
|
@session1 = JWTSessions::Session.new(payload: payload, namespace: namespace)
|
215
226
|
@session2 = JWTSessions::Session.new(payload: payload, namespace: namespace)
|
216
227
|
@session1.login
|
@@ -236,7 +247,7 @@ class TestSession < Minitest::Test
|
|
236
247
|
end
|
237
248
|
|
238
249
|
def test_flush_namespaced_access_tokens
|
239
|
-
namespace =
|
250
|
+
namespace = "test_namespace"
|
240
251
|
@session1 = JWTSessions::Session.new(payload: payload, namespace: namespace)
|
241
252
|
@session1.login
|
242
253
|
refresh_token = @session1.instance_variable_get(:"@_refresh")
|
@@ -255,15 +266,15 @@ class TestSession < Minitest::Test
|
|
255
266
|
end
|
256
267
|
|
257
268
|
def test_refresh_after_flush_namespaced_access_tokens
|
258
|
-
namespace =
|
269
|
+
namespace = "test_namespace"
|
259
270
|
session = JWTSessions::Session.new(payload: payload, namespace: namespace, refresh_by_access_allowed: true)
|
260
271
|
session.login
|
261
272
|
|
262
273
|
session.flush_namespaced_access_tokens
|
263
274
|
ruid = session.instance_variable_get(:"@_refresh").uid
|
264
275
|
refresh_token = JWTSessions::RefreshToken.find(ruid, JWTSessions.token_store, nil)
|
265
|
-
assert_equal
|
266
|
-
assert_equal
|
276
|
+
assert_equal "", refresh_token.access_uid
|
277
|
+
assert_equal "", refresh_token.access_expiration
|
267
278
|
|
268
279
|
# allows to refresh with un-expired but flushed access token payload
|
269
280
|
session.refresh_by_access_payload do
|