def response
refresh_token = @p[1].value
access_tokens = @a[0]
refresh_tokens = @a[1]
client_id = @a[2]
client_secret = @a[3]
adur = @a[4]
rdur = @a[5]
token, _ = refresh_token.split '.'
token_data = JSON::parse(Base64::urlsafe_decode64 token)
if token_data['iss'] != client_id
@status = 401
return Riddl::Parameter::Complex.new('data', 'application/json', {
:error => 'Token must be refreshed by issuer.'
}.to_json)
elsif !refresh_tokens.key?(refresh_token) || token_data['exp'] <= Time.now.to_i
@status = 403
puts "i dont know #{refresh_token}", "#{refresh_tokens.get(refresh_token)}"
return Riddl::Parameter::Complex.new('data', 'application/json', {
:error => 'Invalid refresh token.'
}.to_json)
end
old_token = refresh_tokens.get(refresh_token)
user = access_tokens.delete old_token
token = Riddl::Utils::OAuth2::Helper::generate_access_token(client_id, client_id + ':' + client_secret, adur)
access_tokens.set(token,user,rdur)
refresh_tokens.set(refresh_token, token)
Riddl::Parameter::Complex.new('data', 'application/json', { :token => token }.to_json)
end