Skip to content

fix: handle ID token expiry time and premature expiration MONGOSH-2145 MONGOSH-2147 #211

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

fix: handle ID token expiry time and premature expiration MONGOSH-2145 MONGOSH-2147 #211

wants to merge 3 commits into from

Conversation

addaleax
Copy link
Contributor

fix: use ID token expiry if passIdTokenAsAccessToken is set MONGOSH-2145
fix: do not return token to driver which is being rejected MONGOSH-2147

Ensure that we do not return tokens from a token set that the driver
is currently rejecting (in the sense of calling the OIDC callback
again and referring to it via the driver refreshToken property).

@github-actions github-actions bot added the fix label Apr 11, 2025
@addaleax
fix: do not return token to driver which is being rejected MONGOSH-2147
b4e59a2 
Ensure that we do not return tokens from a token set that the driver
is currently rejecting (in the sense of calling the OIDC callback
again and referring to it via the driver `refreshToken` property).
lerouxb
lerouxb reviewed Apr 14, 2025
View reviewed changes
src/plugin.ts
const tokenSetId = getStableTokenSetId(state.currentTokenSet.set);

// We would not want to return the access token or ID token of a token set whose
// accompanying refresh token was passed to us by
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

passed to us by what?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lerouxb lerouxb lerouxb approved these changes

Assignees
No one assigned
Labels
fix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@addaleax @lerouxb