-
Notifications
You must be signed in to change notification settings - Fork 299
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Corellate user sessions with access tokens #2146
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please add some checks to pkg/identityserver/oauth_registry_test.go
to verify that the session ID is stored and retrieved correctly.
Please add some checks to pkg/oauth/server_test.go
to verify that the session ID is properly stored in the authorization code, and propagated on authorization code exchange and token refresh.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Code owned files LGTM
a21e477
to
7fbb41c
Compare
7fbb41c
to
361ce27
Compare
…correlation Corellate user sessions with access tokens
…ge/open-source-develop
Summary
References #1422 #1844
This PR will store the session ID together with the access token. This way, we can correlate the session ID being able to:
Changes
Notes for Reviewers
This PR is a follow up of #2122 and the first of a series of changes leading to a more robust auth flow as well as the introduction of the new account app (#1422).
DB migration is necessary after this change
ttn-lw-stack is-db migrate
Checklist
README.md
.CHANGELOG.md
.CONTRIBUTING.md
, there are no fixup commits left.