1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-07-25 13:30:39 +00:00

Fix scope and refresh_token for API key logins

API key logins use a scope of `api`, not `api offline_access`. Since
`offline_access` is not requested, no `refresh_token` is returned either.
This commit is contained in:
Jeremy Lin 2022-01-20 21:50:58 -08:00
commit 8f7900759f
2 changed files with 22 additions and 14 deletions

View file

@ -60,7 +60,12 @@ impl Device {
self.twofactor_remember = None;
}
pub fn refresh_tokens(&mut self, user: &super::User, orgs: Vec<super::UserOrganization>) -> (String, i64) {
pub fn refresh_tokens(
&mut self,
user: &super::User,
orgs: Vec<super::UserOrganization>,
scope: Vec<String>,
) -> (String, i64) {
// If there is no refresh token, we create one
if self.refresh_token.is_empty() {
use crate::crypto;
@ -98,7 +103,7 @@ impl Device {
sstamp: user.security_stamp.to_string(),
device: self.uuid.to_string(),
scope: vec!["api".into(), "offline_access".into()],
scope,
amr: vec!["Application".into()],
};