gin-jwt: Cannot refresh expired token, even if within MaxRefresh time
Hi,
I think that commit 59e38b5726b67025f50358879913a3a4b1a27901 (from PR #165) has introduced a change in behaviour.
Previously, the RefreshHandler would refresh an expired token, as long as it was within the MaxRefresh time.
Now, trying to refresh an expired token will always fail. This is because CheckIfTokenExpire() calls mw.ParseToken(), which calls jwt.Parse(). That library function will return an error if the token has expired (regardless of the MaxRefresh time).
Before the commit, the code ignored all errors from mw.ParseToken(): token, _ := mw.ParseToken(c)
. Now, it returns the error no matter what it was. I think that CheckIfTokenExpire() needs to explicitly check if the error returned by mw.ParseToken() if that the token has expired, so we can then go on to check the MaxRefresh time too.
Thanks
About this issue
- Original URL
- State: closed
- Created 6 years ago
- Comments: 19 (17 by maintainers)
Commits related to this issue
- Refresh Token Bug fix for that issue : https://github.com/appleboy/gin-jwt/issues/176 — committed to fatihkahveci/gin-jwt by fatihkahveci 6 years ago
- fix: Cannot refresh expired token, even if within MaxRefresh time see https://github.com/appleboy/gin-jwt/issues/176 — committed to appleboy/gin-jwt by appleboy 6 years ago
- fix: Cannot refresh expired token, even if within MaxRefresh time (#184) see https://github.com/appleboy/gin-jwt/issues/176 — committed to appleboy/gin-jwt by appleboy 6 years ago
- Oadk/maxrefresh (#185) Rework of fix for "Cannot refresh expired token, even if within MaxRefresh time". See https://github.com/appleboy/gin-jwt/issues/176 — committed to appleboy/gin-jwt by oadk 6 years ago
- fix: Cannot refresh expired token, even if within MaxRefresh time (#184) see https://github.com/appleboy/gin-jwt/issues/176 — committed to smartech7/jwt-gin-example by appleboy 6 years ago
- Oadk/maxrefresh (#185) Rework of fix for "Cannot refresh expired token, even if within MaxRefresh time". See https://github.com/appleboy/gin-jwt/issues/176 — committed to smartech7/jwt-gin-example by oadk 6 years ago
Hi @appleboy , please can you validate @fatihkahveci’s PR?
Thanks