Update oidc tokens during sessions refresh (#2713)

2022-02-27 12:10:16 +01:00 · 2022-02-27 12:10:16 +01:00 · 96ef83893d
parent f8d1d0fc5f
commit 96ef83893d
1 changed files with 24 additions and 2 deletions
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
@ -203,8 +203,30 @@ sub refresh {
    $req->user( $data{_user} || $data{ $self->conf->{whatToTrace} } );
    $req->id( $data{_session_id} );
    foreach ( keys %data ) {
-        delete $data{$_}
-          unless ( /^_/ or /^(?:startTime|authenticationLevel)$/ );
+
+        # Variables that start with _ are kept accross refresh
+        if (/^_/) {
+
+            # But not OIDC tokens, which can be refreshed
+            if (
+/^(_oidc_access_token|_oidc_refresh_token|_oidc_access_token_eol)$/
+              )
+            {
+                delete $data{$_};
+            }
+
+        }
+
+        # Other variables should be refreshed
+        else {
+            # But not these two
+            if (/^(?:startTime|authenticationLevel)$/) {
+                next;
+            }
+            else {
+                delete $data{$_};
+            }
+        }
    }
    $data{_updateTime} = strftime( "%Y%m%d%H%M%S", localtime() );
    $self->logger->debug(