Error when creating refresh token: value too long for type character varying(255)
Closed this issue · 2 comments
Describe the bug
When trying to create a new refresh token using OAuth2 in Django using custom token genretor , the application throws a django.db.utils.DataError: value too long for type character varying(255) error. This seems to be caused by attempting to insert a value that exceeds the column size in the database.
To Reproduce
- Call the endpoint to issue a new token with an authorization code.
- This should trigger the creation of a refresh token.
- The error
value too long for type character varying(255)is thrown.
Expected behavior
The refresh token should be created successfully without the database column size being a problem.
Version
- django-oauth-toolkit version: 3.0.1
- I have tested with the latest published release and it's still a problem.
- I have tested with the master branch and it's still a problem.
Additional context
- The error occurs specifically during the creation of a refresh token in the
oauth2_provider/oauth2_validators.pyfile. - It seems that the
RefreshTokenmodel might need its column size increased or additional validation added to ensure the token length fits the database constraints.
@hb-joel have you identified why your refresh tokens are exceeding 255 characters? Typically we see this limit hit when using JWTs. The best practice is for refresh tokens to be opaque. If using large refresh tokens is a requirement for you, can you provide more insight into your use case?
If you're overriding the token generation you may also need to override the token model to increase the db column size,