No refresh token coming back
Closed this issue · 2 comments
Hi,
Trying to integrate Okta with my application. I've used omniauth for other providers with no problems.
My client configuration is as follows:
config.omniauth :oktaoauth, OKTA_OAUTH2_CLIENT_ID, OKTA_OAUTH2_CLIENT_SECRET, {
scope: 'openid profile email offline_access',
fields: ['profile', 'email'],
client_options: {
site: OKTA_ISSUER,
authorize_url: OKTA_ISSUER + '/oauth2/v1/authorize',
token_url: OKTA_ISSUER + '/oauth2/v1/token',
response_type: 'code',
},
redirect_uri: <snip>,
issuer: OKTA_ISSUER,
strategy_class: OmniAuth::Strategies::Oktaoauth,
}
However, when I inspect the auth_hash
coming back, there's no refresh_token present. There is an id_token/token present.
The corresponding application on Okta's end has refresh tokens enabled. When I use curl
to perform the authorize
and corresponding token
flow, I get back a refresh_token.
What am I missing to enable this Ruby-side?
Thanks!
Looks like this was fixed here: a082056
I ran into the same deficiency locally. I just think you haven't re-released the gem in a few years so it's _very_stale.
I plan on fixing it by referencing the gem by git hash, but it'd be awesome if you re-released the gem, too. Thanks for making the repo!