Skip to content

#26 - Expose Refresh Token in Authenticated REST API requests #27

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Feb 19, 2019
Merged

#26 - Expose Refresh Token in Authenticated REST API requests #27

merged 4 commits into from
Feb 19, 2019

Conversation

jasonbahl
Copy link
Collaborator

This exposes X-JWT-Refresh in the repsonse headers of REST API requests that were authenticated with a WPGraphQL issued JWT Auth Token.

You can see this in action in the below GIF where I:

  • Login via GraphQL to get an authToken
  • Use the authToken as my Authorizaton token in a WP REST API request
  • See a X-JWT-Refresh token in the REST API response headers

x-jwt-auth-rest-response

@jasonbahl jasonbahl self-assigned this Feb 19, 2019
@jasonbahl
CI-6000: Expose Refresh Token in Authenticated REST API requests
59a1469 
---

This exposes `X-JWT-Refresh` in the repsonse headers of REST API requests that were authenticated with a WPGraphQL issued JWT Auth Token.

You can see this in action in the below GIF where I:

- Login via GraphQL to get an authToken
- Use the authToken as my Authorizaton token in a WP REST API request
- See a `X-JWT-Refresh` token in the REST API response headers

![x-jwt-auth-rest-response](https://user-images.githubusercontent.com/1260765/53048992-4bca7480-3453-11e9-8e51-3b6fe59d2b34.gif)
@jasonbahl
CI-6000: Expose Refresh Token in Authenticated REST API requests
fc107b8 
---

Code review update. . .only expose for SSL requests _or_ for GRAPHQL_DEBUG requests
CodeProKid
CodeProKid requested changes Feb 19, 2019
View reviewed changes
src/ManageTokens.php Outdated
* If the request _is_ SSL, or GRAPHQL_DEBUG is defined, return the tokens
* otherwise do not return them.
*/
if ( is_ssl() || defined( 'GRAPHQL_DEBUG' ) && true !== GRAPHQL_DEBUG ) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
if ( is_ssl() || defined( 'GRAPHQL_DEBUG' ) && true !== GRAPHQL_DEBUG ) {
if ( ( ! defined( 'GRAPHQL_DEBUG' ) || true !== GRAPHQL_DEBUG ) && ! is_ssl() ) {

@CodeProKid CodeProKid merged commit ce2341c into master Feb 19, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@CodeProKid CodeProKid CodeProKid approved these changes

@hughdevore hughdevore Awaiting requested review from hughdevore

Assignees

@jasonbahl jasonbahl

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jasonbahl @CodeProKid