Userinfo does not show updated attributs when using Offline sessions
Concerned version
Version: 2.0.14
Summary
- Configure an OIDC RP with offline sessions
- Get a refresh token with scope=offline_access
- Use this refresh token to get an access token, and get /oauth2/userinfo
- you see current attributes
- update attributes in LDAP/Demo/DBI/etc
- Use this refresh token to get an access token, and get /oauth2/userinfo
- attributes are not updated
This only affects attributes returned by userinfo, and not attributes returned in JWTs (ID Token/Access Token)
Logs
sub updateRefreshToken {
my $self = shift;
return $self->updateToken($@);
}
Possible fixes
Be more careful with perl special vars, or
use English;