Fixes [Issue #367](#367) where expired refresh tokens were not cleared, preventing re-authorization.

josephquigley · josephquigley · commit 97f014c3ee97 · 2023-10-04T13:43:37.000-04:00
diff --git a/Sources/Flows/OAuth2.swift b/Sources/Flows/OAuth2.swift
@@ -391,6 +391,9 @@ open class OAuth2: OAuth2Base {
 					callback(json, nil)
 				}
 				catch let error {
+					// Fixes [Issue #367](https://github.com/p2/OAuth2/issues/367)
+					// Refresh token needs to be cleared out upon error, otherwise re-authorizing will not ocurr because the library thinks it has a valid refresh token and tries to fetch a new access token with an expired refresh token.
+					self.clientConfig.refreshToken = nil
 					self.logger?.debug("OAuth2", msg: "Error refreshing access token: \(error)")
 					callback(nil, error.asOAuth2Error)
 				}
diff --git a/Sources/Flows/OAuth2PasswordGrant.swift b/Sources/Flows/OAuth2PasswordGrant.swift
@@ -68,6 +68,7 @@ open class OAuth2PasswordGrant: OAuth2 {
 	
 	/// Properties used to handle the native controller.
 	open lazy var customAuthorizer: OAuth2CustomAuthorizerUI = OAuth2CustomAuthorizer()
+	
 	/**
 	If credentials are unknown when trying to authorize, the delegate will be asked a login controller to present.
 	

Original file line number	Diff line number	Diff line change
`@@ -391,6 +391,9 @@ open class OAuth2: OAuth2Base {`
`391`	`391`	`callback(json, nil)`
`392`	`392`	`}`
`393`	`393`	`catch let error {`
	`394`	`+ // Fixes [Issue #367](https://github.com/p2/OAuth2/issues/367)`
	`395`	`+ // Refresh token needs to be cleared out upon error, otherwise re-authorizing will not ocurr because the library thinks it has a valid refresh token and tries to fetch a new access token with an expired refresh token.`
	`396`	`+ self.clientConfig.refreshToken = nil`
`394`	`397`	`self.logger?.debug("OAuth2", msg: "Error refreshing access token: \(error)")`
`395`	`398`	`callback(nil, error.asOAuth2Error)`
`396`	`399`	`}`