CI-6000: Expose Refresh Token in Authenticated REST API requests

jasonbahl · jasonbahl · commit 59a1469a5d13 · 2019-02-19T14:41:35.000-07:00
--- This exposes `X-JWT-Refresh` in the repsonse headers of REST API requests that were authenticated with a WPGraphQL issued JWT Auth Token. You can see this in action in the below GIF where I: - Login via GraphQL to get an authToken - Use the authToken as my Authorizaton token in a WP REST API request - See a `X-JWT-Refresh` token in the REST API response headers ![x-jwt-auth-rest-response](https://user-images.githubusercontent.com/1260765/53048992-4bca7480-3453-11e9-8e51-3b6fe59d2b34.gif)
diff --git a/src/ManageTokens.php b/src/ManageTokens.php
@@ -364,10 +364,6 @@ public static function add_auth_headers_to_rest_response( \WP_HTTP_Response $res
 
 			$refresh_token = Auth::get_refresh_token( new \WP_User( $validate_auth_header->data->user->id ), false );
 
-			if ( ! empty( $refresh_token ) && ! is_wp_error( $refresh_token ) ) {
-				$headers['X-JWT-Refresh'] = $refresh_token;
-			}
-
 		}
 
 		if ( $refresh_token ) {

Original file line number	Diff line number	Diff line change
`@@ -364,10 +364,6 @@ public static function add_auth_headers_to_rest_response( \WP_HTTP_Response $res`
`364`	`364`
`365`	`365`	`$refresh_token = Auth::get_refresh_token( new \WP_User( $validate_auth_header->data->user->id ), false );`
`366`	`366`
`367`		`- if ( ! empty( $refresh_token ) && ! is_wp_error( $refresh_token ) ) {`
`368`		`- $headers['X-JWT-Refresh'] = $refresh_token;`
`369`		`- }`
`370`		`-`
`371`	`367`	`}`
`372`	`368`
`373`	`369`	`if ( $refresh_token ) {`