Skip to content

Address VwG non-interactive flow (token refresh). #439

Description

Completing the interactive flow for VwG, one of the next steps is to consider the non-interactive flow. This portion starts whenever the user has already been verified or in the case they need to refresh.

We want to provide requesting parties with the ability to refresh VwG tokens. There's two solutions where one is more suitable timing wise and the other is more complex but addresses two issues regarding the auth state that the first will not:

  1. (easy solution) We will provide the requesting party with an API that holds a method to manage the token refresh. This API will require developers to pass in their refresh token string, which we will use to create the refresh token request.
    • There are two limitations which are addressed by the more complex solution: 1) GSI attaches authorization state holding the tokens on GIDGoogleUser. 2) GSI saves tokens to the device chain.
  2. (complex solution) Adding token refresh to GIDGoogleUser.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

Labels

enhancementNew feature or request

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions