lib/rack/oauth2/models/access_token.rb in rack-oauth2-server-1.4.3 vs lib/rack/oauth2/models/access_token.rb in rack-oauth2-server-1.4.4
- old
+ new
@@ -16,10 +16,10 @@
# Get an access token (create new one if necessary).
def get_token_for(identity, scope, client_id)
scope = scope.split.sort.join(" ") # Make sure always in same order.
client_id = BSON::ObjectId(client_id.to_s)
- unless token = collection.find_one({ :identity=>identity.to_s, :scope=>scope, :client_id=>client_id })
+ unless token = collection.find_one({ :identity=>identity.to_s, :scope=>scope, :client_id=>client_id, :revoked=>nil })
token = { :_id=>Server.secure_random, :identity=>identity.to_s, :scope=>scope,
:client_id=>client_id, :created_at=>Time.now.utc.to_i,
:expires_at=>nil, :revoked=>nil }
collection.insert token
end