lib/rodauth/features/oauth_base.rb in rodauth-oauth-0.10.3 vs lib/rodauth/features/oauth_base.rb in rodauth-oauth-0.10.4
- old
+ new
@@ -528,10 +528,10 @@
def oauth_token_by_token(token)
oauth_token_by_token_ds(token).first
end
def oauth_token_by_refresh_token(token, revoked: false)
- ds = db[oauth_tokens_table]
+ ds = db[oauth_tokens_table].where(oauth_grants_oauth_application_id_column => oauth_application[oauth_applications_id_column])
#
# filter expired refresh tokens out.
# an expired refresh token is a token whose access token expired for a period longer than the
# refresh token expiration period.
#