[PR #4364] [CLOSED] Roll the refresh_token #2835

New Issue

Closed

opened 2025-10-09 18:12:25 +03:00 by OVERLORD · 0 comments

OVERLORD commented 2025-10-09 18:12:25 +03:00

Owner

Copy Link

📋 Pull Request Information

Original PR: https://github.com/dani-garcia/vaultwarden/pull/4364
Author: @Timshel
Created: 2/18/2024
Status: ❌ Closed

Base: main ← Head: feature/rolling_refresh

---

📝 Commits (2)

• fa3da1b Roll the refresh_token
• d2e3bd8 Merge branch 'main' into feature/rolling_refresh

📊 Changes

1 file changed (+3 additions, -5 deletions)

View changed files

📝 src/db/models/device.rs (+3 -5)

📄 Description

Hey,

We recently discussed the refresh_token in the SSO PR and during this discussion it occurred to me that the long lived refresh_token could be rolled as is done by some SSO client.

This is handled / expected by the Bitwarden clients since the response _refresh_login contain the potentially updated refresh_token.

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/dani-garcia/vaultwarden/pull/4364 **Author:** [@Timshel](https://github.com/Timshel) **Created:** 2/18/2024 **Status:** ❌ Closed **Base:** `main` ← **Head:** `feature/rolling_refresh` --- ### 📝 Commits (2) - [`fa3da1b`](https://github.com/dani-garcia/vaultwarden/commit/fa3da1bddb0d50dff44b28bc115bf3dc51bb9bf4) Roll the refresh_token - [`d2e3bd8`](https://github.com/dani-garcia/vaultwarden/commit/d2e3bd805ec49c961a22fac14306a367c9259953) Merge branch 'main' into feature/rolling_refresh ### 📊 Changes **1 file changed** (+3 additions, -5 deletions) <details> <summary>View changed files</summary> 📝 `src/db/models/device.rs` (+3 -5) </details> ### 📄 Description Hey, We recently discussed the `refresh_token` in the SSO PR and during this discussion it occurred to me that the long lived `refresh_token` could be rolled as is done by some SSO client. This is handled / expected by the Bitwarden clients since the response `_refresh_login` contain the potentially updated [refresh_token](https://github.com/dani-garcia/vaultwarden/blob/bb2412d0339e1da5dee99fc566a2b2aab5d2808c/src/api/identity.rs#L122). --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

OVERLORD added the pull-request label 2025-10-09 18:12:25 +03:00

OVERLORD closed this issue 2025-10-09 18:12:25 +03:00

OVERLORD referenced this issue 2025-10-09 18:18:04 +03:00

[PR #2873] [MERGED] check if sqlite folder exists #3152

OVERLORD referenced this issue 2025-10-09 18:18:04 +03:00

[PR #2872] [CLOSED] error if DATABASE_URL can't be parsed: #3153

OVERLORD referenced this issue 2025-10-09 18:18:06 +03:00

[PR #2873] check if sqlite folder exists #3155

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

test_dylint

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels

better for forum

bug

bug

bug

documentation

duplicate

enhancement

future Vault

good first issue

help wanted

low priority

notes

pull-request

Mirrored from GitHub Pull Request

question

SSO

Third party

troubleshooting

troubleshooting

wontfix

No Label pull-request

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/vaultwarden#2835