Include auth_time in ID token. Switch from upsert -> find_and_create_by so we actually get sid values for consent on the creation of the record

2025-12-31 16:36:32 +11:00
parent 364e6e21dd
commit 4b4afe277e
8 changed files with 256 additions and 78 deletions
--- a/test/controllers/oidc_refresh_token_controller_test.rb
+++ b/test/controllers/oidc_refresh_token_controller_test.rb
@@ -15,7 +15,6 @@ class OidcRefreshTokenControllerTest < ActionDispatch::IntegrationTest
    auth_code = OidcAuthorizationCode.create!(
      application: @application,
      user: @user,
-      code: SecureRandom.urlsafe_base64(32),
      redirect_uri: @application.parsed_redirect_uris.first,
      scope: "openid profile email",
      expires_at: 10.minutes.from_now
@@ -24,7 +23,7 @@ class OidcRefreshTokenControllerTest < ActionDispatch::IntegrationTest
    # Exchange authorization code for tokens
    post "/oauth/token", params: {
      grant_type: "authorization_code",
-      code: auth_code.code,
+      code: auth_code.plaintext_code,
      redirect_uri: @application.parsed_redirect_uris.first,
      client_id: @application.client_id,
      client_secret: @client_secret