Graphorin API reference v0.4.0
Graphorin API reference / @graphorin/security / / RefreshAccessTokenArgs
Interface: RefreshAccessTokenArgs
Defined in: packages/security/src/oauth/refresh.ts:20
Internal arguments for the refresh helper.
Properties
| Property | Modifier | Type | Description | Defined in |
|---|---|---|---|---|
metadata | readonly | DiscoveredMetadata | - | packages/security/src/oauth/refresh.ts:22 |
refreshToken | readonly | SecretValue | - | packages/security/src/oauth/refresh.ts:24 |
registration | readonly | OAuthRegistration | - | packages/security/src/oauth/refresh.ts:23 |
revokePreviousOnRotation? | readonly | boolean | When true and the authorization server rotates the refresh token (RFC 6749 §10.4 / OAuth 2.1 — the token response carries a different refresh_token), best-effort revoke the previous refresh token via revokeOAuthToken. Defaults to false so existing callers are unaffected; servers that already invalidate the old token on rotation make this a defense-in-depth no-op. Revocation failures never fail the refresh. | packages/security/src/oauth/refresh.ts:36 |
scope? | readonly | string | - | packages/security/src/oauth/refresh.ts:25 |
serverId | readonly | string | - | packages/security/src/oauth/refresh.ts:21 |
signal? | readonly | AbortSignal | - | packages/security/src/oauth/refresh.ts:26 |