fix: Change overwriting of refresh_token to not overwrite them with n…

…il (#483)
team-alembic · Oct 25, 2023 · 5f5e8a6 · 5f5e8a6
1 parent 625e0e6
commit 5f5e8a6
Showing 1 changed file with 14 additions and 4 deletions.
diff --git a/lib/ash_authentication/user_identity/upsert_identity_change.ex b/lib/ash_authentication/user_identity/upsert_identity_change.ex
@@ -50,10 +50,20 @@ defmodule AshAuthentication.UserIdentity.UpsertIdentityChange do
       cfg.access_token_expires_at_attribute_name,
       expires_at(oauth_tokens, "expires_in")
     )
-    |> Changeset.change_attribute(
-      cfg.refresh_token_attribute_name,
-      Map.get(oauth_tokens, "refresh_token")
-    )
+    |> then(fn changeset ->
+      if Map.get(oauth_tokens, "refresh_token") do
+        # A new non-nil refresh_token is always nice
+        Changeset.change_attribute(
+          changeset,
+          cfg.refresh_token_attribute_name,
+          oauth_tokens["refresh_token"] ||
+            Map.get(oauth_tokens, "refresh_token")
+        )
+      else
+        # Do not overwrite refresh_tokens with a new nil
+        changeset
+      end
+    end)
   end
 
   defp expires_at(oauth_tokens, field) do