worried-dress-75686
10/21/2021, 7:08 PMrefresh_token
and after looking at various issues in GitHub it appears we are not alone.
I've started a fork of both fosite
and hydra
to introduce a configuration variable to disable one-time use refresh tokens and would like to get a first pass of my changes. Draft PR herelimited-tent-11422
10/24/2021, 6:53 PMoauth2.refresh_token_rotation.enabled
. This is also something I would consider making per-client.worried-dress-75686
10/26/2021, 6:59 PM