From 5ff808a89776abc0a30abacea8b5f18091d70e43 Mon Sep 17 00:00:00 2001
From: Sebastian Janzen <sebastian@janzen.it>
Date: Wed, 5 Oct 2022 20:32:06 +0200
Subject: [PATCH] fix: prevent accidentially returned token in tx error case

In case the transaction commit fails, the responder reference was already modified which could result in a token returned which was not persisted.
---
 handler/oauth2/flow_refresh.go | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/handler/oauth2/flow_refresh.go b/handler/oauth2/flow_refresh.go
index 78a63bdec..69ee5d325 100644
--- a/handler/oauth2/flow_refresh.go
+++ b/handler/oauth2/flow_refresh.go
@@ -173,15 +173,15 @@ func (c *RefreshTokenGrantHandler) PopulateTokenEndpointResponse(ctx context.Con
 		return err
 	}
 
-	responder.SetAccessToken(accessToken)
-	responder.SetTokenType("bearer")
-	atLifespan := fosite.GetEffectiveLifespan(requester.GetClient(), fosite.GrantTypeRefreshToken, fosite.AccessToken, c.Config.GetAccessTokenLifespan(ctx))
-	responder.SetExpiresIn(getExpiresIn(requester, fosite.AccessToken, atLifespan, time.Now().UTC()))
-	responder.SetScopes(requester.GetGrantedScopes())
-	responder.SetExtra("refresh_token", refreshToken)
-
 	if err = storage.MaybeCommitTx(ctx, c.TokenRevocationStorage); err != nil {
 		return err
+	} else {
+		responder.SetAccessToken(accessToken)
+		responder.SetTokenType("bearer")
+		atLifespan := fosite.GetEffectiveLifespan(requester.GetClient(), fosite.GrantTypeRefreshToken, fosite.AccessToken, c.Config.GetAccessTokenLifespan(ctx))
+		responder.SetExpiresIn(getExpiresIn(requester, fosite.AccessToken, atLifespan, time.Now().UTC()))
+		responder.SetScopes(requester.GetGrantedScopes())
+		responder.SetExtra("refresh_token", refreshToken)
 	}
 
 	return nil