problem description
InOauth2.0, when the access_token expires, you can use the previously obtained refresh_token to reapply for tokens. The problem now is that you don"t know how the authentication server reissues tokens to the client according to refresh_token.
the environmental background of the problems and what methods you have tried
after consulting some materials, I feel that the implementation is diversified. The refresh interface of the authentication server mainly returns the following kinds of data:
1, returns brand-new access_token and refresh_token.
2. Return the new access_token, but the refresh_token is old. (it is possible that the expiration time of the old refresh_token will be updated)
3, return the old access_token and the old refresh_token. (I feel that the previous access_token can still be used because the expiration time has been updated.)
what result do you expect? What is the error message actually seen?
I personally feel that the first two are similar in nature, and the third is the old one, but the update time is not very good.
which of the above ways is better to ask the god to advise me? Or is there a better way to achieve it?