feat: Support OAuth2 single-use refresh tokens (#38364)

2026-04-23 18:14:56 +00:00 · 2026-03-03 16:07:15 -03:00
parent 2ab9d37a00
commit fa34609952
4 changed files with 157 additions and 0 deletions
--- a/superset/utils/oauth2.py
+++ b/superset/utils/oauth2.py
@@ -167,6 +167,10 @@ def refresh_oauth2_token(
        token.access_token_expiration = datetime.now() + timedelta(
            seconds=token_response["expires_in"]
        )
+        # Support single-use refresh tokens
+        if new_refresh_token := token_response.get("refresh_token"):
+            token.refresh_token = new_refresh_token
+
        db.session.add(token)

    return token.access_token