Dears,
I'm using OpenId Connect module to perform authentication on 3rd party identity server.
The authentication flow goes well as expected.
My only concern is on how to reuse the auth & refresh tokens. I need them to request additional info to other services to retrieve info about the logged in user.
In all 3 browsers I'm using, no trace about session variables or cookie.
I applied the patch suggested in https://www.drupal.org/files/issues/php_session_lost_on_redirect-2907959... but nothing changes, tokens info missing.

Do you have any other suggestions about the topic and how to user OpenId connect features in a custom module?
This last is another way I would follow to catch tokens.

Many thanks,
Luca

Comments

lmilani created an issue. See original summary.

guedressel’s picture

guedressel commented

@lmilani is this issue really about Version 7.x-1.0?
We have the same requirement in a project but it's for the current version 8.x-1.x

sanduhrs’s picture

sanduhrs
he/him
Primary language German
Location 🇪🇺 Heidelberg, Germany, Europe
commented
Category: Support request » Feature request

There is currently no api intended to reuse the tokens.

j-lee’s picture

j-lee
he/him
Primary language German
Location 🇩🇪🇪🇺
commented

v7 is no longer supported. Is this still relevant for v3?

j-lee’s picture

j-lee
he/him
Primary language German
Location 🇩🇪🇪🇺
commented

You can access the token via the Drupal\openid_connect\OpenIDConnectSession object. ('openid_connect.session' Service)

private OpenIDConnectSessionInterface $oidcSession;

$token = $this->oidcSession->retrieveAccessToken();