I can’t understand the mechanism of generating a new token after logging. What is specified as “Handling refresh token rotation” . In particular, known that, once you have obtained the token through the generate-oidc-token tool, this “expires” immediately after its (first and only) use . I believed that “Expiration Date” refer to the general duration of the token, and not at the expiry of the same.
Where am I wrong to reason?
In any case, the explanation of the mechanism cites:
"…each time the client application uses a Refresh Token to get a new Access Token, a new Refresh Token is also returned. The previous Refresh Token is invalidated, and can no longer be used to get Access Tokens.
@inrupt/solid-client-authn-node
has an internal mechanism to manage refresh tokens in the Session’s storage. For the Session’s storage, you can pass in a storage as an option to the Session constructor or use the default storage, which is an in-memory storage. If you pass in a persistent storage, the refresh token management is transparent. However, for NodeJS scripts that use the Session’s default in-memory storage, the storage (and hence the refresh token) is lost when the program stops.As an alternative to providing a persistent storage to the Session constructor, you can pass in the onNewRefreshToken callback to the constructor instead . Then, each time a new refresh token is issued, the onNewRefreshToken callback is invoked with the new refresh token as a parameter. The onNewRefreshToken option allows you to run custom code to handle the refresh token as appropriate.
I tried the use of onNewRefreshToken, but I couldn’t get anything and I’m still forced to use the tool for every time I have to test my code to log in.
Do you have usage suggestions ??