From 7b7e2a040dc435031a9075530773524b98771aa5 Mon Sep 17 00:00:00 2001
From: Tadeusz Magura-Witkowski <tadeuszmw@gmail.com>
Date: Wed, 25 Mar 2020 13:43:53 +0100
Subject: [PATCH] Automatic consistency fixing in case of missing refresh token
 in db

---
 server/handlers.go | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/server/handlers.go b/server/handlers.go
index 2b033c87..5512d87f 100644
--- a/server/handlers.go
+++ b/server/handlers.go
@@ -1344,10 +1344,14 @@ func (s *Server) handlePasswordGrant(w http.ResponseWriter, r *http.Request, cli
 			if oldTokenRef, ok := session.Refresh[tokenRef.ClientID]; ok {
 				// Delete old refresh token from storage.
 				if err := s.storage.DeleteRefresh(oldTokenRef.ID); err != nil {
-					s.logger.Errorf("failed to delete refresh token: %v", err)
-					s.tokenErrHelper(w, errServerError, "", http.StatusInternalServerError)
-					deleteToken = true
-					return
+					if err == storage.ErrNotFound {
+						s.logger.Warnf("database inconsistent, refresh token missing: %v", oldTokenRef.ID)
+					} else {
+						s.logger.Errorf("failed to delete refresh token: %v", err)
+						s.tokenErrHelper(w, errServerError, "", http.StatusInternalServerError)
+						deleteToken = true
+						return
+					}
 				}
 			}
 
-- 
GitLab