refreshTokenRotation documentation block adjusted to include supporte…

…d values
panva · Mar 13, 2018 · 0fc2f75 · 0fc2f75
1 parent 6c932c2
commit 0fc2f75
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 10 deletions.
diff --git a/docs/configuration.md b/docs/configuration.md
@@ -1120,7 +1120,7 @@ default value:
 
 ### refreshTokenRotation
 
-Configures if and how the OP rotates refresh tokens after they are used  
+Configures if and how the OP rotates refresh tokens after they are used. Supported values are 1) `"none"` when refresh tokens are not rotated and their initial expiration date is final or 2) `"rotateAndConsume"` when refresh tokens are rotated when used, current token is marked as consumed and new one is issued with new TTL, when a consumed refresh token is encountered an error is returned instead and the whole token chain (grant) is revoked.  
 affects: refresh token rotation and adjacent revocation  
 
 default value:

diff --git a/lib/helpers/defaults.js b/lib/helpers/defaults.js
@@ -492,17 +492,13 @@ const DEFAULTS = {
   /*
    * refreshTokenRotation
    *
-   * description: Configures if and how the OP rotates refresh tokens after they are used
+   * description: Configures if and how the OP rotates refresh tokens after they are used. Supported
+   *   values are 1) `"none"` when refresh tokens are not rotated and their initial expiration date
+   *   is final or 2) `"rotateAndConsume"` when refresh tokens are rotated when used, current token
+   *   is marked as consumed and new one is issued with new TTL, when a consumed refresh token is
+   *   encountered an error is returned instead and the whole token chain (grant) is revoked.
    * affects: refresh token rotation and adjacent revocation
    */
-
-  // TODO:
-  // * supported values:
-  // *    'none' - refresh tokens are not rotated and their initial expiration date is final
-  // *    'rotateAndConsume' - refresh tokens are rotated when used, current token is marked as
-  // *                         consumed and new one is issued with new TTL, when a consumed refresh
-  // *                         token is encountered an error is returned instead and the whole token
-  // *                         chain (grant) is revoked.
   refreshTokenRotation: 'rotateAndConsume',
 };