Local state is no longer saved

[peterverraedt]

I'm trying to implement the oidc device code flow for authentication, together with support of storing a refresh_token to allow for renewal of the authentication using iinit without being promped again to follow an url; at least as long as the idp server accepts the refresh_token.

This behaviour was originally demonstrated in https://irods.org/uploads/2022/Wolfsheimer-Cacciari-SURF-Programmable_authentication_workflows_in_iRODS-paper.pdf.

However, it seems that #51 did remove the local state file completely. This means that the pam module still can send

{"prompt": "Storing refresh token", "default_path": "/refresh_token", "patch": [{"op": "add", "path": "/refresh_token", "value": "XXXX"}]}

but the result is not saved locally by the client, so a next invocation of iinit and

{"retrieve": "/refresh_token"}

will never return anything.

[trel]

pinging @ccacciari

[alanking]

I think that restoring the behavior may just be a matter of reverting this commit: 2bc99d6

Historically, the only way of testing this feature that was inherent to the plugin (that is, that did not require writing a PAM module) was the expiration feature. Since that has been removed, testing might be a little challenging. But adding back the feature should be easy enough if we determine that we should.