Uploaded image for project: 'UY'
  1. UY
  2. UY-553

Invalid handling of automatic token validity extension

    Details

    • Type: Bug
    • Status: Done
    • Priority: Medium
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: Milestone 1.9.4
    • Labels:
    • Story Points:
      1

      Description

      Assembla ticket #560 | Author Krzysztof Benedyczak | Created on 27 Jul 2016 11:11

      Currently the OAuth access token validity can be configured to be extended to some upper limit, whenever the token is used.

      The current implementation is invalid as the tokeninfo query should not extend the validity (it is impossible to discover the actual token expiry time, without extending it)

      Note: original request also included support for extending token validity when using it to access other APIs. However this additional feature was rejected; querying user-info should be enough.

        Attachments

          Activity

            People

            • Assignee:
              golbi Krzysztof Benedyczak
              Reporter:
              golbi Krzysztof Benedyczak
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: