ENXF NET
Administrator
Staff member
Administrator
Moderator
+Lifetime VIP+
S.V.I.P.S Member
S.V.I.P Member
V.I.P Member
Collaborate
Registered
- Joined
- Nov 13, 2018
- Messages
- 30,666
- Points
- 823
Repro:
1) Create OAuth2 Application; Public flow
2) Request an access token
3) Revoke the application via Admin CP or User Settings -> Applications.
4) Use of the access token will result in 401 forbidden when making an API call (as expected)
5) Use the existing refresh token to request a new access token. An access and refresh token is issued, application conscent is granted, and access to the API is resumed <- Not expected
Expected behavior: access and refresh token would both be revoked...
Read more
Continue reading...
1) Create OAuth2 Application; Public flow
2) Request an access token
3) Revoke the application via Admin CP or User Settings -> Applications.
4) Use of the access token will result in 401 forbidden when making an API call (as expected)
5) Use the existing refresh token to request a new access token. An access and refresh token is issued, application conscent is granted, and access to the API is resumed <- Not expected
Expected behavior: access and refresh token would both be revoked...
Read more
Continue reading...