Offer to reuse previous OAuth tokens when creating a new token
Bug #317900 reported by
Francis J. Lacoste
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Launchpad itself |
Won't Fix
|
Low
|
Unassigned | ||
Bug Description
This is a spin off from bug #316733.
When the user gets sent to the webpage for creating a new token, we say:
It looks like you already have some authentication tokens for application "Foo". Choose one of these tokens to give the application you're running now:
* Token 1 (read all data)
* Token 2 (write public data)
* Token 3 (write all data)
Or create a new token:
* Read public data
* Read all data
* Write public data
* Write all data
Like all other information we don't trust the client to handle, we present this information in the web browser.
| Changed in launchpad-foundations: | |
| importance: | Undecided → Low |
| status: | New → Triaged |
Revision history for this message
| Robert Collins (lifeless) wrote | #1 |
| Changed in launchpad: | |
| status: | Triaged → Won't Fix |
To post a comment you must log in.
Generally speaking we don't want to reuse tokens because we don't know if the token is still secure, and you cannot [easily] tell different instances apart.
Whats the use case here?