Offer to reuse previous OAuth tokens when creating a new token
Bug #317900 reported by
Francis J. Lacoste
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Launchpad itself |
Won't Fix
|
Low
|
Unassigned |
Bug Description
This is a spin off from bug #316733.
When the user gets sent to the webpage for creating a new token, we say:
It looks like you already have some authentication tokens for application "Foo". Choose one of these tokens to give the application you're running now:
* Token 1 (read all data)
* Token 2 (write public data)
* Token 3 (write all data)
Or create a new token:
* Read public data
* Read all data
* Write public data
* Write all data
Like all other information we don't trust the client to handle, we present this information in the web browser.
Changed in launchpad-foundations: | |
importance: | Undecided → Low |
status: | New → Triaged |
Changed in launchpad: | |
status: | Triaged → Won't Fix |
To post a comment you must log in.
Generally speaking we don't want to reuse tokens because we don't know if the token is still secure, and you cannot [easily] tell different instances apart.
Whats the use case here?