Expired request tokens don't tell you they're expired until you try to approve them.
Bug #667786 reported by
Leonard Richardson
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Launchpad itself |
Triaged
|
Low
|
Unassigned | ||
Bug Description
An OAuth request token will expire after two hours if not approved. But +authorize-token will still display the form for letting you decide how much access you want to grant the token. Only when you click one of the buttons will you get the "This token is expired" error. If you go to +authorize-token and the token is expired, you should find out right away.
This is very low priority because the normal usage is that 1) someone forgets about the token altogether, closes their browser, and never sees +authorize-token again, or 2) someone forgets about the token for a while, then remembers, goes back to their open browser, and clicks the button (whereupon they get an error).
| Changed in launchpad-foundations: | |
| status: | New → Triaged |
| importance: | Undecided → Low |
To post a comment you must log in.
