-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OAuth Token Exchange Expiration Period Is Not Calculated Correctly #3449
Comments
Thanks for reporting this issue. Internal issue MAGETWO-51292 |
This problem breaks the Reauthorize. i.e. If you have an existing integration that's been authorized and click the Reauthorize now your integration is broken because it says the consumer key is expired. The only way to fix it is to delete the integration and create a new one from scratch. |
This fix is in review and will be merged to mainline soon; it's slated to be patched back into 2.0.x in an upcoming patch release. |
… Calculated Correctly #3449 - change consumer expiration to be based on time token exchange starts instead of when consumer is created
… Calculated Correctly #3449 - fix static test failures - update unit tests
… Calculated Correctly #3449 - fix unit test
… Calculated Correctly #3449 - fixed api-functional test
… Calculated Correctly #3449 - changed SQL to use UTC_TIMESTAMP to correctly calculate datetime diffs without adjusting for time zone
… Calculated Correctly #3449 - improved how updated date is compared against expiration limit
… Calculated Correctly #3449 - fix test
… Calculated Correctly #3449 - change consumer expiration to be based on time token exchange starts instead of when consumer is created
… Calculated Correctly #3449 - fix static test failures - update unit tests
… Calculated Correctly #3449 - fix unit test
… Calculated Correctly #3449 - fixed api-functional test
… Calculated Correctly #3449 - changed SQL to use UTC_TIMESTAMP to correctly calculate datetime diffs without adjusting for time zone
… Calculated Correctly #3449 - improved how updated date is compared against expiration limit
… Calculated Correctly #3449 - fix test
The issue was fixed as a part of 2.0.6 |
[trigger] MAGETWO-95892: Selecting Gift Wrapping for items redirects on 404 Page
The expiration period setting has a note below it that says "Consumer key/secret will expire if not used within X seconds after Oauth token exchange starts." It would be great if it worked that way but it does not. The consumer key/secret expires X seconds after the consumer is created. This is true regardless of whether you click activate or reauthorize on an integration. It is always based on the creation date of the consumer which does not change. Either the consumer creation date needs to be reset whenever a new token exchange starts or preferably the expiration date would be based on the creation date of the verifier token.
The text was updated successfully, but these errors were encountered: