You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When a request to get a new access token with refresh token is sent to /oauth/access_token and underlying RefreshTokenPersistence can't find the refresh token because the token is invalid or expired, I return empty publisher from RefreshTokenPersistence.getUserDetails(). In such a scenario the response to the client is HTTP 500, while I believe it should be HTTP 401 with some additional info in body.
The text was updated successfully, but these errors were encountered:
OK, I see. I'd also add info in RefreshTokenPersistence.getUserDetails() comment that in case of
any problem you should publish OauthErrorResponseException.
In
2.0.0.M3
.When a request to get a new access token with refresh token is sent to
/oauth/access_token
and underlyingRefreshTokenPersistence
can't find the refresh token because the token is invalid or expired, I return empty publisher fromRefreshTokenPersistence.getUserDetails()
. In such a scenario the response to the client is HTTP 500, while I believe it should be HTTP 401 with some additional info in body.The text was updated successfully, but these errors were encountered: