-
Notifications
You must be signed in to change notification settings - Fork 368
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Introduce authenticated user validation in the refresh grant flow #2581
base: master
Are you sure you want to change the base?
Introduce authenticated user validation in the refresh grant flow #2581
Conversation
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #2581 +/- ##
============================================
- Coverage 56.12% 55.64% -0.49%
+ Complexity 8092 8047 -45
============================================
Files 632 632
Lines 46016 46252 +236
Branches 7520 7570 +50
============================================
- Hits 25827 25736 -91
- Misses 16472 16774 +302
- Partials 3717 3742 +25
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
f9c4716
to
cf9c075
Compare
PR builder started |
PR builder completed |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approving the pull request based on the successful pr build https://github.com/wso2/product-is/actions/runs/11324075240
...tity.oauth/src/main/java/org/wso2/carbon/identity/oauth/config/OAuthServerConfiguration.java
Show resolved
Hide resolved
...st/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandlerTestOld.java
Outdated
Show resolved
Hide resolved
.../test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandlerTest.java
Show resolved
Hide resolved
...ity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java
Outdated
Show resolved
Hide resolved
...ity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java
Outdated
Show resolved
Hide resolved
.../src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandler.java
Show resolved
Hide resolved
.../src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandler.java
Show resolved
Hide resolved
PR builder started |
PR builder completed |
Description
Introduce validation logic to check if the user account is locked from the userstore. If locked, an error with an account lock message will be thrown. A configuration option has been added to enable this validation, which is disabled by default.
[oauth.token_renewal] validate_authenticated_user_for_refresh_grant = true
Related Issue
Related PRs