[openstreetmap/openstreetmap-website] OAuth 1.0a issue (#3241)
Tom Hughes
notifications at github.com
Thu Jul 1 14:49:37 UTC 2021
I don't think it's a new issue. The granted token does have the permission which is what worried me because that code was touched on as part of the OAuth 2 work.
My guess is that it's a bug when authorising an OAuth 1 application - mostly likely if you uncheck every permission so that it gets an empty permission list then it copies all the permissions from the application definition.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/3241#issuecomment-872311025
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20210701/e5f0222e/attachment.htm>
More information about the rails-dev
mailing list