[openstreetmap/openstreetmap-website] OAuth 2: Granting partial not possible (Issue #4360)
Tom Hughes
notifications at github.com
Tue Nov 21 20:55:33 UTC 2023
Well the problem is that you can't (with our implementation at least) just request multiple tokens because the server aggregates all authorisations for a given client, so when you try and get a new token it will see the existing authorisation and return a token for it without asking the user to authorise again.
That wasn't true for OAuth 1 but that led to people having vast lists of authorisations for the same client if it was a client that didn't save tokens and got a new one every time.
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/4360#issuecomment-1821664642
You are receiving this because you are subscribed to this thread.
Message ID: <openstreetmap/openstreetmap-website/issues/4360/1821664642 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20231121/31f0a54e/attachment-0001.htm>
More information about the rails-dev
mailing list