1518
71%

Ran 09 May 2020 11:14AM UTC

Jobs 1

Files 97

Run time 6s

Badge

Embed ▾

Committed 09 May 2020 11:12AM UTC coverage: 71.447% (+0.05%) from 71.399%

Build # 1518

Build Type

push

travis-ci

Committed by

web-flow

Commit Message

fix: do not issue refresh tokens to clients who cannot use it (#430)

No prior discussion, but this is somewhat related to #370, which makes it possible for clients to be issued a refresh token without requesting a scope.

There may be clients which may not be allowed to use the refresh_token grant type, but which will currently be issued a refresh token during the authorization code flow. Disallowing the refresh_token grant type might be particularly common when there are public clients (using this flow with PKCE).

It is impossible to use the issued refresh token when the client does not have the grant type, and no other client can use it either. It would be neater to avoid issuing refresh tokens that cannot be used.

Run Details

10 of 10 new or added lines in 1 file covered. (100.0%)

3841 of 5376 relevant lines covered (71.45%)

71.41 hits per line

Jobs

ID	Job ID	Ran	Files	Coverage
1	1518.1	09 May 2020 11:14AM UTC	97	71.45	Travis Job 1518.1

ory / fosite / 1518
71%

README BADGES
x

Markdown

Textile

RDoc

HTML

Rst

Jobs

Source Files on build 1518

ory / fosite / 1518 71%

README BADGES x

Markdown

Textile

RDoc

HTML

Rst

Jobs

Source Files on build 1518

ory / fosite / 1518
71%

README BADGES
x