7580718699
65%

Ran 19 Jan 2024 07:27AM UTC

Jobs 1

Files 113

Run time 8s

Badge

Embed ▾

Committed 19 Jan 2024 07:22AM UTC coverage: 65.296% (+0.03%) from 65.27%

Build # 7580718699

Build Type

push

github

Committed by

web-flow

Commit Message

feat: update oauth1.a flow (#1382)

## What kind of change does this PR introduce?
* Previously, we needed to check if the request token generated matches
the oauth token returned in the callback to prevent replay attacks.
* However, this is mitigated by verifying the `state` jwt query param on
the callback.
* The [oauth1.a spec](https://oauth.net/core/1.0a/#auth_step1) also
doesn't mention that the consumer needs to verify that the request token
matches the oauth token returned in the callback
* This also fixes issues where the `_gotrue_session` cookie is not being
sent on the callback, which results in "session could not be found for
this request" error.

Run Details

7923 of 12134 relevant lines covered (65.3%)

55.5 hits per line

Jobs

ID	Job ID	Ran	Files	Coverage
1	7580718699.1	19 Jan 2024 07:27AM UTC	0	65.3	GitHub Action Run

Source Files on build 7580718699

Detailed source file information is not available for this build.

supabase / gotrue / 7580718699
65%

README BADGES
x

Markdown

Textile

RDoc

HTML

Rst

Jobs

Source Files on build 7580718699

supabase / gotrue / 7580718699 65%

README BADGES x

Markdown

Textile

RDoc

HTML

Rst

Jobs

Source Files on build 7580718699

supabase / gotrue / 7580718699
65%

README BADGES
x