- تاریخ ثبتنام
- 2020-06-26
- نوشتهها
- 25,152
- راهحلها
- 27
- پسندها
- 3,278
- امتیازها
- 113
- سن
- 29
- محل سکونت
- England
- وب سایت
- xenforo.xyz
This is gray on a feature ask vs bug, but hoping I can sneak it into the bug fix bucket as a potential security improvement.
Ask: Support
TLDR: Apps that use XenForo as an OAuth2 provider currently have no way to force a fresh login. If a user "logs out" of the app and tries to sign back in, they get silently...
Ask: Support
prompt=login (and ideally max_age=0) at the OAuth2 authorization endpoint (e.g. /oauth2/authorize endpoint) so relying parties can force re-authenticationTLDR: Apps that use XenForo as an OAuth2 provider currently have no way to force a fresh login. If a user "logs out" of the app and tries to sign back in, they get silently...
نام موضوع : OAuth2 - No way to force re-authentication
