Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I've tried to improve a bit and also simplify the two
CodeFlowTest
tests which are randomly failing :testTokenAutoRefresh
: updated its configuration not to do a 2nd redirect dropping the code flow query parameters as it causes an immediate auto-refresh and updated the test code to check that no auto-refresh has happened during the 1st request, then auto-refresh has happened during the 2nd request (ID token is still valid but the configured refresh skew requires auto-refresh) - and I removed the code from this test checking the token refresh when ID token expires because it is also tested in another testtestRPInitiatedLogout
- this test is too complex, I've split in 2 tests,testRPInitiatedLogout
where only the RP logout is tested, andtestRefreshToken
where it is tested that the token has been refreshed after the ID token has expiredProtectedResource
CodeAuthenticationMechanism
- currently, onmain
if the token auto-refresh is requested but it is not allowed via the configuration then 401 will be reported - which is wrong - the user should be reauthenticated instead, so changed the type of the exception thrown in this caseCC @pedroigor