You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Also, I think 30 seconds for the default may be a bit short for some cases. Imagine the situation where an installer of a Slack app carefully reviews the permissions the app is going to acquire on the OAuth confirmation page. So, in Java SDK, I decided to go with 10 minutes. I think a bit shorter time should also work fine.
Description
Let's add a timeout check in
verifyStateParam
to not allow stale states to be verified. Probably a 30 second timeout.Question: Is this something that the developer should be able to override? Other than just providing their own
stateStore
implementation?What type of issue is this? (place an
x
in one of the[ ]
)Requirements (place an
x
in each of the[ ]
)Packages:
Select all that apply:
The text was updated successfully, but these errors were encountered: