Using a revoked OAuth token results in a 400 Request Line is too large (BB-6711)

Issue #5376 closed
Benno van den Berg
created an issue

If a user revokes a OAuth token. When the OAuth consumer uses this token after revocation, it'll receive a 400 'Request Line is too large (4221 > 4094)' after half a minute. (used endpoint /user/repositories)

I would expect the consumer to get a 401 or 403, in a few seconds.


  1. OAuth consumer: Request a OAuth token.
  2. OAuth consumer: Test /user/repositories (it should work)
  3. Bitbucket user: Revoke the previous OAuth token
  4. OAuth consumer: Test /user/repositories (it should result in a 401 or 403)

Comments (4)

  1. Log in to comment