Details
-
Bug
-
Resolution: Fixed
-
Medium
Description
If a user revokes a OAuth token. When the OAuth consumer uses this token after revocation, it'll receive a 400 'Request Line is too large (4221 > 4094)' after half a minute. (used endpoint /user/repositories)
I would expect the consumer to get a 401 or 403, in a few seconds.
Reproduce:
- OAuth consumer: Request a OAuth token.
- OAuth consumer: Test /user/repositories (it should work)
- Bitbucket user: Revoke the previous OAuth token
- OAuth consumer: Test /user/repositories (it should result in a 401 or 403)