Skip to content

Commit

Permalink
fix(bug): Skip session assurance check in /oauth/token route
Browse files Browse the repository at this point in the history
  • Loading branch information
@vbudhram @vpomerleau
vbudhram authored and vpomerleau committed Oct 31, 2024
1 parent 88c2401 commit f9f8e66
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion packages/fxa-auth-server/lib/routes/oauth/token.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -446,7 +446,7 @@ module.exports = ({ log, oauthDB, db, mailer, devices, statsd, glean }) => {
// XXX TODO: To be able to fully replace the /token route from oauth-server,
// this route must also be able to accept 'client_secret' as Basic Auth in header.
mode: 'optional',
strategy: 'sessionToken',
strategy: 'sessionTokenNoAssurance',
},
validate: {
// Note: the use of 'alternatives' here means that `grant_type` will default to
Expand Down

0 comments on commit f9f8e66

Please sign in to comment.