[wp-trac] [WordPress Trac] #54213: "Authorize Application" should reject handling an already existing app name
WordPress Trac
noreply at wordpress.org
Tue Sep 24 16:38:52 UTC 2024
#54213: "Authorize Application" should reject handling an already existing app name
-------------------------------------------------+-------------------------
Reporter: mark-k | Owner:
| TimothyBlynJacobs
Type: defect (bug) | Status: closed
Priority: normal | Milestone: 6.7
Component: Application Passwords | Version: 5.6
Severity: normal | Resolution: fixed
Keywords: needs-testing-info has-patch has- | Focuses:
unit-tests |
-------------------------------------------------+-------------------------
Changes (by TimothyBlynJacobs):
* status: accepted => closed
* resolution: => fixed
Comment:
In [changeset:"59084" 59084]:
{{{
#!CommitTicketReference repository="" revision="59084"
App Passwords: Don't prevent non-unique App Password names.
In [50030] we enforced that Application Passwords have unique names. This
was done with the assumption that applications would not connect to a user
multiple times. However, in practice we've seen applications run into
issues with the unique name constraint. Depending on the app, they may not
know if they've been authorized before, or they may intentionally allow
connecting multiple times. To prevent friction, App developers need to
make their App Name unique, and in doing so often include things like the
current date & time, which is already included in the App Passwords list
table.
This commit removes this requirement to simplify usage of the Authorize
Application flow.
Props mark-k, Boniu91, timothyblynjacobs, peterwilsoncc.
Fixes #54213.
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/54213#comment:10>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list