Are the access and refresh tokens that were acquired through a race condition correctly revoked after disabling the client id
View source code on GitHub
This test is part of the following document(s):
Back to the test case overview or the threat overview