TokenEndpoint.MultipleCodeExchanges

Can codes be exchanged multiple times

This test checks if the token server allows authorization codes to be used multiple times.

View source code on GitHub

Documents

This test is part of the following document(s):

• The OAuth 2.0 Authorization Framework (RFC6749), section 4.1.2 (must)
• OAuth 2.0 Threat Model and Security Considerations (RFC6819), section 5.2.1.1 (must)
• OAuth 2.0 Security Best Current Practice (SecBCP), section 4.2.4 (must)

Back to the test case overview or the threat overview