Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add tests focused on authorization denial #111

Open
spkane opened this issue Jan 28, 2022 · 0 comments
Open

Add tests focused on authorization denial #111

spkane opened this issue Jan 28, 2022 · 0 comments
Labels
next Higher priority issues security security related issue tests Testing related

Comments

@spkane
Copy link
Contributor

spkane commented Jan 28, 2022

We need to be extra careful that authorization requests are always denied when we expect them to be.

We should have tests that verify all these possibilities/code paths.

In general, it would be better to deny a valid request due to a mistake in the code, than to let an invalid authorization request through because some function returned nil when it shouldn't have.
@spkane spkane added tests Testing related security security related issue next Higher priority issues labels Feb 9, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
next Higher priority issues security security related issue tests Testing related
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@spkane