Kyle Isom
eef7d1bc1a
- Add 50% lifetime elapsed check to REST handleRenew and gRPC RenewToken - Reject renewal attempts before 50% of token lifetime has elapsed - Update existing renewal tests to use short-lived tokens with sleep - Add TestRenewTokenTooEarly tests for both REST and gRPC Security: Tokens can only be renewed after 50% of their lifetime has elapsed, preventing indefinite renewal of stolen tokens. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
19 KiB
19 KiB