Open anjuchamantha opened 1 month ago
Possible improvement :
Can delete the consentId+commonAuthId mapping from the DB after each authorize flow. However this fix won't guarantee this issue can be solved as the issue was not reproducible.
Currently in the authorize flow, before persisting the new consentId + commonAuthId mapping in OB_CONSENT_METADATA, it deletes any entry which has the same commonAuthId that we are going to persist . Then after deleting, it persists the new consentId + commonAuthId mapping. After that we read the consentId by providing the commonAuthId. We don't delete the consentId+commonAuthId mapping from the DB after each authorize flow.
Description: Two different active access tokens have the same OB_[consent_id] bound to the scope, which caused get accounts call to fail with 422.
Affected Product Version: OB-2.0.0
Steps to reproduce: Unknown
Related Issues: