From 6a55286e3b343f4c27d10274ae4fd01c314e181b Mon Sep 17 00:00:00 2001
From: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
Date: Fri, 19 Jan 2024 21:11:25 +1300
Subject: [PATCH] chore: Additional context on access token

---
 test/config/oauth2/Caddyfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/test/config/oauth2/Caddyfile b/test/config/oauth2/Caddyfile
index b0e17587..e116aa55 100644
--- a/test/config/oauth2/Caddyfile
+++ b/test/config/oauth2/Caddyfile
@@ -6,6 +6,7 @@
 # `DMS_YWNjZXNzX3Rva2Vu` is the access token our OAuth2 tests expect for an authorization request to be successful.
 # - The token was created by base64 encoding the string `access_token`, followed by adding `DMS_` as a prefix.
 # - Normally an access token is a short-lived value associated to a login session. The value does not encode any real data.
+# It is an opaque token: https://oauth.net/2/bearer-tokens/
 
 # NOTE: The main server config is at the end within the `:80 { ... }` block.
 # This is because the endpoints are extracted out into Caddy snippets, which must be defined before they're referenced.