Page MenuHomePhabricator

Make temporary token storage/schema more flexible
ClosedPublic

Authored by epriestley on Mar 16 2016, 1:14 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Jun 27, 11:22 AM
Unknown Object (File)
Sat, Jun 25, 11:25 AM
Unknown Object (File)
Fri, Jun 17, 3:03 AM
Unknown Object (File)
Wed, Jun 8, 6:02 AM
Unknown Object (File)
May 25 2022, 9:11 AM
Unknown Object (File)
Apr 15 2017, 3:13 PM
Unknown Object (File)
Apr 13 2017, 6:12 AM
Unknown Object (File)
Mar 12 2017, 11:22 AM
Subscribers
None

Details

Summary

Ref T10603. This makes minor updates to temporary tokens:

  • Rename objectPHID (which is sometimes used to store some other kind of identifier instead of a PHID) to tokenResource (i.e., which resource does this token permit access to?).
  • Add a userPHID column. For LFS tokens and some other types of tokens, I want to bind the token to both a resource (like a repository) and a user.
  • Add a properties column. This makes tokens more flexible and supports custom behavior (like scoping LFS tokens even more tightly).
Test Plan
  • Ran bin/storage upgrade -f, got a clean upgrade.
  • Viewed one-time tokens.
  • Revoked one token.
  • Revoked all tokens.
  • Performed a one-time login.
  • Performed a password reset.
  • Added an MFA token.
  • Removed an MFA token.
  • Used a file token to view a file.
  • Verified file token was removed after viewing file.
  • Linked my account to an OAuth1 account (Twitter).

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

epriestley retitled this revision from to Make temporary token storage/schema more flexible.
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: chad.
chad edited edge metadata.
This revision is now accepted and ready to land.Mar 16 2016, 3:17 PM
This revision was automatically updated to reflect the committed changes.