Page MenuHomePhabricator
Differential D17458

Provide "bin/auth revoke" with a revoker for Conduit tokens
ClosedPublic
Actions

Authored by epriestley on Mar 3 2017, 10:22 PM.
Tags
None
Referenced Files
F15544523: D17458.id41983.diff
Sat, Apr 26, 5:35 AM
F15544490: D17458.diff
Sat, Apr 26, 5:22 AM
F15531564: D17458.id41983.diff
Wed, Apr 23, 12:01 PM
F15529380: D17458.id.diff
Tue, Apr 22, 7:15 PM
F15524296: D17458.id41984.diff
Mon, Apr 21, 7:16 AM
F15517943: D17458.id41983.diff
Sat, Apr 19, 9:46 AM
F15515815: D17458.diff
Fri, Apr 18, 1:35 PM
F15513617: D17458.id41984.diff
Thu, Apr 17, 8:22 PM
View All Files
Subscribers
None

Details

Reviewers
chad
Maniphest Tasks
T12313: Cloudflare leaked all HTTPS traffic on the internet into public caches ("Cloudbleed")
Commits
rP8ce25838f541: Provide "bin/auth revoke" with a revoker for Conduit tokens
Summary

Ref T12313. This puts a UI on revoking credentials after a widespread compromise like Cloudbleed or a local one like copy/pasting a token into public chat.

For now, I'm only providing a revoker for conduit tokens since that's the immediate use case.

Test Plan
  • Revoked in user + type, everything + user, everywhere + type, and everything + everywhere modes.
  • Verified that conduit tokens were destroyed in all cases.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

Diff 41984

View Options

src/__phutil_library_map__.php

Loading...
View Options

src/applications/auth/management/PhabricatorAuthManagementRevokeWorkflow.php

Loading...
View Options

src/applications/auth/revoker/PhabricatorAuthConduitTokenRevoker.php

Loading...
View Options

src/applications/auth/revoker/PhabricatorAuthRevoker.php

Loading...
Phabricator · Built by Phacility