Page MenuHomePhabricator

Provide "bin/auth revoke" with a revoker for Conduit tokens
ClosedPublic

Authored by epriestley on Mar 3 2017, 10:22 PM.
Tags
None
Referenced Files
F15544523: D17458.id41983.diff
Sat, Apr 26, 5:35 AM
F15544490: D17458.diff
Sat, Apr 26, 5:22 AM
F15531564: D17458.id41983.diff
Wed, Apr 23, 12:01 PM
F15529380: D17458.id.diff
Tue, Apr 22, 7:15 PM
F15524296: D17458.id41984.diff
Mon, Apr 21, 7:16 AM
F15517943: D17458.id41983.diff
Sat, Apr 19, 9:46 AM
F15515815: D17458.diff
Fri, Apr 18, 1:35 PM
F15513617: D17458.id41984.diff
Thu, Apr 17, 8:22 PM
Subscribers
None

Details

Summary

Ref T12313. This puts a UI on revoking credentials after a widespread compromise like Cloudbleed or a local one like copy/pasting a token into public chat.

For now, I'm only providing a revoker for conduit tokens since that's the immediate use case.

Test Plan
  • Revoked in user + type, everything + user, everywhere + type, and everything + everywhere modes.
  • Verified that conduit tokens were destroyed in all cases.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable