Page MenuHomePhabricator
Differential D17458

Provide "bin/auth revoke" with a revoker for Conduit tokens
ClosedPublic
Actions

Authored by epriestley on Mar 3 2017, 10:22 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Nov 23, 1:46 PM
Unknown Object (File)
Tue, Nov 19, 3:38 AM
Unknown Object (File)
Thu, Nov 14, 1:31 PM
Unknown Object (File)
Thu, Nov 14, 6:06 AM
Unknown Object (File)
Thu, Nov 14, 4:20 AM
Unknown Object (File)
Wed, Nov 13, 11:07 PM
Unknown Object (File)
Wed, Nov 13, 10:46 PM
Unknown Object (File)
Sun, Nov 10, 5:02 AM
View All Files
Subscribers
None

Details

Reviewers
chad
Maniphest Tasks
T12313: Cloudflare leaked all HTTPS traffic on the internet into public caches ("Cloudbleed")
Commits
rP8ce25838f541: Provide "bin/auth revoke" with a revoker for Conduit tokens
Summary

Ref T12313. This puts a UI on revoking credentials after a widespread compromise like Cloudbleed or a local one like copy/pasting a token into public chat.

For now, I'm only providing a revoker for conduit tokens since that's the immediate use case.

Test Plan
  • Revoked in user + type, everything + user, everywhere + type, and everything + everywhere modes.
  • Verified that conduit tokens were destroyed in all cases.

Diff Detail

Repository
rP Phabricator
Branch
revoke1
Lint
Lint Passed
Unit
Tests Passed
Build Status
Buildable 15887
Build 21031: Run Core Tests
Build 21030: arc lint + arc unit

Revision Contents
Changeset List

Diff 41983

View Options

src/__phutil_library_map__.php

Loading...
View Options

src/applications/auth/management/PhabricatorAuthManagementRevokeWorkflow.php

Loading...
View Options

src/applications/auth/revoker/PhabricatorAuthConduitTokenRevoker.php

Loading...
View Options

src/applications/auth/revoker/PhabricatorAuthRevoker.php

Loading...
Phabricator · Built by Phacility