Page MenuHomePhabricator

Provide "bin/auth revoke" with a revoker for Conduit tokens
ClosedPublic

Authored by epriestley on Mar 3 2017, 10:22 PM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Mar 19, 2:06 PM
Unknown Object (File)
Feb 8 2024, 3:08 AM
Unknown Object (File)
Feb 7 2024, 5:06 PM
Unknown Object (File)
Jan 23 2024, 4:08 PM
Unknown Object (File)
Dec 27 2023, 10:07 AM
Unknown Object (File)
Dec 26 2023, 2:05 AM
Unknown Object (File)
Dec 25 2023, 11:38 PM
Unknown Object (File)
Dec 21 2023, 4:48 PM
Subscribers
None

Details

Summary

Ref T12313. This puts a UI on revoking credentials after a widespread compromise like Cloudbleed or a local one like copy/pasting a token into public chat.

For now, I'm only providing a revoker for conduit tokens since that's the immediate use case.

Test Plan
  • Revoked in user + type, everything + user, everywhere + type, and everything + everywhere modes.
  • Verified that conduit tokens were destroyed in all cases.

Diff Detail

Repository
rP Phabricator
Branch
revoke1
Lint
Lint Passed
Unit
Tests Passed
Build Status
Buildable 15887
Build 21031: Run Core Tests
Build 21030: arc lint + arc unit