HomePhabricator
Diffusion Phabricator 8ce25838f541

Provide "bin/auth revoke" with a revoker for Conduit tokens
8ce25838f541
Actions

Description

Provide "bin/auth revoke" with a revoker for Conduit tokens

Summary:
Ref T12313. This puts a UI on revoking credentials after a widespread compromise like Cloudbleed or a local one like copy/pasting a token into public chat.

For now, I'm only providing a revoker for conduit tokens since that's the immediate use case.

Test Plan:

  • Revoked in user + type, everything + user, everywhere + type, and everything + everywhere modes.
  • Verified that conduit tokens were destroyed in all cases.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12313

Differential Revision: https://secure.phabricator.com/D17458

Details

Provenance
epriestleyAuthored on Mar 3 2017, 10:10 PM
epriestleyPushed on Mar 3 2017, 10:38 PM
Reviewer
chad
Differential Revision
D17458: Provide "bin/auth revoke" with a revoker for Conduit tokens
Parents
rP1460f2b85ca8: Add more icon choices to Badges
Branches
Unknown
Tags
Unknown
Tasks
T12313: Cloudflare leaked all HTTPS traffic on the internet into public caches ("Cloudbleed")
Build Status
Buildable 15888
Build 21032: Run Core Tests

Changes (5)

PathSize
src/
applications/
auth/
management/

rP8ce25838f541

View Options

src/__phutil_library_map__.php

Loading...
View Options

src/applications/auth/management/PhabricatorAuthManagementRevokeWorkflow.php

Loading...
View Options

src/applications/auth/revoker/PhabricatorAuthConduitTokenRevoker.php

Loading...
View Options

src/applications/auth/revoker/PhabricatorAuthRevoker.php

Loading...
Phabricator ยท Built by Phacility