Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make auth/token/revoke-accessor idempotent #13661

Merged
merged 3 commits into from Jan 18, 2022
Merged

Make auth/token/revoke-accessor idempotent #13661

merged 3 commits into from Jan 18, 2022

Conversation

remilapeyre
Copy link
Contributor

@remilapeyre remilapeyre commented Jan 13, 2022
edited

The auth/token/revoke will not error out if the token does not exists, it
always tries to revoke the token and return success to the client whether
or not the token exists. This makes the behavior of
auth/token/revoke-accessor coherent with this and remove the need to
check whether the token still exists.

The error had been added by #2391
which added a lot of error reporting across the code so this might just
have been overlooked.

Closes #9636

@remilapeyre
Make auth/token/revoke-accessor idempotent
fa8261a 
The auth/token/revoke will not error out if the token does not exists, it
always tries to revoke the token and return success to the client whether
or not the token exists. This makes the behavior of
auth/token/revoke-accessor coherent with this and remove the need to
check whether the token still exists.
@vercel vercel bot temporarily deployed to Preview – vault-storybook January 13, 2022 21:45 Inactive
@hsimon-hashicorp
Copy link
Contributor

Hi @remilapeyre! Thanks a lot for this contribution - please don't forget to include a changelog entry. :)

@vercel vercel bot temporarily deployed to Preview – vault-storybook January 13, 2022 21:58 Inactive
ncabatoff
ncabatoff reviewed Jan 17, 2022
View reviewed changes
vault/token_store.go Show resolved Hide resolved
vault/token_store.go Outdated Show resolved Hide resolved
@remilapeyre
Add warning when no token exists with this accessor
b2d9342 
Also removes the dubious warning when listing the tokens.
@vercel vercel bot temporarily deployed to Preview – vault-storybook January 17, 2022 21:32 Inactive
@remilapeyre
Copy link
Contributor Author

Hi @ncabatoff, thanks for the review! Everything should be fine now.

@ncabatoff ncabatoff merged commit b45b9d8 into hashicorp:main Jan 18, 2022
@ncabatoff
Copy link
Collaborator

Thanks @remilapeyre !

joatmon08 pushed a commit that referenced this pull request Jan 25, 2022
@remilapeyre @joatmon08
Make auth/token/revoke-accessor idempotent (#13661)
28f0ab0 
The auth/token/revoke will not error out if the token does not exists, it
always tries to revoke the token and return success to the client whether
or not the token exists. This makes the behavior of
auth/token/revoke-accessor coherent with this and remove the need to
check whether the token still exists.
qk4l pushed a commit to qk4l/vault that referenced this pull request Feb 4, 2022
@remilapeyre
Make auth/token/revoke-accessor idempotent (hashicorp#13661)
0e723e7 
The auth/token/revoke will not error out if the token does not exists, it
always tries to revoke the token and return success to the client whether
or not the token exists. This makes the behavior of
auth/token/revoke-accessor coherent with this and remove the need to
check whether the token still exists.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ncabatoff ncabatoff ncabatoff approved these changes

Assignees
No one assigned
Labels
core/token
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Token revocation via accessor is not idempotent operation
3 participants
@remilapeyre @hsimon-hashicorp @ncabatoff