[jira] [Work logged] (KNOX-2664) Users should revoke their own tokens

Wed, 15 Sep 2021 09:35:05 -0700 


     [ 
https://issues.apache.org/jira/browse/KNOX-2664?focusedWorklogId=651202&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-651202
 ]

ASF GitHub Bot logged work on KNOX-2664:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 15/Sep/21 16:34
            Start Date: 15/Sep/21 16:34
    Worklog Time Spent: 10m 
      Work Description: smolnar82 commented on a change in pull request #495:
URL: https://github.com/apache/knox/pull/495#discussion_r709357669



##########
File path: 
gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenResource.java
##########
@@ -527,6 +527,12 @@ public Response revoke(String token) {
     return resp;
   }
 
+  private boolean triesToRevokeOwnToken(String tokenId, String revoker) throws 
UnknownTokenException {
+    final TokenMetadata metadata = tokenStateService.getTokenMetadata(tokenId);
+    final String tokenUserName = metadata == null ? "" : 
metadata.getUserName();
+    return revoker != null && revoker.equals(tokenUserName);

Review comment:
       In theory, it should always be set, but you are right: an additional 
emptiness checking does not hurt and could avoid weird issues.
   I submitted a new PS.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@knox.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


Issue Time Tracking
-------------------

    Worklog Id:     (was: 651202)
    Time Spent: 40m  (was: 0.5h)

> Users should revoke their own tokens
> ------------------------------------
>
>                 Key: KNOX-2664
>                 URL: https://issues.apache.org/jira/browse/KNOX-2664
>             Project: Apache Knox
>          Issue Type: Improvement
>    Affects Versions: 1.6.0
>            Reporter: Sandor Molnar
>            Assignee: Sandor Molnar
>            Priority: Critical
>             Fix For: 1.6.0
>
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> Currently, to revoke a token the user who initiated the request should be 
> added into {{knox.token.renewer.whitelist}}. It's very reasonable and useful 
> to allow a user to revoke their own token(s) w/o the need to add them to 
> {{knox.token.renewer.whitelist}}.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to