feat: add cleanup for expired OAuth2 provider app codes and tokens #18825
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Warning This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stack on Graphite.
This stack of pull requests is managed by Graphite. Learn more about stacking. |
ThomasK33
force-pushed
the
thomask33/07-10-feat_add_cleanup_for_expired_oauth2_provider_app_codes_and_tokens
branch
from
dae9dfa to
29ecd64
Compare
ThomasK33
force-pushed
the
thomask33/07-08-feat_replace_callback_url_with_redirect_uris_for_oauth2_rfc_6749_compliance
branch
from
e24c4b5 to
98e7f95
Compare
ThomasK33
force-pushed
the
thomask33/07-10-feat_add_cleanup_for_expired_oauth2_provider_app_codes_and_tokens
branch
from
29ecd64 to
50a22db
Compare
ThomasK33
force-pushed
the
thomask33/07-10-feat_add_cleanup_for_expired_oauth2_provider_app_codes_and_tokens
branch
from
50a22db to
93a1a1d
Compare
ThomasK33
force-pushed
the
thomask33/07-08-feat_replace_callback_url_with_redirect_uris_for_oauth2_rfc_6749_compliance
branch
from
98e7f95 to
2792051
Compare
This was referenced Jul 14, 2025
ThomasK33
force-pushed
the
thomask33/07-08-feat_replace_callback_url_with_redirect_uris_for_oauth2_rfc_6749_compliance
branch
from
2792051 to
3dd0c37
Compare
ThomasK33
force-pushed
the
thomask33/07-10-feat_add_cleanup_for_expired_oauth2_provider_app_codes_and_tokens
branch
from
93a1a1d to
5c7f06a
Compare
ThomasK33
force-pushed
the
thomask33/07-10-feat_add_cleanup_for_expired_oauth2_provider_app_codes_and_tokens
branch
from
5c7f06a to
8e8bb3c
Compare
ThomasK33
force-pushed
the
thomask33/07-08-feat_replace_callback_url_with_redirect_uris_for_oauth2_rfc_6749_compliance
branch
from
3dd0c37 to
962c22c
Compare
ThomasK33
force-pushed
the
thomask33/07-10-feat_add_cleanup_for_expired_oauth2_provider_app_codes_and_tokens
branch
from
8e8bb3c to
0393465
Compare
ThomasK33
changed the base branch from
thomask33/07-08-feat_replace_callback_url_with_redirect_uris_for_oauth2_rfc_6749_compliance
to
graphite-base/18825
ThomasK33
force-pushed
the
graphite-base/18825
branch
from
962c22c to
bed62ad
Compare
ThomasK33
force-pushed
the
thomask33/07-10-feat_add_cleanup_for_expired_oauth2_provider_app_codes_and_tokens
branch
from
0393465 to
643824a
Compare
ThomasK33
changed the base branch from
graphite-base/18825
to
thomask33/07-08-feat_replace_callback_url_with_redirect_uris_for_oauth2_rfc_6749_compliance
dannykopping
approved these changes
Jul 17, 2025
Change-Id: I07e7c229efa6e92282885464d2193dfc4c2e1c98 Signed-off-by: Thomas Kosiewski <tk@coder.com>
ThomasK33
force-pushed
the
thomask33/07-10-feat_add_cleanup_for_expired_oauth2_provider_app_codes_and_tokens
branch
from
643824a to
f2c16b5
Compare
ThomasK33
force-pushed
the
thomask33/07-08-feat_replace_callback_url_with_redirect_uris_for_oauth2_rfc_6749_compliance
branch
from
bed62ad to
4fb1c39
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add OAuth2 Provider App Codes and Tokens Cleanup
This PR adds database cleanup functionality for expired OAuth2 provider app codes and tokens. The implementation:
Adds two new database methods:
DeleteExpiredOAuth2ProviderAppCodes- Removes authorization codes that have expiredDeleteExpiredOAuth2ProviderAppTokens- Removes access tokens that have expiredIntegrates these methods into the database purge routine alongside the existing device code cleanup
Adds authorization checks to ensure only system operations can perform these cleanup tasks
Includes comprehensive tests to verify the cleanup functionality works correctly for both expired app codes and tokens
These changes ensure that expired OAuth2 provider data is properly cleaned up from the database, preventing unnecessary accumulation of stale records.