Skip to content

feat: add OAuth2 token bulk revocation endpoint #18847

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: thomask33/07-14-feat_oauth2_add_frontend_ui_for_client_credentials_applications
Choose a base branch
from
Open

feat: add OAuth2 token bulk revocation endpoint #18847

wants to merge 1 commit into from

Conversation

ThomasK33
Copy link
Member

Add OAuth2 Token Revocation Endpoint for Applications

This PR adds a new endpoint to revoke all OAuth2 tokens for a specific application for the authenticated user. The implementation:

  • Creates a new POST /oauth2-provider/apps/{app}/revoke endpoint that revokes all tokens and authorization codes for a specific OAuth2 application
  • Handles both authorization code flow tokens and client credentials flow tokens
  • Updates the frontend to use this new endpoint instead of the previous token revocation method
  • Adds comprehensive tests to verify token revocation works correctly for different scenarios
  • Implements tracking of client secret usage by updating the LastUsedAt timestamp when a secret is used for authentication

The new endpoint provides a more efficient way to revoke all tokens for an application in a single request, improving security by allowing users to quickly revoke access when needed.

This was referenced Jul 14, 2025
Open
Open
Open
Open
Open
@ThomasK33 Graphite App
Copy link
Member Author

ThomasK33 commented Jul 14, 2025
edited
Loading

Warning

This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stack on Graphite.
Learn more

This stack of pull requests is managed by Graphite. Learn more about stacking.

@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking branch from 7f46f86 to cbac27e Compare July 14, 2025 16:22
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_frontend_ui_for_client_credentials_applications branch from 8c29819 to 168176b Compare July 14, 2025 16:22
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking branch from cbac27e to 72e138d Compare July 14, 2025 17:18
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_frontend_ui_for_client_credentials_applications branch from 168176b to 4fcf5b1 Compare July 14, 2025 17:18
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking branch from 72e138d to 3c3dde2 Compare July 14, 2025 17:46
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_frontend_ui_for_client_credentials_applications branch from 4fcf5b1 to 65b1054 Compare July 14, 2025 17:46
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking branch from 3c3dde2 to a696160 Compare July 14, 2025 18:10
@ThomasK33 ThomasK33 marked this pull request as ready for review July 14, 2025 18:19
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_frontend_ui_for_client_credentials_applications branch from 65b1054 to f044533 Compare July 15, 2025 17:27
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking branch from a696160 to 4e82d80 Compare July 15, 2025 17:27
@ThomasK33 ThomasK33 mentioned this pull request Jul 15, 2025
Draft
@ThomasK33 ThomasK33 changed the base branch from thomask33/07-14-feat_oauth2_add_frontend_ui_for_client_credentials_applications to graphite-base/18847 July 16, 2025 20:09
@ThomasK33 ThomasK33 force-pushed the graphite-base/18847 branch from f044533 to c84c4be Compare July 17, 2025 13:43
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking branch from 4e82d80 to 8830706 Compare July 17, 2025 13:43
@ThomasK33 ThomasK33 changed the base branch from graphite-base/18847 to thomask33/07-14-feat_oauth2_add_frontend_ui_for_client_credentials_applications July 17, 2025 13:43
@ThomasK33
feat(oauth2): add bulk token revocation endpoint with usage tracking
13de8e2 
Change-Id: Ia484466d0892e5043f3937b717c28fff91c17ce8
Signed-off-by: Thomas Kosiewski <tk@coder.com>
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_frontend_ui_for_client_credentials_applications branch from c84c4be to 40d7fd1 Compare July 17, 2025 14:38
@ThomasK33 ThomasK33 requested a review from aslilac as a code owner July 17, 2025 14:38
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking branch from 8830706 to 13de8e2 Compare July 17, 2025 14:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aslilac aslilac Awaiting requested review from aslilac aslilac is a code owner

Assignees

@ThomasK33 ThomasK33

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@ThomasK33