Skip to content

feat: add OAuth2 token bulk revocation endpoint#18847

Closed
ThomasK33 wants to merge 1 commit into
thomask33/07-14-feat_oauth2_add_frontend_ui_for_client_credentials_applicationsfrom
thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking
Closed

feat: add OAuth2 token bulk revocation endpoint#18847
ThomasK33 wants to merge 1 commit into
thomask33/07-14-feat_oauth2_add_frontend_ui_for_client_credentials_applicationsfrom
thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking

Conversation

@ThomasK33
Copy link
Copy Markdown
Member

@ThomasK33 ThomasK33 commented Jul 14, 2025

Add OAuth2 Token Revocation Endpoint for Applications

This PR adds a new endpoint to revoke all OAuth2 tokens for a specific application for the authenticated user. The implementation:

  • Creates a new POST /oauth2-provider/apps/{app}/revoke endpoint that revokes all tokens and authorization codes for a specific OAuth2 application
  • Handles both authorization code flow tokens and client credentials flow tokens
  • Updates the frontend to use this new endpoint instead of the previous token revocation method
  • Adds comprehensive tests to verify token revocation works correctly for different scenarios
  • Implements tracking of client secret usage by updating the LastUsedAt timestamp when a secret is used for authentication

The new endpoint provides a more efficient way to revoke all tokens for an application in a single request, improving security by allowing users to quickly revoke access when needed.

This was referenced Jul 14, 2025
Closed
Closed
Closed
Closed
Closed
@ThomasK33 Graphite App
Copy link
Copy Markdown
Member Author

ThomasK33 commented Jul 14, 2025
edited
Loading

Warning

This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stack on Graphite.
Learn more

This stack of pull requests is managed by Graphite. Learn more about stacking.

@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking branch from 7f46f86 to cbac27e Compare July 14, 2025 16:22
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_frontend_ui_for_client_credentials_applications branch from 8c29819 to 168176b Compare July 14, 2025 16:22
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking branch from cbac27e to 72e138d Compare July 14, 2025 17:18
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_frontend_ui_for_client_credentials_applications branch from 168176b to 4fcf5b1 Compare July 14, 2025 17:18
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking branch from 72e138d to 3c3dde2 Compare July 14, 2025 17:46
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_frontend_ui_for_client_credentials_applications branch from 4fcf5b1 to 65b1054 Compare July 14, 2025 17:46
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking branch from 3c3dde2 to a696160 Compare July 14, 2025 18:10
@ThomasK33 ThomasK33 marked this pull request as ready for review July 14, 2025 18:19
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_frontend_ui_for_client_credentials_applications branch from 65b1054 to f044533 Compare July 15, 2025 17:27
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking branch from a696160 to 4e82d80 Compare July 15, 2025 17:27
@ThomasK33 ThomasK33 mentioned this pull request Jul 15, 2025
Closed
@ThomasK33 ThomasK33 changed the base branch from thomask33/07-14-feat_oauth2_add_frontend_ui_for_client_credentials_applications to graphite-base/18847 July 16, 2025 20:09
@ThomasK33 ThomasK33 force-pushed the graphite-base/18847 branch from f044533 to c84c4be Compare July 17, 2025 13:43
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking branch from 4e82d80 to 8830706 Compare July 17, 2025 13:43
@ThomasK33 ThomasK33 changed the base branch from graphite-base/18847 to thomask33/07-14-feat_oauth2_add_frontend_ui_for_client_credentials_applications July 17, 2025 13:43
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_frontend_ui_for_client_credentials_applications branch from c84c4be to 40d7fd1 Compare July 17, 2025 14:38
@ThomasK33 ThomasK33 requested a review from aslilac as a code owner July 17, 2025 14:38
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking branch from 8830706 to 13de8e2 Compare July 17, 2025 14:38
@aslilac aslilac removed their request for review July 23, 2025 16:35
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking branch from 13de8e2 to b4a9dbd Compare July 23, 2025 16:53
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_frontend_ui_for_client_credentials_applications branch from 40d7fd1 to cc78865 Compare July 23, 2025 16:53
@ThomasK33 ThomasK33 mentioned this pull request Jul 23, 2025
Closed
@github-actions github-actions Bot added the stale This issue is like stale bread. label Jul 31, 2025
@github-actions github-actions Bot closed this Aug 3, 2025
@ThomasK33 ThomasK33 reopened this Aug 12, 2025
@ThomasK33 ThomasK33 assigned Emyrk and unassigned ThomasK33 Aug 12, 2025
@ThomasK33 ThomasK33 removed the stale This issue is like stale bread. label Aug 12, 2025
@ThomasK33 ThomasK33 changed the base branch from thomask33/07-14-feat_oauth2_add_frontend_ui_for_client_credentials_applications to graphite-base/18847 August 12, 2025 16:33
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking branch from b4a9dbd to 72cf224 Compare August 12, 2025 16:34
@ThomasK33 ThomasK33 force-pushed the graphite-base/18847 branch from cc78865 to 4ce585e Compare August 12, 2025 16:34
@ThomasK33 ThomasK33 changed the base branch from graphite-base/18847 to thomask33/07-14-feat_oauth2_add_frontend_ui_for_client_credentials_applications August 12, 2025 16:34
@github-actions github-actions Bot added the stale This issue is like stale bread. label Aug 20, 2025
@github-actions github-actions Bot closed this Aug 24, 2025
@Emyrk Emyrk reopened this Aug 24, 2025
@github-actions github-actions Bot removed the stale This issue is like stale bread. label Aug 25, 2025
@github-actions github-actions Bot added the stale This issue is like stale bread. label Sep 1, 2025
@github-actions github-actions Bot closed this Sep 5, 2025
@ThomasK33 ThomasK33 deleted the thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking branch September 15, 2025 07:52
@ThomasK33 ThomasK33 restored the thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking branch September 15, 2025 07:53
@Emyrk Emyrk reopened this Oct 6, 2025
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_frontend_ui_for_client_credentials_applications branch from 4ce585e to fd42ee1 Compare October 10, 2025 14:42
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking branch from 72cf224 to 2f53936 Compare October 10, 2025 14:42
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_frontend_ui_for_client_credentials_applications branch from fd42ee1 to 65adff3 Compare October 10, 2025 14:53
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking branch from 2f53936 to 6467b3a Compare October 10, 2025 14:53
@ThomasK33
feat(oauth2): add bulk token revocation endpoint with usage tracking
5a9b69e 
Change-Id: Ia484466d0892e5043f3937b717c28fff91c17ce8
Signed-off-by: Thomas Kosiewski <tk@coder.com>
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_frontend_ui_for_client_credentials_applications branch from 65adff3 to 7d8adca Compare October 10, 2025 14:57
@ThomasK33 ThomasK33 force-pushed the thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking branch from 6467b3a to 5a9b69e Compare October 10, 2025 14:57
@github-actions github-actions Bot removed the stale This issue is like stale bread. label Apr 9, 2026
@github-actions github-actions Bot added the stale This issue is like stale bread. label Apr 30, 2026
@github-actions github-actions Bot closed this May 9, 2026
@github-actions github-actions Bot deleted the thomask33/07-14-feat_oauth2_add_bulk_token_revocation_endpoint_with_usage_tracking branch May 9, 2026 00:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@buenos-nachos buenos-nachos Awaiting requested review from buenos-nachos

Assignees

@Emyrk Emyrk

Labels

stale This issue is like stale bread.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ThomasK33 @Emyrk