Skip to content

Add DELETE /api/v1/trusted_publishing/tokens API endpoint #11234

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jun 2, 2025
Merged

Add DELETE /api/v1/trusted_publishing/tokens API endpoint #11234

merged 3 commits into from
Jun 2, 2025

Conversation

Turbo87
Copy link
Member

@Turbo87 Turbo87 commented May 24, 2025
edited
Loading

This PR adds an endpoint to revoke a temporary access token from the Trusted Publishing flow.

The DELETE /api/v1/trusted_publishing/tokens endpoint expects the token to be handed over in the Authorization header as a Bearer token, similar to how it will be used in the publish endpoint.

This PR is based upon (and currently includes the changes of) #11131, which implements the API endpoint to create a temporary access token (from a JWT).

Related:

@Turbo87 Turbo87 added C-enhancement ✨ Category: Adding new behavior or a change to the way an existing feature works A-backend ⚙️ labels May 24, 2025
@Turbo87 Turbo87 mentioned this pull request May 23, 2025
Open
18 tasks
@walterhpearce
Copy link

Would you be willing to also add some regression tests? Specifically around cross-crate and user manipulation. This could probably apply to some of the other endpoints as well.

Id feel better just covering any future errors.

@Turbo87
Copy link
Member Author

Turbo87 commented May 27, 2025

absolutely, but could you be slightly more specific on the exact scenarios you would like to see tested? :)

@Turbo87 Turbo87 force-pushed the trustpub-revoke branch 2 times, most recently from 1141dd8 to a9cde09 Compare May 28, 2025 09:06
LawnGnome
LawnGnome approved these changes May 28, 2025
View reviewed changes
Copy link
Contributor

@LawnGnome LawnGnome left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A couple of incredibly minor notes, but no blocking concerns. Great work! 👍

Turbo87 added 3 commits June 2, 2025 10:22
@Turbo87
tests/util: Change MockTokenUser::token to be optional
2bc1e0a
@Turbo87
tests/util: Add MockTokenUser::with_auth_header() fn
32bd55d 
This makes it possible to construct `MockTokenUser` instances from an existing plaintext token or other random header value.
@Turbo87
Add DELETE /api/v1/trusted_publishing/tokens API endpoint
20da39d
@Turbo87 Turbo87 force-pushed the trustpub-revoke branch from a9cde09 to 20da39d Compare June 2, 2025 08:22
@Turbo87
Copy link
Member Author

Turbo87 commented Jun 2, 2025

#11131 has been merged, so this PR is now muuuuch smaller and ready for review :)

@Turbo87 Turbo87 marked this pull request as ready for review June 2, 2025 08:22
@Turbo87 Turbo87 requested a review from a team June 2, 2025 08:23
eth3lbert
eth3lbert approved these changes Jun 2, 2025
View reviewed changes
Copy link
Contributor

@eth3lbert eth3lbert left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just left a nitpick question which is not blocking! This LGTM, thanks for the nice work 👍

@Turbo87 Turbo87 merged commit 40733e8 into rust-lang:main Jun 2, 2025
10 checks passed
@Turbo87 Turbo87 deleted the trustpub-revoke branch June 2, 2025 13:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@LawnGnome LawnGnome LawnGnome approved these changes

@eth3lbert eth3lbert eth3lbert approved these changes

Assignees
No one assigned
Labels
A-backend ⚙️ C-enhancement ✨ Category: Adding new behavior or a change to the way an existing feature works
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Turbo87 @walterhpearce @LawnGnome @eth3lbert