- Notifications
You must be signed in to change notification settings - Fork1.1k
feat: add cleanup for expired OAuth2 provider app codes and tokens#18825
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Open
ThomasK33 wants to merge1 commit intothomask33/07-08-feat_replace_callback_url_with_redirect_uris_for_oauth2_rfc_6749_complianceChoose a base branch
base:thomask33/07-08-feat_replace_callback_url_with_redirect_uris_for_oauth2_rfc_6749_compliance
Could not load branches
Branch not found:{{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline, and old review comments may become outdated.
Uh oh!
There was an error while loading.Please reload this page.
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
MemberAuthor
ThomasK33 commentedJul 10, 2025 • edited
Loading Uh oh!
There was an error while loading.Please reload this page.
edited
Uh oh!
There was an error while loading.Please reload this page.
Warning This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stackon Graphite.
This stack of pull requests is managed byGraphite. Learn more aboutstacking. |
dae9dfa to29ecd64Comparee24c4b5 to98e7f95Compare29ecd64 to50a22dbCompare50a22db to93a1a1dCompare98e7f95 to2792051Compare This was referencedJul 14, 2025
2792051 to3dd0c37Compare93a1a1d to5c7f06aCompare5c7f06a to8e8bb3cCompare3dd0c37 to962c22cCompare8e8bb3c to0393465Compare0393465 to643824aComparedannykopping approved these changesJul 17, 2025
643824a tof2c16b5Comparebed62ad to4fb1c39Compare4fb1c39 to055d631Compare055d631 tobdc94d5Compare5c5ebec to4a7aa03Comparebdc94d5 to7b4150aCompare4a7aa03 to0c3e711Compare7b4150a tobe56098Compare0c3e711 to67b504eCompareChange-Id: I07e7c229efa6e92282885464d2193dfc4c2e1c98Signed-off-by: Thomas Kosiewski <tk@coder.com>
67b504e tofa6dc8dComparebe56098 tod00dd0bCompareSign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add OAuth2 Provider App Codes and Tokens Cleanup
This PR adds database cleanup functionality for expired OAuth2 provider app codes and tokens. The implementation:
Adds two new database methods:
DeleteExpiredOAuth2ProviderAppCodes- Removes authorization codes that have expiredDeleteExpiredOAuth2ProviderAppTokens- Removes access tokens that have expiredIntegrates these methods into the database purge routine alongside the existing device code cleanup
Adds authorization checks to ensure only system operations can perform these cleanup tasks
Includes comprehensive tests to verify the cleanup functionality works correctly for both expired app codes and tokens
These changes ensure that expired OAuth2 provider data is properly cleaned up from the database, preventing unnecessary accumulation of stale records.