seg_yinzy
/
che-server
mirror of https://github.com/eclipse-che/che-server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
che-server/wsmaster
History
Igor Vinokur 128e7e4204 Do not return secret token in the Oauth API (#538) 
Remove the personalAccessTokenManager.get() call from the OAuth API getToken() method. The OAuth API must not know anything about PAT secrets. It should get tokens only by requesting an SCM provider OAuth API.
Fix validating the Bitbucket-Server PAT method by requesting user instead of requesting.
This prevents the code execution going to a recursive loop: bitbucketServerApiClient.getPersonalAccessToken() calls oauthApi.getToken() which referred to personalAccessTokenManager.getToken() which validated the token by calling scmPersonalAccessTokenFetcher.getScmUsername() -> bitbucketServerApiClient.getPersonalAccessToken().
 		2023-08-17 16:31:52 +03:00
..
che-core-api-account chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-auth Do not return secret token in the Oauth API (#538) 2023-08-17 16:31:52 +03:00
che-core-api-auth-azure-devops chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-auth-bitbucket chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-auth-github chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-auth-gitlab chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-auth-openshift chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-auth-shared chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-devfile chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-devfile-shared chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-factory chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-factory-azure-devops chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-factory-bitbucket chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-factory-bitbucket-server Do not return secret token in the Oauth API (#538) 2023-08-17 16:31:52 +03:00
che-core-api-factory-git-ssh chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-factory-github Use `login` instead of `name` in the GitHub scopes/username request (#537) 2023-08-01 21:42:49 +03:00
che-core-api-factory-gitlab chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-factory-shared chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-logger chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-logger-shared chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-metrics chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-ssh chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-ssh-shared chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-system chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-system-shared chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-user chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-user-shared chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-workspace chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-workspace-activity chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-api-workspace-shared chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
che-core-sql-schema chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
integration-tests chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00
pom.xml chore: Bump to 7.72.1-SNAPSHOT in 7.72.x 2023-07-27 15:03:37 +00:00