From 060e222e5e5b6c68a67a3bc6c793430d1e81b42a Mon Sep 17 00:00:00 2001 From: Gavin Date: Wed, 14 Feb 2024 13:08:40 -0800 Subject: [PATCH] Remove global token revocation button Too dangerous as a simple button. Also make the URLs in the config page easier to read. --- README.md | 21 +++++++++++++++++++++ build.gradle | 2 +- templates/adminconfig.mustache | 16 ++++++++-------- templates/admingeneral.mustache | 5 ++--- 4 files changed, 32 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 0e692dae..a322429d 100644 --- a/README.md +++ b/README.md @@ -279,6 +279,27 @@ local account and assign it the create administrator role. That account can then be used to create further administrators (including itself) without needing to login as root. The root account can then be disabled. +### Revoking tokens in an emergency + +The simple HTML only test UI included with the server supports most administration functions, +but revoking all tokens in the service is not included as it has a major impact on systems the +auth server supports, essentially shutting them down. If all tokens are revoked, the tokens for +every single token type (agent, service, etc.) for every single user in the auth system are +removed - the equivalent of clearing the tokens collection in MongoDB. + +This feature is intended to be used in an emergency such as many tokens becoming compromised or +the system needs to come to a near immediate halt (near immediate since services outside the auth +server may cache and accept tokens for some period of time after they're invalidated in auth). + +To revoke all tokens, issue the following request to the server (curl used as an example): + +``` +curl -X POST --cookie "kbase_session=" http:///admin/revokeall +``` + +If the `token-cookie-name` deployment configuration value is not `kbase_session` change +the request to match. + ## Start & stop server w/o a pid `./jettybase$ java -DSTOP.PORT=8079 -DSTOP.KEY=foo -jar ~/jetty/jetty-distribution-9.3.11.v20160721/start.jar` diff --git a/build.gradle b/build.gradle index b03a2b6d..64258ed4 100644 --- a/build.gradle +++ b/build.gradle @@ -23,7 +23,7 @@ def TEMPLATE_LIST_FILE_NAME = "templates.manifest" task buildGitCommitFile { doLast { def commitId = grgit.head().id - // is there a variable for builddir/classe/java/main? + // is there a variable for builddir/classes/java/main? file("$buildDir/classes/java/main/us/kbase/auth2/gitcommit").text = commitId } } diff --git a/templates/adminconfig.mustache b/templates/adminconfig.mustache index 800b5358..6e967912 100644 --- a/templates/adminconfig.mustache +++ b/templates/adminconfig.mustache @@ -28,24 +28,24 @@ The stack trace is always logged.

Allowed post-login redirect URL prefix: -

Redirect URL when a user cannot be logged in immediately after return from 3rd party provider, e.g. a choice of accounts is required or an account must be created. -

Redirect URL after an account link (usually to a user page showing their identities). -

Redirect URL when a user account cannot be linked immediately after return from 3rd party provider, e.g. a choice of accounts is required. -

@@ -87,24 +87,24 @@ provider, e.g. a choice of accounts is required.

Allowed post-login redirect URL prefix: -

Redirect URL when a user cannot be logged in immediately after return from 3rd party provider, e.g. a choice of accounts is required or an account must be created. -

Redirect URL after an account link (usually to a user page showing their identities). -

Redirect URL when a user account cannot be linked immediately after return from 3rd party provider, e.g. a choice of accounts is required. -

diff --git a/templates/admingeneral.mustache b/templates/admingeneral.mustache index c98f2306..986a7fcc 100644 --- a/templates/admingeneral.mustache +++ b/templates/admingeneral.mustache @@ -3,9 +3,6 @@
-
- -
View token:
@@ -34,5 +31,7 @@ {{id}}
{{/customroles}} +
+ \ No newline at end of file