Skip to content

Clean up rotated OAuth tokens#2343

Merged
ejsmith merged 3 commits into
mainfrom
issue/oauth-rotated-token-cleanup
Jun 30, 2026
Merged

Clean up rotated OAuth tokens#2343
ejsmith merged 3 commits into
mainfrom
issue/oauth-rotated-token-cleanup

Conversation

@ejsmith

@ejsmith ejsmith commented Jun 29, 2026

Copy link
Copy Markdown
Member

Summary

  • add scheduled cleanup for disabled OAuth tokens after the refresh replay safety window
  • keep refresh-token replay detection intact by retaining spent refresh hashes until expiry plus the safety window
  • page OAuth grant listing and revocation paths so large rotated-token families are handled completely

Validation

  • dotnet test -- --filter-class Exceptionless.Tests.Repositories.OAuthTokenRepositoryTests
  • dotnet test -- --filter-class Exceptionless.Tests.Jobs.CleanupDataJobTests
  • dotnet test -- --filter-class Exceptionless.Tests.Controllers.OAuthControllerTests
  • dotnet test -- --filter-class Exceptionless.Tests.Controllers.UserControllerTests
  • git diff --check

Breaking Changes

None.

@ejsmith ejsmith marked this pull request as ready for review June 29, 2026 22:49
@ejsmith ejsmith merged commit dc6dc7c into main Jun 30, 2026
6 checks passed
@ejsmith ejsmith deleted the issue/oauth-rotated-token-cleanup branch June 30, 2026 05:11
@github-actions

github-actions Bot commented Jun 30, 2026

Copy link
Copy Markdown

Code Coverage

Package Line Rate Branch Rate Complexity Health
Exceptionless.AppHost 39% 40% 134
Exceptionless.Core 71% 63% 8605
Exceptionless.Insulation 24% 23% 203
Exceptionless.Web 75% 63% 5188
Summary 71% (16657 / 23526) 62% (8496 / 13596) 14130

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ejsmith