Uploaded image for project: 'Red Hat OpenShift Dev Spaces (formerly CodeReady Workspaces) '
  1. Red Hat OpenShift Dev Spaces (formerly CodeReady Workspaces)
  2. CRW-3505

Inadequate cleanup after user revoke Dev Spaces OAuth App authorization on GitHub

XMLWordPrintable

    • False
    • None
    • False

      If a developer does the following:

      1. starts a workspace and authorizes Dev Spaces GitHub OAuth App
      2. revokes the authorization (from GitHub settings => applications => Authorized OAuth Apps)
      3. starts a new workspace and, when prompted, re-authorize Dev Spaces GitHub OAuth App

      then his git credential will be invalid.

      The Secrets generated after first step are never replaced and that prevent git from working properly (i.e. repository clone). Only after the workspace is manually examined and affected Secrets deleted does proper behavior resume.

      Desired behavior:

      1. If the GitHub OAuth App has been revoked, delete the secrets
      2. If the GitHub OAuth App is re-authorized, refresh the secrets

            ivinokur-1 Igor Vinokur
            rhn-support-rick Rick Wagner
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: