Issue 10080010: [Chromoting] The webapp revokes OAuth refresh tokens when they will no longer be used.

Issue 10080010: [Chromoting] The webapp revokes OAuth refresh tokens when they will no longer be used. (Closed)

Created:
8 years, 8 months ago by simonmorris

Modified:
8 years, 8 months ago

Reviewers:
Jamie

CC:
chromium-reviews, jamiewalch+watch_chromium.org, dcaiafa+watch_chromium.org, simonmorris+watch_chromium.org, hclam+watch_chromium.org, wez+watch_chromium.org, amit, sanjeevr, garykac+watch_chromium.org, lambroslambrou+watch_chromium.org, alexeypa+watch_chromium.org, sergeyu+watch_chromium.org

Base URL:
svn://svn.chromium.org/chrome/trunk/src

Visibility:
Public.

More Reviews

Description

[Chromoting] The webapp revokes OAuth refresh tokens when they will no longer be used. BUG=123018 Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=132494

Patch Set 1 #

Total comments: 4

Patch Set 2 : Log an error more thoroughly. #

Created: 8 years, 8 months ago

Download [raw] [tar.bz2]

		Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+75 lines, -7 lines)			Patch
	M	remoting/webapp/host_controller.js	View		1 chunk	+1 line, -1 line	0 comments	Download
	M	remoting/webapp/oauth2.js	View	1	6 chunks	+74 lines, -6 lines	0 comments	Download

Messages

Total messages: 3 (0 generated)

Expand Messages | Collapse Messages

Jamie

lgtm with a couple of suggestions. http://codereview.chromium.org/10080010/diff/1/remoting/webapp/host_controller.js File remoting/webapp/host_controller.js (left): http://codereview.chromium.org/10080010/diff/1/remoting/webapp/host_controller.js#oldcode220 remoting/webapp/host_controller.js:220: remoting.HostController.prototype.stop = function(callback) ...

8 years, 8 months ago (2012-04-16 17:04:44 UTC) #2

simonmorris

8 years, 8 months ago (2012-04-16 22:37:50 UTC) #3

fyi

http://codereview.chromium.org/10080010/diff/1/remoting/webapp/host_controlle...
File remoting/webapp/host_controller.js (left):

http://codereview.chromium.org/10080010/diff/1/remoting/webapp/host_controlle...
remoting/webapp/host_controller.js:220: remoting.HostController.prototype.stop =
function(callback) {
On 2012/04/16 17:04:45, Jamie wrote:
> I think we can mark the token as revokable again here can't we? I'm not sure
how
> much it buys us (it depends on the relative frequency of sign-out vs. stop)
but
> it feels safe.

I see what you mean, but the claim that that's safe feels fragile, and not easy
to verify. It also complicates the interface added in this CL, and I think it
seldom buys very much.

http://codereview.chromium.org/10080010/diff/1/remoting/webapp/oauth2.js
File remoting/webapp/oauth2.js (right):

http://codereview.chromium.org/10080010/diff/1/remoting/webapp/oauth2.js#newc...
remoting/webapp/oauth2.js:326: ' response: ' + xhr.responseText);
On 2012/04/16 17:04:45, Jamie wrote:
> I think I'd probably log the xhr object itself here as well, in case any of
the
> other fields are useful.

Done.

Expand Messages | Collapse Messages