fix: do not revoke token if already expired (#147)
Closes #140 The pull request at #95 introduced changes to avoid revoking expired tokens by saving the `expiresAt` value in the state. The change, however, used `core.setOutput` instead of `core.setState` meaning the value is not saved in the state but rather available in the output. ```javascript if (!skipTokenRevoke) { core.saveState("token", authentication.token); core.setOutput("expiresAt", authentication.expiresAt); } ``` This means that when we use the value downstream, it evaluates to an empty string and the following code block is never run: ```javascript const expiresAt = core.getState("expiresAt"); if (expiresAt && tokenExpiresIn(expiresAt) < 0) { core.info("Token expired, skipping token revocation"); return; } ``` This is a tiny PR to correct that typo.
This commit is contained in:
Wechuli
Vendored
+1
-1
@@ -39753,7 +39753,7 @@ async function main(appId2, privateKey2, owner2, repositories2, core3, createApp
|
||||
core3.setOutput("app-slug", appSlug);
|
||||
if (!skipTokenRevoke2) {
|
||||
core3.saveState("token", authentication.token);
|
||||
core3.setOutput("expiresAt", authentication.expiresAt);
|
||||
core3.saveState("expiresAt", authentication.expiresAt);
|
||||
}
|
||||
}
|
||||
async function getTokenFromOwner(request2, auth5, parsedOwner) {
|
||||
|
||||
+1
-1
@@ -104,7 +104,7 @@ export async function main(
|
||||
// Make token accessible to post function (so we can invalidate it)
|
||||
if (!skipTokenRevoke) {
|
||||
core.saveState("token", authentication.token);
|
||||
core.setOutput("expiresAt", authentication.expiresAt);
|
||||
core.saveState("expiresAt", authentication.expiresAt);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -33,8 +33,7 @@ Generated by [AVA](https://avajs.dev).
|
||||
␊
|
||||
::set-output name=app-slug::github-actions␊
|
||||
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
|
||||
␊
|
||||
::set-output name=expiresAt::2016-07-11T22:14:10Z`
|
||||
::save-state name=expiresAt::2016-07-11T22:14:10Z`
|
||||
|
||||
## main-missing-app-id.test.js
|
||||
|
||||
@@ -94,8 +93,7 @@ Generated by [AVA](https://avajs.dev).
|
||||
␊
|
||||
::set-output name=app-slug::github-actions␊
|
||||
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
|
||||
␊
|
||||
::set-output name=expiresAt::2016-07-11T22:14:10Z`
|
||||
::save-state name=expiresAt::2016-07-11T22:14:10Z`
|
||||
|
||||
## main-token-get-owner-set-repo-set-to-many.test.js
|
||||
|
||||
@@ -114,8 +112,7 @@ Generated by [AVA](https://avajs.dev).
|
||||
␊
|
||||
::set-output name=app-slug::github-actions␊
|
||||
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
|
||||
␊
|
||||
::set-output name=expiresAt::2016-07-11T22:14:10Z`
|
||||
::save-state name=expiresAt::2016-07-11T22:14:10Z`
|
||||
|
||||
## main-token-get-owner-set-repo-set-to-one.test.js
|
||||
|
||||
@@ -134,8 +131,7 @@ Generated by [AVA](https://avajs.dev).
|
||||
␊
|
||||
::set-output name=app-slug::github-actions␊
|
||||
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
|
||||
␊
|
||||
::set-output name=expiresAt::2016-07-11T22:14:10Z`
|
||||
::save-state name=expiresAt::2016-07-11T22:14:10Z`
|
||||
|
||||
## main-token-get-owner-set-to-org-repo-unset.test.js
|
||||
|
||||
@@ -154,8 +150,7 @@ Generated by [AVA](https://avajs.dev).
|
||||
␊
|
||||
::set-output name=app-slug::github-actions␊
|
||||
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
|
||||
␊
|
||||
::set-output name=expiresAt::2016-07-11T22:14:10Z`
|
||||
::save-state name=expiresAt::2016-07-11T22:14:10Z`
|
||||
|
||||
## main-token-get-owner-set-to-user-fail-response.test.js
|
||||
|
||||
@@ -175,8 +170,7 @@ Generated by [AVA](https://avajs.dev).
|
||||
␊
|
||||
::set-output name=app-slug::github-actions␊
|
||||
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
|
||||
␊
|
||||
::set-output name=expiresAt::2016-07-11T22:14:10Z`
|
||||
::save-state name=expiresAt::2016-07-11T22:14:10Z`
|
||||
|
||||
## main-token-get-owner-set-to-user-repo-unset.test.js
|
||||
|
||||
@@ -195,8 +189,7 @@ Generated by [AVA](https://avajs.dev).
|
||||
␊
|
||||
::set-output name=app-slug::github-actions␊
|
||||
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
|
||||
␊
|
||||
::set-output name=expiresAt::2016-07-11T22:14:10Z`
|
||||
::save-state name=expiresAt::2016-07-11T22:14:10Z`
|
||||
|
||||
## main-token-get-owner-unset-repo-set.test.js
|
||||
|
||||
@@ -215,8 +208,7 @@ Generated by [AVA](https://avajs.dev).
|
||||
␊
|
||||
::set-output name=app-slug::github-actions␊
|
||||
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
|
||||
␊
|
||||
::set-output name=expiresAt::2016-07-11T22:14:10Z`
|
||||
::save-state name=expiresAt::2016-07-11T22:14:10Z`
|
||||
|
||||
## main-token-get-owner-unset-repo-unset.test.js
|
||||
|
||||
@@ -235,8 +227,7 @@ Generated by [AVA](https://avajs.dev).
|
||||
␊
|
||||
::set-output name=app-slug::github-actions␊
|
||||
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
|
||||
␊
|
||||
::set-output name=expiresAt::2016-07-11T22:14:10Z`
|
||||
::save-state name=expiresAt::2016-07-11T22:14:10Z`
|
||||
|
||||
## post-revoke-token-fail-response.test.js
|
||||
|
||||
|
||||
Binary file not shown.
Reference in New Issue
Block a user