Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-42103

Github creation flow doesn't handle revoked access token properly

    XMLWordPrintable

    Details

    • Epic Link:
    • Sprint:
      1.0
    • Similar Issues:

      Description

      If a user saves a Github personal access token in the creation flow and then re-enters after the token has been revoked, they should receive in appropriate error message.

      Repro Steps

      1. Navigate to /create-pipeline
      2. Select "Github"
      3. Enter a valid Github access token
      4. Navigate to Github and revoke the access token
      5. Navigate to /create-pipeline again
      6. Select "Github"

      Expected Behavior
      User should be prompted to enter a new access token. Ideally the user should get some feedback that it appears the credential is invalid.

      Actual Behavior
      "Loading" message displays forever. http://localhost:8080/jenkins/blue/rest/organizations/jenkins/scm/github/organizations/?credentialId=github 500 (Server Error)

      {
        "message" : "Server returned HTTP response code: 401, message: 'Unauthorized' for URL: https://api.github.com/user",
        "code" : 500,
        "errors" : [ ]
      }
      

        Attachments

          Issue Links

            Activity

            Hide
            cliffmeyers Cliff Meyers added a comment -

            James Dumay in this scenario where the saved token was revoked, I feel like there should be some copy that informs the user of such. Do you have any suggestions?

            Show
            cliffmeyers Cliff Meyers added a comment - James Dumay in this scenario where the saved token was revoked, I feel like there should be some copy that informs the user of such. Do you have any suggestions?
            Hide
            cliffmeyers Cliff Meyers added a comment - - edited

            After changes from JENKINS-41439 it now returns a 428 and indicates whether the token is invalid (deleted or "revoked") or whether the scopes are invalid. We differentiate between the two in the UI now.

            Show
            cliffmeyers Cliff Meyers added a comment - - edited After changes from JENKINS-41439 it now returns a 428 and indicates whether the token is invalid (deleted or "revoked") or whether the scopes are invalid. We differentiate between the two in the UI now.
            Show
            cliffmeyers Cliff Meyers added a comment - PR: https://github.com/jenkinsci/blueocean-plugin/pull/860

              People

              • Assignee:
                cliffmeyers Cliff Meyers
                Reporter:
                cliffmeyers Cliff Meyers
              • Votes:
                1 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: