Closed exalate-issue-sync[bot] closed 2 weeks ago
describe-the-bug-
When you disable an application on AM you can still use the last active tokens. After disabling we can't get new tokens which is normal but can use the last active.
to-reproduce-
Steps to reproduce the behavior:
Attachment - image.png
curl --location --request PATCH 'https://am.gravitee.io/management/organizations/DEFAULT/environments/DEFAULT/domains/90ebdf75-9c8b-4267-abdf-759c8bb267ca/applications/fcb9e58a-e6bd-41cd-b9e5-8ae6bd21cd4f' --header 'Content-Type: application/json' --header 'Authorization: ••••••' --header 'Cookie: XSRF-Graviteeio-AM-API-TOKEN=eyJraWQiOiJkZWZhdWx0LWdyYXZpdGVlLUFNLWtleSIsInR5cCI6IkpXVCIsImFsZyI6IkhTMjU2In0.eyJpc3MiOiJodHRwczovL2dyYXZpdGVlLmFtIiwiaWF0IjoxNzIzMTk2ODY4LCJqdGkiOiJVeGhqTVhrd0pQODRmbndZTVdLVlJIc0FGMm5ndEVYZ2Y1ZjBzT1ZORVZRIiwidG9rZW4iOiJkOWExYjI4YS00YzdiLTQxZTMtODRiZC1lYzc3MzhjZmE1NjgifQ.jV-vKOaNlN1dqo9Y47up58fXv1ao_yMeUIFid5saAUU' --data '
{ "enabled": false}
'
expected-behavior-
Tokens from disabled application should not be usable.
desktop-
* Please see Zendesk Support tab for further comments and attachments.
This issue will be fixed in versions 4.4.5, 4.1.29, 4.3.12, 4.5.0, 4.2.20
Describe the bug :
describe-the-bug-
When you disable an application on AM you can still use the last active tokens. After disabling we can't get new tokens which is normal but can use the last active.
To Reproduce :
to-reproduce-
Steps to reproduce the behavior:
Attachment - image.png
curl --location --request PATCH 'https://am.gravitee.io/management/organizations/DEFAULT/environments/DEFAULT/domains/90ebdf75-9c8b-4267-abdf-759c8bb267ca/applications/fcb9e58a-e6bd-41cd-b9e5-8ae6bd21cd4f' --header 'Content-Type: application/json' --header 'Authorization: ••••••' --header 'Cookie: XSRF-Graviteeio-AM-API-TOKEN=eyJraWQiOiJkZWZhdWx0LWdyYXZpdGVlLUFNLWtleSIsInR5cCI6IkpXVCIsImFsZyI6IkhTMjU2In0.eyJpc3MiOiJodHRwczovL2dyYXZpdGVlLmFtIiwiaWF0IjoxNzIzMTk2ODY4LCJqdGkiOiJVeGhqTVhrd0pQODRmbndZTVdLVlJIc0FGMm5ndEVYZ2Y1ZjBzT1ZORVZRIiwidG9rZW4iOiJkOWExYjI4YS00YzdiLTQxZTMtODRiZC1lYzc3MzhjZmE1NjgifQ.jV-vKOaNlN1dqo9Y47up58fXv1ao_yMeUIFid5saAUU' --data '
{ "enabled": false}
'
Expected behavior :
expected-behavior-
Tokens from disabled application should not be usable.
Desktop :
desktop-
* Please see Zendesk Support tab for further comments and attachments.