Ask Big Local to delete my insecure API token

simonw / big-local-datasette

Publishing a Datasette of open projects from biglocalnews.org

https://biglocal.datasettes.com/

2 stars 0 forks source link

Ask Big Local to delete my insecure API token #10

Closed simonw closed 4 years ago

simonw commented 4 years ago

eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE1ODY0NjkxMTIsIm5iZiI6MTU4NjQ2OTExMiwianRpIjoiYzRjMzdlMTEtMDQ1NS00MmUxLWE0OTQtZWNiMDE3MDZjY2Q2IiwiaWRlbnRpdHkiOiI1ZjMxYjYwMi1lZGVmLTRmMzItODlkMC0wMDhlMTFmNDA4YjIiLCJmcmVzaCI6ZmFsc2UsInR5cGUiOiJhY2Nlc3MifQ.nfUqmXqoi4YjyaXTfXe8bFNQVrn8acPJZVdQlMeAyag remains in this repo's issues and git history and should be deactivated. Refs #5

simonw commented 4 years ago

mutation revokePersonalToken($input: RevokeTokenInput!) {
  revokePersonalToken(input: $input) {
    ok
    err
  }
}

Query variables:

{
  "input": {
    "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE1ODY0NjkxMTIsIm5iZiI6MTU4NjQ2OTExMiwianRpIjoiYzRjMzdlMTEtMDQ1NS00MmUxLWE0OTQtZWNiMDE3MDZjY2Q2IiwiaWRlbnRpdHkiOiI1ZjMxYjYwMi1lZGVmLTRmMzItODlkMC0wMDhlMTFmNDA4YjIiLCJmcmVzaCI6ZmFsc2UsInR5cGUiOiJhY2Nlc3MifQ.nfUqmXqoi4YjyaXTfXe8bFNQVrn8acPJZVdQlMeAyag"
  }
}

simonw commented 4 years ago

Big_Local_News

simonw commented 4 years ago

Confirmed revoked:

$ python fetch_projects.py eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE1ODY0NjkxMTIsIm5iZiI6MTU4NjQ2OTExMiwianRpIjoiYzRjMzdlMTEtMDQ1NS00MmUxLWE0OTQtZWNiMDE3MDZjY2Q2IiwiaWRlbnRpdHkiOiI1ZjMxYjYwMi1lZGVmLTRmMzItODlkMC0wMDhlMTFmNDA4YjIiLCJmcmVzaCI6ZmFsc2UsInR5cGUiOiJhY2Nlc3MifQ.nfUqmXqoi4YjyaXTfXe8bFNQVrn8acPJZVdQlMeAyag
Traceback (most recent call last):
  File "fetch_projects.py", line 61, in <module>
    fetch_projects(db, token)
  File "fetch_projects.py", line 37, in fetch_projects
    assert 200 == response.status_code, response.status_code
AssertionError: 401

simonw commented 4 years ago

Now that I've cleaned up and revoked all of the secrets, I can open source the repo.