Skip to content

feat: apitoken types to support prefixes #65684

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Feb 23, 2024
Merged

feat: apitoken types to support prefixes #65684

merged 2 commits into from
Feb 23, 2024

Conversation

@mdtro
Copy link
Contributor

@mdtro mdtro commented Feb 23, 2024

In support of getsentry/rfcs#32.

Add a nullable token_type column to the ApiToken model. This will be used to help us identify the different kinds of API tokens we have in the application via a prefix. With this, we'll be able to integrate with GitHub and others' secret scanning program to prevent token leaks. Legacy (e.g. tokens that already exist) will have a null value here, so we'll know they are not one of our new tokens with the prefix format once all tokens are stored solely as hashed values.

@mdtro mdtro requested a review from a team as a code owner February 23, 2024 04:25
@github-actions github-actions bot added the Scope: Backend Automatically applied to PRs that change backend components label Feb 23, 2024
@github-actions
Copy link
Contributor

github-actions bot commented Feb 23, 2024

This PR has a migration; here is the generated SQL for src/sentry/migrations/0653_apitoken_add_token_type.py ()

--
-- Add field token_type to apitoken
--
ALTER TABLE "sentry_apitoken" ADD COLUMN "token_type" varchar(7) NULL;

@mdtro mdtro requested a review from a team February 23, 2024 04:31
@codecov
Copy link

codecov bot commented Feb 23, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 84.19%. Comparing base (9d940ab) to head (6c691fa).

Additional details and impacted files 
@@           Coverage Diff           @@
##           master   #65684   +/-   ##
=======================================
  Coverage   84.18%   84.19%           
=======================================
  Files        5271     5272    +1     
  Lines      235792   235802   +10     
  Branches    40810    40810           
=======================================
+ Hits       198508   198523   +15     
+ Misses      37065    37060    -5     
  Partials      219      219
Files Coverage Δ
src/sentry/models/apitoken.py 100.00% <100.00%> (ø)
src/sentry/types/token.py 100.00% <100.00%> (ø)

... and 7 files with indirect coverage changes

markstory
markstory approved these changes Feb 23, 2024
View reviewed changes
Copy link
Member

@markstory markstory left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Schema change looks good to me.

@mdtro mdtro merged commit 14814e5 into master Feb 23, 2024
@mdtro mdtro deleted the mdtro/apitoken-type branch February 23, 2024 15:28
@github-actions github-actions bot locked and limited conversation to collaborators Mar 10, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@markstory markstory markstory approved these changes

Assignees

No one assigned

Labels

Scope: Backend Automatically applied to PRs that change backend components

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mdtro @markstory