You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Update TokenManager to use Rack in place of TokenStore #20460 - For the API, remove a majority of the custom TokenManager / TokenStore implementation and use the Rails conventions to treat a session like a token, leveraging Rack sessions. We may have to find a way to tell the Rack session classes to store the value in a different header than the cookie, so we can keep compatibility with current API header name for clients. However, the content of the token is not important to the end user, nor is it important between versions, so we can store whatever we like such as a session id.
This might an optional for now, but without it, we will have to have duplicate implementations of 2 for each of the UI and API token managers.
The text was updated successfully, but these errors were encountered:
See original issue for full details
Parameterize endpoint to revoke user sessions by type manageiq-api#885 - API /api/users/
revoke_sessions
action should be parameterized by type ("api", "ui", "ws", etc) and default to "all". This can be done as a follow up.Log out the End-User from the OpenID Provider #20470 - Log out the End-User from the OpenID Provider
Update TokenManager to use Rack in place of TokenStore #20460 - For the API, remove a majority of the custom TokenManager / TokenStore implementation and use the Rails conventions to treat a session like a token, leveraging Rack sessions. We may have to find a way to tell the Rack session classes to store the value in a different header than the cookie, so we can keep compatibility with current API header name for clients. However, the content of the token is not important to the end user, nor is it important between versions, so we can store whatever we like such as a session id.
This might an optional for now, but without it, we will have to have duplicate implementations of 2 for each of the UI and API token managers.
The text was updated successfully, but these errors were encountered: