fix: do not revoke token if already expired (#147)
Closes #140 The pull request at #95 introduced changes to avoid revoking expired tokens by saving the `expiresAt` value in the state. The change, however, used `core.setOutput` instead of `core.setState` meaning the value is not saved in the state but rather available in the output. ```javascript if (!skipTokenRevoke) { core.saveState("token", authentication.token); core.setOutput("expiresAt", authentication.expiresAt); } ``` This means that when we use the value downstream, it evaluates to an empty string and the following code block is never run: ```javascript const expiresAt = core.getState("expiresAt"); if (expiresAt && tokenExpiresIn(expiresAt) < 0) { core.info("Token expired, skipping token revocation"); return; } ``` This is a tiny PR to correct that typo.
This commit is contained in:
Vendored
+1
-1
@@ -39753,7 +39753,7 @@ async function main(appId2, privateKey2, owner2, repositories2, core3, createApp
|
||||
core3.setOutput("app-slug", appSlug);
|
||||
if (!skipTokenRevoke2) {
|
||||
core3.saveState("token", authentication.token);
|
||||
core3.setOutput("expiresAt", authentication.expiresAt);
|
||||
core3.saveState("expiresAt", authentication.expiresAt);
|
||||
}
|
||||
}
|
||||
async function getTokenFromOwner(request2, auth5, parsedOwner) {
|
||||
|
||||
Reference in New Issue
Block a user