Web: remove multi re-authn in a row when creating github bot #55273
Conversation
Related to admin actions
|
i don't think this requires a changelog... it didn't really cause a bug, just an inconvenience? |
kimlisa
added
the
no-changelog
| @@ -80,57 +82,74 @@ export function GitHubFlowProvider({ | |||
| } | |||
| } | |||
|
|
|||
| function createBot(): Promise<boolean> { | |||
| return run(() => | |||
There was a problem hiding this comment.
What's the reason behind removing the call to run? Couldn't the callback passed to run be transformed to an anonymous async function? I think it'd have the same semantics as a promise chain but we wouldn't have to call setAttempt by hand.
The new implementation also doesn't seem to update the status to success. I'm not sure how important that is here, but it's something that I noticed.
| return api.post(cfg.getBotsUrl(), config); | ||
| export function createBot( | ||
| config: CreateBotRequest, | ||
| mfaResponse: MfaChallengeResponse |
There was a problem hiding this comment.
Here the mfaResponse arg is required whereas in createBotToken it's optional. Is there a reason for that? Seeing how currently both functions are used in the same way, I'd expect them both to use a similar approach to that arg.
part of #55232
With admin action enabled, creating a bot required user to re-authn 3 times in a row before succeeding. It was because there was 3 different api calls being made under the hood, each of them requiring re-authn.
There are no major changes other than requiring user to re-authn once, and then reusing that mfa response for other api calls. Changed promise chaining to try/catch block.
Tested changes that it only requires one re-authn.