kindred/silo-client
1
1
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity

fix: revoke_token() bypasses _request() -- inconsistent error handling #12

New Issue
Open
opened 2026-02-16 15:56:15 +00:00 by forbes · 0 comments
forbes commented 2026-02-16 15:56:15 +00:00
Owner
Copy Link

Problem

revoke_token() at silo_client/__init__.py:393-403 manually builds an HTTP request instead of using the shared _request() helper:

def revoke_token(self, token_id: str) -> None:
    url = f"{self.base_url}/auth/tokens/{token_id}"
    headers = {"Content-Type": "application/json"}
    headers.update(self._auth_headers())
    req = urllib.request.Request(url, headers=headers, method="DELETE")
    try:
        urllib.request.urlopen(req, context=self._ssl_context())
    except urllib.error.HTTPError as e:
        raise RuntimeError(f"API error {e.code}: {e.read().decode()}")
    except urllib.error.URLError as e:
        raise RuntimeError(f"Connection error: {e.reason}")

This means it does not clear auth on 401 responses (which _request() does).

Fix

Replace with:

def revoke_token(self, token_id: str) -> None:
    self._request("DELETE", f"/auth/tokens/{token_id}", raw=True)

This is the same pattern already applied to delete_bom_entry() in commit 68a4139.

References

  • Commit 68a4139: fix: use _request() in delete_bom_entry() for consistent error handling
## Problem `revoke_token()` at `silo_client/__init__.py:393-403` manually builds an HTTP request instead of using the shared `_request()` helper: ```python def revoke_token(self, token_id: str) -> None: url = f"{self.base_url}/auth/tokens/{token_id}" headers = {"Content-Type": "application/json"} headers.update(self._auth_headers()) req = urllib.request.Request(url, headers=headers, method="DELETE") try: urllib.request.urlopen(req, context=self._ssl_context()) except urllib.error.HTTPError as e: raise RuntimeError(f"API error {e.code}: {e.read().decode()}") except urllib.error.URLError as e: raise RuntimeError(f"Connection error: {e.reason}") ``` This means it does **not** clear auth on 401 responses (which `_request()` does). ## Fix Replace with: ```python def revoke_token(self, token_id: str) -> None: self._request("DELETE", f"/auth/tokens/{token_id}", raw=True) ``` This is the same pattern already applied to `delete_bom_entry()` in commit `68a4139`. ## References - Commit 68a4139: fix: use _request() in delete_bom_entry() for consistent error handling
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
forbes
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: kindred/silo-client#12
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?