/me/device-tokens -> /me/access-tokens

david-crespo · david-crespo · commit 7fa6757645a9 · 2025-06-02T21:35:48.000-05:00
diff --git a/nexus/external-api/output/nexus_tags.txt b/nexus/external-api/output/nexus_tags.txt
@@ -289,8 +289,8 @@ ping                                     GET      /v1/ping
 
 API operations found with tag "tokens"
 OPERATION ID                             METHOD   URL PATH
-current_user_device_token_delete         DELETE   /v1/me/device-tokens/{token_id}
-current_user_device_token_list           GET      /v1/me/device-tokens
+current_user_access_token_delete         DELETE   /v1/me/access-tokens/{token_id}
+current_user_access_token_list           GET      /v1/me/access-tokens
 
 API operations found with tag "vpcs"
 OPERATION ID                             METHOD   URL PATH
diff --git a/nexus/external-api/src/lib.rs b/nexus/external-api/src/lib.rs
@@ -3152,28 +3152,28 @@ pub trait NexusExternalApi {
         path_params: Path<params::SshKeyPath>,
     ) -> Result<HttpResponseDeleted, HttpError>;
 
-    /// List device tokens
+    /// List access tokens
     ///
     /// List device access tokens for the currently authenticated user.
     #[endpoint {
         method = GET,
-        path = "/v1/me/device-tokens",
+        path = "/v1/me/access-tokens",
         tags = ["tokens"],
     }]
-    async fn current_user_device_token_list(
+    async fn current_user_access_token_list(
         rqctx: RequestContext<Self::Context>,
         query_params: Query<PaginatedById>,
     ) -> Result<HttpResponseOk<ResultsPage<views::DeviceAccessToken>>, HttpError>;
 
-    /// Delete device token
+    /// Delete access token
     ///
     /// Delete a device access token for the currently authenticated user.
     #[endpoint {
         method = DELETE,
-        path = "/v1/me/device-tokens/{token_id}",
+        path = "/v1/me/access-tokens/{token_id}",
         tags = ["tokens"],
     }]
-    async fn current_user_device_token_delete(
+    async fn current_user_access_token_delete(
         rqctx: RequestContext<Self::Context>,
         path_params: Path<params::TokenPath>,
     ) -> Result<HttpResponseDeleted, HttpError>;
diff --git a/nexus/src/external_api/http_entrypoints.rs b/nexus/src/external_api/http_entrypoints.rs
@@ -7066,7 +7066,7 @@ impl NexusExternalApi for NexusExternalApiImpl {
             .await
     }
 
-    async fn current_user_device_token_list(
+    async fn current_user_access_token_list(
         rqctx: RequestContext<Self::Context>,
         query_params: Query<PaginatedById>,
     ) -> Result<HttpResponseOk<ResultsPage<views::DeviceAccessToken>>, HttpError>
@@ -7097,7 +7097,7 @@ impl NexusExternalApi for NexusExternalApiImpl {
             .await
     }
 
-    async fn current_user_device_token_delete(
+    async fn current_user_access_token_delete(
         rqctx: RequestContext<Self::Context>,
         path_params: Path<params::TokenPath>,
     ) -> Result<HttpResponseDeleted, HttpError> {
diff --git a/nexus/tests/integration_tests/device_auth.rs b/nexus/tests/integration_tests/device_auth.rs
@@ -202,7 +202,7 @@ async fn test_device_auth_flow(cptestctx: &ControlPlaneTestContext) {
     let token_id = tokens_unpriv_after[0].id;
 
     // Priv user cannot delete unpriv's token through this endpoint by ID
-    let token_url = format!("/v1/me/device-tokens/{}", token_id);
+    let token_url = format!("/v1/me/access-tokens/{}", token_id);
     object_delete_error(testctx, &token_url, StatusCode::NOT_FOUND).await;
 
     // Test deleting the token as the owner
@@ -424,7 +424,7 @@ async fn test_device_token_expiration(cptestctx: &ControlPlaneTestContext) {
 async fn get_tokens_priv(
     testctx: &ClientTestContext,
 ) -> Vec<views::DeviceAccessToken> {
-    NexusRequest::object_get(testctx, "/v1/me/device-tokens")
+    NexusRequest::object_get(testctx, "/v1/me/access-tokens")
         .authn_as(AuthnMode::PrivilegedUser)
         .execute_and_parse_unwrap::<ResultsPage<views::DeviceAccessToken>>()
         .await
@@ -434,7 +434,7 @@ async fn get_tokens_priv(
 async fn get_tokens_unpriv(
     testctx: &ClientTestContext,
 ) -> Vec<views::DeviceAccessToken> {
-    NexusRequest::object_get(testctx, "/v1/me/device-tokens")
+    NexusRequest::object_get(testctx, "/v1/me/access-tokens")
         .authn_as(AuthnMode::UnprivilegedUser)
         .execute_and_parse_unwrap::<ResultsPage<views::DeviceAccessToken>>()
         .await
diff --git a/nexus/tests/integration_tests/endpoints.rs b/nexus/tests/integration_tests/endpoints.rs
@@ -2599,7 +2599,7 @@ pub static VERIFY_ENDPOINTS: LazyLock<Vec<VerifyEndpoint>> =
             },
             /* Tokens */
             VerifyEndpoint {
-                url: "/v1/me/device-tokens",
+                url: "/v1/me/access-tokens",
                 visibility: Visibility::Public,
                 unprivileged_access: UnprivilegedAccess::ReadOnly,
                 allowed_methods: vec![AllowedMethod::Get],
@@ -2610,7 +2610,7 @@ pub static VERIFY_ENDPOINTS: LazyLock<Vec<VerifyEndpoint>> =
             // and opt out.
 
             // VerifyEndpoint {
-            //     url: "/v1/me/device-tokens/token-id",
+            //     url: "/v1/me/access-tokens/token-id",
             //     visibility: Visibility::Public,
             //     unprivileged_access: UnprivilegedAccess::None,
             //     allowed_methods: vec![AllowedMethod::Delete],
diff --git a/nexus/tests/output/uncovered-authz-endpoints.txt b/nexus/tests/output/uncovered-authz-endpoints.txt
@@ -1,6 +1,6 @@
 API endpoints with no coverage in authz tests:
 probe_delete                             (delete "/experimental/v1/probes/{probe}")
-current_user_device_token_delete         (delete "/v1/me/device-tokens/{token_id}")
+current_user_access_token_delete         (delete "/v1/me/access-tokens/{token_id}")
 probe_list                               (get    "/experimental/v1/probes")
 probe_view                               (get    "/experimental/v1/probes/{probe}")
 support_bundle_download                  (get    "/experimental/v1/system/support-bundles/{bundle_id}/download")
diff --git a/openapi/nexus.json b/openapi/nexus.json
@@ -5512,14 +5512,14 @@
         }
       }
     },
-    "/v1/me/device-tokens": {
+    "/v1/me/access-tokens": {
       "get": {
         "tags": [
           "tokens"
         ],
-        "summary": "List device tokens",
+        "summary": "List access tokens",
         "description": "List device access tokens for the currently authenticated user.",
-        "operationId": "current_user_device_token_list",
+        "operationId": "current_user_access_token_list",
         "parameters": [
           {
             "in": "query",
@@ -5572,14 +5572,14 @@
         }
       }
     },
-    "/v1/me/device-tokens/{token_id}": {
+    "/v1/me/access-tokens/{token_id}": {
       "delete": {
         "tags": [
           "tokens"
         ],
-        "summary": "Delete device token",
+        "summary": "Delete access token",
         "description": "Delete a device access token for the currently authenticated user.",
-        "operationId": "current_user_device_token_delete",
+        "operationId": "current_user_access_token_delete",
         "parameters": [
           {
             "in": "path",
