Draft: Switch to masked representation for newly created access tokens
What does this MR do and why?
Follow-up to !77449 (merged). Closes #350590 (closed).
This MR changes the personal, impersonation, project and group access tokens to be shown in a masked representation when newly created. The same representation is already used for the personal feed tokens and prevents accidental token leakage when e.g. screen sharing.
Open Tasks:
-
Add spec coverage for NewTokenFieldVue component -
Resolve duplicate idissue in<input-copy-toggle-visibility>component
Screenshots or screen recordings
| Type | Before | After |
|---|---|---|
| Group Access Token |  |
 |
| Project Access Token |  |
 |
| Personal Access Token |  |
 |
| Impersonation Access Token |  |
 |
How to set up and validate locally
- Use this branch and visit either the personal, impersonation, project or group access token page (e.g.
Group > Settings > Access Tokensfor group access token). - Enter a valid access token name, select a scope of choice and click the
Create * access tokenbutton. - A text-box with
Your new * access tokenlabel will appear. - Click the
Copy * access tokenbutton and ensure that the token was copied successfully. - Click the
Click to revealbutton and ensure that the token value is properly displayed within the text-box. - Use the token e.g. via API to ensure it is valid and accepted by GitLab.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.