[ARVADOS] created: 1.3.0-3241-g60addb46f
Git user
git at public.arvados.org
Tue Sep 29 21:27:25 UTC 2020
at 60addb46ffafe6f6f8e7b42b573c44cc2b4bc1f3 (commit)
commit 60addb46ffafe6f6f8e7b42b573c44cc2b4bc1f3
Author: Peter Amstutz <peter.amstutz at curii.com>
Date: Tue Sep 29 17:26:46 2020 -0400
16923: user/pass api_client is trusted by default
Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>
diff --git a/lib/controller/localdb/login.go b/lib/controller/localdb/login.go
index bbed47c73..f4632751e 100644
--- a/lib/controller/localdb/login.go
+++ b/lib/controller/localdb/login.go
@@ -141,7 +141,7 @@ func createAPIClientAuthorization(ctx context.Context, conn *rpc.Conn, rootToken
// Send a fake ReturnTo value instead of the caller's
// opts.ReturnTo. We won't follow the resulting
// redirect target anyway.
- ReturnTo: ",https://none.invalid",
+ ReturnTo: ",https://controller.api.client.invalid",
AuthInfo: authinfo,
})
if err != nil {
diff --git a/services/api/app/models/api_client.rb b/services/api/app/models/api_client.rb
index c6c48a5b6..c9eeaf266 100644
--- a/services/api/app/models/api_client.rb
+++ b/services/api/app/models/api_client.rb
@@ -21,8 +21,10 @@ class ApiClient < ArvadosModel
protected
def from_trusted_url
- norm(self.url_prefix) == norm(Rails.configuration.Services.Workbench1.ExternalURL) ||
- norm(self.url_prefix) == norm(Rails.configuration.Services.Workbench2.ExternalURL)
+ norm_url_prefix = norm(self.url_prefix)
+ norm_url_prefix == norm(Rails.configuration.Services.Workbench1.ExternalURL) or
+ norm_url_prefix == norm(Rails.configuration.Services.Workbench2.ExternalURL) or
+ norm_url_prefix == norm("https://controller.api.client.invalid")
end
def norm url
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list