[ARVADOS] created: 1.3.0-3241-g60addb46f

Git user git at public.arvados.org
Tue Sep 29 21:27:25 UTC 2020


        at  60addb46ffafe6f6f8e7b42b573c44cc2b4bc1f3 (commit)


commit 60addb46ffafe6f6f8e7b42b573c44cc2b4bc1f3
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Tue Sep 29 17:26:46 2020 -0400

    16923: user/pass api_client is trusted by default
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/lib/controller/localdb/login.go b/lib/controller/localdb/login.go
index bbed47c73..f4632751e 100644
--- a/lib/controller/localdb/login.go
+++ b/lib/controller/localdb/login.go
@@ -141,7 +141,7 @@ func createAPIClientAuthorization(ctx context.Context, conn *rpc.Conn, rootToken
 		// Send a fake ReturnTo value instead of the caller's
 		// opts.ReturnTo. We won't follow the resulting
 		// redirect target anyway.
-		ReturnTo: ",https://none.invalid",
+		ReturnTo: ",https://controller.api.client.invalid",
 		AuthInfo: authinfo,
 	})
 	if err != nil {
diff --git a/services/api/app/models/api_client.rb b/services/api/app/models/api_client.rb
index c6c48a5b6..c9eeaf266 100644
--- a/services/api/app/models/api_client.rb
+++ b/services/api/app/models/api_client.rb
@@ -21,8 +21,10 @@ class ApiClient < ArvadosModel
   protected
 
   def from_trusted_url
-    norm(self.url_prefix) == norm(Rails.configuration.Services.Workbench1.ExternalURL) ||
-      norm(self.url_prefix) == norm(Rails.configuration.Services.Workbench2.ExternalURL)
+    norm_url_prefix = norm(self.url_prefix)
+    norm_url_prefix == norm(Rails.configuration.Services.Workbench1.ExternalURL) or
+      norm_url_prefix == norm(Rails.configuration.Services.Workbench2.ExternalURL) or
+      norm_url_prefix == norm("https://controller.api.client.invalid")
   end
 
   def norm url

-----------------------------------------------------------------------


hooks/post-receive
-- 




More information about the arvados-commits mailing list