[ARVADOS] updated: 2.1.0-257-g7044c78d3
Git user
git at public.arvados.org
Tue Jan 12 16:16:04 UTC 2021
Summary of changes:
lib/config/config.default.yml | 2 +-
lib/controller/integration_test.go | 2 ++
.../app/controllers/user_sessions_controller.rb | 26 +++++++++++++++++++---
3 files changed, 26 insertions(+), 4 deletions(-)
via 7044c78d3c48cb3e43beb9a88e01aa770f12af2d (commit)
from b8ca048149f4cc2df284b409ffc254f17b1865c3 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit 7044c78d3c48cb3e43beb9a88e01aa770f12af2d
Author: Nico Cesar <nico at nicocesar.com>
Date: Tue Jan 12 11:15:12 2021 -0500
trying to trigger send_api_token_to() expiration logic
Arvados-DCO-1.1-Signed-off-by: Nico Cesar <nico at curii.com>
diff --git a/lib/config/config.default.yml b/lib/config/config.default.yml
index 2aa53a432..e609c08e5 100644
--- a/lib/config/config.default.yml
+++ b/lib/config/config.default.yml
@@ -722,7 +722,7 @@ Clusters:
# How long a client token created from a login flow will be valid without
# asking the user to re-login. Example values: 60m, 8h.
# Default value zero means tokens don't have expiration.
- TokenLifetime: 0s
+ TokenLifetime: 1h
# When the token is returned to a client, the token itself may
# be restricted from manipulating other tokens based on whether
diff --git a/lib/controller/integration_test.go b/lib/controller/integration_test.go
index b240c216c..a574f3978 100644
--- a/lib/controller/integration_test.go
+++ b/lib/controller/integration_test.go
@@ -21,6 +21,7 @@ import (
"path/filepath"
"strconv"
"strings"
+ "time"
"git.arvados.org/arvados.git/lib/boot"
"git.arvados.org/arvados.git/lib/config"
@@ -210,6 +211,7 @@ func (s *IntegrationSuite) userClients(rootctx context.Context, c *check.C, conn
FirstName: "Example",
LastName: "User",
Username: "example",
+ ExpiresAt: time.Now().Add(1 * time.Hour),
},
})
c.Assert(err, check.IsNil)
diff --git a/services/api/app/controllers/user_sessions_controller.rb b/services/api/app/controllers/user_sessions_controller.rb
index 9611da84d..912c25694 100644
--- a/services/api/app/controllers/user_sessions_controller.rb
+++ b/services/api/app/controllers/user_sessions_controller.rb
@@ -114,7 +114,7 @@ class UserSessionsController < ApplicationController
# FIXME: if current_user has never authorized this app before,
# ask for confirmation here!
- return send_api_token_to(params[:return_to], current_user, params[:remote])
+ return send_api_token_to(params[:return_to], current_user, params[:remote], params[:expires_at])
end
p = []
p << "auth_provider=#{CGI.escape(params[:auth_provider])}" if params[:auth_provider]
@@ -155,9 +155,29 @@ class UserSessionsController < ApplicationController
find_or_create_by(url_prefix: api_client_url_prefix)
end
- if Rails.configuration.Login.TokenLifetime > 0
- token_expiration = Time.now + Rails.configuration.Login.TokenLifetime
+ if token_expiration == nil
+ puts "NICO token_expiration == nil"
+ if Rails.configuration.Login.TokenLifetime > 0
+ puts "NICO TokenLifetime > 0"
+ token_expiration = Time.now + Rails.configuration.Login.TokenLifetime
+ else
+ puts "NICO TokenLifetime =< 0"
+ ## no token_expiration param nor TokenLifetime. What should we do?
+ end
+ else
+ puts "NICO token_expiration != nil"
+ if Rails.configuration.Login.TokenLifetime > 0
+ puts "NICO TokenLifetime > 0"
+ token_expiration = [token_expiration, Time.now + Rails.configuration.Login.TokenLifetime].min
+ else
+ puts "NICO TokenLifetime =< 0"
+ end
+ ## if token_expiration != nil and Rails.configuration.Login.TokenLifetime == 0
+ ## do nothing, use token_expiration
end
+ puts "NICO final result"
+ puts token_expiration
+
@api_client_auth = ApiClientAuthorization.
new(user: user,
api_client: @api_client,
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list