17914: Fixes regression introduced in ticket 17568.

Ticket 17568 fixed a token expiration display issue. Still, it introduced
a problem on peer federations because the code attempts to use the salted token
to query the home cluster, which isn't an authorized operation.

Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <lucas.dipentima@curii.com>

diff --git a/src/store/auth/auth-action.ts b/src/store/auth/auth-action.ts
index c7074704b4adf9be5abe416c54c30f71aabc4565..d58a8103d28c1309d422f5cd4556c92cfbea3840 100644 (file)
--- a/src/store/auth/auth-action.ts
+++ b/src/store/auth/auth-action.ts
@@ -86,9 +86,15 @@ export const saveApiToken = (token: string) => async (dispatch: Dispatch, getSta
     const auth = getState().auth;
     config = dispatch<any>(getConfig);
 
-    // If federated token, get user & token data from the token issuing cluster
-    if (tokenParts.length === 3 && tokenParts[1].substring(0, 5) !== auth.localCluster) {
-        config = await getRemoteHostConfig(auth.remoteHosts[tokenParts[1].substring(0, 5)]);
+    // If the token is from a LoginCluster federation, get user & token data
+    // from the token issuing cluster.
+    const lc = (config as Config).loginCluster
+    const tokenCluster = tokenParts.length === 3
+        ? tokenParts[1].substring(0, 5)
+        : undefined;
+    if (tokenCluster && tokenCluster !== auth.localCluster &&
+        lc && lc === tokenCluster) {
+        config = await getRemoteHostConfig(auth.remoteHosts[tokenCluster]);
     }
 
     const svc = createServices(config, { progressFn: () => { }, errorFn: () => { } });