From: Lucas Di Pentima Date: Mon, 8 Mar 2021 15:22:06 +0000 (-0300) Subject: 16848: Checks cached token validity before using it. X-Git-Tag: 2.1.2.1~10^2~6 X-Git-Url: https://git.arvados.org/arvados-workbench2.git/commitdiff_plain/ab1faae94143599e5537b40211d6b4370e0ecef6 16848: Checks cached token validity before using it. The cached token could be invalid or have its expiration date changed from an API call outside Workbench2. Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima --- diff --git a/src/store/auth/auth-action.ts b/src/store/auth/auth-action.ts index 2819364f..27558618 100644 --- a/src/store/auth/auth-action.ts +++ b/src/store/auth/auth-action.ts @@ -98,8 +98,21 @@ export const saveApiToken = (token: string) => async (dispatch: Dispatch, getSta export const getNewExtraToken = (reuseStored: boolean = false) => async (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => { - if (reuseStored && getState().auth.extraApiToken !== undefined) { - return getState().auth.extraApiToken; + const extraToken = getState().auth.extraApiToken; + if (reuseStored && extraToken !== undefined) { + const config = dispatch(getConfig); + const svc = createServices(config, { progressFn: () => { }, errorFn: () => { } }); + setAuthorizationHeader(svc, extraToken); + try { + // Check the extra token's validity before using it. Refresh its + // expiration date just in case it changed. + const client = await svc.apiClientAuthorizationService.get('current'); + dispatch(authActions.SET_EXTRA_TOKEN({ + extraApiToken: extraToken, + extraApiTokenExpiration: client.expiresAt ? new Date(client.expiresAt): undefined, + })); + return extraToken; + } catch (e) { } } const user = getState().auth.user; const loginCluster = getState().auth.config.clusterConfig.Login.LoginCluster;