From ab1faae94143599e5537b40211d6b4370e0ecef6 Mon Sep 17 00:00:00 2001 From: Lucas Di Pentima Date: Mon, 8 Mar 2021 12:22:06 -0300 Subject: [PATCH] 16848: Checks cached token validity before using it. The cached token could be invalid or have its expiration date changed from an API call outside Workbench2. Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima --- src/store/auth/auth-action.ts | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/src/store/auth/auth-action.ts b/src/store/auth/auth-action.ts index 2819364f..27558618 100644 --- a/src/store/auth/auth-action.ts +++ b/src/store/auth/auth-action.ts @@ -98,8 +98,21 @@ export const saveApiToken = (token: string) => async (dispatch: Dispatch, getSta export const getNewExtraToken = (reuseStored: boolean = false) => async (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => { - if (reuseStored && getState().auth.extraApiToken !== undefined) { - return getState().auth.extraApiToken; + const extraToken = getState().auth.extraApiToken; + if (reuseStored && extraToken !== undefined) { + const config = dispatch(getConfig); + const svc = createServices(config, { progressFn: () => { }, errorFn: () => { } }); + setAuthorizationHeader(svc, extraToken); + try { + // Check the extra token's validity before using it. Refresh its + // expiration date just in case it changed. + const client = await svc.apiClientAuthorizationService.get('current'); + dispatch(authActions.SET_EXTRA_TOKEN({ + extraApiToken: extraToken, + extraApiTokenExpiration: client.expiresAt ? new Date(client.expiresAt): undefined, + })); + return extraToken; + } catch (e) { } } const user = getState().auth.user; const loginCluster = getState().auth.config.clusterConfig.Login.LoginCluster; -- 2.30.2