projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
16669: Accept OIDC access token in federated requests.
[arvados.git] / lib / controller / federation / conn.go
diff --git a/lib/controller/federation/conn.go b/lib/controller/federation/conn.go
index b86266d67e6f02c170deb631d32c777ecb072781..0f063d1238aac1f045a34c00971a66f0e93a53ce 100644 (file)
--- a/lib/controller/federation/conn.go
+++ b/lib/controller/federation/conn.go
@@ -69,6 +69,9 @@ func saltedTokenProvider(local backend, remoteID string) rpc.TokenProvider {
                                tokens = append(tokens, salted)
                        case auth.ErrSalted:
                                tokens = append(tokens, token)
+                       case auth.ErrTokenFormat:
+                               // pass through unmodified (assume it's an OIDC access token)
+                               tokens = append(tokens, token)
                        case auth.ErrObsoleteToken:
                                ctx := auth.NewContext(ctx, &auth.Credentials{Tokens: []string{token}})
                                aca, err := local.APIClientAuthorizationCurrent(ctx, arvados.GetOptions{})