env["HTTP_AUTHORIZATION"].andand.
match(/(OAuth2|Bearer) ([-\/a-zA-Z0-9]+)/).andand[2]
+ if params[:remote] && request.get? && (
+ request.path.start_with?('/arvados/v1/groups') ||
+ request.path.start_with?('/arvados/v1/users/current'))
+ # Request from a remote API server, asking to validate a salted
+ # token.
+ remote = params[:remote]
+ else
+ # Normal request.
+ remote = false
+ end
auth = ApiClientAuthorization.
- validate(token: Thread.current[:supplied_token], remote: false)
+ validate(token: Thread.current[:supplied_token],
+ remote: remote)
+
Thread.current[:api_client_ip_address] = remote_ip
Thread.current[:api_client_authorization] = auth
Thread.current[:api_client_uuid] = auth.andand.api_client.andand.uuid
Thread.current[:api_client] = auth.andand.api_client
Thread.current[:user] = auth.andand.user
- if auth
- auth.last_used_at = Time.now
- auth.last_used_by_ip_address = remote_ip.to_s
- auth.save validate: false
- end
-
@app.call env if @app
end
end