X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/79a18f2eb4c02212d30462b3c8eb4f989ab750d3..9151ad624bef1ae076940298c6890deadd79e2dd:/services/api/script/get_anonymous_user_token.rb

diff --git a/services/api/script/get_anonymous_user_token.rb b/services/api/script/get_anonymous_user_token.rb
index 141f74651c..96619ef364 100755
--- a/services/api/script/get_anonymous_user_token.rb
+++ b/services/api/script/get_anonymous_user_token.rb
@@ -1,4 +1,7 @@
 #!/usr/bin/env ruby
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: AGPL-3.0
 
 # Get or Create an anonymous user token.
 # If get option is used, an existing anonymous user token is returned. If none exist, one is created.
@@ -14,38 +17,53 @@ opts = Trollop::options do
 Get an existing anonymous user token. If no such token exists \
 or if this option is omitted, a new token is created and returned.
   eos
+  opt :token, "token to create (optional)", :type => :string
 end
 
 get_existing = opts[:get]
+supplied_token = opts[:token]
 
 require File.dirname(__FILE__) + '/../config/environment'
 
 include ApplicationHelper
-include DbCurrentTime
-
 act_as_system_user
 
-def create_api_client_auth
+def create_api_client_auth(supplied_token=nil)
+
+  # If token is supplied, verify that it indeed is a superuser token
+  if supplied_token
+    api_client_auth = ApiClientAuthorization.
+      where(api_token: supplied_token).
+      first
+    if !api_client_auth
+      # fall through to create a token
+    else
+      raise "Token exists, aborting!"
+    end
+  end
+
   api_client_auth = ApiClientAuthorization.
     new(user: anonymous_user,
         api_client_id: 0,
-        expires_at: db_current_time + 100.years,
-        scopes: ['GET /'])
+        expires_at: Time.now + 100.years,
+        scopes: ['GET /'],
+        api_token: supplied_token)
   api_client_auth.save!
   api_client_auth.reload
+  api_client_auth
 end
 
 if get_existing
   api_client_auth = ApiClientAuthorization.
     where('user_id=?', anonymous_user.id.to_i).
-    where('expires_at>?', db_current_time).
+    where('expires_at>?', Time.now).
     select { |auth| auth.scopes == ['GET /'] }.
     first
 end
 
 # either not a get or no api_client_auth was found
 if !api_client_auth
-  api_client_auth = create_api_client_auth
+  api_client_auth = create_api_client_auth(supplied_token)
 end
 
 # print it to the console