16669: Fix access token cache panic.

Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom@tomclegg.ca>

diff --git a/lib/controller/auth_test.go b/lib/controller/auth_test.go
index a188c30828205c47fe86f4d78d52340d19629f47..ad214b160591928892e75c0f6e1e805d4c9e3506 100644 (file)
--- a/lib/controller/auth_test.go
+++ b/lib/controller/auth_test.go
@@ -115,4 +115,12 @@ func (s *AuthSuite) TestLocalOIDCAccessToken(c *check.C) {
        c.Check(json.NewDecoder(resp.Body).Decode(&u), check.IsNil)
        c.Check(u.UUID, check.Equals, arvadostest.ActiveUserUUID)
        c.Check(u.OwnerUUID, check.Equals, "zzzzz-tpzed-000000000000000")
+
+       // Request again to exercise cache.
+       req = httptest.NewRequest("GET", "/arvados/v1/users/current", nil)
+       req.Header.Set("Authorization", "Bearer "+s.fakeProvider.ValidAccessToken())
+       rr = httptest.NewRecorder()
+       s.testServer.Server.Handler.ServeHTTP(rr, req)
+       resp = rr.Result()
+       c.Check(resp.StatusCode, check.Equals, http.StatusOK)
 }

diff --git a/lib/controller/localdb/login_oidc.go b/lib/controller/localdb/login_oidc.go
index b74d22f8ead979e09686856b6b053c7f3c9250f2..8909e0a72ea157028a80915eb51cdfe9ae4dc82b 100644 (file)
--- a/lib/controller/localdb/login_oidc.go
+++ b/lib/controller/localdb/login_oidc.go
@@ -395,7 +395,7 @@ func (ta *oidcTokenAuthorizer) registerToken(ctx context.Context, tok string) er
                }
        } else {
                // cached positive result
-               aca := cached.(*arvados.APIClientAuthorization)
+               aca := cached.(arvados.APIClientAuthorization)
                var expiring bool
                if aca.ExpiresAt != "" {
                        t, err := time.Parse(time.RFC3339Nano, aca.ExpiresAt)