Merge branch 'master' into 11453-federated-tokens

author Tom Clegg <tclegg@veritasgenetics.com>

Mon, 6 Nov 2017 22:12:34 +0000 (17:12 -0500)

committer Tom Clegg <tclegg@veritasgenetics.com>

Mon, 6 Nov 2017 22:12:34 +0000 (17:12 -0500)
author Tom Clegg <tclegg@veritasgenetics.com>
Mon, 6 Nov 2017 22:12:34 +0000 (17:12 -0500)
committer Tom Clegg <tclegg@veritasgenetics.com>
Mon, 6 Nov 2017 22:12:34 +0000 (17:12 -0500)
diff --cc services/api/app/controllers/application_controller.rb
Simple merge
diff --cc services/api/app/middlewares/arvados_api_token.rb

index be6bf0463c5168bd0efaa0e84aad078256e9732b,5eb756b9fa3609519a1fa63f8c3a1a9021ed190c..fa8d9871fe80e329e81c136cab979f802aa3f9cd
--- 1/services/api/app/middlewares/arvados_api_token.rb
--- 2/services/api/app/middlewares/arvados_api_token.rb
+++ b/services/api/app/middlewares/arvados_api_token.rb
@@@ -20,26 -29,32 +20,20 @@@ class ArvadosApiToke
       remote_ip = env["action_dispatch.remote_ip"]
   
       Thread.current[:request_starttime] = Time.now
- -    user = nil
- -    api_client = nil
- -    api_client_auth = nil
- -    supplied_token =
+ +    Thread.current[:supplied_token] =
         params["api_token"] ||
         params["oauth_token"] ||
- -      env["HTTP_AUTHORIZATION"].andand.match(/OAuth2 ([a-zA-Z0-9]+)/).andand[1]
- -    if supplied_token
- -      api_client_auth = ApiClientAuthorization.
- -        includes(:api_client, :user).
- -        where('api_token=? and (expires_at is null or expires_at > CURRENT_TIMESTAMP)', supplied_token).
- -        first
- -      if api_client_auth.andand.user
- -        user = api_client_auth.user
- -        api_client = api_client_auth.api_client
- -      else
- -        # Token seems valid, but points to a non-existent (deleted?) user.
- -        api_client_auth = nil
- -      end
- -    end
+ +      env["HTTP_AUTHORIZATION"].andand.
+ +        match(/(OAuth2|Bearer) ([-\/a-zA-Z0-9]+)/).andand[2]
+ +
+ +    auth = ApiClientAuthorization.
+ +           validate(token: Thread.current[:supplied_token], remote: false)
       Thread.current[:api_client_ip_address] = remote_ip
- -    Thread.current[:api_client_authorization] = api_client_auth
- -    Thread.current[:api_client_uuid] = api_client.andand.uuid
- -    Thread.current[:api_client] = api_client
- -    Thread.current[:user] = user
+ +    Thread.current[:api_client_authorization] = auth
+ +    Thread.current[:api_client_uuid] = auth.andand.api_client.andand.uuid
+ +    Thread.current[:api_client] = auth.andand.api_client
+ +    Thread.current[:user] = auth.andand.user
   
-     if auth
-       auth.last_used_at = Time.now
-       auth.last_used_by_ip_address = remote_ip.to_s
-       auth.save validate: false
-     end
- 
       @app.call env if @app
     end
   end
author	Tom Clegg <tclegg@veritasgenetics.com>
	Mon, 6 Nov 2017 22:12:34 +0000 (17:12 -0500)
committer	Tom Clegg <tclegg@veritasgenetics.com>
	Mon, 6 Nov 2017 22:12:34 +0000 (17:12 -0500)
		1	2
services/api/app/controllers/application_controller.rb	patch \|	diff1 \|	diff2 \|	blob \| history
services/api/app/middlewares/arvados_api_token.rb	patch \|	diff1 \|	diff2 \|	blob \| history