Merge branch 'master' into 16159-token-expiration-on-logout

Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <lucas@di-pentima.com.ar>

diff --git a/lib/controller/localdb/login_testuser.go b/lib/controller/localdb/login_testuser.go
index c567a0668344b6eadc2d439f36a94147d3ae453f..2c7e43bddd68e30e2af3931335366aef3dd73093 100644 (file)
--- a/lib/controller/localdb/login_testuser.go
+++ b/lib/controller/localdb/login_testuser.go
@@ -22,6 +22,10 @@ type testLoginController struct {
 }
 
 func (ctrl *testLoginController) Logout(ctx context.Context, opts arvados.LogoutOptions) (arvados.LogoutResponse, error) {
+       err := ctrl.Parent.ExpireAPIClientAuthorization(ctx)
+       if err != nil {
+               return arvados.LogoutResponse{}, err
+       }
        return noopLogout(ctrl.Cluster, opts)
 }
 

diff --git a/lib/controller/localdb/logout.go b/lib/controller/localdb/logout.go
new file mode 100644 (file)
index 0000000..6005274
--- /dev/null
+++ b/lib/controller/localdb/logout.go
@@ -0,0 +1,30 @@
+// Copyright (C) The Arvados Authors. All rights reserved.
+//
+// SPDX-License-Identifier: AGPL-3.0
+
+package localdb
+
+import (
+       "context"
+
+       "git.arvados.org/arvados.git/lib/ctrlctx"
+       "git.arvados.org/arvados.git/sdk/go/arvados"
+)
+
+func (conn *Conn) ExpireAPIClientAuthorization(ctx context.Context) error {
+       aca, err := conn.railsProxy.APIClientAuthorizationCurrent(ctx, arvados.GetOptions{})
+       if err != nil {
+               return err
+       }
+       tx, err := ctrlctx.CurrentTx(ctx)
+       if err != nil {
+               return err
+       }
+
+       err = tx.QueryRowxContext(ctx, "UPDATE api_client_authorizations SET expires_at=current_timestamp WHERE uuid=$1", aca.UUID).Err()
+       if err != nil {
+               return err
+       }
+
+       return nil
+}