If the request already has the scope, don't force token fetch
AuthorizeRequest() injects the 'pull' scope if `from` is set unconditionally. If the current token already has that scope, it will be inserted into the scope list twice and `addedScopes` will be set to true, resulting in a new token being fetched that has no net new scopes. Instead, check whether `additionalScopes` are actually new. Signed-off-by: Clayton Coleman <ccoleman@redhat.com>
This commit is contained in:
Clayton Coleman
parent
5f6282db7d
commit
23f8ca88e1
1 changed files with 12 additions and 0 deletions
|
|
@ -279,6 +279,9 @@ func (th *tokenHandler) getToken(params map[string]string, additionalScopes ...s
|
||||||
}
|
}
|
||||||
var addedScopes bool
|
var addedScopes bool
|
||||||
for _, scope := range additionalScopes {
|
for _, scope := range additionalScopes {
|
||||||
|
if hasScope(scopes, scope) {
|
||||||
|
continue
|
||||||
|
}
|
||||||
scopes = append(scopes, scope)
|
scopes = append(scopes, scope)
|
||||||
addedScopes = true
|
addedScopes = true
|
||||||
}
|
}
|
||||||
|
|
@ -302,6 +305,15 @@ func (th *tokenHandler) getToken(params map[string]string, additionalScopes ...s
|
||||||
return th.tokenCache, nil
|
return th.tokenCache, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func hasScope(scopes []string, scope string) bool {
|
||||||
|
for _, s := range scopes {
|
||||||
|
if s == scope {
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
|
||||||
type postTokenResponse struct {
|
type postTokenResponse struct {
|
||||||
AccessToken string `json:"access_token"`
|
AccessToken string `json:"access_token"`
|
||||||
RefreshToken string `json:"refresh_token"`
|
RefreshToken string `json:"refresh_token"`
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue