From e4c28def8a493ada28dda5113ca921a9c8a72046 Mon Sep 17 00:00:00 2001 From: Ralf Haferkamp Date: Tue, 27 Sep 2022 21:51:18 +0200 Subject: [PATCH] Request revatoken via machine auth after autoprovsioning user (#4690) To successfully authenticate a user after it was autoprovisioned, we need to get a valid reva token. Fixes: #4616 --- changelog/unreleased/fix-autoprovison-token.md | 6 ++++++ services/proxy/pkg/middleware/account_resolver.go | 4 ++++ 2 files changed, 10 insertions(+) create mode 100644 changelog/unreleased/fix-autoprovison-token.md diff --git a/changelog/unreleased/fix-autoprovison-token.md b/changelog/unreleased/fix-autoprovison-token.md new file mode 100644 index 000000000..c34c1221f --- /dev/null +++ b/changelog/unreleased/fix-autoprovison-token.md @@ -0,0 +1,6 @@ +Bugfix: Fix authentication for autoprovisioned users + +We've fixed an issue in the proxy, which made the first http request of an +autoprovisioned user fail. + +https://github.com/owncloud/ocis/issues/4616 diff --git a/services/proxy/pkg/middleware/account_resolver.go b/services/proxy/pkg/middleware/account_resolver.go index 2972264d5..6ccdf987d 100644 --- a/services/proxy/pkg/middleware/account_resolver.go +++ b/services/proxy/pkg/middleware/account_resolver.go @@ -76,6 +76,10 @@ func (m accountResolver) ServeHTTP(w http.ResponseWriter, req *http.Request) { if err != nil { m.logger.Error().Err(err).Msg("Autoprovisioning user failed") } + user, token, err = m.userProvider.GetUserByClaims(req.Context(), "userid", user.Id.OpaqueId, true) + if err != nil { + m.logger.Error().Err(err).Str("userid", user.Id.OpaqueId).Msg("Error getting token for autoprovisioned user") + } } if errors.Is(err, backend.ErrAccountDisabled) {