From 96acc236a3157f2c403fadec37552450ca4bf7ff Mon Sep 17 00:00:00 2001
From: Fabian Seidl <fabian.seidl@h-da.de>
Date: Thu, 18 Aug 2022 10:41:21 +0200
Subject: [PATCH] reverted earlier changes, added solution ignoring the error
 on cli side

---
 cli/cmd/login.go                                 | 5 +----
 controller/northbound/server/auth.go             | 2 +-
 controller/northbound/server/auth_interceptor.go | 2 +-
 controller/rbac/jwtManager.go                    | 8 ++++----
 controller/rbac/jwtManager_test.go               | 4 ++--
 5 files changed, 9 insertions(+), 12 deletions(-)

diff --git a/cli/cmd/login.go b/cli/cmd/login.go
index c6909d96d..ac210be64 100644
--- a/cli/cmd/login.go
+++ b/cli/cmd/login.go
@@ -59,10 +59,7 @@ var loginCmd = &cobra.Command{
 
 		// log out to remove active session in case an user is already logged in
 		if userToken != "" {
-			_, err := api.Logout(createContextWithAuthorization(), viper.GetString("controllerAPIEndpoint"), nbUserName)
-			if err != nil {
-				pterm.Error.Println("error logging out active user", err)
-			}
+			_, _ = api.Logout(createContextWithAuthorization(), viper.GetString("controllerAPIEndpoint"), nbUserName)
 		}
 
 		// TODO: maybe add credentials in context instead of context.TODO()
diff --git a/controller/northbound/server/auth.go b/controller/northbound/server/auth.go
index 10e9361f9..e7459f7b5 100644
--- a/controller/northbound/server/auth.go
+++ b/controller/northbound/server/auth.go
@@ -130,7 +130,7 @@ func (s AuthServer) handleLogout(ctx context.Context, userName string) error {
 	if len(md["authorize"]) > 0 {
 		token := md["authorize"][0]
 
-		claims, err := s.jwtManager.GetClaimsFromToken(token, true)
+		claims, err := s.jwtManager.GetClaimsFromToken(token)
 		if err != nil {
 			return err
 		}
diff --git a/controller/northbound/server/auth_interceptor.go b/controller/northbound/server/auth_interceptor.go
index 1c2ee0dba..30ffa2ea9 100644
--- a/controller/northbound/server/auth_interceptor.go
+++ b/controller/northbound/server/auth_interceptor.go
@@ -83,7 +83,7 @@ func (auth *AuthInterceptor) authorize(ctx context.Context, method string) error
 	// validate token and check permission here
 	if len(md["authorize"]) > 0 {
 		token := md["authorize"][0]
-		claims, err := auth.jwtManager.GetClaimsFromToken(token, true)
+		claims, err := auth.jwtManager.GetClaimsFromToken(token)
 		if err != nil {
 			return err
 		}
diff --git a/controller/rbac/jwtManager.go b/controller/rbac/jwtManager.go
index 637bab94e..3e76ec038 100644
--- a/controller/rbac/jwtManager.go
+++ b/controller/rbac/jwtManager.go
@@ -39,7 +39,7 @@ func (man *JWTManager) GenerateToken(user User) (string, error) {
 }
 
 // VerifyToken verifies if a given token string is a valid jwt token.
-func (man *JWTManager) VerifyToken(accessToken string, logout bool) (*UserClaims, error) {
+func (man *JWTManager) VerifyToken(accessToken string) (*UserClaims, error) {
 	token, err := jwt.ParseWithClaims(
 		accessToken,
 		&UserClaims{},
@@ -53,7 +53,7 @@ func (man *JWTManager) VerifyToken(accessToken string, logout bool) (*UserClaims
 		},
 	)
 
-	if err != nil && !logout {
+	if err != nil {
 		return nil, status.Errorf(codes.Unauthenticated, "invalid token: %v", err)
 	}
 
@@ -66,8 +66,8 @@ func (man *JWTManager) VerifyToken(accessToken string, logout bool) (*UserClaims
 }
 
 // GetClaimsFromToken returns the UserClaims associated to the provided token.
-func (man *JWTManager) GetClaimsFromToken(token string, logout bool) (*UserClaims, error) {
-	claims, err := man.VerifyToken(token, logout)
+func (man *JWTManager) GetClaimsFromToken(token string) (*UserClaims, error) {
+	claims, err := man.VerifyToken(token)
 	if err != nil {
 		return nil, err
 	}
diff --git a/controller/rbac/jwtManager_test.go b/controller/rbac/jwtManager_test.go
index 8f9b46a1f..dd91e1ffc 100644
--- a/controller/rbac/jwtManager_test.go
+++ b/controller/rbac/jwtManager_test.go
@@ -50,7 +50,7 @@ func TestJWTManager_GenerateToken(t *testing.T) {
 				return
 			}
 
-			gotClaims, _ := man.VerifyToken(got, false)
+			gotClaims, _ := man.VerifyToken(got)
 			claimsUser := gotClaims.Username
 
 			if claimsUser != tt.want {
@@ -96,7 +96,7 @@ func TestJWTManager_VerifyToken(t *testing.T) {
 			}
 
 			token, _ := man.GenerateToken(User{UserName: tt.userName})
-			got, err := man.VerifyToken(token, false)
+			got, err := man.VerifyToken(token)
 			if (err != nil) != tt.wantErr {
 				t.Errorf("JWTManager.VerifyToken() error = %v, wantErr %v", err, tt.wantErr)
 				return
-- 
GitLab