Don't use repo to check impossible token requests and repo doesn't return error on token value mismatch. (#171)

* Remove error when tokens mismatch from public id but log returned errors from repo.
6 years ago · 2ce9affeea
parent 4decf9502a
commit 2ce9affeea
2 changed files with 5 additions and 1 deletions
--- a/internal/authtoken/repository.go
+++ b/internal/authtoken/repository.go
@ -210,7 +210,7 @@ func (r *Repository) ValidateToken(ctx context.Context, id, token string, opt ..
 	}

 	if retAT.GetToken() != token {
-		return nil, fmt.Errorf("validate token: auth token mismatch: %w", db.ErrInvalidParameter)
+		return nil, nil
 	}
 	// retAT.Token set to empty string so the value is not returned as described in the methods' doc.
 	retAT.Token = ""
--- a/internal/servers/controller/handlers/authtoken_intercept.go
+++ b/internal/servers/controller/handlers/authtoken_intercept.go
@ -43,6 +43,10 @@ func TokenAuthenticator(l hclog.Logger, tokenRepo common.AuthTokenRepoFactory) f
 			}
 		}

+		if tMD.recievedTokenType == authTokenTypeUnknown || tMD.token() == "" || tMD.publicId() == "" {
+			return tMD.toMetadata()
+		}
+
 		repo, err := tokenRepo()
 		if err != nil {
 			l.Error("failed to get authtoken repo", "error", err)