Revert "issue access tokens from the real user, not the masqueraded user"

This reverts commit ee50eec4bd. Reason for revert: need to more fully flesh out how masquerading can be transparently handled for OAuth consumer. Change-Id: I340b8914e3eff7c3156e1a06bae1ca6c9d10c1bd Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/236010 Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com> Reviewed-by: Rob Orton <rob@instructure.com> QA-Review: Rob Orton <rob@instructure.com> Product-Review: Rob Orton <rob@instructure.com>
2020-05-06 16:55:51 +00:00 · 2020-05-06 16:55:51 +00:00 · c94b34348a
parent ffef7f5c8d
commit c94b34348a
2 changed files with 4 additions and 6 deletions
--- a/lib/canvas/oauth/token.rb
+++ b/lib/canvas/oauth/token.rb
@ -78,14 +78,14 @@ module Canvas::Oauth
    end

    def create_access_token_if_needed(replace_tokens = false)
-      @access_token ||= self.class.find_reusable_access_token(real_user, key, scopes, purpose)
+      @access_token ||= self.class.find_reusable_access_token(user, key, scopes, purpose)

      if @access_token.nil?
        # Clear other tokens issued under the same developer key if requested
-        real_user.access_tokens.where(developer_key_id: key).destroy_all if replace_tokens || key.replace_tokens
+        user.access_tokens.where(developer_key_id: key).destroy_all if replace_tokens || key.replace_tokens

        # Then create a new one
-        @access_token = real_user.access_tokens.create!({
+        @access_token = user.access_tokens.create!({
                                                     :developer_key => key,
                                                     :remember_access => remember_access?,
                                                     :scopes => scopes,
--- a/spec/lib/canvas/oauth/token_spec.rb
+++ b/spec/lib/canvas/oauth/token_spec.rb
@ -199,15 +199,13 @@ module Canvas::Oauth
      end

      it 'puts real_user in the json when masquerading' do
-        real_user = User.create!
+        real_user = User.new
        allow(token).to receive(:real_user).and_return(real_user)
        expect(json['real_user']).to eq({
          'id' => real_user.id,
          'name' => real_user.name,
          'global_id' => real_user.global_id.to_s
        })
-        expect(real_user.access_tokens.count).to eq 1
-        expect(user.access_tokens.count).to eq 0
      end

      it 'does not put real_user in the json when not masquerading' do