diff --git a/deriva/qt/auth_agent/ui/auth_widget.py b/deriva/qt/auth_agent/ui/auth_widget.py index 19fcadc..ab6c877 100644 --- a/deriva/qt/auth_agent/ui/auth_widget.py +++ b/deriva/qt/auth_agent/ui/auth_widget.py @@ -109,17 +109,20 @@ def set_current_html(self, html): self.update() qApp.processEvents() - def authenticated(self): - if self.authn_session is None: + def authenticated(self, get_session=True): + if self.authn_session is None and get_session: credentials = get_credential(self.config["host"]) if credentials and 'bearer-token' in credentials: - self._session.headers.update( - {'Authorization': 'Bearer {token}'.format(token=credentials['bearer-token'])}) - r = self._session.get(self.auth_url.toString() + "/authn/session") - if r.status_code == 200: - self._onSessionContent(r.json()) - self.token = self._session.headers["Authorization"] - return True + if not self.token: + logging.info("Authenticating to [%s] using externally issued bearer token." % + self.auth_url.toString()) + self._session.headers.update( + {'Authorization': 'Bearer {token}'.format(token=credentials['bearer-token'])}) + r = self._session.get(self.auth_url.toString() + "/authn/session") + if r.status_code == 200: + self._onSessionContent(r.json()) + self.token = self._session.headers["Authorization"] + return True return False now = time.time() @@ -134,7 +137,7 @@ def login(self): if not (self.auth_url and (self.auth_url.host() and self.auth_url.scheme())): logging.error("Missing or invalid hostname parameter in configuration.") return - logging.info("Authenticating with host: %s" % self.auth_url.toString()) + logging.info("Authenticating to host: %s" % self.auth_url.toString()) qApp.setOverrideCursor(Qt.WaitCursor) self._cleanup() self.authn_session_page = QWebEnginePage(self.private_profile, self.parent) \ @@ -156,9 +159,14 @@ def login(self): def logout(self, delete_cookies=False): if not (self.auth_url and (self.auth_url.host() and self.auth_url.scheme())): return - if self.authenticated(): + if self.authenticated(False): try: logging.info("Logging out of host: %s" % self.auth_url.toString()) + auth_header = self._session.headers.get("Authorization") + if auth_header and (auth_header.startswith("Bearer ") or auth_header.startswith("bearer ")): + logging.info("An externally created bearer token was used to login to: %s. The logout process will " + "invalidate your current session but will not automatically revoke this token." % + self.auth_url.toString()) if delete_cookies and self.cookie_persistence: if self.authn_session_page: self.authn_session_page.profile().cookieStore().deleteAllCookies() diff --git a/deriva/qt/auth_agent/ui/embedded_auth_window.py b/deriva/qt/auth_agent/ui/embedded_auth_window.py index 987d746..421211f 100644 --- a/deriva/qt/auth_agent/ui/embedded_auth_window.py +++ b/deriva/qt/auth_agent/ui/embedded_auth_window.py @@ -32,8 +32,8 @@ def __init__(self, self.cookie_persistence = cookie_persistence self.log_level = log_level - def authenticated(self): - return self.ui.authWidget.authenticated() + def authenticated(self, get_session=True): + return self.ui.authWidget.authenticated(get_session) def login(self): self.ui.authWidget.login() diff --git a/deriva/qt/upload_gui/ui/upload_window.py b/deriva/qt/upload_gui/ui/upload_window.py index bd4c0e7..54dac34 100644 --- a/deriva/qt/upload_gui/ui/upload_window.py +++ b/deriva/qt/upload_gui/ui/upload_window.py @@ -448,6 +448,8 @@ def on_actionLogin_triggered(self): self.getNewAuthWindow() else: return + if self.auth_window.authenticated(): + return self.auth_window.show() self.auth_window.login() @@ -482,7 +484,7 @@ def quitEvent(self): self.deleteLater() def logoutConfirmation(self): - if self.auth_window and (not self.auth_window.authenticated() or not self.auth_window.cookie_persistence): + if self.auth_window and (not self.auth_window.authenticated(False) or not self.auth_window.cookie_persistence): return msg = QMessageBox() msg.setIcon(QMessageBox.Warning)