2
0
mirror of https://github.com/xcat2/confluent.git synced 2024-11-25 11:01:09 +00:00

Invalidate sealed token on new token

If a new token grant occurs, do not
retain stale token sealed, as it can be misleading.
This commit is contained in:
Jarrod Johnson 2021-05-05 09:17:42 -04:00
parent 257edff3a7
commit 8543129fb9

View File

@ -88,7 +88,7 @@ class CredServer(object):
client.close()
return
echotoken = util.stringify(client.recv(tlv[1]))
cfgupdate = {nodename: {'crypted.selfapikey': {'hashvalue': echotoken}, 'deployment.apiarmed': ''}}
cfgupdate = {nodename: {'crypted.selfapikey': {'hashvalue': echotoken}, 'deployment.sealedapikey': '', 'deployment.apiarmed': ''}}
if apiarmed == 'continuous':
del cfgupdate[nodename]['deployment.apiarmed']
self.cfm.set_node_attributes(cfgupdate)