Closed jmls closed 8 years ago
jmls
commented
8 years ago update
I think the policy is being created, but then in line 96 of lib/sys/policy.js you are calling .then(this.getPolicies); which would invoke another call to validateHeader, but by then the original token has been stripped from the options
jmls
commented
8 years ago actually, it's a little more subtle than this : yes, the above theory is correct, but there's also another bug in that you are not passing any options into getPolicies() therefore the token would never be present
jmls
commented
8 years ago it can be fixed by removing the delete options._token from validateHeader() and changing .then(this.getPolicies) to .then(this.getPolicies(options))
but I don't understand the reasoning why you deleted the _token from the options so I can't say that this is a valid fix or not
kenjones-cisco
commented
8 years ago Patched via commit ccee45aa611a305bab3aea54400725eb48bed92a
kenjones-cisco
commented
8 years ago The option no_global_token was dropped because now init does not set the token or the keys. So either the token is passed into each API or can be set globally using setToken. The keys for unSeal now must be passed directly. Also removed the use of backing up those pieces since there is no holding those internally any longer.
Closing now.
I have this code
where rootToken is a vaild token (confirmed)
the error I get is
if I put a debug message into endpoint.js
I get
I guess there's a second call to validateHeaders() which causes the problem, as the first call delete options._token; which means the second time through there is no _token present and raises the error