Fixes #3411 - Microsoft 365: The refresh token has expired due to inactivity. The token was issued on 2020-11-17T13:30:55.3656422Z and was inactive for 90.00:00:00.
This commit is contained in:
parent
c505851e4c
commit
a86b288f4c
6 changed files with 63 additions and 4 deletions
|
@ -48,9 +48,17 @@ cache:
|
||||||
key: "centos7ruby266"
|
key: "centos7ruby266"
|
||||||
paths:
|
paths:
|
||||||
- vendor/ruby
|
- vendor/ruby
|
||||||
|
# ATTENTION: This should be a dedicated cache only used in the job "TODO".
|
||||||
|
# ATTENTION: Remember to update the global CI ENV setting with the latest
|
||||||
|
# version of the ENV from an artifact of the "TODO" job to use a valid key.
|
||||||
|
# A dedicated cache should be used because the ENVs are not bound to the Ruby version and OS.
|
||||||
|
# Unfortunately GitLab is not yet capable of having multiple cache-s per job
|
||||||
|
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/32814
|
||||||
|
- fresh.env
|
||||||
|
|
||||||
# Initialize application env
|
# Initialize application env
|
||||||
before_script:
|
before_script:
|
||||||
- source /etc/profile.d/rvm.sh
|
- source /etc/profile.d/rvm.sh
|
||||||
|
- FRESHENVFILE=fresh.env && test -f $FRESHENVFILE && source $FRESHENVFILE
|
||||||
- bundle install -j $(nproc) --path vendor
|
- bundle install -j $(nproc) --path vendor
|
||||||
- bundle exec ruby script/build/database_config.rb
|
- bundle exec ruby script/build/database_config.rb
|
||||||
|
|
|
@ -33,3 +33,26 @@ github:
|
||||||
- "" # no RVM present in deploy ENV
|
- "" # no RVM present in deploy ENV
|
||||||
script:
|
script:
|
||||||
- script/build/sync_repo.sh git@github.com:zammad/zammad.git
|
- script/build/sync_repo.sh git@github.com:zammad/zammad.git
|
||||||
|
|
||||||
|
global_refresh_envs:
|
||||||
|
extends:
|
||||||
|
- .tags_docker
|
||||||
|
- .services_postgresql
|
||||||
|
stage: pre
|
||||||
|
# ensure that only one Job runs in the whole project (branches etc.)
|
||||||
|
resource_group: global_refresh_envs
|
||||||
|
# allow download via the web UI to restore ENVs in case global cache got deleted (see: `.gitlab-ci.yml`)
|
||||||
|
artifacts:
|
||||||
|
expire_in: 1 day
|
||||||
|
paths:
|
||||||
|
- fresh.env
|
||||||
|
rules:
|
||||||
|
- if: $CI_MERGE_REQUEST_ID
|
||||||
|
when: never
|
||||||
|
- if: '$CI_COMMIT_BRANCH =~ /^private/'
|
||||||
|
when: manual
|
||||||
|
allow_failure: true
|
||||||
|
- when: always
|
||||||
|
|
||||||
|
script:
|
||||||
|
- bundle exec rake zammad:ci:refresh_envs
|
||||||
|
|
3
Gemfile
3
Gemfile
|
@ -206,6 +206,9 @@ group :development, :test do
|
||||||
|
|
||||||
# image comparison in tests
|
# image comparison in tests
|
||||||
gem 'chunky_png'
|
gem 'chunky_png'
|
||||||
|
|
||||||
|
# refresh ENVs in CI environment
|
||||||
|
gem 'dotenv', require: false
|
||||||
end
|
end
|
||||||
|
|
||||||
# Want to extend Zammad with additional gems?
|
# Want to extend Zammad with additional gems?
|
||||||
|
|
|
@ -177,6 +177,7 @@ GEM
|
||||||
unf (>= 0.0.5, < 1.0.0)
|
unf (>= 0.0.5, < 1.0.0)
|
||||||
doorkeeper (5.3.2)
|
doorkeeper (5.3.2)
|
||||||
railties (>= 5)
|
railties (>= 5)
|
||||||
|
dotenv (2.7.6)
|
||||||
eco (1.0.0)
|
eco (1.0.0)
|
||||||
coffee-script
|
coffee-script
|
||||||
eco-source
|
eco-source
|
||||||
|
@ -603,6 +604,7 @@ DEPENDENCIES
|
||||||
deprecation_toolkit
|
deprecation_toolkit
|
||||||
diffy
|
diffy
|
||||||
doorkeeper
|
doorkeeper
|
||||||
|
dotenv
|
||||||
eco
|
eco
|
||||||
em-websocket
|
em-websocket
|
||||||
eventmachine
|
eventmachine
|
||||||
|
|
|
@ -233,10 +233,9 @@ class ExternalCredential::Microsoft365
|
||||||
raise "Request failed! ERROR: #{result['error']} (#{result['error_description']})"
|
raise "Request failed! ERROR: #{result['error']} (#{result['error_description']})"
|
||||||
end
|
end
|
||||||
|
|
||||||
token.merge(
|
token.merge(result.symbolize_keys).merge(
|
||||||
created_at: Time.zone.now,
|
created_at: Time.zone.now,
|
||||||
access_token: result['access_token'],
|
)
|
||||||
).symbolize_keys
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def self.user_info(id_token)
|
def self.user_info(id_token)
|
||||||
|
|
24
lib/tasks/zammad/ci/refresh_envs.rake
Normal file
24
lib/tasks/zammad/ci/refresh_envs.rake
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
require 'dotenv'
|
||||||
|
|
||||||
|
namespace :zammad do
|
||||||
|
|
||||||
|
namespace :ci do
|
||||||
|
|
||||||
|
desc 'Re-fresh-es dynamic ENV variables'
|
||||||
|
task refresh_envs: :environment do
|
||||||
|
|
||||||
|
Dotenv.overload('fresh.env')
|
||||||
|
|
||||||
|
result = ExternalCredential::Microsoft365.refresh_token(
|
||||||
|
created_at: 30.days.ago,
|
||||||
|
client_id: ENV['MICROSOFT365_CLIENT_ID'],
|
||||||
|
client_secret: ENV['MICROSOFT365_CLIENT_SECRET'],
|
||||||
|
refresh_token: ENV['MICROSOFT365_REFRESH_TOKEN'],
|
||||||
|
)
|
||||||
|
|
||||||
|
token_env = %(MICROSOFT365_REFRESH_TOKEN="#{result[:refresh_token]}")
|
||||||
|
|
||||||
|
File.write(Rails.root.join('fresh.env'), token_env)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in a new issue