Update authentication handling with client wrapper

hashicorp · Nov 11, 2024 · 37b2946 · 37b2946
1 parent 20bc230
commit 37b2946
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 7 deletions.
diff --git a/plugins/commands/cloud/auth/middleware/add_downloader_authentication.rb b/plugins/commands/cloud/auth/middleware/add_downloader_authentication.rb
@@ -5,9 +5,8 @@
 Vagrant.require "uri"
 Vagrant.require "vagrant/util/credential_scrubber"
 
-require_relative "./add_authentication"
-
 require Vagrant.source_root.join("plugins/commands/cloud/client/client")
+require_relative "./add_authentication"
 
 # Similar to AddAuthentication this middleware will add authentication for interacting
 # with Vagrant cloud. It does this by adding Authentication headers to a
@@ -54,6 +53,8 @@ def call(env)
               else
                 env[:downloader].headers << "Authorization: Bearer #{token}"
               end
+            else
+              @logger.debug("Not adding authentication header, host mismatch #{target_url.host} != #{server_uri.host}")
             end
 
             env[:downloader]

diff --git a/plugins/commands/cloud/client/client.rb b/plugins/commands/cloud/client/client.rb
@@ -37,10 +37,13 @@ def self.reset!
       def initialize(env)
         @logger = Log4r::Logger.new("vagrant::cloud::client")
         @env    = env
-        @client = VagrantCloud::Client.new(
-          access_token: token,
-          url_base: api_server_url
-        )
+        if !defined?(@@client)
+          @@client = VagrantCloud::Client.new(
+            access_token: token,
+            url_base: api_server_url
+          )
+        end
+        @client = @@client
       end
 
       # Removes the token, effectively logging the user out.
@@ -54,7 +57,8 @@ def clear_token
       #
       # @return [Boolean]
       def logged_in?
-        return false if !client.access_token
+        return false if !client&.access_token
+
         Vagrant::Util::CredentialScrubber.sensitive(client.access_token)
 
         with_error_handling do
@@ -128,6 +132,10 @@ def store_token(token)
       #
       # @return [String]
       def token
+        # If the client is defined, use the client for the access token
+        # to allow proper token generation if required
+        return client.access_token if client && !client.access_token.nil?
+
         if present?(ENV["VAGRANT_CLOUD_TOKEN"]) && token_path.exist?
           # Only show warning if it has not been previously shown
           if !defined?(@@double_token_warning)