v2 token deletion and validation methods take an optional "belongs_to" parameter, which is the tenant. Due to how sensitive the dogpile caching is on the parameters to validate_token, this can lead to problems where a token cache is not correctly cleared, for example, the following (pseudo test) will fail:
- create a scoped token for a user to a project
- check the token is valid, just using the token ID (without passing in belongs_to).....[this sets the cache]
- delete the token using the driver function delete_tokens, passing in user and tenant
- check if token is still valid, just using token ID (it will be return successfully from the cache - which is incorrect)
- check if token is still valid, token ID and tenant ID (it will not be found - which is correct)
The problem is in invalidate_individual_token_cache in the token provider, which already tries to handle the case of invalidating a token with and without a belongs_to tenant....but doesn't catch the case when dogpile has cached the key as "tokenID, None" as the parameters.
Thanks to morganfainberg for his help in debugging the above.
Fix proposed to branch: master
Review: https:/