From e3ad91e27488f2a8f82d8728c4cf651d9212a158 Mon Sep 17 00:00:00 2001
From: Dominik George <dominik.george@teckids.org>
Date: Sun, 16 May 2021 23:49:38 +0200
Subject: [PATCH] Return clone of BasicTokenResponse to not keep a ref to the
 static for too long

Thanks to tnariol!
---
 src/cache.rs |  7 +++++--
 src/nss.rs   | 12 +++---------
 2 files changed, 8 insertions(+), 11 deletions(-)

diff --git a/src/cache.rs b/src/cache.rs
index 018ae67..2c4018e 100644
--- a/src/cache.rs
+++ b/src/cache.rs
@@ -293,7 +293,7 @@ impl UserInfo {
     ///
     /// This will use the in-memory token from the `access_token` slot if it is filled,
     /// or attempt to load a token from disk if not
-    pub fn get_access_token(&mut self) -> &Option<BasicTokenResponse> {
+    pub fn get_access_token(&mut self) -> Option<BasicTokenResponse> {
         // Try to load our acess token if none is known
         if self.access_token.is_none() {
             debug!("No token in memory, trying to load from file");
@@ -309,7 +309,10 @@ impl UserInfo {
             self.restore_privileges();
         }
 
-        return &self.access_token;
+        match &self.access_token {
+            Some(t) => Some(t.clone()),
+            None => None
+        }
     }
 
     /// Set the known access token for this user
diff --git a/src/nss.rs b/src/nss.rs
index 27f3523..8bf7ba5 100644
--- a/src/nss.rs
+++ b/src/nss.rs
@@ -67,11 +67,9 @@ impl PasswdHooks for OidcPasswd {
         let conf = nss_hook_prepare();
         info!("[NSS] passwd.get_all_entries called");
 
-        let mut context_user = get_context_user();
-        let user_token_res = context_user.get_access_token();
+        let user_token_res = get_context_user().get_access_token();
         // FIXME Implement caching of system token
         let system_token_res = get_access_token_client(&conf, "nss", "", "");
-        let system_token_res = system_token_res.as_ref();
         let token = match user_token_res {
             Some(t) => t,
             None => {
@@ -100,11 +98,9 @@ impl PasswdHooks for OidcPasswd {
         let conf = nss_hook_prepare();
         info!("[NSS] passwd.get_entry_by_uid called for {}", uid);
 
-        let mut context_user = get_context_user();
-        let user_token_res = context_user.get_access_token();
+        let user_token_res = get_context_user().get_access_token();
         // FIXME Implement caching of system token
         let system_token_res = get_access_token_client(&conf, "nss", "", "");
-        let system_token_res = system_token_res.as_ref();
         let token = match user_token_res {
             Some(t) => t,
             None => {
@@ -133,11 +129,9 @@ impl PasswdHooks for OidcPasswd {
         let conf = nss_hook_prepare();
         info!("[NSS] passwd.get_entry_by_name called for {}", name);
 
-        let mut context_user = get_context_user();
-        let user_token_res = context_user.get_access_token();
+        let user_token_res = get_context_user().get_access_token();
         // FIXME Implement caching of system token
         let system_token_res = get_access_token_client(&conf, "nss", "", "");
-        let system_token_res = system_token_res.as_ref();
         let token = match user_token_res {
             Some(t) => t,
             None => {
-- 
GitLab