Use /acl/token/self instead of /acl/token/:accessor_id

ui/app/adapters/token.js

+import Ember from 'ember';
 import { default as ApplicationAdapter, namespace } from './application';
 
+const { inject } = Ember;
+
 export default ApplicationAdapter.extend({
+  store: inject.service(),
+
   namespace: namespace + '/acl',
+
+  findSelf() {
+    return this.ajax(`${this.buildURL()}/token/self`).then(token => {
+      const store = this.get('store');
+      store.pushPayload('token', {
+        tokens: [token],
+      });
+
+      return store.peekRecord('token', store.normalize('token', token).data.id);
+    });
+  },
 });

ui/app/controllers/settings/tokens.js

 import Ember from 'ember';
 
-const { Controller, inject, computed } = Ember;
+const { Controller, inject, computed, getOwner } = Ember;
 
 export default Controller.extend({
   token: inject.service(),
 
   tokenRecord: null,
   secret: computed.reads('token.secret'),
-  accessor: computed.reads('token.accessor'),
 
   tokenIsValid: false,
   tokenIsInvalid: false,
@@ -21,33 +20,33 @@ export default Controller.extend({
       this.setProperties({
         tokenIsValid: false,
         tokenIsInvalid: false,
+        tokenRecord: null,
       });
     },
 
     verifyToken() {
-      const { secret, accessor } = this.getProperties('secret', 'accessor');
+      const { secret } = this.getProperties('secret', 'accessor');
+      const TokenAdapter = getOwner(this).lookup('adapter:token');
 
       this.set('token.secret', secret);
-      this.get('store')
-        .findRecord('token', accessor)
-        .then(
-          token => {
-            this.set('token.accessor', accessor);
-            this.setProperties({
-              tokenIsValid: true,
-              tokenIsInvalid: false,
-              tokenRecord: token,
-            });
-          },
-          () => {
-            this.set('token.secret', null);
-            this.setProperties({
-              tokenIsInvalid: true,
-              tokenIsValid: false,
-              tokenRecord: null,
-            });
-          }
-        );
+
+      TokenAdapter.findSelf().then(
+        token => {
+          this.setProperties({
+            tokenIsValid: true,
+            tokenIsInvalid: false,
+            tokenRecord: token,
+          });
+        },
+        () => {
+          this.set('token.secret', null);
+          this.setProperties({
+            tokenIsInvalid: true,
+            tokenIsValid: false,
+            tokenRecord: null,
+          });
+        }
+      );
     },
   },
 });

ui/app/serializers/token.js

@@ -7,7 +7,6 @@ export default ApplicationSerializer.extend({
   primaryKey: 'AccessorID',
 
   attrs: {
-    taskGroupName: 'TaskGroup',
     secret: 'SecretID',
   },
 

ui/app/services/token.js

@@ -4,20 +4,6 @@ import fetch from 'fetch';
 const { Service, computed, assign } = Ember;
 
 export default Service.extend({
-  accessor: computed({
-    get() {
-      return window.sessionStorage.nomadTokenAccessor;
-    },
-    set(key, value) {
-      if (value == null) {
-        window.sessionStorage.removeItem('nomadTokenAccessor');
-      } else {
-        window.sessionStorage.nomadTokenAccessor = value;
-      }
-      return value;
-    },
-  }),
-
   secret: computed({
     get() {
       return window.sessionStorage.nomadTokenSecret;

ui/app/templates/settings/tokens.hbs

@@ -25,13 +25,6 @@
           <p class="help">Sent with every request to determine authorization</p>
         </div>
 
-        <div class="field">
-          <label class="label">Accessor ID</label>
-          <div class="control">
-            <input class="input token-accessor" type="text" placeholder="XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX" value={{token.accessor}} oninput={{action (mut accessor) value="target.value"}}>
-          </div>
-          <p class="help">Used to look up authorized policies</p>
-        </div>
         <p class="content"><button class="button is-primary token-submit" {{action "verifyToken"}}>Set Token</button></p>
       {{/if}}
 
@@ -51,7 +44,7 @@
           <div class="columns">
             <div class="column">
               <h3 class="title is-4">Token Failed to Authenticate</h3>
-              <p>The token secret and accessor you have provided do not match.</p>
+              <p>The token secret you have provided does not match an existing token.</p>
             </div>
           </div>
         </div>

ui/mirage/config.js

@@ -89,6 +89,19 @@ export default function() {
     return JSON.stringify(findLeader(schema));
   });
 
+  this.get('/acl/token/self', function({ tokens }, req) {
+    const secret = req.requestHeaders['X-Nomad-Token'];
+    const tokenForSecret = tokens.findBy({ secretId: secret });
+
+    // Return the token if it exists
+    if (tokenForSecret) {
+      return this.serialize(tokenForSecret);
+    }
+
+    // Client error if it doesn't
+    return new Response(400, {}, null);
+  });
+
   this.get('/acl/token/:id', function({ tokens }, req) {
     const token = tokens.find(req.params.id);
     const secret = req.requestHeaders['X-Nomad-Token'];

ui/tests/acceptance/token-test.js

@@ -21,27 +21,24 @@ moduleForAcceptance('Acceptance | tokens', {
 });
 
 test('the token form sets the token in session storage', function(assert) {
-  const { secretId, accessorId } = managementToken;
+  const { secretId } = managementToken;
 
   visit('/settings/tokens');
 
   andThen(() => {
     assert.ok(window.sessionStorage.nomadTokenSecret == null, 'No token secret set');
-    assert.ok(window.sessionStorage.nomadTokenAccessor == null, 'No token accessor set');
 
     fillIn('.token-secret', secretId);
-    fillIn('.token-accessor', accessorId);
     click('.token-submit');
 
     andThen(() => {
       assert.equal(window.sessionStorage.nomadTokenSecret, secretId, 'Token secret was set');
-      assert.equal(window.sessionStorage.nomadTokenAccessor, accessorId, 'Token accessor was set');
     });
   });
 });
 
 test('the X-Nomad-Token header gets sent with requests once it is set', function(assert) {
-  const { secretId, accessorId } = managementToken;
+  const { secretId } = managementToken;
   let requestPosition = 0;
 
   visit(`/jobs/${job.id}`);
@@ -60,7 +57,6 @@ test('the X-Nomad-Token header gets sent with requests once it is set', function
   visit('/settings/tokens');
   andThen(() => {
     fillIn('.token-secret', secretId);
-    fillIn('.token-accessor', accessorId);
     click('.token-submit');
   });
 
@@ -78,7 +74,7 @@ test('the X-Nomad-Token header gets sent with requests once it is set', function
 });
 
 test('an error message is shown when authenticating a token fails', function(assert) {
-  const { secretId, accessorId } = managementToken;
+  const { secretId } = managementToken;
   const bogusSecret = 'this-is-not-the-secret';
   assert.notEqual(
     secretId,
@@ -90,7 +86,6 @@ test('an error message is shown when authenticating a token fails', function(ass
 
   andThen(() => {
     fillIn('.token-secret', bogusSecret);
-    fillIn('.token-accessor', accessorId);
     click('.token-submit');
 
     andThen(() => {
@@ -98,10 +93,6 @@ test('an error message is shown when authenticating a token fails', function(ass
         window.sessionStorage.nomadTokenSecret == null,
         'Token secret is discarded on failure'
       );
-      assert.ok(
-        window.sessionStorage.nomadTokenAccessor == null,
-        'Token accessor is discarded on failure'
-      );
       assert.ok(find('.token-error'), 'Token error message is shown');
       assert.notOk(find('.token-success'), 'Token success message is not shown');
       assert.notOk(find('.token-policy'), 'No token policies are shown');
@@ -112,13 +103,12 @@ test('an error message is shown when authenticating a token fails', function(ass
 test('a success message and a special management token message are shown when authenticating succeeds', function(
   assert
 ) {
-  const { secretId, accessorId } = managementToken;
+  const { secretId } = managementToken;
 
   visit('/settings/tokens');
 
   andThen(() => {
     fillIn('.token-secret', secretId);
-    fillIn('.token-accessor', accessorId);
     click('.token-submit');
 
     andThen(() => {
@@ -133,7 +123,7 @@ test('a success message and a special management token message are shown when au
 test('a success message and associated policies are shown when authenticating succeeds', function(
   assert
 ) {
-  const { secretId, accessorId } = clientToken;
+  const { secretId } = clientToken;
   const policy = clientToken.policies.models[0];
   policy.update('description', 'Make sure there is a description');
 
@@ -141,7 +131,6 @@ test('a success message and associated policies are shown when authenticating su
 
   andThen(() => {
     fillIn('.token-secret', secretId);
-    fillIn('.token-accessor', accessorId);
     click('.token-submit');
 
     andThen(() => {