Reset access token secret on new black list entry

To avoid checking all access tokens against black list, we just invalidate all
of them to make clients to go through auth API.

BUG:27300728
Change-Id: Iddf08e076037469db9dc859288645a8fe2991914
Reviewed-on: https://weave-review.googlesource.com/2708
Reviewed-by: Vitaly Buka <vitalybuka@google.com>

1 files changed, 6 insertions, 6 deletions

diff --git a/src/device_manager.cc b/src/device_manager.cc
index 4c0d3ee..aebda67 100644
--- a/src/device_manager.cc
+++ b/src/device_manager.cc
@@ -33,8 +33,12 @@ DeviceManager::DeviceManager(provider::ConfigStore* config_store,
     : config_{new Config{config_store}},
       component_manager_{new ComponentManagerImpl{task_runner}} {
   if (http_server) {
-    auth_manager_.reset(new privet::AuthManager(
-        config_.get(), http_server->GetHttpsCertificateFingerprint()));
+    black_list_manager_.reset(new AccessBlackListManagerImpl{config_store});
+    auth_manager_.reset(
+        new privet::AuthManager(config_.get(), black_list_manager_.get(),
+                                http_server->GetHttpsCertificateFingerprint()));
+    access_api_handler_.reset(
+        new AccessApiHandler{this, black_list_manager_.get()});
   }
 
   device_info_.reset(new DeviceRegistrationInfo(
@@ -42,10 +46,6 @@ DeviceManager::DeviceManager(provider::ConfigStore* config_store,
       network, auth_manager_.get()));
   base_api_handler_.reset(new BaseApiHandler{device_info_.get(), this});
 
-  black_list_manager_.reset(new AccessBlackListManagerImpl{config_store});
-  access_api_handler_.reset(
-      new AccessApiHandler{this, black_list_manager_.get()});
-
   device_info_->Start();
 
   if (http_server) {