cloudfoundry
diff --git a/‎.cfignore
+8-2 b/‎.cfignore
+8-2
diff --git a/‎components/app-core/backend/auth.go
+29-29 b/‎components/app-core/backend/auth.go
+29-29
diff --git a/‎components/app-core/backend/cnsi.go
+34 b/‎components/app-core/backend/cnsi.go
+34
diff --git a/‎components/app-core/backend/oauth_requests.go
+1-1 b/‎components/app-core/backend/oauth_requests.go
+1-1
diff --git a/‎components/app-core/backend/repository/cnsis/pgsql_cnsis.go
+9-5 b/‎components/app-core/backend/repository/cnsis/pgsql_cnsis.go
+9-5
diff --git a/‎components/app-core/backend/repository/interfaces/portal_proxy.go
+1 b/‎components/app-core/backend/repository/interfaces/portal_proxy.go
+1
diff --git a/‎components/app-core/backend/repository/interfaces/structs.go
+1 b/‎components/app-core/backend/repository/interfaces/structs.go
+1
@@ -1,5 +1,11 @@
 # These folders are ignored when pushing the console to CF
-node_modules/
 bower_components/
-dist/
 components/*/backend/vendor
+dev-certs/
+dist/
+docs/
+node_modules/
+out/
+outputs/
+tmp/
+tools/
@@ -169,7 +169,9 @@ func (p *portalProxy) DoLoginToCNSI(c echo.Context, cnsiGUID string) (*interface
 	}
 	u.UserGUID = userID
 
-	p.saveCNSIToken(cnsiGUID, *u, uaaRes.AccessToken, uaaRes.RefreshToken)
+	fmt.Println("DoLoginToCNSI LOGGING IN!!!!")
+
+	p.saveCNSIToken(cnsiGUID, *u, uaaRes.AccessToken, uaaRes.RefreshToken, false)
 
 	cfAdmin := strings.Contains(uaaRes.Scope, p.Config.CFAdminIdentifier)
 
@@ -259,41 +261,38 @@ func (p *portalProxy) logoutOfCNSI(c echo.Context) error {
 	}
 
 	userGUID, err := p.GetSessionStringValue(c, "user_id")
-	fmt.Println("logoutOfCNSI: : userGUID", userGUID)
 	if err != nil {
-		return echo.NewHTTPError(http.StatusUnauthorized, "Could not find correct session value")
+		return fmt.Errorf("Could not find correct session value: %s", err)
 	}
 
-	userTokenInfo := userTokenInfo{
-		UserGUID: userGUID,
+	cnsiRecord, err := p.GetCNSIRecord(cnsiGUID)
+	if err != nil {
+		return fmt.Errorf("Unable to load CNSI record: %s", err)
 	}
 
-	//TODO: CLOUD FOUNDRY SPECFICI logout (?) and conditional on if endpoint == CORE CF
-	p.saveCNSIToken(cnsiGUID, userTokenInfo, "", "")
-	//p.deleteCNSIToken(cnsiGUID, userID)
-
-
-
-	//p.GetCNSITokenRecord(cnsiGUID, userID)
-	//_, ok := p.GetCNSITokenRecord(cnsiGUID, userID)
-	//if !ok {
-	//	return interfaces.NewHTTPShadowError(
-	//		http.StatusBadRequest,
-	//		"Missing CNSI token, unable to log out",
-	//		"Attempt to delete a cnsi token that does not exist")
-	//}
-	//cfTokenRecord = interfaces.TokenRecord{}
-
-	//cnsiID string, u userTokenInfo, authTok string, refreshTok string
+	// If cnsi is cf AND cf is auto-register only clear the entry
+	if cnsiRecord.CNSIType == "cf" && p.GetConfig().AutoRegisterCFUrl == cnsiRecord.APIEndpoint.String() {
+		log.Info("Setting token record as disconnected")
 
-	//type userTokenInfo struct {
-	//	UserGUID    string   `json:"user_id"`
-	//	UserName    string   `json:"user_name"`
-	//	TokenExpiry int64    `json:"exp"`
-	//	Scope       []string `json:"scope"`
-	//}
+		cfTokenRecord, ok := p.GetCNSITokenRecord(cnsiGUID, userGUID)
+		if !ok {
+			return fmt.Errorf("Unable to retrieve CNSI token record: %s", err)
+		}
 
+		userTokenInfo := userTokenInfo{
+			UserGUID: userGUID,
+			TokenExpiry: cfTokenRecord.TokenExpiry,
+		}
 
+		if _, err := p.saveCNSIToken(cnsiGUID, userTokenInfo, cfTokenRecord.AuthToken, cfTokenRecord.RefreshToken, true); err != nil {
+			return fmt.Errorf("Unable to clear token: %s", err)
+		}
+	} else {
+		log.Info("Deleting Token")
+		if err := p.deleteCNSIToken(cnsiGUID, userGUID); err != nil {
+			return fmt.Errorf("Unable to delete token: %s", err)
+		}
+	}
 
 	return nil
 }
@@ -431,12 +430,13 @@ func (p *portalProxy) saveUAAToken(u userTokenInfo, authTok string, refreshTok s
 	return tokenRecord, nil
 }
 
-func (p *portalProxy) saveCNSIToken(cnsiID string, u userTokenInfo, authTok string, refreshTok string) (interfaces.TokenRecord, error) {
+func (p *portalProxy) saveCNSIToken(cnsiID string, u userTokenInfo, authTok string, refreshTok string, disconnect bool) (interfaces.TokenRecord, error) {
 	log.Debug("saveCNSIToken")
 	tokenRecord := interfaces.TokenRecord{
 		AuthToken:    authTok,
 		RefreshToken: refreshTok,
 		TokenExpiry:  u.TokenExpiry,
+		Disconnected: disconnect,
 	}
 
 	err := p.setCNSITokenRecord(cnsiID, u.UserGUID, tokenRecord)
 
@@ -342,6 +342,21 @@ func (p *portalProxy) GetCNSITokenRecord(cnsiGUID string, userGUID string) (inte
 	return tr, true
 }
 
+func (p *portalProxy) GetCNSITokenRecordWithDisconnected(cnsiGUID string, userGUID string) (interfaces.TokenRecord, bool) {
+	log.Debug("GetCNSITokenRecord")
+	tokenRepo, err := tokens.NewPgsqlTokenRepository(p.DatabaseConnectionPool)
+	if err != nil {
+		return interfaces.TokenRecord{}, false
+	}
+
+	tr, err := tokenRepo.FindCNSIToken(cnsiGUID, userGUID, p.Config.EncryptionKeyInBytes)
+	if err != nil {
+		return interfaces.TokenRecord{}, false
+	}
+
+	return tr, true
+}
+
 //TODO: remove this? It is unusable in this form as we won't know for which CNSI each token is
 func (p *portalProxy) listCNSITokenRecordsForUser(userGUID string) ([]*interfaces.TokenRecord, error) {
 	log.Debug("listCNSITokenRecordsForUser")
@@ -394,3 +409,22 @@ func (p *portalProxy) unsetCNSITokenRecord(cnsiGUID string, userGUID string) err
 
 	return nil
 }
+
+//func (p *portalProxy) clearCNSITokenRecord(cnsiGUID string, userGUID string) error {
+//	log.Debug("clearCNSITokenRecord")
+//	tokenRepo, err := tokens.NewPgsqlTokenRepository(p.DatabaseConnectionPool)
+//	if err != nil {
+//		msg := "Unable to establish a database reference: '%v'"
+//		log.Errorf(msg, err)
+//		return fmt.Errorf(msg, err)
+//	}
+//
+//	err = tokenRepo.ClearCNSIToken(cnsiGUID, userGUID, p.Config.EncryptionKeyInBytes)
+//	if err != nil {
+//		msg := "Unable to clear a CNSI Token: %v"
+//		log.Errorf(msg, err)
+//		return fmt.Errorf(msg, err)
+//	}
+//
+//	return nil
+//}
@@ -98,7 +98,7 @@ func (p *portalProxy) RefreshToken(skipSSLValidation bool, cnsiGUID, userGUID, c
 
 	u.UserGUID = userGUID
 
-	t, err = p.saveCNSIToken(cnsiGUID, *u, uaaRes.AccessToken, uaaRes.RefreshToken)
+	t, err = p.saveCNSIToken(cnsiGUID, *u, uaaRes.AccessToken, uaaRes.RefreshToken, t.Disconnected)
 	if err != nil {
 		return t, fmt.Errorf("Couldn't save new token: %v", err)
 	}
 
@@ -15,9 +15,9 @@ import (
 var listCNSIs = `SELECT guid, name, cnsi_type, api_endpoint, auth_endpoint, token_endpoint, doppler_logging_endpoint, skip_ssl_validation
 							FROM cnsis`
 
-var listCNSIsByUser = `SELECT c.guid, c.name, c.cnsi_type, c.api_endpoint, t.user_guid, t.token_expiry, c.skip_ssl_validation
+var listCNSIsByUser = `SELECT c.guid, c.name, c.cnsi_type, c.api_endpoint, t.user_guid, t.token_expiry, c.skip_ssl_validation, t.disconnected
 										FROM cnsis c, tokens t
-										WHERE c.guid = t.cnsi_guid AND t.token_type=$1 AND t.user_guid=$2`
+										WHERE c.guid = t.cnsi_guid AND t.token_type=$1 AND t.user_guid=$2 AND t.disconnected = 0`
 
 var findCNSI = `SELECT guid, name, cnsi_type, api_endpoint, auth_endpoint, token_endpoint, doppler_logging_endpoint, skip_ssl_validation
 						FROM cnsis
@@ -110,17 +110,21 @@ func (p *PostgresCNSIRepository) ListByUser(userGUID string) ([]*RegisteredClust
 	var clusterList []*RegisteredCluster
 	clusterList = make([]*RegisteredCluster, 0)
 
+	fmt.Println("1ListByUser")
 	for rows.Next() {
+		fmt.Println("2ListByUser")
 		var (
-			pCNSIType string
-			pURL      string
+			pCNSIType       string
+			pURL            string
+			disconnected	bool
 		)
 
 		cluster := new(RegisteredCluster)
-		err := rows.Scan(&cluster.GUID, &cluster.Name, &pCNSIType, &pURL, &cluster.Account, &cluster.TokenExpiry, &cluster.SkipSSLValidation)
+		err := rows.Scan(&cluster.GUID, &cluster.Name, &pCNSIType, &pURL, &cluster.Account, &cluster.TokenExpiry, &cluster.SkipSSLValidation, &disconnected)
 		if err != nil {
 			return nil, fmt.Errorf("Unable to scan cluster records: %v", err)
 		}
+		fmt.Println("3ListByUser disconnected: ", disconnected)
 
 		cluster.CNSIType = pCNSIType
 
 
@@ -30,6 +30,7 @@ type PortalProxy interface {
 	GetCNSIRecord(guid string) (CNSIRecord, error)
 	GetCNSIRecordByEndpoint(endpoint string) (CNSIRecord, error)
 	GetCNSITokenRecord(cnsiGUID string, userGUID string) (TokenRecord, bool)
+	GetCNSITokenRecordWithDisconnected(cnsiGUID string, userGUID string) (TokenRecord, bool)
 	GetCNSIUser(cnsiGUID string, userGUID string) (*ConnectedUser, bool)
 	GetConfig() *PortalConfig
 
 
@@ -36,6 +36,7 @@ type TokenRecord struct {
 	AuthToken    string
 	RefreshToken string
 	TokenExpiry  int64
+	Disconnected bool
 }
 
 type CFInfo struct {
Original file line number	Diff line number	Diff line change
`@@ -98,7 +98,7 @@ func (p *portalProxy) RefreshToken(skipSSLValidation bool, cnsiGUID, userGUID, c`
`98`	`98`
`99`	`99`	`u.UserGUID = userGUID`
`100`	`100`
`101`		`- t, err = p.saveCNSIToken(cnsiGUID, *u, uaaRes.AccessToken, uaaRes.RefreshToken)`
	`101`	`+ t, err = p.saveCNSIToken(cnsiGUID, *u, uaaRes.AccessToken, uaaRes.RefreshToken, t.Disconnected)`
`102`	`102`	`if err != nil {`
`103`	`103`	`return t, fmt.Errorf("Couldn't save new token: %v", err)`
`104`	`104`	`}`
Original file line number	Diff line number	Diff line change
`@@ -36,6 +36,7 @@ type TokenRecord struct {`
`36`	`36`	`AuthToken string`
`37`	`37`	`RefreshToken string`
`38`	`38`	`TokenExpiry int64`
	`39`	`+ Disconnected bool`
`39`	`40`	`}`
`40`	`41`
`41`	`42`	`type CFInfo struct {`