goakerberosidentity: Ensure credentials of expired identities at startup

If the identity service is started later than goa-daemon then it won't
currently notify goa-daemon about tickets that expired before it
was running.

This commit fixes the problem by manually calling EnsureCredentials on
all signed out identities after their initial enumeration.

1 files changed, 16 insertions, 4 deletions

diff --git a/src/goaidentity/goaidentityservice.c b/src/goaidentity/goaidentityservice.c
index a25de41..7c2e389 100644
--- a/src/goaidentity/goaidentityservice.c
+++ b/src/goaidentity/goaidentityservice.c
@@ -1469,11 +1469,9 @@ on_identity_expiring (GoaIdentityManager *identity_manager,
   ensure_account_credentials (self, object);
   g_clear_object (&object);
 }
-
 static void
-on_identity_expired (GoaIdentityManager *identity_manager,
-                     GoaIdentity        *identity,
-                     GoaIdentityService *self)
+handle_identity_expired (GoaIdentityService *self,
+                         GoaIdentity        *identity)
 {
   const char *principal;
   GoaObject  *object;
@@ -1492,6 +1490,14 @@ on_identity_expired (GoaIdentityManager *identity_manager,
 }
 
 static void
+on_identity_expired (GoaIdentityManager *identity_manager,
+                     GoaIdentity        *identity,
+                     GoaIdentityService *self)
+{
+  handle_identity_expired (self, identity);
+}
+
+static void
 on_sign_out_for_account_change_done (GoaIdentityService *self,
                                      GAsyncResult       *result)
 {
@@ -1705,6 +1711,12 @@ on_identities_listed (GoaIdentityManager *manager,
         g_object_unref (object);
 
       g_free (object_path);
+
+      /* Treat identities that started out expired as if they just expired, in case
+       * the identity service is started long after goa-daemon
+       */
+      if (!goa_identity_is_signed_in (identity))
+        handle_identity_expired (self, identity);
     }
 
  out: