[HTCondor-users] OAuthCredmon and Schedd: markfile names consistency

[Benoit Roland <benoit.roland@xxxxxxx>]

    Dear all,
    
    I understand that a markfile is used to take the decision to remove
    tokens when the markfile lifetime exceeds some threshold.
    
    o) This is used in the functions "should_delete" and "delete_tokens"
    in the OAuth Credential Monitor [1].
    
    In these functions, the markfile name is defined as:
    
    mark_path = os.path.join(self.cred_dir, username, token_name +
      '.mark') [convention 1]
    
    following the same convention as for the ".top" and ".use" tokens.
    
    o) The markfile, if I am correct, is created in the schedd [2] via:
    
    auto_free_ptr
      cred_dir_oauth(param("SEC_CREDENTIAL_DIRECTORY_OAUTH"));
    ....
    credmon_mark_creds_for_sweeping(cred_dir_oauth,
      owner_info.Name());Â [convention 2]
    
    with "credmon_mark_creds_for_sweeping(const char * cred_dir,
      const char* user)" defined in the credmon interface [3].
    
    o) The first convention will result in e.g.:
    
    SEC_CREDENTIAL_DIRECTORY_OAUTH/username/token_name.mark
    
    while the second convention will result in:
    
    SEC_CREDENTIAL_DIRECTORY_OAUTH/username.mark
    
    o) Making a test, I can indeed find on my submit node:
    
    /var/lib/condor/mytoken_credentials/benoit_roland.mark 
    
    while the OAuth Credential Monitor is looking for:
    
    /var/lib/condor/mytoken_credentials/benoit_roland/helmholtz.mark
    
    As a result, the markfile is not found, and the ".top", ".use" and
    ".mark" files are not deleted after expiration of the markfile.
    
    Am I missing something, or are my observations correct?
    
    Thanks a lot in advance for your help!
    
    Cheers,
    Benoit
    
    [1]
src/condor_credd/condor_credmon_oauth/credmon/CredentialMonitors/OAuthCredmon.py
    
    [2] src/condor_schedd.V6/schedd.cpp
    [3] src/condor_utils/credmon_interface.cpp