Merge "Return the auth token to begin call when timestamp token is required."

commit: 70d788a4424f170138305b3ea6c6529a350938d5 [log] [tgz]
author: Hasini Gunasinghe <hasinitg@google.com> Sat May 01 01:43:22 2021 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Sat May 01 01:43:22 2021 +0000
tree: 21b69fd081975ca65100b29263d9545f6629147c
parent: 925119edbed2d59e46d0f851ffda0d329802f614 [diff]
parent: e093b55a974cfa861f1f30f3dea9d1e6db0e3261 [diff]
diff --git a/keystore2/src/enforcements.rs b/keystore2/src/enforcements.rs
index 378b72f..04d1f77 100644
--- a/keystore2/src/enforcements.rs
+++ b/keystore2/src/enforcements.rs

@@ -682,9 +682,10 @@
             // So the HAT cannot be presented on create. So on update/finish we present both
             // an per-op-bound auth token and a timestamp token.
             (Some(_), true, true) => (None, DeferredAuthState::TimeStampedOpAuthRequired),
-            (Some(hat), true, false) => {
-                (None, DeferredAuthState::TimeStampRequired(hat.take_auth_token()))
-            }
+            (Some(hat), true, false) => (
+                Some(hat.auth_token().clone()),
+                DeferredAuthState::TimeStampRequired(hat.take_auth_token()),
+            ),
             (Some(hat), false, true) => {
                 (Some(hat.take_auth_token()), DeferredAuthState::OpAuthRequired)
             }
commit	70d788a4424f170138305b3ea6c6529a350938d5	[log] [tgz]
author	Hasini Gunasinghe <hasinitg@google.com>	Sat May 01 01:43:22 2021 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Sat May 01 01:43:22 2021 +0000
tree	21b69fd081975ca65100b29263d9545f6629147c
parent	925119edbed2d59e46d0f851ffda0d329802f614 [diff]
parent	e093b55a974cfa861f1f30f3dea9d1e6db0e3261 [diff]