Merge branch 'lfs-token-race-condition-fix' into 'master'

Fix race condition on LFS Token

## What does this MR do?

 Fixes a race condition that can be triggered if the token expires right after we retrieve it, but before we can set the new expiry time.

https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/6551#note_16190569

Thanks for catching this so quickly @jacobvosmaer-gitlab

cc @DouweM

See merge request !6592

Signed-off-by: Rémy Coutable <remy@rymai.me>

2 files changed, 3 insertions, 7 deletions

diff --git a/CHANGELOG b/CHANGELOG
index c54412ae09f..fc52babe4ce 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -4,6 +4,7 @@ v 8.12.4 (unreleased)
   - Fix "Copy to clipboard" tooltip to say "Copied!" when clipboard button is clicked. !6294 (lukehowell)
   - Fix padding in build sidebar. !6506
   - Changed compare dropdowns to dropdowns with isolated search input. !6550
+  - Fix race condition on LFS Token. !6592
 
 v 8.12.3
   - Update Gitlab Shell to support low IO priority for storage moves
diff --git a/lib/gitlab/lfs_token.rb b/lib/gitlab/lfs_token.rb
index 7b3bbcf6a32..5f67e97fa2a 100644
--- a/lib/gitlab/lfs_token.rb
+++ b/lib/gitlab/lfs_token.rb
@@ -20,13 +20,8 @@ module Gitlab
     def token
       Gitlab::Redis.with do |redis|
         token = redis.get(redis_key)
-
-        if token
-          redis.expire(redis_key, EXPIRY_TIME)
-        else
-          token = Devise.friendly_token(TOKEN_LENGTH)
-          redis.set(redis_key, token, ex: EXPIRY_TIME)
-        end
+        token ||= Devise.friendly_token(TOKEN_LENGTH)
+        redis.set(redis_key, token, ex: EXPIRY_TIME)
 
         token
       end