Fix failed token deletion

[rev3r4nt]

Randomly, the openshift_auth module exits in error and does not delete the token.

Couldn't delete user oauth access token 'sha256~BmhQbi0TLPGJqA15PdLbbfJesJlQX_208Iv9saVpU2U' due to: useroauthaccesstokens.oauth.openshift.io \"sha256~BmhQbi0TLPGJqA15PdLbbfJesJlQX_208Iv9saVpU2U\" not found

When this happens, the token name does not match the one returned by the Openshift API.

$ oc get useroauthaccesstokens
NAME                                                 CLIENT NAME
sha256~CZMJTLYVJAyDWZ4JvOrE48J97xpn0HIstFSDT3yHyWM   openshift-challenging-client

Ansible version: core 2.15.3
Python version: 3.10.8
Collection community.okd version 2.3.0

I discovered that it failed because Python strip method argument is not a prefix or suffix; rather, all combinations of its values are stripped. So if the token begins with a character of the set sha256~, the token name is not correctly deducted.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: rev3r4nt
Once this PR has been reviewed and has the lgtm label, please assign abikouo for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

Hi @rev3r4nt. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[gravesm]

We should only slice if the string starts with the prefix:

if token_name.startswith(sha256Prefix):
    content = token_name[len(sha256Prefix):]
else:
    content = token_name

[gravesm]

/ok-to-test

[rev3r4nt]

/retest

[openshift-ci]

@rev3r4nt: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/integration	acc848d	link	true	/test integration

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[openshift-bot]

Issues go stale after 90d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle stale

[openshift-bot]

Stale issues rot after 30d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle rotten
/remove-lifecycle stale

[gravesm]

/remove-lifecycle rotten

[HaleCT2]

Would love to see this fixed - Using this module with AAP/ACM, it's frustrating having an Automation Template Job fail at the "logout" task randomly