From 662697953e8c019153b551a15fa8c4a8d40d0319 Mon Sep 17 00:00:00 2001
From: Piotr Sarnacki <drogus@gmail.com>
Date: Sat, 10 Nov 2012 15:39:48 +0100
Subject: [PATCH] Pass also travis token in /auth/post_message

---
 lib/travis/api/app/endpoint/authorization.rb | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/lib/travis/api/app/endpoint/authorization.rb b/lib/travis/api/app/endpoint/authorization.rb
index 4851749b..047208ba 100644
--- a/lib/travis/api/app/endpoint/authorization.rb
+++ b/lib/travis/api/app/endpoint/authorization.rb
@@ -119,7 +119,9 @@ class Travis::Api::App
         handshake do |user, token, target_origin|
           halt 403, invalid_target(target_origin) unless target_ok? target_origin
           rendered_user = Travis::Api.data(user, version: :v2)
-          post_message(token: token, user: rendered_user, target_origin: target_origin)
+          travis_token  = user.tokens.first
+          post_message(token: token, user: rendered_user, target_origin: target_origin,
+                       travis_token: travis_token ? travis_token.token : nil)
         end
       end
 
@@ -216,6 +218,7 @@ class Travis::Api::App
 
         def post_message(payload)
           content_type :html
+          p [:payload, payload]
           erb(:post_message, locals: payload)
         end
 
@@ -242,5 +245,6 @@ alert('refusing to send a token to <%= target_origin.inspect %>, not whitelisted
 <script>
 var payload = <%= user.to_json %>;
 payload.token = <%= token.inspect %>;
+payload.travis_token = <%= travis_token ? travis_token.inspect : null %>;
 window.parent.postMessage(payload, <%= target_origin.inspect %>);
 </script>