mirror of
https://github.com/nais/wonderwall.git
synced 2026-05-16 05:16:37 +00:00
chore: remove metadata rollout toggle
This commit is contained in:
Trong Huu Nguyen
@@ -40,9 +40,8 @@ type Loginstatus struct {
|
||||
}
|
||||
|
||||
type Session struct {
|
||||
MaxLifetime time.Duration `json:"max-lifetime"`
|
||||
Refresh bool `json:"refresh"`
|
||||
MetadataRollout bool `json:"metadata-rollout"`
|
||||
MaxLifetime time.Duration `json:"max-lifetime"`
|
||||
Refresh bool `json:"refresh"`
|
||||
}
|
||||
|
||||
const (
|
||||
@@ -58,9 +57,8 @@ const (
|
||||
Ingress = "ingress"
|
||||
UpstreamHost = "upstream-host"
|
||||
|
||||
SessionMaxLifetime = "session.max-lifetime"
|
||||
SessionRefresh = "session.refresh"
|
||||
SessionMetadataRollout = "session.metadata-rollout"
|
||||
SessionMaxLifetime = "session.max-lifetime"
|
||||
SessionRefresh = "session.refresh"
|
||||
|
||||
LoginstatusEnabled = "loginstatus.enabled"
|
||||
LoginstatusCookieDomain = "loginstatus.cookie-domain"
|
||||
@@ -86,7 +84,6 @@ func Initialize() (*Config, error) {
|
||||
|
||||
flag.Duration(SessionMaxLifetime, time.Hour, "Max lifetime for user sessions.")
|
||||
flag.Bool(SessionRefresh, false, "Automatically refresh the tokens for user sessions if they are expired, as long as the session exists (indicated by the session max lifetime).")
|
||||
flag.Bool(SessionMetadataRollout, false, "Feature toggle for metadata rollout.")
|
||||
|
||||
flag.Bool(LoginstatusEnabled, false, "Feature toggle for Loginstatus, a separate service that should provide an opaque token to indicate that a user has been authenticated previously, e.g. by another application in another subdomain.")
|
||||
flag.String(LoginstatusCookieDomain, "", "The domain that the cookie should be set for.")
|
||||
|
||||
@@ -36,12 +36,11 @@ const (
|
||||
)
|
||||
|
||||
type Handler struct {
|
||||
client *openidclient.Client
|
||||
crypter crypto.Crypter
|
||||
openidCfg openidconfig.Config
|
||||
refreshEnabled bool
|
||||
metadataRolloutEnabled bool
|
||||
store Store
|
||||
client *openidclient.Client
|
||||
crypter crypto.Crypter
|
||||
openidCfg openidconfig.Config
|
||||
refreshEnabled bool
|
||||
store Store
|
||||
}
|
||||
|
||||
func NewHandler(cfg *config.Config, openidCfg openidconfig.Config, crypter crypto.Crypter, openidClient *openidclient.Client) (*Handler, error) {
|
||||
@@ -51,12 +50,11 @@ func NewHandler(cfg *config.Config, openidCfg openidconfig.Config, crypter crypt
|
||||
}
|
||||
|
||||
return &Handler{
|
||||
crypter: crypter,
|
||||
client: openidClient,
|
||||
openidCfg: openidCfg,
|
||||
store: store,
|
||||
refreshEnabled: cfg.Session.Refresh,
|
||||
metadataRolloutEnabled: cfg.Session.MetadataRollout,
|
||||
crypter: crypter,
|
||||
client: openidClient,
|
||||
openidCfg: openidCfg,
|
||||
store: store,
|
||||
refreshEnabled: cfg.Session.Refresh,
|
||||
}, nil
|
||||
}
|
||||
|
||||
@@ -139,7 +137,7 @@ func (h *Handler) GetAccessToken(r *http.Request) (string, error) {
|
||||
return "", ErrNoAccessToken
|
||||
}
|
||||
|
||||
if h.metadataRolloutEnabled && sessionData.Metadata.IsExpired() {
|
||||
if sessionData.Metadata.IsExpired() {
|
||||
return "", ErrExpiredAccessToken
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user