rocky-linux/peridot
4
0
Fork 0
mirror of https://github.com/rocky-linux/peridot.git synced 2025-01-02 23:30:56 +00:00
Code Issues Projects Releases Activity

Merge pull request #186 from mstg/fix-lookaside

Browse source 
Fix authentication for machine clients
This commit is contained in:
resf-prow[bot] 2024-04-25 14:46:39 +00:00 committed by GitHub
commit 65b877b7e5
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
utils/interceptors.go
View file

@ -92,7 +92,7 @@ func checkAuth(ctx context.Context, hydraSDK *client.APIClient, hydraAdmin *clie
if err != nil { if err != nil {
return ctx, err return ctx, err
} }
if *userInfo.Sub == "" && hydraAdmin != nil { if userInfo.GetSub() == "" && hydraAdmin != nil {
introspect, _, err := hydraAdmin.OAuth2API.IntrospectOAuth2Token(ctx).Token(authToken[1]).Execute() introspect, _, err := hydraAdmin.OAuth2API.IntrospectOAuth2Token(ctx).Token(authToken[1]).Execute()
if err != nil { if err != nil {
logrus.Errorf("error introspecting token: %s", err) logrus.Errorf("error introspecting token: %s", err)
@ -104,7 +104,7 @@ func checkAuth(ctx context.Context, hydraSDK *client.APIClient, hydraAdmin *clie
newEmail := fmt.Sprintf("%s@%s", *introspect.Sub, "serviceaccount.resf.org") newEmail := fmt.Sprintf("%s@%s", *introspect.Sub, "serviceaccount.resf.org")
userInfo.Email = &newEmail userInfo.Email = &newEmail
} }
if *userInfo.Sub == "" { if userInfo.GetSub() == "" {
return ctx, status.Errorf(codes.Unauthenticated, "invalid authorization token") return ctx, status.Errorf(codes.Unauthenticated, "invalid authorization token")
} }