Tbt/auth refactor#1243
Conversation
TBThomas56
force-pushed
the
tbt/auth-refactor
branch
from
773d22f to
cc6d711
Compare
… code flow with pkce method
TBThomas56
force-pushed
the
tbt/auth-refactor
branch
2 times, most recently
from
0258b3e to
65f2c33
Compare
TBThomas56
force-pushed
the
tbt/auth-refactor
branch
from
65f2c33 to
68706c8
Compare
TBThomas56
force-pushed
the
tbt/auth-refactor
branch
from
68706c8 to
5b28caf
Compare
TBThomas56
force-pushed
the
tbt/auth-refactor
branch
from
1473874 to
bdbe114
Compare
…d and staging when this gets back to something that works, this should be changed back to latest
|
|
||
| /// Axum middleware that extracts `State<Arc<S>>` and delegates to [`inject_token_with`]. | ||
| /// Use this when the store is shared application state (e.g. auth-daemon's RouterState). | ||
| pub async fn inject_token<S>( |
There was a problem hiding this comment.
Commenting as I go along, so haven't go to where these are used:
do both of these need to be public?
There was a problem hiding this comment.
Yes. This has slightly different usecases where one is used by auth-daemon (inject_token) and oidc-bff(inject_token_with)
There was a problem hiding this comment.
added more clear docstrings to show this
| Utc::now() | ||
| } | ||
| }; | ||
| if expires_at_utc < Utc::now() { |
There was a problem hiding this comment.
What is the intentional behavior here when expire_at is None?
Suppose the following:
expires_at_utc is set to Utc::now().
The OS puts the process to sleep for a few seconds.
It wakes up and continues and performs the expires_at_utc < Utc::now() check?
Does this do the correct thing?
| @@ -0,0 +1,28 @@ | |||
| {{/* | |||
There was a problem hiding this comment.
check this is compatible with 793eed2
I think there is some mixing of the old way of dealing with secrets with the new way.
I don't know if a rebase is needed?
2 participants
No description provided.