Remove sync.Once for Wire configuration validation

2026-01-27 18:18:30 +00:00 · 2024-01-17 12:35:16 +01:00
parent f221232a80
commit f150a4f850
3 changed files with 8 additions and 17 deletions
--- a/authority/provisioner/wire/dpop_options.go
+++ b/authority/provisioner/wire/dpop_options.go
@@ -10,7 +10,7 @@ import (
 )

 type DPOPOptions struct {
-	// Public part of the  signing key for DPoP access token
+	// Public part of the  signing key for DPoP access token in PEM format
 	SigningKey []byte `json:"key"`
 	// URI template for the URI the ACME client must call to fetch the DPoP challenge proof (an access token from wire-server)
 	Target string `json:"target"`
--- a/authority/provisioner/wire/oidc_options.go
+++ b/authority/provisioner/wire/oidc_options.go
@@ -24,8 +24,10 @@ type Provider struct {
 }

 type Config struct {
-	ClientID                   string           `json:"clientId,omitempty"`
-	SignatureAlgorithms        []string         `json:"signatureAlgorithms,omitempty"`
+	ClientID            string   `json:"clientId,omitempty"`
+	SignatureAlgorithms []string `json:"signatureAlgorithms,omitempty"`
+
+	// the properties below are only used for testing
 	SkipClientIDCheck          bool             `json:"-"`
 	SkipExpiryCheck            bool             `json:"-"`
 	SkipIssuerCheck            bool             `json:"-"`
--- a/authority/provisioner/wire/wire_options.go
+++ b/authority/provisioner/wire/wire_options.go
@@ -3,16 +3,12 @@ package wire
 import (
 	"errors"
 	"fmt"
-	"sync"
 )

 // Options holds the Wire ACME extension options
 type Options struct {
 	OIDC *OIDCOptions `json:"oidc,omitempty"`
 	DPOP *DPOPOptions `json:"dpop,omitempty"`
-
-	validateOnce  sync.Once
-	validationErr error
 }

 // GetOIDCOptions returns the OIDC options.
@@ -31,17 +27,10 @@ func (o *Options) GetDPOPOptions() *DPOPOptions {
 	return o.DPOP
 }

+// Validate validates and initializes the Wire OIDC and DPoP options.
+//
+// TODO(hs): find a good way to perform this only once.
 func (o *Options) Validate() error {
-	o.validateOnce.Do(
-		func() {
-			o.validationErr = validate(o)
-		},
-	)
-
-	return o.validationErr
-}
-
-func validate(o *Options) error {
 	if oidc := o.GetOIDCOptions(); oidc != nil {
 		if err := oidc.validateAndInitialize(); err != nil {
 			return fmt.Errorf("failed initializing OIDC options: %w", err)