scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-01 19:17:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Core handling of TTLs (#4230)

Browse Source 
* govet cleanup in token store

* adding general ttl handling to login requests

* consolidating TTL calculation to system view

* deprecate LeaseExtend

* deprecate LeaseExtend

* set the increment to the correct value

* move calculateTTL out of SystemView

* remove unused value

* add back clearing of lease id

* implement core ttl in some backends

* removing increment and issue time from lease options

* adding ttl tests, fixing some compile issue

* adding ttl tests

* fixing some explicit max TTL logic

* fixing up some tests

* removing unneeded test

* off by one errors...

* adding back some logic for bc

* adding period to return on renewal

* tweaking max ttl capping slightly

* use the appropriate precision for ttl calculation

* deprecate proto fields instead of delete

* addressing feedback

* moving TTL handling for backends to core

* mongo is a secret backend not auth

* adding estimated ttl for backends that also manage the expiration time

* set the estimate values before calling the renew request

* moving calculate TTL to framework, revert removal of increment and issue time from logical

* minor edits

* addressing feedback

* address more feedback
This commit is contained in:
Chris Hoffman
2018-04-03 12:20:20 -04:00
committed by GitHub
parent fcdb4bcd29
commit 6e3520658f
50 changed files with 589 additions and 763 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
builtin/credential/github/path_login.go
View File

@@ -67,7 +67,7 @@ func (b *backend) pathLogin(ctx context.Context, req *logical.Request, data *fra
return nil, err
}
ttl, _, err := b.SanitizeTTLStr(config.TTL.String(), config.MaxTTL.String())
ttl, maxTTL, err := b.SanitizeTTLStr(config.TTL.String(), config.MaxTTL.String())
if err != nil {
return logical.ErrorResponse(fmt.Sprintf("error sanitizing TTLs: %s", err)), nil
}
@@ -85,6 +85,7 @@ func (b *backend) pathLogin(ctx context.Context, req *logical.Request, data *fra
DisplayName: *verifyResp.User.Login,
LeaseOptions: logical.LeaseOptions{
TTL: ttl,
MaxTTL: maxTTL,
Renewable: true,
},
Alias: &logical.Alias{
@@ -133,10 +134,9 @@ func (b *backend) pathLoginRenew(ctx context.Context, req *logical.Request, d *f
return nil, err
}
resp, err := framework.LeaseExtend(config.TTL, config.MaxTTL, b.System())(ctx, req, d)
if err != nil {
return nil, err
}
resp := &logical.Response{Auth: req.Auth}
resp.Auth.TTL = config.TTL
resp.Auth.MaxTTL = config.MaxTTL
// Remove old aliases
resp.Auth.GroupAliases = nil