clone request for jwt too; reset token inside mutex
This commit is contained in:
marco
parent
f5e7eecb6d
commit
3c936dfa70
2 changed files with 9 additions and 7 deletions
|
|
@ -134,8 +134,10 @@ func (t *JWTTransport) needsTokenRefresh() bool {
|
|||
return t.Token == "" || t.Expiration.Add(-time.Minute).Before(time.Now().UTC())
|
||||
}
|
||||
|
||||
// prepareRequest adds the necessary headers to authenticate the request.
|
||||
func (t *JWTTransport) prepareRequest(req *http.Request) error {
|
||||
// prepareRequest returns a copy of the request with the necessary authentication headers.
|
||||
func (t *JWTTransport) prepareRequest(req *http.Request) (*http.Request, error) {
|
||||
req = cloneRequest(req)
|
||||
|
||||
// In a few occasions several goroutines will execute refreshJwtToken concurrently which is useless
|
||||
// and will cause overload on CAPI. We use a mutex to avoid this.
|
||||
t.refreshTokenMutex.Lock()
|
||||
|
|
@ -145,7 +147,7 @@ func (t *JWTTransport) prepareRequest(req *http.Request) error {
|
|||
// and it leads to do 2 requests instead of one (refresh + actual login request).
|
||||
if req.URL.Path != "/"+t.VersionPrefix+"/watchers/login" && t.needsTokenRefresh() {
|
||||
if err := t.refreshJwtToken(); err != nil {
|
||||
return err
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -155,12 +157,13 @@ func (t *JWTTransport) prepareRequest(req *http.Request) error {
|
|||
|
||||
req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", t.Token))
|
||||
|
||||
return nil
|
||||
return req, nil
|
||||
}
|
||||
|
||||
// RoundTrip implements the RoundTripper interface.
|
||||
func (t *JWTTransport) RoundTrip(req *http.Request) (*http.Response, error) {
|
||||
if err := t.prepareRequest(req); err != nil {
|
||||
req, err := t.prepareRequest(req)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
|
|
@ -179,7 +182,7 @@ func (t *JWTTransport) RoundTrip(req *http.Request) (*http.Response, error) {
|
|||
|
||||
if err != nil {
|
||||
// we had an error (network error for example, or 401 because token is refused), reset the token?
|
||||
t.Token = ""
|
||||
t.ResetToken()
|
||||
|
||||
return resp, fmt.Errorf("performing jwt auth: %w", err)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -539,7 +539,6 @@ func createAlertForDecision(decision *models.Decision) *models.Alert {
|
|||
scenario = *decision.Scenario
|
||||
scope = types.ListOrigin
|
||||
default:
|
||||
// XXX: this or nil?
|
||||
scenario = ""
|
||||
scope = ""
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue