add expiration from OIDC token to machine

This commit is contained in:
Even Holthe 2022-12-15 01:10:26 +01:00 committed by Kristoffer Dalby
parent 4e2c4f92d3
commit 7157e14aff
3 changed files with 9 additions and 1 deletions

View file

@ -176,6 +176,7 @@ func (api headscaleV1APIServer) RegisterMachine(
machine, err := api.h.RegisterMachineFromAuthCallback( machine, err := api.h.RegisterMachineFromAuthCallback(
request.GetKey(), request.GetKey(),
request.GetNamespace(), request.GetNamespace(),
nil,
RegisterMethodCLI, RegisterMethodCLI,
) )
if err != nil { if err != nil {

View file

@ -852,6 +852,7 @@ func getTags(
func (h *Headscale) RegisterMachineFromAuthCallback( func (h *Headscale) RegisterMachineFromAuthCallback(
nodeKeyStr string, nodeKeyStr string,
namespaceName string, namespaceName string,
machineExpiry *time.Time,
registrationMethod string, registrationMethod string,
) (*Machine, error) { ) (*Machine, error) {
nodeKey := key.NodePublic{} nodeKey := key.NodePublic{}
@ -885,6 +886,10 @@ func (h *Headscale) RegisterMachineFromAuthCallback(
registrationMachine.NamespaceID = namespace.ID registrationMachine.NamespaceID = namespace.ID
registrationMachine.RegisterMethod = registrationMethod registrationMachine.RegisterMethod = registrationMethod
if machineExpiry != nil {
registrationMachine.Expiry = machineExpiry
}
machine, err := h.RegisterMachine( machine, err := h.RegisterMachine(
registrationMachine, registrationMachine,
) )

View file

@ -236,7 +236,7 @@ func (h *Headscale) OIDCCallback(
return return
} }
if err := h.registerMachineForOIDCCallback(writer, namespace, nodeKey); err != nil { if err := h.registerMachineForOIDCCallback(writer, namespace, nodeKey, idToken.Expiry); err != nil {
return return
} }
@ -679,10 +679,12 @@ func (h *Headscale) registerMachineForOIDCCallback(
writer http.ResponseWriter, writer http.ResponseWriter,
namespace *Namespace, namespace *Namespace,
nodeKey *key.NodePublic, nodeKey *key.NodePublic,
expiry time.Time,
) error { ) error {
if _, err := h.RegisterMachineFromAuthCallback( if _, err := h.RegisterMachineFromAuthCallback(
nodeKey.String(), nodeKey.String(),
namespace.Name, namespace.Name,
&expiry,
RegisterMethodOIDC, RegisterMethodOIDC,
); err != nil { ); err != nil {
log.Error(). log.Error().