mirror of
https://github.com/juanfont/headscale.git
synced 2024-11-29 18:33:05 +00:00
add expiration from OIDC token to machine
This commit is contained in:
parent
4e2c4f92d3
commit
7157e14aff
3 changed files with 9 additions and 1 deletions
|
@ -176,6 +176,7 @@ func (api headscaleV1APIServer) RegisterMachine(
|
||||||
machine, err := api.h.RegisterMachineFromAuthCallback(
|
machine, err := api.h.RegisterMachineFromAuthCallback(
|
||||||
request.GetKey(),
|
request.GetKey(),
|
||||||
request.GetNamespace(),
|
request.GetNamespace(),
|
||||||
|
nil,
|
||||||
RegisterMethodCLI,
|
RegisterMethodCLI,
|
||||||
)
|
)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
@ -852,6 +852,7 @@ func getTags(
|
||||||
func (h *Headscale) RegisterMachineFromAuthCallback(
|
func (h *Headscale) RegisterMachineFromAuthCallback(
|
||||||
nodeKeyStr string,
|
nodeKeyStr string,
|
||||||
namespaceName string,
|
namespaceName string,
|
||||||
|
machineExpiry *time.Time,
|
||||||
registrationMethod string,
|
registrationMethod string,
|
||||||
) (*Machine, error) {
|
) (*Machine, error) {
|
||||||
nodeKey := key.NodePublic{}
|
nodeKey := key.NodePublic{}
|
||||||
|
@ -885,6 +886,10 @@ func (h *Headscale) RegisterMachineFromAuthCallback(
|
||||||
registrationMachine.NamespaceID = namespace.ID
|
registrationMachine.NamespaceID = namespace.ID
|
||||||
registrationMachine.RegisterMethod = registrationMethod
|
registrationMachine.RegisterMethod = registrationMethod
|
||||||
|
|
||||||
|
if machineExpiry != nil {
|
||||||
|
registrationMachine.Expiry = machineExpiry
|
||||||
|
}
|
||||||
|
|
||||||
machine, err := h.RegisterMachine(
|
machine, err := h.RegisterMachine(
|
||||||
registrationMachine,
|
registrationMachine,
|
||||||
)
|
)
|
||||||
|
|
4
oidc.go
4
oidc.go
|
@ -236,7 +236,7 @@ func (h *Headscale) OIDCCallback(
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := h.registerMachineForOIDCCallback(writer, namespace, nodeKey); err != nil {
|
if err := h.registerMachineForOIDCCallback(writer, namespace, nodeKey, idToken.Expiry); err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -679,10 +679,12 @@ func (h *Headscale) registerMachineForOIDCCallback(
|
||||||
writer http.ResponseWriter,
|
writer http.ResponseWriter,
|
||||||
namespace *Namespace,
|
namespace *Namespace,
|
||||||
nodeKey *key.NodePublic,
|
nodeKey *key.NodePublic,
|
||||||
|
expiry time.Time,
|
||||||
) error {
|
) error {
|
||||||
if _, err := h.RegisterMachineFromAuthCallback(
|
if _, err := h.RegisterMachineFromAuthCallback(
|
||||||
nodeKey.String(),
|
nodeKey.String(),
|
||||||
namespace.Name,
|
namespace.Name,
|
||||||
|
&expiry,
|
||||||
RegisterMethodOIDC,
|
RegisterMethodOIDC,
|
||||||
); err != nil {
|
); err != nil {
|
||||||
log.Error().
|
log.Error().
|
||||||
|
|
Loading…
Reference in a new issue