add ability to issue tokens with no expiry
This commit is contained in:
juancwu
parent
1d17fe5577
commit
de907d83cb
5 changed files with 76 additions and 9 deletions
|
|
@ -18,6 +18,8 @@ type RevocationStore interface {
|
|||
// Revoke marks tokenID as revoked. The until parameter is the
|
||||
// token's natural expiry — implementations may discard the entry
|
||||
// after that time, since expired tokens fail validation anyway.
|
||||
// A zero until indicates the token never expires; the entry must
|
||||
// be retained indefinitely.
|
||||
Revoke(ctx context.Context, tokenID string, until time.Time) error
|
||||
}
|
||||
|
||||
|
|
@ -46,7 +48,7 @@ func (m *MemoryRevocationStore) IsRevoked(_ context.Context, tokenID string) (bo
|
|||
if !ok {
|
||||
return false, nil
|
||||
}
|
||||
if !m.now().Before(until) {
|
||||
if !until.IsZero() && !m.now().Before(until) {
|
||||
// Past expiry — would fail validation regardless. Treat as not revoked.
|
||||
return false, nil
|
||||
}
|
||||
|
|
@ -69,6 +71,9 @@ func (m *MemoryRevocationStore) Cleanup() int {
|
|||
now := m.now()
|
||||
removed := 0
|
||||
for id, until := range m.revoked {
|
||||
if until.IsZero() {
|
||||
continue
|
||||
}
|
||||
if !now.Before(until) {
|
||||
delete(m.revoked, id)
|
||||
removed++
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue