diff --git a/go/pkg/credshelper/credshelper.go b/go/pkg/credshelper/credshelper.go index fd64fd03b..9289da6e9 100644 --- a/go/pkg/credshelper/credshelper.go +++ b/go/pkg/credshelper/credshelper.go @@ -76,7 +76,6 @@ func (r *reusableCmd) Digest() digest.Digest { // Credentials provides auth functionalities using an external credentials helper type Credentials struct { - refreshExp time.Time tokenSource *grpcOauth.TokenSource credsHelperCmd *reusableCmd } @@ -100,14 +99,6 @@ func (c *Credentials) TokenSource() *grpcOauth.TokenSource { return c.tokenSource } -// RefreshStatus checks refresh expiry of credentials in case a manual refresh is required. -func (c *Credentials) RefreshStatus() error { - if !c.refreshExp.IsZero() && c.refreshExp.Before(nowFn()) { - return fmt.Errorf("credentials cannot be refreshed automatically, manual re-authentication required") - } - return nil -} - // Token retrieves an oauth2 token from the external tokensource. func (ts *externalTokenSource) Token() (*oauth2.Token, error) { if ts == nil { @@ -157,7 +148,6 @@ func NewExternalCredentials(credshelper string, credshelperArgs []string) (*Cred } c := &Credentials{ credsHelperCmd: credsHelperCmd, - refreshExp: credsOut.rexp, } baseTS := &externalTokenSource{ credsHelperCmd: credsHelperCmd, @@ -202,10 +192,9 @@ func runCredsHelperCmd(credsHelperCmd *reusableCmd) (*credshelperOutput, error) // JSONOut is the struct to record the json output from the credshelper. type JSONOut struct { - Token string `json:"token"` - Headers map[string]string `json:"headers"` - Expiry string `json:"expiry"` - RefreshExpiry string `json:"refresh_expiry"` + Token string `json:"token"` + Headers map[string]string `json:"headers"` + Expiry string `json:"expiry"` } func parseTokenExpiryFromOutput(out string) (*credshelperOutput, error) { @@ -226,13 +215,6 @@ func parseTokenExpiryFromOutput(out string) (*credshelperOutput, error) { } credsOut.tk.Expiry = expiry } - if jsonOut.RefreshExpiry != "" { - rexpiry, err := time.Parse(time.UnixDate, jsonOut.RefreshExpiry) - if err != nil { - return nil, fmt.Errorf("invalid refresh expiry format: %v (Expected time.UnixDate format)", jsonOut.RefreshExpiry) - } - credsOut.rexp = rexpiry - } return credsOut, nil } diff --git a/go/pkg/credshelper/credshelper_test.go b/go/pkg/credshelper/credshelper_test.go index 7f3ec143d..e521aa28e 100644 --- a/go/pkg/credshelper/credshelper_test.go +++ b/go/pkg/credshelper/credshelper_test.go @@ -25,7 +25,7 @@ func TestExternalToken(t *testing.T) { if err != nil { t.Fatalf("Unable to create temporary file: %v", err) } - chJSON := fmt.Sprintf(`{"headers":{"hdr":"val"},"token":"%v","expiry":"%s","refresh_expiry":""}`, tk, exp) + chJSON := fmt.Sprintf(`{"headers":{"hdr":"val"},"token":"%v","expiry":"%s"}`, tk, exp) if _, err := tf.Write([]byte(chJSON)); err != nil { t.Fatalf("Unable to write to file %v: %v", tf.Name(), err) } @@ -37,7 +37,7 @@ func TestExternalToken(t *testing.T) { } } else { credshelper = "echo" - credshelperArgs = []string{fmt.Sprintf(`{"headers":{"hdr":"val"},"token":"%v","expiry":"%s","refresh_expiry":""}`, tk, exp)} + credshelperArgs = []string{fmt.Sprintf(`{"headers":{"hdr":"val"},"token":"%v","expiry":"%s"}`, tk, exp)} } credsHelperCmd := newReusableCmd(credshelper, credshelperArgs) @@ -104,7 +104,7 @@ func writeTokenFile(t *testing.T, path, token string, expiry time.Time) { t.Fatalf("Unable to open file %v: %v", path, err) } defer f.Close() - chJSON := fmt.Sprintf(`{"headers":{"hdr":"val"},"token":"%v","expiry":"%s","refresh_expiry":""}`, token, expiry.Format(time.UnixDate)) + chJSON := fmt.Sprintf(`{"headers":{"hdr":"val"},"token":"%v","expiry":"%s"}`, token, expiry.Format(time.UnixDate)) if _, err := f.Write([]byte(chJSON)); err != nil { t.Fatalf("Unable to write to file %v: %v", f.Name(), err) } @@ -122,26 +122,22 @@ func TestNewExternalCredentials(t *testing.T) { credshelperOut string }{{ name: "No Headers", - credshelperOut: fmt.Sprintf(`{"token":"%v","expiry":"","refresh_expiry":""}`, testToken), + credshelperOut: fmt.Sprintf(`{"token":"%v","expiry":""}`, testToken), }, { name: "No Token", wantErr: true, - credshelperOut: `{"headers":{"hdr":"val"},"token":"","expiry":"","refresh_expiry":""}`, + credshelperOut: `{"headers":{"hdr":"val"},"token":"","expiry":""}`, }, { name: "Credshelper Command Passed - No Expiry", - credshelperOut: fmt.Sprintf(`{"headers":{"hdr":"val"},"token":"%v","expiry":"","refresh_expiry":""}`, testToken), + credshelperOut: fmt.Sprintf(`{"headers":{"hdr":"val"},"token":"%v","expiry":""}`, testToken), }, { name: "Credshelper Command Passed - Expiry", checkExp: true, - credshelperOut: fmt.Sprintf(`{"headers":{"hdr":"val"},"token":"%v","expiry":"%v","refresh_expiry":""}`, testToken, unixExp), - }, { - name: "Credshelper Command Passed - Refresh Expiry", - checkExp: true, - credshelperOut: fmt.Sprintf(`{"headers":{"hdr":"val"},"token":"%v","expiry":"%v","refresh_expiry":"%v"}`, testToken, unixExp, unixExp), + credshelperOut: fmt.Sprintf(`{"headers":{"hdr":"val"},"token":"%v","expiry":"%v"}`, testToken, unixExp), }, { name: "Wrong Expiry Format", wantErr: true, - credshelperOut: fmt.Sprintf(`{"headers":{"hdr":"val"},"token":"%v","expiry":"%v", "refresh_expiry":"%v"}`, testToken, expStr, expStr), + credshelperOut: fmt.Sprintf(`{"headers":{"hdr":"val"},"token":"%v","expiry":"%v"}`, testToken, expStr, expStr), }} for _, test := range tests { t.Run(test.name, func(t *testing.T) { @@ -282,21 +278,6 @@ func TestGetRequestMetadata(t *testing.T) { } } -func TestRefreshStatus(t *testing.T) { - c := Credentials{refreshExp: time.Time{}} - if err := c.RefreshStatus(); err != nil { - t.Errorf("RefreshStatus returned an error when refreshExpiry is zero") - } - c.refreshExp = time.Now().Add(time.Hour) - if err := c.RefreshStatus(); err != nil { - t.Errorf("RefreshStatus returned an error when refreshExpiry has not passed") - } - c.refreshExp = time.Now().Add(-time.Hour) - if err := c.RefreshStatus(); err == nil { - t.Errorf("RefreshStatus did not return an error when refreshExpiry when it has passed") - } -} - func TestReusableCmd(t *testing.T) { binary := "echo" args := []string{"hello"}