Remove http.Client creation by embedding it in authenticators

ory · Nov 22, 2021 · d057b58 · d057b58
1 parent fd06009
commit d057b58
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 4 deletions.
diff --git a/pipeline/authn/authenticator_bearer_token.go b/pipeline/authn/authenticator_bearer_token.go
@@ -36,11 +36,18 @@ type AuthenticatorBearerTokenConfiguration struct {
 
 type AuthenticatorBearerToken struct {
 	c configuration.Provider
+	h *http.Client
 }
 
 func NewAuthenticatorBearerToken(c configuration.Provider) *AuthenticatorBearerToken {
 	return &AuthenticatorBearerToken{
 		c: c,
+		h: &http.Client{
+			Transport:     helper.NewRoundTripper(),
+			CheckRedirect: http.DefaultClient.CheckRedirect,
+			Jar:           http.DefaultClient.Jar,
+			Timeout:       http.DefaultClient.Timeout,
+		},
 	}
 }
 
@@ -85,7 +92,7 @@ func (a *AuthenticatorBearerToken) Authenticate(r *http.Request, session *Authen
 		return errors.WithStack(ErrAuthenticatorNotResponsible)
 	}
 
-	body, err := forwardRequestToSessionStore(r, cf.CheckSessionURL, cf.PreserveQuery, cf.PreservePath, cf.PreserveHost, cf.SetHeaders)
+	body, err := forwardRequestToSessionStore(r, a.h, cf.CheckSessionURL, cf.PreserveQuery, cf.PreservePath, cf.PreserveHost, cf.SetHeaders)
 	if err != nil {
 		return err
 	}

diff --git a/pipeline/authn/authenticator_cookie_session.go b/pipeline/authn/authenticator_cookie_session.go
@@ -40,11 +40,18 @@ type AuthenticatorCookieSessionConfiguration struct {
 
 type AuthenticatorCookieSession struct {
 	c configuration.Provider
+	h *http.Client
 }
 
 func NewAuthenticatorCookieSession(c configuration.Provider) *AuthenticatorCookieSession {
 	return &AuthenticatorCookieSession{
 		c: c,
+		h: &http.Client{
+			Transport:     helper.NewRoundTripper(),
+			CheckRedirect: http.DefaultClient.CheckRedirect,
+			Jar:           http.DefaultClient.Jar,
+			Timeout:       http.DefaultClient.Timeout,
+		},
 	}
 }
 
@@ -88,7 +95,7 @@ func (a *AuthenticatorCookieSession) Authenticate(r *http.Request, session *Auth
 		return errors.WithStack(ErrAuthenticatorNotResponsible)
 	}
 
-	body, err := forwardRequestToSessionStore(r, cf.CheckSessionURL, cf.PreserveQuery, cf.PreservePath, cf.PreserveHost, cf.SetHeaders)
+	body, err := forwardRequestToSessionStore(r, a.h, cf.CheckSessionURL, cf.PreserveQuery, cf.PreservePath, cf.PreserveHost, cf.SetHeaders)
 	if err != nil {
 		return err
 	}
@@ -128,7 +135,7 @@ func cookieSessionResponsible(r *http.Request, only []string) bool {
 	return false
 }
 
-func forwardRequestToSessionStore(r *http.Request, checkSessionURL string, preserveQuery bool, preservePath bool, preserveHost bool, setHeaders map[string]string) (json.RawMessage, error) {
+func forwardRequestToSessionStore(r *http.Request, httpClient *http.Client, checkSessionURL string, preserveQuery bool, preservePath bool, preserveHost bool, setHeaders map[string]string) (json.RawMessage, error) {
 	reqUrl, err := url.Parse(checkSessionURL)
 	if err != nil {
 		return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("Unable to parse session check URL: %s", err))
@@ -176,7 +183,7 @@ func forwardRequestToSessionStore(r *http.Request, checkSessionURL string, prese
 		}
 		req.URL = reqUrl
 	}
-	res, err := (&http.Client{Transport: helper.NewRoundTripper()}).Do(req.WithContext(r.Context()))
+	res, err := httpClient.Do(req.WithContext(r.Context()))
 	if err != nil {
 		return nil, helper.ErrForbidden.WithReason(err.Error()).WithTrace(err)
 	}