get rid of global config variable

cherry-pick b0dd328
tgerakitis · Feb 3, 2022 · 976876f · 976876f
1 parent 39539aa
commit 976876f
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 29 deletions.
diff --git a/cmd/main.go b/cmd/main.go
@@ -1,27 +1,28 @@
 package main
 
 import (
+	"fmt"
+	"net/http"
+	"os"
+	"time"
+
+	"github.com/gorilla/sessions"
+	k8s "k8s.io/client-go/kubernetes"
+
 	"github.com/mesosphere/traefik-forward-auth/internal/api/storage/v1alpha1"
 	"github.com/mesosphere/traefik-forward-auth/internal/authentication"
 	"github.com/mesosphere/traefik-forward-auth/internal/configuration"
 	"github.com/mesosphere/traefik-forward-auth/internal/handlers"
 	kubernetes "github.com/mesosphere/traefik-forward-auth/internal/kubernetes"
+	logger "github.com/mesosphere/traefik-forward-auth/internal/log"
 	"github.com/mesosphere/traefik-forward-auth/internal/storage"
 	"github.com/mesosphere/traefik-forward-auth/internal/storage/cluster"
-	"net/http"
-	"os"
-	"time"
-	"fmt"
-
-	"github.com/gorilla/sessions"
-	logger "github.com/mesosphere/traefik-forward-auth/internal/log"
-	k8s "k8s.io/client-go/kubernetes"
 )
 
 // Main
 func main() {
 	// Parse options
-	config, err := configuration.NewGlobalConfig(os.Args[1:])
+	config, err := configuration.NewConfig(os.Args[1:])
 	if err != nil {
 		fmt.Printf("%+v\n", err)
 		os.Exit(1)

diff --git a/internal/authentication/auth.go b/internal/authentication/auth.go
@@ -19,7 +19,7 @@ type Authenticator struct {
 }
 
 func NewAuthenticator(config *configuration.Config) *Authenticator {
-	cookieMaxAge := int(config.Lifetime / time.Second)
+	cookieMaxAge := config.CookieMaxAge()
 	hashKey := []byte(config.SecretString)
 	blockKey := []byte(config.EncryptionKeyString)
 
@@ -102,7 +102,7 @@ func (a *Authenticator) useAuthDomain(r *http.Request) (bool, string) {
 
 // MakeIDCookie creates an auth cookie
 func (a *Authenticator) MakeIDCookie(r *http.Request, email string, token string) *http.Cookie {
-	expires := a.cookieExpiry()
+	expires := a.config.CookieExpiry()
 	data := &ID{
 		Email: email,
 		Token: token,
@@ -126,7 +126,7 @@ func (a *Authenticator) MakeIDCookie(r *http.Request, email string, token string
 
 // MakeNameCookie creates a name cookie
 func (a *Authenticator) MakeNameCookie(r *http.Request, name string) *http.Cookie {
-	expires := a.cookieExpiry()
+	expires := a.config.CookieExpiry()
 
 	return &http.Cookie{
 		Name:     a.config.UserCookieName,
@@ -148,7 +148,7 @@ func (a *Authenticator) MakeCSRFCookie(r *http.Request, nonce string) *http.Cook
 		Domain:   a.csrfCookieDomain(r),
 		HttpOnly: true,
 		Secure:   !a.config.InsecureCookie,
-		Expires:  a.cookieExpiry(),
+		Expires:  a.config.CookieExpiry(),
 	}
 }
 
@@ -240,11 +240,6 @@ func (a *Authenticator) matchCookieDomains(domain string) (bool, string) {
 	return false, p[0]
 }
 
-// Get cookie expirary
-func (a *Authenticator) cookieExpiry() time.Time {
-	return time.Now().Local().Add(a.config.Lifetime)
-}
-
 // Utility methods
 
 // getRequestSchemeHost returns scheme://host part of the request

diff --git a/internal/configuration/config.go b/internal/configuration/config.go
@@ -24,9 +24,7 @@ import (
 )
 
 var (
-	// TODO(jr): Get rid of the global config object
-	config *Config
-	log    logrus.FieldLogger
+	log logrus.FieldLogger
 )
 
 // Config holds app configuration
@@ -79,13 +77,6 @@ type Config struct {
 	ServiceAccountToken string
 }
 
-func NewGlobalConfig(args []string) (*Config, error) {
-	var err error
-	config, err = NewConfig(args)
-
-	return config, err
-}
-
 // NewConfig loads config from provided args or uses os.Args if nil
 func NewConfig(args []string) (*Config, error) {
 	if args == nil && len(os.Args) > 0 {
@@ -260,6 +251,16 @@ func (c *Config) LoadOIDCProviderConfiguration() error {
 	return nil
 }
 
+// CookieExpiry returns the cookie expiration time (Now() + configured Lifetime)
+func (c Config) CookieExpiry() time.Time {
+	return time.Now().Local().Add(c.Lifetime)
+}
+
+// CookieMaxAge returns number of seconds to cookie expiration (configured Lifetime converted to seconds)
+func (c Config) CookieMaxAge() int {
+	return int(c.Lifetime / time.Second)
+}
+
 func (c Config) String() string {
 	jsonConf, _ := json.Marshal(c)
 	return string(jsonConf)

diff --git a/internal/handlers/server.go b/internal/handlers/server.go
@@ -369,7 +369,6 @@ func (s *Server) AuthCallbackHandler() http.HandlerFunc {
 			logger.Errorf("failed to get groups claim from the ID token (GroupsAttributeName: %s)", s.config.GroupsAttributeName)
 		}
 
-		logger.Printf("creating claims session with groups: %v", groups)
 		if err := s.userinfo.Save(r, w, &v1alpha1.UserInfo{
 			Username: name.(string),
 			Email:    email.(string),