From 9d4034fbf623c51943fc89cfc4025b22922e08c6 Mon Sep 17 00:00:00 2001
From: Mariano Cano <mariano@smallstep.com>
Date: Wed, 6 Mar 2019 17:37:08 -0800
Subject: [PATCH] Remove unused code.

---
 authority/provisioner/jwt.go | 18 ------------------
 1 file changed, 18 deletions(-)

diff --git a/authority/provisioner/jwt.go b/authority/provisioner/jwt.go
index 43d0998a..e4c75dbc 100644
--- a/authority/provisioner/jwt.go
+++ b/authority/provisioner/jwt.go
@@ -81,15 +81,6 @@ func (p *JWT) Authorize(token string) ([]SignOption, error) {
 		return nil, errors.Wrapf(err, "invalid token")
 	}
 
-	// Do not accept tokens issued before the start of the ca.
-	// This check is meant as a stopgap solution to the current lack of a persistence layer.
-	// if a.config.AuthorityConfig != nil && !a.config.AuthorityConfig.DisableIssuedAtCheck {
-	// 	if claims.IssuedAt > 0 && claims.IssuedAt.Time().Before(a.startTime) {
-	// 		return nil, &apiError{errors.New("token issued before the bootstrap of certificate authority"),
-	// 			http.StatusUnauthorized, errContext}
-	// 	}
-	// }
-
 	// if !matchesAudience(claims.Audience, a.audiences) {
 	// 	return nil, &apiError{errors.New("authorize: token audience invalid"), http.StatusUnauthorized,
 	// 		errContext}
@@ -120,15 +111,6 @@ func (p *JWT) Authorize(token string) ([]SignOption, error) {
 		newValidityValidator(p.Claims.MinTLSCertDuration(), p.Claims.MaxTLSCertDuration()),
 	}
 
-	// Store the token to protect against reuse.
-	// if _, ok := a.ottMap.LoadOrStore(claims.ID, &idUsed{
-	// 	UsedAt:  time.Now().Unix(),
-	// 	Subject: claims.Subject,
-	// }); ok {
-	// 	return nil, &apiError{errors.Errorf("token already used"), http.StatusUnauthorized,
-	// 		errContext}
-	// }
-
 	return signOps, nil
 }