mbiryukova/certificates
1
0
Fork 0
forked from TrueCloudLab/certificates
Code Pull requests Activity

Remove unused code.

Browse source
This commit is contained in:
Mariano Cano 2019-03-06 17:37:08 -08:00
parent 6d395f3818
commit 9d4034fbf6
1 changed files with 0 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
authority/provisioner/jwt.go
View file

@ -81,15 +81,6 @@ func (p *JWT) Authorize(token string) ([]SignOption, error) {
return nil, errors.Wrapf(err, "invalid token")
}
// Do not accept tokens issued before the start of the ca.
// This check is meant as a stopgap solution to the current lack of a persistence layer.
// if a.config.AuthorityConfig != nil && !a.config.AuthorityConfig.DisableIssuedAtCheck {
// if claims.IssuedAt > 0 && claims.IssuedAt.Time().Before(a.startTime) {
// return nil, &apiError{errors.New("token issued before the bootstrap of certificate authority"),
// http.StatusUnauthorized, errContext}
// }
// }
// if !matchesAudience(claims.Audience, a.audiences) {
// return nil, &apiError{errors.New("authorize: token audience invalid"), http.StatusUnauthorized,
// errContext}
@ -120,15 +111,6 @@ func (p *JWT) Authorize(token string) ([]SignOption, error) {
newValidityValidator(p.Claims.MinTLSCertDuration(), p.Claims.MaxTLSCertDuration()),
}
// Store the token to protect against reuse.
// if _, ok := a.ottMap.LoadOrStore(claims.ID, &idUsed{
// UsedAt: time.Now().Unix(),
// Subject: claims.Subject,
// }); ok {
// return nil, &apiError{errors.Errorf("token already used"), http.StatusUnauthorized,
// errContext}
// }
return signOps, nil
}