mirror of
https://git.sr.ht/~sircmpwn/core-go
synced 2024-10-07 16:48:33 +02:00
webhooks: skip webhooks with expired credentials
The documentation states [1]: > When the original authentication method becomes invalid (such as the > expiration of or revocation of an OAuth 2.0 bearer token), the > webhook is disabled. However, this is currently not the case. Expired webhooks are indeed filtered out in virtually all GraphQL queries (by means of core-go's FilterWebhooks [2]), so users cannot see or delete them. They are _not_ filtered out upon scheduling, however. This commit fixes that. The symptoms of this are that active webhooks may simply not be run - if a user has both an expired and a valid, active webhook for some event, the scheduling will retrieve both, fail on the expired one, and stop processing, without any feedback to the user who scheduled the hooks. This is a problem across all services, so core-go seems like the best place to fix this. [1]: https://man.sr.ht/graphql.md#webhook-authentication [2]: https://git.sr.ht/~sircmpwn/core-go/tree/master/item/webhooks/config.go#L74,81
This commit is contained in:
parent
d2ad494f23
commit
cd87849358
1 changed files with 3 additions and 1 deletions
|
@ -152,7 +152,9 @@ func (queue *WebhookQueue) fetchSubscriptions(ctx context.Context,
|
|||
&sub.NodeID); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
subs = append(subs, &sub)
|
||||
if sub.Expires.After(time.Now()) {
|
||||
subs = append(subs, &sub)
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
|
|
Loading…
Reference in a new issue