Various OIDC related fixes.

canonical · Apr 10, 2024 · 0a8fa50 · 0a8fa50
1 parent 4941068
commit 0a8fa50
Show file tree

Hide file tree

Showing 3 changed files with 1 addition and 9 deletions.
diff --git a/docker-compose.yaml b/docker-compose.yaml
@@ -21,11 +21,6 @@ services:
       interval: 10s
       timeout: 5s
       retries: 3
-    labels:
-      traefik.enable: true
-      traefik.http.routers.traefik.rule: Host(`127.0.0.1`)
-      traefik.http.routers.traefik.entrypoints: websecure
-      traefik.http.routers.traefik.tls: true
 
   jimm:
     image: cosmtrek/air:latest

diff --git a/internal/auth/oauth2.go b/internal/auth/oauth2.go
@@ -359,7 +359,7 @@ func VerifySessionToken(token string, secretKey string) (jwt.Token, error) {
 	parsedToken, err := jwt.Parse(decodedToken, jwt.WithKey(jwa.HS256, []byte(secretKey)))
 	if err != nil {
 		if stderrors.Is(err, jwt.ErrTokenExpired()) {
-			return nil, errors.E(op, "JIMM session token expired")
+			return nil, errors.E(op, errors.CodeUnauthorized, "JIMM session token expired")
 		}
 		return nil, errors.E(op, err)
 	}

diff --git a/local/traefik/traefik.yaml b/local/traefik/traefik.yaml
@@ -46,9 +46,6 @@ tls:
   certificates:
     - certFile: /certs/server.crt
       keyFile: /certs/server.key
-  default:
-    keyFile: /certs/server.key
-    certFile: /certs/server.crt
 # when troubleshooting certs, enable this so traefik doesn't use
 # its own self-signed. By default if it can't find a matching
 # cert, it'll just create its own which will cause cert warnings