Cache /userinfo for a bit

author: Leonardo Bishop <me@leonardobishop.net> 2026-01-16 18:45:03 +0000
committer: Leonardo Bishop <me@leonardobishop.net> 2026-01-16 18:45:03 +0000
commit: eddd55bc5dcfe36d8a56645d4b7e2e49429a933c (patch)
tree: 3eaf75f72225004980e99bc4a848a0cf5f942090 /pkg/auth
parent: e6cbb8415490524034561102b6c9f03e92e4dae7 (diff)
1 files changed, 9 insertions, 1 deletions
diff --git a/pkg/auth/oidc.go b/pkg/auth/oidc.go
index 674332e..e8afdd3 100644
--- a/pkg/auth/oidc.go
+++ b/pkg/auth/oidc.go
@@ -137,9 +137,16 @@ func (p *OIDCAuthProvider) CompleteJourney(ctx context.Context, authCode string,
 }
 
 func (p *OIDCAuthProvider) UpdateUserInfo(ctx context.Context, session *session.UserSession) error {
+	session.UserInfoMutex.Lock()
+	defer session.UserInfoMutex.Unlock()
+
+	if session.TeamID != "" && session.TeamName != "" && session.UserInfoExpires.Unix() > time.Now().Unix() {
+		return nil
+	}
+
 	userInfo, err := p.oidcProvider.UserInfo(ctx, session.OAuthTokenSource)
 	if err != nil {
-		return ErrInvalidToken
+		return err
 	}
 
 	var claims struct {
@@ -157,6 +164,7 @@ func (p *OIDCAuthProvider) UpdateUserInfo(ctx context.Context, session *session.
 	session.Name = claims.Name
 	session.TeamID = claims.TeamID
 	session.TeamName = claims.TeamName
+	session.UserInfoExpires = time.Now().Add(1 * time.Minute)
 
 	return nil
 }
author	Leonardo Bishop <me@leonardobishop.net>	2026-01-16 18:45:03 +0000
committer	Leonardo Bishop <me@leonardobishop.net>	2026-01-16 18:45:03 +0000
commit	eddd55bc5dcfe36d8a56645d4b7e2e49429a933c (patch)
tree	3eaf75f72225004980e99bc4a848a0cf5f942090 /pkg/auth
parent	e6cbb8415490524034561102b6c9f03e92e4dae7 (diff)