remove unnecessary LRU for internode auth token (#20119)

removes contentious usage of mutexes in LRU, which were never really reused in any manner; we do not need it. To trust hosts, the correct way is TLS certs; this PR completely removes this dependency, which has never been useful. ``` 0 0% 100% 25.83s 26.76% github.com/hashicorp/golang-lru/v2/expirable.(*LRU[...]) 0 0% 100% 28.03s 29.04% github.com/hashicorp/golang-lru/v2/expirable.(*LRU[...]) ``` Bonus: use `x-minio-time` as a nanosecond to avoid unnecessary parsing logic of time strings instead of using a more straightforward mechanism.
2025-11-07 21:02:58 -05:00 · 2024-07-22 00:04:48 -07:00
parent 3ef59d2821
commit 8e618d45fc
17 changed files with 58 additions and 475 deletions
--- a/internal/grid/manager.go
+++ b/internal/grid/manager.go
@@ -245,7 +245,7 @@ func (m *Manager) IncomingConn(ctx context.Context, conn net.Conn) {
 		writeErr(fmt.Errorf("time difference too large between servers: %v", time.Since(cReq.Time).Abs()))
 		return
 	}
-	if err := m.authToken(cReq.Token, cReq.audience()); err != nil {
+	if err := m.authToken(cReq.Token); err != nil {
 		writeErr(fmt.Errorf("auth token: %w", err))
 		return
 	}
@@ -257,10 +257,10 @@ func (m *Manager) IncomingConn(ctx context.Context, conn net.Conn) {
 }

 // AuthFn should provide an authentication string for the given aud.
-type AuthFn func(aud string) string
+type AuthFn func() string

 // ValidateAuthFn should check authentication for the given aud.
-type ValidateAuthFn func(auth, aud string) string
+type ValidateAuthFn func(auth string) string

 // Connection will return the connection for the specified host.
 // If the host does not exist nil will be returned.