authorize: allow missing user for authorization (#3421)

2025-08-03 08:50:42 +02:00 · 2022-06-14 05:44:34 -06:00 · 2022-06-14 05:44:34 -06:00 · 15e3b3a431
commit 15e3b3a431
parent ebbb6a7ff2
1 changed files with 2 additions and 6 deletions
--- a/authorize/grpc.go
+++ b/authorize/grpc.go
@ -61,16 +61,12 @@ func (a *Authorize) Check(ctx context.Context, in *envoy_service_auth_v3.CheckRe
 	if sessionState != nil {
 		s, err = a.getDataBrokerSessionOrServiceAccount(ctx, sessionState.ID)
 		if err != nil {
-			log.Warn(ctx).Err(err).Msg("clearing session due to force sync failed")
+			log.Warn(ctx).Err(err).Msg("clearing session due to missing session or service account")
 			sessionState = nil
 		}
 	}
 	if s != nil {
-		u, err = a.getDataBrokerUser(ctx, s.GetUserId())
-		if err != nil {
-			log.Warn(ctx).Err(err).Msg("clearing session due to force sync failed")
-			sessionState = nil
-		}
+		u, _ = a.getDataBrokerUser(ctx, s.GetUserId()) // ignore any missing user error
 	}

 	req, err := a.getEvaluatorRequestFromCheckRequest(in, sessionState)