core/authorize: check for expired tokens (#4543)

* core/authorize: check for expired tokens * Update pkg/grpc/session/session.go Co-authored-by: Denis Mishin <dmishin@pomerium.com> * lint * fix zero timestamps * fix --------- Co-authored-by: Denis Mishin <dmishin@pomerium.com>
2025-08-03 16:59:22 +02:00 · 2023-09-15 16:06:13 -06:00 · 2023-09-15 16:06:13 -06:00 · 23ea48815f
commit 23ea48815f
parent e5a7b994b6
7 changed files with 127 additions and 1 deletions
--- a/authorize/grpc.go
+++ b/authorize/grpc.go
@ -55,7 +55,7 @@ func (a *Authorize) Check(ctx context.Context, in *envoy_service_auth_v3.CheckRe
 	if sessionState != nil {
 		s, err = a.getDataBrokerSessionOrServiceAccount(ctx, sessionState.ID, sessionState.DatabrokerRecordVersion)
 		if err != nil {
-			log.Warn(ctx).Err(err).Msg("clearing session due to missing session or service account")
+			log.Warn(ctx).Err(err).Msg("clearing session due to missing or invalid session or service account")
 			sessionState = nil
 		}
 	}