diff --git a/cmd/task/main.go b/cmd/task/main.go
index df676d67049ca2cecf4813efd396664e889278c4..70904007cf6575dc8603fcf937231749b7ab07d4 100644
--- a/cmd/task/main.go
+++ b/cmd/task/main.go
@@ -77,11 +77,13 @@ func main() {
httpClient := httpClient()
- // create an HTTP Client which uses an authentication token
- // Create an HTTP Client which uses an authentication token.
- // The token will auto-refresh as necessary.
- oauthCtx := context.WithValue(context.Background(), oauth2.HTTPClient, httpClient)
- oauthClient := newOAuth2Client(oauthCtx, cfg.OAuth.ClientID, cfg.OAuth.ClientSecret, cfg.OAuth.TokenURL)
+ oauthClient := httpClient
+ if cfg.Auth.Enabled {
+ // Create an HTTP Client which automatically issues and carries an OAuth2 token.
+ // The token will auto-refresh when its expiration is near.
+ oauthCtx := context.WithValue(context.Background(), oauth2.HTTPClient, httpClient)
+ oauthClient = newOAuth2Client(oauthCtx, cfg.OAuth.ClientID, cfg.OAuth.ClientSecret, cfg.OAuth.TokenURL)
+ }
// create policy client
policy := policy.New(cfg.Policy.Addr, oauthClient)
diff --git a/internal/config/config.go b/internal/config/config.go
index 99d5411505111dcd6f25f21d372504a1203a22e3..baf99e58046ea65d99026f45a731999db4414c6f 100644
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -25,7 +25,7 @@ type httpConfig struct {
}
type authConfig struct {
- Enabled bool `envconfig:"AUTH_ENABLED" default:"true"`
+ Enabled bool `envconfig:"AUTH_ENABLED" default:"false"`
JwkURL string `envconfig:"AUTH_JWK_URL"`
RefreshInterval time.Duration `envconfig:"AUTH_REFRESH_INTERVAL" default:"1h"`
}
@@ -60,7 +60,7 @@ type metricsConfig struct {
}
type oauthConfig struct {
- ClientID string `envconfig:"OAUTH_CLIENT_ID" required:"true"`
- ClientSecret string `envconfig:"OAUTH_CLIENT_SECRET" required:"true"`
- TokenURL string `envconfig:"OAUTH_TOKEN_URL" required:"true"`
+ ClientID string `envconfig:"OAUTH_CLIENT_ID"`
+ ClientSecret string `envconfig:"OAUTH_CLIENT_SECRET"`
+ TokenURL string `envconfig:"OAUTH_TOKEN_URL"`
}