From 3d43aefb5c7c9b703ba06ea504c7d1e55743e6cc Mon Sep 17 00:00:00 2001
From: Alex Snaps <alex@wcgw.dev>
Date: Wed, 4 Sep 2024 19:20:50 -0400
Subject: [PATCH] Review feedback

Signed-off-by: Alex Snaps <alex@wcgw.dev>
---
 controllers/auth_config_controller.go     | 49 ++++++++++-------------
 controllers/auth_config_status_updater.go |  5 +++
 2 files changed, 26 insertions(+), 28 deletions(-)

diff --git a/controllers/auth_config_controller.go b/controllers/auth_config_controller.go
index 03e91261..7b32f40c 100644
--- a/controllers/auth_config_controller.go
+++ b/controllers/auth_config_controller.go
@@ -475,8 +475,8 @@ func (r *AuthConfigReconciler) translateAuthConfig(ctx context.Context, authConf
 
 	interfacedResponseConfigs := make([]auth.AuthConfigEvaluator, 0)
 
-	if authConfig.Spec.Response != nil {
-		for responseName, headerResponse := range authConfig.Spec.Response.Success.Headers {
+	if responseConfig := authConfig.Spec.Response; responseConfig != nil {
+		for responseName, headerResponse := range responseConfig.Success.Headers {
 			translatedResponse := evaluators.NewResponseConfig(
 				responseName,
 				headerResponse.Priority,
@@ -486,22 +486,11 @@ func (r *AuthConfigReconciler) translateAuthConfig(ctx context.Context, authConf
 				headerResponse.Metrics,
 			)
 
-			if headerResponse.Cache != nil {
-				ttl := headerResponse.Cache.TTL
-				if ttl == 0 {
-					ttl = api.EvaluatorDefaultCacheTTL
-				}
-				translatedResponse.Cache = evaluators.NewEvaluatorCache(
-					*getJsonFromStaticDynamic(&headerResponse.Cache.Key),
-					ttl,
-				)
-			}
+			injectCache(headerResponse.Cache, translatedResponse)
 			interfacedResponseConfigs = append(interfacedResponseConfigs, translatedResponse)
 		}
-	}
 
-	if authConfig.Spec.Response != nil {
-		for responseName, response := range authConfig.Spec.Response.Success.DynamicMetadata {
+		for responseName, response := range responseConfig.Success.DynamicMetadata {
 			translatedResponse := evaluators.NewResponseConfig(
 				responseName,
 				response.Priority,
@@ -511,16 +500,7 @@ func (r *AuthConfigReconciler) translateAuthConfig(ctx context.Context, authConf
 				response.Metrics,
 			)
 
-			if response.Cache != nil {
-				ttl := response.Cache.TTL
-				if ttl == 0 {
-					ttl = api.EvaluatorDefaultCacheTTL
-				}
-				translatedResponse.Cache = evaluators.NewEvaluatorCache(
-					*getJsonFromStaticDynamic(&response.Cache.Key),
-					ttl,
-				)
-			}
+			injectCache(response.Cache, translatedResponse)
 
 			switch response.GetMethod() {
 			// wristband
@@ -641,11 +621,11 @@ func (r *AuthConfigReconciler) translateAuthConfig(ctx context.Context, authConf
 	}
 
 	// denyWith
-	if authConfig.Spec.Response != nil {
-		if denyWith := authConfig.Spec.Response.Unauthenticated; denyWith != nil {
+	if responseConfig := authConfig.Spec.Response; responseConfig != nil {
+		if denyWith := responseConfig.Unauthenticated; denyWith != nil {
 			translatedAuthConfig.Unauthenticated = buildAuthorinoDenyWithValues(denyWith)
 		}
-		if denyWith := authConfig.Spec.Response.Unauthorized; denyWith != nil {
+		if denyWith := responseConfig.Unauthorized; denyWith != nil {
 			translatedAuthConfig.Unauthorized = buildAuthorinoDenyWithValues(denyWith)
 		}
 	}
@@ -653,6 +633,19 @@ func (r *AuthConfigReconciler) translateAuthConfig(ctx context.Context, authConf
 	return translatedAuthConfig, nil
 }
 
+func injectCache(cache *api.EvaluatorCaching, translatedResponse *evaluators.ResponseConfig) {
+	if cache != nil {
+		ttl := cache.TTL
+		if ttl == 0 {
+			ttl = api.EvaluatorDefaultCacheTTL
+		}
+		translatedResponse.Cache = evaluators.NewEvaluatorCache(
+			*getJsonFromStaticDynamic(&cache.Key),
+			ttl,
+		)
+	}
+}
+
 func (r *AuthConfigReconciler) addToIndex(ctx context.Context, resourceNamespace, resourceId string, authConfig *evaluators.AuthConfig, hosts []string) (linkedHosts, looseHosts []string, err error) {
 	logger := log.FromContext(ctx)
 	linkedHosts = []string{}
diff --git a/controllers/auth_config_status_updater.go b/controllers/auth_config_status_updater.go
index 5793d9bd..d21f499a 100644
--- a/controllers/auth_config_status_updater.go
+++ b/controllers/auth_config_status_updater.go
@@ -218,6 +218,11 @@ func updateStatusSummary(authConfig *api.AuthConfig, newLinkedHosts []string) (c
 
 func issuingWristbands(authConfig *api.AuthConfig) bool {
 	if authConfig.Spec.Response != nil {
+		for _, responseConfig := range authConfig.Spec.Response.Success.Headers {
+			if responseConfig.GetMethod() == api.WristbandAuthResponse {
+				return true
+			}
+		}
 		for _, responseConfig := range authConfig.Spec.Response.Success.DynamicMetadata {
 			if responseConfig.GetMethod() == api.WristbandAuthResponse {
 				return true