diff --git a/internal/configs/version2/__snapshots__/templates_test.snap b/internal/configs/version2/__snapshots__/templates_test.snap index 3b4f1dad8b..5afb2d21d1 100644 --- a/internal/configs/version2/__snapshots__/templates_test.snap +++ b/internal/configs/version2/__snapshots__/templates_test.snap @@ -1234,7 +1234,6 @@ upstream vs_default_cafe_coffee { keepalive 16; } -proxy_cache_path /var/cache/nginx/jwks_uri_cafe levels=1 keys_zone=jwks_uri_cafe:1m max_size=10m; server { listen 80; @@ -1256,8 +1255,6 @@ server { internal; proxy_method GET; proxy_set_header Content-Length ""; - proxy_cache jwks_uri_cafe; - proxy_cache_valid 200 12h; proxy_ssl_server_name on; proxy_ssl_name sni.idp.spec.example.com; proxy_pass_request_headers off; @@ -1270,8 +1267,6 @@ server { internal; proxy_method GET; proxy_set_header Content-Length ""; - proxy_cache jwks_uri_cafe; - proxy_cache_valid 200 12h; proxy_ssl_server_name on; proxy_ssl_name sni.idp.spec.example.com; proxy_pass_request_headers off; @@ -1362,7 +1357,6 @@ upstream vs_default_cafe_coffee { keepalive 16; } -proxy_cache_path /var/cache/nginx/jwks_uri_cafe levels=1 keys_zone=jwks_uri_cafe:1m max_size=10m; server { listen 80; @@ -1384,8 +1378,6 @@ server { internal; proxy_method GET; proxy_set_header Content-Length ""; - proxy_cache jwks_uri_cafe; - proxy_cache_valid 200 12h; proxy_pass_request_headers off; proxy_pass_request_body off; proxy_set_header Host idp.spec.example.com; @@ -1396,8 +1388,6 @@ server { internal; proxy_method GET; proxy_set_header Content-Length ""; - proxy_cache jwks_uri_cafe; - proxy_cache_valid 200 12h; proxy_pass_request_headers off; proxy_pass_request_body off; proxy_set_header Host idp.route.example.com; diff --git a/internal/configs/version2/nginx-plus.virtualserver.tmpl b/internal/configs/version2/nginx-plus.virtualserver.tmpl index b9a097bc4e..8765a6f4d8 100644 --- a/internal/configs/version2/nginx-plus.virtualserver.tmpl +++ b/internal/configs/version2/nginx-plus.virtualserver.tmpl @@ -115,10 +115,6 @@ map $request_method $cache_purge_{{ replaceAll $l.Cache.ZoneName "-" "_" }} { {{- end }} {{- end }} -{{- with $s.JWKSAuthEnabled }} -proxy_cache_path /var/cache/nginx/jwks_uri_{{$s.VSName}} levels=1 keys_zone=jwks_uri_{{$s.VSName}}:1m max_size=10m; -{{- end }} - {{- if and $s.OIDC $s.OIDC.PKCEEnable }} include oidc/oidc_pkce_supplements.conf; {{- end }} @@ -290,10 +286,6 @@ server { internal; proxy_method GET; proxy_set_header Content-Length ""; - {{- if .KeyCache }} - proxy_cache jwks_uri_{{ $s.VSName }}; - proxy_cache_valid 200 12h; - {{- end }} {{- with .JwksURI }} {{- if .JwksSNIEnabled }} proxy_ssl_server_name on; diff --git a/internal/configs/version2/templates_test.go b/internal/configs/version2/templates_test.go index d81455d032..41cbc9a24b 100644 --- a/internal/configs/version2/templates_test.go +++ b/internal/configs/version2/templates_test.go @@ -731,12 +731,6 @@ func TestExecuteVirtualServerTemplateWithJWKSWithToken(t *testing.T) { if !bytes.Contains(got, []byte("token=$http_token")) { t.Error("want `token=$http_token` in generated template") } - if !bytes.Contains(got, []byte("proxy_cache jwks_uri_")) { - t.Error("want `proxy_cache` in generated template") - } - if !bytes.Contains(got, []byte("proxy_cache_valid 200 12h;")) { - t.Error("want `proxy_cache_valid 200 12h;` in generated template") - } if !bytes.Contains(got, []byte("proxy_ssl_server_name on;")) { t.Error("want `proxy_ssl_server_name on;` in generated template") @@ -760,12 +754,6 @@ func TestExecuteVirtualServerTemplateWithJWKSWithoutToken(t *testing.T) { if bytes.Contains(got, []byte("token=$http_token")) { t.Error("want no `token=$http_token` string in generated template") } - if !bytes.Contains(got, []byte("proxy_cache jwks_uri_")) { - t.Error("want `proxy_cache` in generated template") - } - if !bytes.Contains(got, []byte("proxy_cache_valid 200 12h;")) { - t.Error("want `proxy_cache_valid 200 12h;` in generated template") - } snaps.MatchSnapshot(t, string(got)) t.Log(string(got)) }