From 61ebb713f298564db76c43ef14046ed5d0b597ab Mon Sep 17 00:00:00 2001
From: Adrien Raffin-Caboisse <adrien.raffin@sekoia.fr>
Date: Fri, 18 Mar 2022 09:32:07 +0100
Subject: [PATCH] fix(oidc): Reset expiry for reauthentication

The previous code resetted the expiry time to be expired.  So the machine was never reauthenticated
---
 oidc.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/oidc.go b/oidc.go
index 29ce351f..65e2807f 100644
--- a/oidc.go
+++ b/oidc.go
@@ -10,6 +10,7 @@ import (
 	"html/template"
 	"net/http"
 	"strings"
+	"time"
 
 	"github.com/coreos/go-oidc/v3/oidc"
 	"github.com/gin-gonic/gin"
@@ -229,7 +230,7 @@ func (h *Headscale) OIDCCallback(ctx *gin.Context) {
 			Str("machine", machine.Name).
 			Msg("machine already registered, reauthenticating")
 
-		h.RefreshMachine(machine, *machine.Expiry)
+		h.RefreshMachine(machine, time.Time{})
 
 		var content bytes.Buffer
 		if err := oidcCallbackTemplate.Execute(&content, oidcCallbackTemplateConfig{