Beispiel #1
0
func (items RDBItems) watch(ctx context.Context, sess *r.Session, lock sync.RWMutex, table r.Term) {
	go pkg.Retry(time.Second*15, time.Minute, func() error {
		changes, err := table.Changes().Run(sess)
		if err != nil {
			pkg.LogError(errors.New(err))
			return errors.New(err)
		}
		defer changes.Close()

		var update = map[string]*RdbSchema{}
		for changes.Next(&update) {
			newVal := update["new_val"]
			oldVal := update["old_val"]
			lock.Lock()
			if newVal == nil && oldVal != nil {
				delete(items, oldVal.ID)
			} else if newVal != nil && oldVal != nil {
				delete(items, oldVal.ID)
				items[newVal.ID] = newVal
			} else {
				items[newVal.ID] = newVal
			}
			lock.Unlock()
		}

		if changes.Err() != nil {
			err = errors.New(changes.Err())
			pkg.LogError(err)
			return err
		}

		return nil
	})
}
Beispiel #2
0
func (m *RethinkManager) Watch(ctx context.Context) {
	go pkg.Retry(time.Second*15, time.Minute, func() error {
		clients, err := m.Table.Changes().Run(m.Session)
		if err != nil {
			return errors.New(err)
		}
		defer clients.Close()

		var update map[string]*fosite.DefaultClient
		for clients.Next(&update) {
			newVal := update["new_val"]
			oldVal := update["old_val"]
			m.Lock()
			if newVal == nil && oldVal != nil {
				delete(m.Clients, oldVal.GetID())
			} else if newVal != nil && oldVal != nil {
				delete(m.Clients, oldVal.GetID())
				m.Clients[newVal.GetID()] = newVal
			} else {
				m.Clients[newVal.GetID()] = newVal
			}
			m.Unlock()
		}

		if clients.Err() != nil {
			err = errors.New(clients.Err())
			pkg.LogError(err)
			return err
		}
		return nil
	})
}
Beispiel #3
0
func (m *RethinkManager) Watch(ctx context.Context) {
	go pkg.Retry(time.Second*15, time.Minute, func() error {
		connections, err := m.Table.Changes().Run(m.Session)
		if err != nil {
			return errors.New(err)
		}
		defer connections.Close()

		var update map[string]*rethinkSchema
		for connections.Next(&update) {
			newVal := update["new_val"]
			oldVal := update["old_val"]
			m.Lock()
			if newVal == nil && oldVal != nil {
				m.watcherRemove(oldVal)
			} else if newVal != nil && oldVal != nil {
				m.watcherRemove(oldVal)
				m.watcherInsert(newVal)
			} else {
				m.watcherInsert(newVal)
			}
			m.Unlock()
		}

		if connections.Err() != nil {
			err = errors.New(connections.Err())
			pkg.LogError(err)
			return err
		}
		return nil
	})
}
Beispiel #4
0
func (m *RethinkManager) watcherInsert(val *rethinkSchema) {
	var c jose.JsonWebKey
	key, err := m.Cipher.Decrypt(val.Key)
	if err != nil {
		pkg.LogError(errors.New(err))
		return
	}

	if err := json.Unmarshal(key, &c); err != nil {
		pkg.LogError(errors.New(err))
		return
	}

	keys := m.Keys[val.Set]
	keys.Keys = append(keys.Keys, c)
	m.Keys[val.Set] = keys
}
Beispiel #5
0
func (o *Handler) AuthHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
	var ctx = fosite.NewContext()

	authorizeRequest, err := o.OAuth2.NewAuthorizeRequest(ctx, r)
	if err != nil {
		pkg.LogError(err)
		o.writeAuthorizeError(w, authorizeRequest, err)
		return
	}

	// A session_token will be available if the user was authenticated an gave consent
	consentToken := authorizeRequest.GetRequestForm().Get("consent")
	if consentToken == "" {
		// otherwise redirect to log in endpoint
		if err := o.redirectToConsent(w, r, authorizeRequest); err != nil {
			pkg.LogError(err)
			o.writeAuthorizeError(w, authorizeRequest, err)
			return
		}
		return
	}

	// decode consent_token claims
	// verify anti-CSRF (inject state) and anti-replay token (expiry time, good value would be 10 seconds)
	session, err := o.Consent.ValidateResponse(authorizeRequest, consentToken)
	if err != nil {
		pkg.LogError(err)
		o.writeAuthorizeError(w, authorizeRequest, errors.New(fosite.ErrAccessDenied))
		return
	}

	// done
	response, err := o.OAuth2.NewAuthorizeResponse(ctx, r, authorizeRequest, session)
	if err != nil {
		pkg.LogError(err)
		o.writeAuthorizeError(w, authorizeRequest, err)
		return
	}

	o.OAuth2.WriteAuthorizeResponse(w, authorizeRequest, response)
}
Beispiel #6
0
func (o *Handler) TokenHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
	var session Session
	var ctx = fosite.NewContext()

	accessRequest, err := o.OAuth2.NewAccessRequest(ctx, r, &session)
	if err != nil {
		pkg.LogError(err)
		o.OAuth2.WriteAccessError(w, accessRequest, err)
		return
	}

	if accessRequest.GetGrantTypes().Exact("client_credentials") {
		session.Subject = accessRequest.GetClient().GetID()
	}

	accessResponse, err := o.OAuth2.NewAccessResponse(ctx, r, accessRequest)
	if err != nil {
		pkg.LogError(err)
		o.OAuth2.WriteAccessError(w, accessRequest, err)
		return
	}

	o.OAuth2.WriteAccessResponse(w, accessRequest, accessResponse)
}
Beispiel #7
0
func requestFromRDB(s *RdbSchema, proto interface{}) (*fosite.Request, error) {
	if proto != nil {
		if err := json.Unmarshal(s.Session, proto); err != nil {
			pkg.LogError(errors.New(err))
			return nil, errors.New(err)
		}
	}

	d := new(fosite.Request)
	d.RequestedAt = s.RequestedAt
	d.Client = s.Client
	d.Scopes = s.Scopes
	d.GrantedScopes = s.GrantedScopes
	d.Form = s.Form
	d.Session = proto
	return d, nil
}
Beispiel #8
0
func (s *FositeRehinkDBStore) publishInsert(table r.Term, id string, requester fosite.Requester) error {
	sess, err := json.Marshal(requester.GetSession())
	if err != nil {
		pkg.LogError(errors.New(err))
		return errors.New(err)
	}

	if _, err := table.Insert(&RdbSchema{
		ID:            id,
		RequestedAt:   requester.GetRequestedAt(),
		Client:        requester.GetClient().(*fosite.DefaultClient),
		Scopes:        requester.GetScopes(),
		GrantedScopes: requester.GetGrantedScopes(),
		Form:          requester.GetRequestForm(),
		Session:       sess,
	}).RunWrite(s.Session); err != nil {
		return errors.New(err)
	}
	return nil
}