mirror of https://github.com/dexidp/dex.git
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
754 lines
23 KiB
754 lines
23 KiB
package etcd |
|
|
|
import ( |
|
"context" |
|
"encoding/json" |
|
"fmt" |
|
"log/slog" |
|
"strings" |
|
"time" |
|
|
|
clientv3 "go.etcd.io/etcd/client/v3" |
|
|
|
"github.com/dexidp/dex/storage" |
|
) |
|
|
|
const ( |
|
clientPrefix = "client/" |
|
authCodePrefix = "auth_code/" |
|
refreshTokenPrefix = "refresh_token/" |
|
authRequestPrefix = "auth_req/" |
|
passwordPrefix = "password/" |
|
offlineSessionPrefix = "offline_session/" |
|
connectorPrefix = "connector/" |
|
keysName = "openid-connect-keys" |
|
deviceRequestPrefix = "device_req/" |
|
deviceTokenPrefix = "device_token/" |
|
userIdentityPrefix = "user_identity/" |
|
authSessionPrefix = "auth_session/" |
|
|
|
// defaultStorageTimeout will be applied to all storage's operations. |
|
defaultStorageTimeout = 5 * time.Second |
|
) |
|
|
|
var _ storage.Storage = (*conn)(nil) |
|
|
|
type conn struct { |
|
db *clientv3.Client |
|
logger *slog.Logger |
|
} |
|
|
|
func (c *conn) Close() error { |
|
return c.db.Close() |
|
} |
|
|
|
func (c *conn) GarbageCollect(ctx context.Context, now time.Time) (result storage.GCResult, err error) { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
authRequests, err := c.listAuthRequests(ctx) |
|
if err != nil { |
|
return result, err |
|
} |
|
|
|
var delErr error |
|
for _, authRequest := range authRequests { |
|
if now.After(authRequest.Expiry) { |
|
if err := c.deleteKey(ctx, keyID(authRequestPrefix, authRequest.ID)); err != nil { |
|
c.logger.Error("failed to delete auth request", "err", err) |
|
delErr = fmt.Errorf("failed to delete auth request: %v", err) |
|
} |
|
result.AuthRequests++ |
|
} |
|
} |
|
if delErr != nil { |
|
return result, delErr |
|
} |
|
|
|
authCodes, err := c.listAuthCodes(ctx) |
|
if err != nil { |
|
return result, err |
|
} |
|
|
|
for _, authCode := range authCodes { |
|
if now.After(authCode.Expiry) { |
|
if err := c.deleteKey(ctx, keyID(authCodePrefix, authCode.ID)); err != nil { |
|
c.logger.Error("failed to delete auth code", "err", err) |
|
delErr = fmt.Errorf("failed to delete auth code: %v", err) |
|
} |
|
result.AuthCodes++ |
|
} |
|
} |
|
|
|
deviceRequests, err := c.listDeviceRequests(ctx) |
|
if err != nil { |
|
return result, err |
|
} |
|
|
|
for _, deviceRequest := range deviceRequests { |
|
if now.After(deviceRequest.Expiry) { |
|
if err := c.deleteKey(ctx, keyID(deviceRequestPrefix, deviceRequest.UserCode)); err != nil { |
|
c.logger.Error("failed to delete device request", "err", err) |
|
delErr = fmt.Errorf("failed to delete device request: %v", err) |
|
} |
|
result.DeviceRequests++ |
|
} |
|
} |
|
|
|
deviceTokens, err := c.listDeviceTokens(ctx) |
|
if err != nil { |
|
return result, err |
|
} |
|
|
|
for _, deviceToken := range deviceTokens { |
|
if now.After(deviceToken.Expiry) { |
|
if err := c.deleteKey(ctx, keyID(deviceTokenPrefix, deviceToken.DeviceCode)); err != nil { |
|
c.logger.Error("failed to delete device token", "err", err) |
|
delErr = fmt.Errorf("failed to delete device token: %v", err) |
|
} |
|
result.DeviceTokens++ |
|
} |
|
} |
|
return result, delErr |
|
} |
|
|
|
func (c *conn) CreateAuthRequest(ctx context.Context, a storage.AuthRequest) error { |
|
return c.txnCreate(ctx, keyID(authRequestPrefix, a.ID), fromStorageAuthRequest(a)) |
|
} |
|
|
|
func (c *conn) GetAuthRequest(ctx context.Context, id string) (a storage.AuthRequest, err error) { |
|
// TODO: Add this to other funcs?? |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
var req AuthRequest |
|
if err = c.getKey(ctx, keyID(authRequestPrefix, id), &req); err != nil { |
|
return |
|
} |
|
return toStorageAuthRequest(req), nil |
|
} |
|
|
|
func (c *conn) UpdateAuthRequest(ctx context.Context, id string, updater func(a storage.AuthRequest) (storage.AuthRequest, error)) error { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
return c.txnUpdate(ctx, keyID(authRequestPrefix, id), func(currentValue []byte) ([]byte, error) { |
|
var current AuthRequest |
|
if len(currentValue) > 0 { |
|
if err := json.Unmarshal(currentValue, ¤t); err != nil { |
|
return nil, err |
|
} |
|
} |
|
updated, err := updater(toStorageAuthRequest(current)) |
|
if err != nil { |
|
return nil, err |
|
} |
|
return json.Marshal(fromStorageAuthRequest(updated)) |
|
}) |
|
} |
|
|
|
func (c *conn) DeleteAuthRequest(ctx context.Context, id string) error { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
return c.deleteKey(ctx, keyID(authRequestPrefix, id)) |
|
} |
|
|
|
func (c *conn) CreateAuthCode(ctx context.Context, a storage.AuthCode) error { |
|
return c.txnCreate(ctx, keyID(authCodePrefix, a.ID), fromStorageAuthCode(a)) |
|
} |
|
|
|
func (c *conn) GetAuthCode(ctx context.Context, id string) (a storage.AuthCode, err error) { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
var ac AuthCode |
|
err = c.getKey(ctx, keyID(authCodePrefix, id), &ac) |
|
if err == nil { |
|
a = toStorageAuthCode(ac) |
|
} |
|
return a, err |
|
} |
|
|
|
func (c *conn) DeleteAuthCode(ctx context.Context, id string) error { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
return c.deleteKey(ctx, keyID(authCodePrefix, id)) |
|
} |
|
|
|
func (c *conn) CreateRefresh(ctx context.Context, r storage.RefreshToken) error { |
|
return c.txnCreate(ctx, keyID(refreshTokenPrefix, r.ID), fromStorageRefreshToken(r)) |
|
} |
|
|
|
func (c *conn) GetRefresh(ctx context.Context, id string) (r storage.RefreshToken, err error) { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
var token RefreshToken |
|
if err = c.getKey(ctx, keyID(refreshTokenPrefix, id), &token); err != nil { |
|
return |
|
} |
|
return toStorageRefreshToken(token), nil |
|
} |
|
|
|
func (c *conn) UpdateRefreshToken(ctx context.Context, id string, updater func(old storage.RefreshToken) (storage.RefreshToken, error)) error { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
return c.txnUpdate(ctx, keyID(refreshTokenPrefix, id), func(currentValue []byte) ([]byte, error) { |
|
var current RefreshToken |
|
if len(currentValue) > 0 { |
|
if err := json.Unmarshal(currentValue, ¤t); err != nil { |
|
return nil, err |
|
} |
|
} |
|
updated, err := updater(toStorageRefreshToken(current)) |
|
if err != nil { |
|
return nil, err |
|
} |
|
return json.Marshal(fromStorageRefreshToken(updated)) |
|
}) |
|
} |
|
|
|
func (c *conn) DeleteRefresh(ctx context.Context, id string) error { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
return c.deleteKey(ctx, keyID(refreshTokenPrefix, id)) |
|
} |
|
|
|
func (c *conn) ListRefreshTokens(ctx context.Context) (tokens []storage.RefreshToken, err error) { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
res, err := c.db.Get(ctx, refreshTokenPrefix, clientv3.WithPrefix()) |
|
if err != nil { |
|
return tokens, err |
|
} |
|
for _, v := range res.Kvs { |
|
var token RefreshToken |
|
if err = json.Unmarshal(v.Value, &token); err != nil { |
|
return tokens, err |
|
} |
|
tokens = append(tokens, toStorageRefreshToken(token)) |
|
} |
|
return tokens, nil |
|
} |
|
|
|
func (c *conn) CreateClient(ctx context.Context, cli storage.Client) error { |
|
return c.txnCreate(ctx, keyID(clientPrefix, cli.ID), cli) |
|
} |
|
|
|
func (c *conn) GetClient(ctx context.Context, id string) (cli storage.Client, err error) { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
err = c.getKey(ctx, keyID(clientPrefix, id), &cli) |
|
return cli, err |
|
} |
|
|
|
func (c *conn) UpdateClient(ctx context.Context, id string, updater func(old storage.Client) (storage.Client, error)) error { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
return c.txnUpdate(ctx, keyID(clientPrefix, id), func(currentValue []byte) ([]byte, error) { |
|
var current storage.Client |
|
if len(currentValue) > 0 { |
|
if err := json.Unmarshal(currentValue, ¤t); err != nil { |
|
return nil, err |
|
} |
|
} |
|
updated, err := updater(current) |
|
if err != nil { |
|
return nil, err |
|
} |
|
return json.Marshal(updated) |
|
}) |
|
} |
|
|
|
func (c *conn) DeleteClient(ctx context.Context, id string) error { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
return c.deleteKey(ctx, keyID(clientPrefix, id)) |
|
} |
|
|
|
func (c *conn) ListClients(ctx context.Context) (clients []storage.Client, err error) { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
res, err := c.db.Get(ctx, clientPrefix, clientv3.WithPrefix()) |
|
if err != nil { |
|
return clients, err |
|
} |
|
for _, v := range res.Kvs { |
|
var cli storage.Client |
|
if err = json.Unmarshal(v.Value, &cli); err != nil { |
|
return clients, err |
|
} |
|
clients = append(clients, cli) |
|
} |
|
return clients, nil |
|
} |
|
|
|
func (c *conn) CreatePassword(ctx context.Context, p storage.Password) error { |
|
return c.txnCreate(ctx, passwordPrefix+strings.ToLower(p.Email), p) |
|
} |
|
|
|
func (c *conn) GetPassword(ctx context.Context, email string) (p storage.Password, err error) { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
err = c.getKey(ctx, keyEmail(passwordPrefix, email), &p) |
|
return p, err |
|
} |
|
|
|
func (c *conn) UpdatePassword(ctx context.Context, email string, updater func(p storage.Password) (storage.Password, error)) error { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
return c.txnUpdate(ctx, keyEmail(passwordPrefix, email), func(currentValue []byte) ([]byte, error) { |
|
var current storage.Password |
|
if len(currentValue) > 0 { |
|
if err := json.Unmarshal(currentValue, ¤t); err != nil { |
|
return nil, err |
|
} |
|
} |
|
updated, err := updater(current) |
|
if err != nil { |
|
return nil, err |
|
} |
|
return json.Marshal(updated) |
|
}) |
|
} |
|
|
|
func (c *conn) DeletePassword(ctx context.Context, email string) error { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
return c.deleteKey(ctx, keyEmail(passwordPrefix, email)) |
|
} |
|
|
|
func (c *conn) ListPasswords(ctx context.Context) (passwords []storage.Password, err error) { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
res, err := c.db.Get(ctx, passwordPrefix, clientv3.WithPrefix()) |
|
if err != nil { |
|
return passwords, err |
|
} |
|
for _, v := range res.Kvs { |
|
var p storage.Password |
|
if err = json.Unmarshal(v.Value, &p); err != nil { |
|
return passwords, err |
|
} |
|
passwords = append(passwords, p) |
|
} |
|
return passwords, nil |
|
} |
|
|
|
func (c *conn) CreateOfflineSessions(ctx context.Context, s storage.OfflineSessions) error { |
|
return c.txnCreate(ctx, keySession(s.UserID, s.ConnID), fromStorageOfflineSessions(s)) |
|
} |
|
|
|
func (c *conn) UpdateOfflineSessions(ctx context.Context, userID string, connID string, updater func(s storage.OfflineSessions) (storage.OfflineSessions, error)) error { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
return c.txnUpdate(ctx, keySession(userID, connID), func(currentValue []byte) ([]byte, error) { |
|
var current OfflineSessions |
|
if len(currentValue) > 0 { |
|
if err := json.Unmarshal(currentValue, ¤t); err != nil { |
|
return nil, err |
|
} |
|
} |
|
updated, err := updater(toStorageOfflineSessions(current)) |
|
if err != nil { |
|
return nil, err |
|
} |
|
return json.Marshal(fromStorageOfflineSessions(updated)) |
|
}) |
|
} |
|
|
|
func (c *conn) GetOfflineSessions(ctx context.Context, userID string, connID string) (s storage.OfflineSessions, err error) { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
var os OfflineSessions |
|
if err = c.getKey(ctx, keySession(userID, connID), &os); err != nil { |
|
return |
|
} |
|
return toStorageOfflineSessions(os), nil |
|
} |
|
|
|
func (c *conn) DeleteOfflineSessions(ctx context.Context, userID string, connID string) error { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
return c.deleteKey(ctx, keySession(userID, connID)) |
|
} |
|
|
|
func (c *conn) CreateUserIdentity(ctx context.Context, u storage.UserIdentity) error { |
|
return c.txnCreate(ctx, keyUserIdentity(u.UserID, u.ConnectorID), fromStorageUserIdentity(u)) |
|
} |
|
|
|
func (c *conn) GetUserIdentity(ctx context.Context, userID, connectorID string) (u storage.UserIdentity, err error) { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
var ui UserIdentity |
|
if err = c.getKey(ctx, keyUserIdentity(userID, connectorID), &ui); err != nil { |
|
return |
|
} |
|
return toStorageUserIdentity(ui), nil |
|
} |
|
|
|
func (c *conn) UpdateUserIdentity(ctx context.Context, userID, connectorID string, updater func(u storage.UserIdentity) (storage.UserIdentity, error)) error { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
return c.txnUpdate(ctx, keyUserIdentity(userID, connectorID), func(currentValue []byte) ([]byte, error) { |
|
var current UserIdentity |
|
if len(currentValue) > 0 { |
|
if err := json.Unmarshal(currentValue, ¤t); err != nil { |
|
return nil, err |
|
} |
|
} |
|
updated, err := updater(toStorageUserIdentity(current)) |
|
if err != nil { |
|
return nil, err |
|
} |
|
return json.Marshal(fromStorageUserIdentity(updated)) |
|
}) |
|
} |
|
|
|
func (c *conn) DeleteUserIdentity(ctx context.Context, userID, connectorID string) error { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
return c.deleteKey(ctx, keyUserIdentity(userID, connectorID)) |
|
} |
|
|
|
func (c *conn) ListUserIdentities(ctx context.Context) (identities []storage.UserIdentity, err error) { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
res, err := c.db.Get(ctx, userIdentityPrefix, clientv3.WithPrefix()) |
|
if err != nil { |
|
return identities, err |
|
} |
|
for _, v := range res.Kvs { |
|
var ui UserIdentity |
|
if err = json.Unmarshal(v.Value, &ui); err != nil { |
|
return identities, err |
|
} |
|
identities = append(identities, toStorageUserIdentity(ui)) |
|
} |
|
return identities, nil |
|
} |
|
|
|
func (c *conn) CreateAuthSession(ctx context.Context, s storage.AuthSession) error { |
|
return c.txnCreate(ctx, keyAuthSession(s.ID), fromStorageAuthSession(s)) |
|
} |
|
|
|
func (c *conn) GetAuthSession(ctx context.Context, sessionID string) (storage.AuthSession, error) { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
var s AuthSession |
|
if err := c.getKey(ctx, keyAuthSession(sessionID), &s); err != nil { |
|
return storage.AuthSession{}, err |
|
} |
|
return toStorageAuthSession(s), nil |
|
} |
|
|
|
func (c *conn) UpdateAuthSession(ctx context.Context, sessionID string, updater func(s storage.AuthSession) (storage.AuthSession, error)) error { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
return c.txnUpdate(ctx, keyAuthSession(sessionID), func(currentValue []byte) ([]byte, error) { |
|
var current AuthSession |
|
if len(currentValue) > 0 { |
|
if err := json.Unmarshal(currentValue, ¤t); err != nil { |
|
return nil, err |
|
} |
|
} |
|
updated, err := updater(toStorageAuthSession(current)) |
|
if err != nil { |
|
return nil, err |
|
} |
|
return json.Marshal(fromStorageAuthSession(updated)) |
|
}) |
|
} |
|
|
|
func (c *conn) ListAuthSessions(ctx context.Context) (sessions []storage.AuthSession, err error) { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
res, err := c.db.Get(ctx, authSessionPrefix, clientv3.WithPrefix()) |
|
if err != nil { |
|
return sessions, err |
|
} |
|
for _, v := range res.Kvs { |
|
var s AuthSession |
|
if err = json.Unmarshal(v.Value, &s); err != nil { |
|
return sessions, err |
|
} |
|
sessions = append(sessions, toStorageAuthSession(s)) |
|
} |
|
return sessions, nil |
|
} |
|
|
|
func (c *conn) DeleteAuthSession(ctx context.Context, sessionID string) error { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
return c.deleteKey(ctx, keyAuthSession(sessionID)) |
|
} |
|
|
|
func (c *conn) CreateConnector(ctx context.Context, connector storage.Connector) error { |
|
return c.txnCreate(ctx, keyID(connectorPrefix, connector.ID), connector) |
|
} |
|
|
|
func (c *conn) GetConnector(ctx context.Context, id string) (conn storage.Connector, err error) { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
err = c.getKey(ctx, keyID(connectorPrefix, id), &conn) |
|
return conn, err |
|
} |
|
|
|
func (c *conn) UpdateConnector(ctx context.Context, id string, updater func(s storage.Connector) (storage.Connector, error)) error { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
return c.txnUpdate(ctx, keyID(connectorPrefix, id), func(currentValue []byte) ([]byte, error) { |
|
var current storage.Connector |
|
if len(currentValue) > 0 { |
|
if err := json.Unmarshal(currentValue, ¤t); err != nil { |
|
return nil, err |
|
} |
|
} |
|
updated, err := updater(current) |
|
if err != nil { |
|
return nil, err |
|
} |
|
return json.Marshal(updated) |
|
}) |
|
} |
|
|
|
func (c *conn) DeleteConnector(ctx context.Context, id string) error { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
return c.deleteKey(ctx, keyID(connectorPrefix, id)) |
|
} |
|
|
|
func (c *conn) ListConnectors(ctx context.Context) (connectors []storage.Connector, err error) { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
res, err := c.db.Get(ctx, connectorPrefix, clientv3.WithPrefix()) |
|
if err != nil { |
|
return nil, err |
|
} |
|
for _, v := range res.Kvs { |
|
var c storage.Connector |
|
if err = json.Unmarshal(v.Value, &c); err != nil { |
|
return nil, err |
|
} |
|
connectors = append(connectors, c) |
|
} |
|
return connectors, nil |
|
} |
|
|
|
func (c *conn) GetKeys(ctx context.Context) (keys storage.Keys, err error) { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
res, err := c.db.Get(ctx, keysName) |
|
if err != nil { |
|
return keys, err |
|
} |
|
if res.Count > 0 && len(res.Kvs) > 0 { |
|
err = json.Unmarshal(res.Kvs[0].Value, &keys) |
|
} |
|
return keys, err |
|
} |
|
|
|
func (c *conn) UpdateKeys(ctx context.Context, updater func(old storage.Keys) (storage.Keys, error)) error { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
return c.txnUpdate(ctx, keysName, func(currentValue []byte) ([]byte, error) { |
|
var current storage.Keys |
|
if len(currentValue) > 0 { |
|
if err := json.Unmarshal(currentValue, ¤t); err != nil { |
|
return nil, err |
|
} |
|
} |
|
updated, err := updater(current) |
|
if err != nil { |
|
return nil, err |
|
} |
|
return json.Marshal(updated) |
|
}) |
|
} |
|
|
|
func (c *conn) deleteKey(ctx context.Context, key string) error { |
|
res, err := c.db.Delete(ctx, key) |
|
if err != nil { |
|
return err |
|
} |
|
if res.Deleted == 0 { |
|
return storage.ErrNotFound |
|
} |
|
return nil |
|
} |
|
|
|
func (c *conn) getKey(ctx context.Context, key string, value interface{}) error { |
|
r, err := c.db.Get(ctx, key) |
|
if err != nil { |
|
return err |
|
} |
|
if r.Count == 0 { |
|
return storage.ErrNotFound |
|
} |
|
return json.Unmarshal(r.Kvs[0].Value, value) |
|
} |
|
|
|
func (c *conn) listAuthRequests(ctx context.Context) (reqs []AuthRequest, err error) { |
|
res, err := c.db.Get(ctx, authRequestPrefix, clientv3.WithPrefix()) |
|
if err != nil { |
|
return reqs, err |
|
} |
|
for _, v := range res.Kvs { |
|
var r AuthRequest |
|
if err = json.Unmarshal(v.Value, &r); err != nil { |
|
return reqs, err |
|
} |
|
reqs = append(reqs, r) |
|
} |
|
return reqs, nil |
|
} |
|
|
|
func (c *conn) listAuthCodes(ctx context.Context) (codes []AuthCode, err error) { |
|
res, err := c.db.Get(ctx, authCodePrefix, clientv3.WithPrefix()) |
|
if err != nil { |
|
return codes, err |
|
} |
|
for _, v := range res.Kvs { |
|
var c AuthCode |
|
if err = json.Unmarshal(v.Value, &c); err != nil { |
|
return codes, err |
|
} |
|
codes = append(codes, c) |
|
} |
|
return codes, nil |
|
} |
|
|
|
func (c *conn) txnCreate(ctx context.Context, key string, value interface{}) error { |
|
b, err := json.Marshal(value) |
|
if err != nil { |
|
return err |
|
} |
|
txn := c.db.Txn(ctx) |
|
res, err := txn. |
|
If(clientv3.Compare(clientv3.CreateRevision(key), "=", 0)). |
|
Then(clientv3.OpPut(key, string(b))). |
|
Commit() |
|
if err != nil { |
|
return err |
|
} |
|
if !res.Succeeded { |
|
return storage.ErrAlreadyExists |
|
} |
|
return nil |
|
} |
|
|
|
func (c *conn) txnUpdate(ctx context.Context, key string, update func(current []byte) ([]byte, error)) error { |
|
getResp, err := c.db.Get(ctx, key) |
|
if err != nil { |
|
return err |
|
} |
|
var currentValue []byte |
|
var modRev int64 |
|
if len(getResp.Kvs) > 0 { |
|
currentValue = getResp.Kvs[0].Value |
|
modRev = getResp.Kvs[0].ModRevision |
|
} |
|
|
|
updatedValue, err := update(currentValue) |
|
if err != nil { |
|
return err |
|
} |
|
|
|
txn := c.db.Txn(ctx) |
|
updateResp, err := txn. |
|
If(clientv3.Compare(clientv3.ModRevision(key), "=", modRev)). |
|
Then(clientv3.OpPut(key, string(updatedValue))). |
|
Commit() |
|
if err != nil { |
|
return err |
|
} |
|
if !updateResp.Succeeded { |
|
return fmt.Errorf("failed to update key=%q: concurrent conflicting update happened", key) |
|
} |
|
return nil |
|
} |
|
|
|
func keyID(prefix, id string) string { return prefix + id } |
|
func keyEmail(prefix, email string) string { return prefix + strings.ToLower(email) } |
|
func keySession(userID, connID string) string { |
|
return offlineSessionPrefix + strings.ToLower(userID+"|"+connID) |
|
} |
|
|
|
func keyUserIdentity(userID, connectorID string) string { |
|
return userIdentityPrefix + strings.ToLower(userID+"|"+connectorID) |
|
} |
|
|
|
func keyAuthSession(sessionID string) string { |
|
return strings.ToLower(authSessionPrefix + sessionID) |
|
} |
|
|
|
func (c *conn) CreateDeviceRequest(ctx context.Context, d storage.DeviceRequest) error { |
|
return c.txnCreate(ctx, keyID(deviceRequestPrefix, d.UserCode), fromStorageDeviceRequest(d)) |
|
} |
|
|
|
func (c *conn) GetDeviceRequest(ctx context.Context, userCode string) (r storage.DeviceRequest, err error) { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
var dr DeviceRequest |
|
if err = c.getKey(ctx, keyID(deviceRequestPrefix, userCode), &dr); err == nil { |
|
r = toStorageDeviceRequest(dr) |
|
} |
|
return |
|
} |
|
|
|
func (c *conn) listDeviceRequests(ctx context.Context) (requests []DeviceRequest, err error) { |
|
res, err := c.db.Get(ctx, deviceRequestPrefix, clientv3.WithPrefix()) |
|
if err != nil { |
|
return requests, err |
|
} |
|
for _, v := range res.Kvs { |
|
var r DeviceRequest |
|
if err = json.Unmarshal(v.Value, &r); err != nil { |
|
return requests, err |
|
} |
|
requests = append(requests, r) |
|
} |
|
return requests, nil |
|
} |
|
|
|
func (c *conn) CreateDeviceToken(ctx context.Context, t storage.DeviceToken) error { |
|
return c.txnCreate(ctx, keyID(deviceTokenPrefix, t.DeviceCode), fromStorageDeviceToken(t)) |
|
} |
|
|
|
func (c *conn) GetDeviceToken(ctx context.Context, deviceCode string) (t storage.DeviceToken, err error) { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
var dt DeviceToken |
|
if err = c.getKey(ctx, keyID(deviceTokenPrefix, deviceCode), &dt); err == nil { |
|
t = toStorageDeviceToken(dt) |
|
} |
|
return |
|
} |
|
|
|
func (c *conn) listDeviceTokens(ctx context.Context) (deviceTokens []DeviceToken, err error) { |
|
res, err := c.db.Get(ctx, deviceTokenPrefix, clientv3.WithPrefix()) |
|
if err != nil { |
|
return deviceTokens, err |
|
} |
|
for _, v := range res.Kvs { |
|
var dt DeviceToken |
|
if err = json.Unmarshal(v.Value, &dt); err != nil { |
|
return deviceTokens, err |
|
} |
|
deviceTokens = append(deviceTokens, dt) |
|
} |
|
return deviceTokens, nil |
|
} |
|
|
|
func (c *conn) UpdateDeviceToken(ctx context.Context, deviceCode string, updater func(old storage.DeviceToken) (storage.DeviceToken, error)) error { |
|
ctx, cancel := context.WithTimeout(ctx, defaultStorageTimeout) |
|
defer cancel() |
|
return c.txnUpdate(ctx, keyID(deviceTokenPrefix, deviceCode), func(currentValue []byte) ([]byte, error) { |
|
var current DeviceToken |
|
if len(currentValue) > 0 { |
|
if err := json.Unmarshal(currentValue, ¤t); err != nil { |
|
return nil, err |
|
} |
|
} |
|
updated, err := updater(toStorageDeviceToken(current)) |
|
if err != nil { |
|
return nil, err |
|
} |
|
return json.Marshal(fromStorageDeviceToken(updated)) |
|
}) |
|
}
|
|
|