mirror
/
dex
mirror of https://github.com/dexidp/dex.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3317 Commits
34 Branches
98 Tags
52 MiB
 
 
 
 
 
 
Tree: 8e96058e71
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8e96058e71'
${ noResults }
dex/storage/ent/client/keys.go

81 lines
2.0 KiB
Raw Blame History

package client
import (
"context"
"errors"
"github.com/dexidp/dex/storage"
"github.com/dexidp/dex/storage/ent/db"
)
func getKeys(ctx context.Context, client *db.KeysClient) (storage.Keys, error) {
rawKeys, err := client.Get(ctx, keysRowID)
if err != nil {
return storage.Keys{}, convertDBError("get keys: %w", err)
}
return toStorageKeys(rawKeys), nil
}
// GetKeys returns signing keys, public keys and verification keys from the database.
func (d *Database) GetKeys(ctx context.Context) (storage.Keys, error) {
return getKeys(ctx, d.client.Keys)
}
// UpdateKeys rotates keys using updater function.
func (d *Database) UpdateKeys(ctx context.Context, updater func(old storage.Keys) (storage.Keys, error)) error {
firstUpdate := false
tx, err := d.BeginTx(ctx)
if err != nil {
return convertDBError("update keys tx: %w", err)
}
storageKeys, err := getKeys(ctx, tx.Keys)
if err != nil {
if !errors.Is(err, storage.ErrNotFound) {
return rollback(tx, "update keys get: %w", err)
}
firstUpdate = true
}
newKeys, err := updater(storageKeys)
if err != nil {
return rollback(tx, "update keys updating: %w", err)
}
// ent doesn't have an upsert support yet
// https://github.com/facebook/ent/issues/139
if firstUpdate {
_, err = tx.Keys.Create().
SetID(keysRowID).
SetNextRotation(newKeys.NextRotation).
SetSigningKey(*newKeys.SigningKey).
SetSigningKeyPub(*newKeys.SigningKeyPub).
SetVerificationKeys(newKeys.VerificationKeys).
Save(ctx)
if err != nil {
return rollback(tx, "create keys: %w", err)
}
if err = tx.Commit(); err != nil {
return rollback(tx, "update keys commit: %w", err)
}
return nil
}
err = tx.Keys.UpdateOneID(keysRowID).
SetNextRotation(newKeys.NextRotation.UTC()).
SetSigningKey(*newKeys.SigningKey).
SetSigningKeyPub(*newKeys.SigningKeyPub).
SetVerificationKeys(newKeys.VerificationKeys).
Exec(ctx)
if err != nil {
return rollback(tx, "update keys uploading: %w", err)
}
if err = tx.Commit(); err != nil {
return rollback(tx, "update keys commit: %w", err)
}
return nil
}