Source file src/edge-infra.dev/pkg/edge/iam/storage/database/storage_oidc.go

Documentation: edge-infra.dev/pkg/edge/iam/storage/database

     1  package database
     2  
     3  import (
     4  	"context"
     5  
     6  	"edge-infra.dev/pkg/edge/iam/config"
     7  	"edge-infra.dev/pkg/edge/iam/storage"
     8  
     9  	"github.com/go-redis/redis"
    10  	"github.com/ory/fosite"
    11  	"github.com/pkg/errors"
    12  )
    13  
    14  // CreateOpenIDConnectSession creates an open id connect session
    15  // for a given authorize code. This is relevant for explicit open id connect flow.
    16  func (s *Store) CreateOpenIDConnectSession(_ context.Context, authorizeCode string, req fosite.Requester) error {
    17  	key := keyFrom(KeyPrefixOpenIDConnect, authorizeCode)
    18  	r := storage.ToStorage(authorizeCode, req)
    19  
    20  	return s.set(key, r, config.GetAuthCodeTTL())
    21  }
    22  
    23  // IsOpenIDConnectSession returns error
    24  // - nil if a session was found,
    25  // - ErrNotFound if no session was found
    26  // - or an arbitrary error if an error occurred.
    27  func (s *Store) GetOpenIDConnectSession(ctx context.Context, authorizeCode string, requester fosite.Requester) (fosite.Requester, error) {
    28  	key := keyFrom(KeyPrefixOpenIDConnect, authorizeCode)
    29  	req, err := s.get(key)
    30  	if err == redis.Nil {
    31  		return nil, errors.Wrap(fosite.ErrNotFound, "")
    32  	} else if err != nil {
    33  		return nil, errors.WithStack(err)
    34  	}
    35  
    36  	session := requester.GetSession()
    37  	// Transform to a fosite.Request
    38  	iamClient, err := s.GetIAMClient(ctx, req.ClientID)
    39  	if err != nil {
    40  		s.Log.Info("failed to get client in db", "error", err, "id", req.ClientID)
    41  		return nil, err
    42  	}
    43  	request, err := req.ToFositeRequest(ctx, session, iamClient)
    44  	if err != nil {
    45  		if err == fosite.ErrNotFound {
    46  			s.Log.Info("Failed to transform a fosite session to a fosite request.", "error", err)
    47  			return nil, err
    48  		}
    49  
    50  		return nil, err
    51  	}
    52  
    53  	return request, nil
    54  }
    55  
    56  // Deprecated: DeleteOpenIDConnectSession is not called from anywhere.
    57  // Originally, it should remove an open id connect session from the store.
    58  func (s *Store) DeleteOpenIDConnectSession(_ context.Context, _ string) error {
    59  	return nil
    60  }
    61  

View as plain text