...

Source file src/edge-infra.dev/pkg/edge/iam/storage/database/storage_refresh_token.go

Documentation: edge-infra.dev/pkg/edge/iam/storage/database 

     1  //nolint:dupl
     2  package database
     3  
     4  import (
     5  	"context"
     6  	"encoding/json"
     7  	"fmt"
     8  
     9  	"edge-infra.dev/pkg/edge/iam/config"
    10  	"edge-infra.dev/pkg/edge/iam/crypto"
    11  	"edge-infra.dev/pkg/edge/iam/log"
    12  	"edge-infra.dev/pkg/edge/iam/storage"
    13  
    14  	"github.com/go-redis/redis"
    15  	"github.com/ory/fosite"
    16  	"github.com/pkg/errors"
    17  )
    18  
    19  func (s *Store) CreateRefreshTokenSession(ctx context.Context, signature string, request fosite.Requester) (err error) {
    20  	log := log.Get(ctx)
    21  
    22  	refreshKey := keyFrom(KeyPrefixRefreshToken, signature)
    23  	r := storage.ToStorage(signature, request)
    24  
    25  	masked := r.ToMaskedRequest(ctx)
    26  	maskedJSON, _ := json.Marshal(masked)
    27  
    28  	log.Info("refresh token created", "request", string(maskedJSON))
    29  
    30  	err = s.set(refreshKey, r, config.GetRefreshTokenTTL())
    31  	if err != nil {
    32  		return errors.Wrap(err, "failed to create refresh token session")
    33  	}
    34  
    35  	refreshReqKey := keyFrom(KeyPrefixRefreshTokenReq, request.GetID())
    36  	if config.EncryptionEnabled() {
    37  		encryptedVal, err := crypto.EncryptRedis([]byte(signature), config.EncryptionKey())
    38  		if err != nil {
    39  			return err
    40  		}
    41  		signature = encryptedVal
    42  	}
    43  	if err := s.RedisDB.Set(refreshReqKey, signature, config.GetRefreshTokenTTL()).Err(); err != nil {
    44  		return errors.Wrap(err, "failed to create refresh token request")
    45  	}
    46  
    47  	return nil
    48  }
    49  
    50  func (s *Store) GetRefreshTokenSession(ctx context.Context, signature string, session fosite.Session) (request fosite.Requester, err error) {
    51  	key := keyFrom(KeyPrefixRefreshToken, signature)
    52  	req, err := s.get(key)
    53  	if err == redis.Nil {
    54  		return nil, errors.Wrap(fosite.ErrNotFound, "")
    55  	} else if err != nil {
    56  		return nil, errors.WithStack(err)
    57  	}
    58  
    59  	// Transform to a fosite.Request
    60  	iamClient, err := s.GetIAMClient(ctx, req.ClientID)
    61  	if err != nil {
    62  		s.Log.Info("failed to get client in db", "error", err, "id", req.ClientID)
    63  		return nil, err
    64  	}
    65  	request, err = req.ToFositeRequest(ctx, session, iamClient)
    66  	if err != nil {
    67  		if err == fosite.ErrNotFound {
    68  			s.Log.Info("failed to transform a fosite session to a fosite request", "error", err)
    69  			return nil, err
    70  		}
    71  
    72  		return nil, err
    73  	}
    74  	if !req.Active {
    75  		return request, fosite.ErrInactiveToken
    76  	}
    77  
    78  	return request, err
    79  }
    80  
    81  func (s *Store) DeleteRefreshTokenSession(_ context.Context, signature string) (err error) {
    82  	key := keyFrom(KeyPrefixRefreshToken, signature)
    83  	err = s.RedisDB.Del(key).Err()
    84  	if err != nil {
    85  		return errors.Wrap(err, fmt.Sprintf("failed to delete key '%v'", key))
    86  	}
    87  
    88  	return nil
    89  }
    90  

View as plain text