fix: remove signing key creation (when not found)
This commit is contained in:
Livio Amstutz
parent
4390119d1d
commit
06dcac4c2f
6 changed files with 14 additions and 77 deletions
54
pkg/op/op.go
54
pkg/op/op.go
|
|
@ -6,7 +6,6 @@ import (
|
|||
"net/http"
|
||||
"time"
|
||||
|
||||
"github.com/caos/logging"
|
||||
"github.com/gorilla/handlers"
|
||||
"github.com/gorilla/mux"
|
||||
"github.com/gorilla/schema"
|
||||
|
|
@ -132,7 +131,7 @@ func NewOpenIDProvider(ctx context.Context, config *Config, storage Storage, opO
|
|||
|
||||
keyCh := make(chan jose.SigningKey)
|
||||
o.signer = NewSigner(ctx, storage, keyCh)
|
||||
go EnsureKey(ctx, storage, keyCh, o.timer, o.retry)
|
||||
go storage.GetSigningKey(ctx, keyCh)
|
||||
|
||||
o.httpHandler = CreateRouter(o, o.interceptors...)
|
||||
|
||||
|
|
@ -282,36 +281,6 @@ func (o *openIDKeySet) VerifySignature(ctx context.Context, jws *jose.JSONWebSig
|
|||
return payload, err
|
||||
}
|
||||
|
||||
func EnsureKey(ctx context.Context, storage Storage, keyCh chan<- jose.SigningKey, timer <-chan time.Time, retry func(int) (bool, int)) {
|
||||
count := 0
|
||||
timer = time.After(0)
|
||||
errCh := make(chan error)
|
||||
go storage.GetSigningKey(ctx, keyCh, errCh, timer)
|
||||
for {
|
||||
select {
|
||||
case <-ctx.Done():
|
||||
return
|
||||
case err := <-errCh:
|
||||
if err == nil {
|
||||
continue
|
||||
}
|
||||
_, ok := err.(StorageNotFoundError)
|
||||
if ok {
|
||||
err := storage.SaveNewKeyPair(ctx)
|
||||
if err == nil {
|
||||
continue
|
||||
}
|
||||
}
|
||||
ok, count = retry(count)
|
||||
if ok {
|
||||
timer = time.After(0)
|
||||
continue
|
||||
}
|
||||
logging.Log("OP-n6ynVE").WithError(err).Panic("error in key signer")
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
type Option func(o *openidProvider) error
|
||||
|
||||
func WithCustomAuthEndpoint(endpoint Endpoint) Option {
|
||||
|
|
@ -382,27 +351,6 @@ func WithHttpInterceptors(interceptors ...HttpInterceptor) Option {
|
|||
}
|
||||
}
|
||||
|
||||
func WithRetry(max int, sleep time.Duration) Option {
|
||||
return func(o *openidProvider) error {
|
||||
o.retry = func(count int) (bool, int) {
|
||||
count++
|
||||
if count == max {
|
||||
return false, count
|
||||
}
|
||||
time.Sleep(sleep)
|
||||
return true, count
|
||||
}
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
func WithTimer(timer <-chan time.Time) Option {
|
||||
return func(o *openidProvider) error {
|
||||
o.timer = timer
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
func buildInterceptor(interceptors ...HttpInterceptor) func(http.HandlerFunc) http.Handler {
|
||||
return func(handlerFunc http.HandlerFunc) http.Handler {
|
||||
handler := handlerFuncToHandler(handlerFunc)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue