auth
auth/memstore.go
Added validation for clients, split endpoints out. Split endpoints out into their own type and added associated methods to the ClientStores, so now each client can have more than one redirect endpoint. Added unit testing for endpoint methods. Added validation code to validate client changes.
1 package auth
3 import (
4 "sync"
6 "secondbit.org/uuid"
7 )
9 type Memstore struct {
10 tokens map[string]Token
11 refreshTokenLookup map[string]string
12 profileTokenLookup map[string][]string
13 tokenLock sync.RWMutex
15 grants map[string]Grant
16 grantLock sync.RWMutex
18 clients map[string]Client
19 profileClientLookup map[string][]uuid.ID
20 clientLock sync.RWMutex
22 endpoints map[string][]Endpoint
23 endpointLock sync.RWMutex
25 profiles map[string]Profile
26 profileLock sync.RWMutex
27 }
29 func NewMemstore() *Memstore {
30 return &Memstore{
31 tokens: map[string]Token{},
32 refreshTokenLookup: map[string]string{},
33 profileTokenLookup: map[string][]string{},
34 grants: map[string]Grant{},
35 clients: map[string]Client{},
36 profileClientLookup: map[string][]uuid.ID{},
37 endpoints: map[string][]Endpoint{},
38 profiles: map[string]Profile{},
39 }
40 }
42 func (m *Memstore) lookupTokenByRefresh(token string) (string, error) {
43 m.tokenLock.RLock()
44 defer m.tokenLock.RUnlock()
45 t, ok := m.refreshTokenLookup[token]
46 if !ok {
47 return "", ErrTokenNotFound
48 }
49 return t, nil
50 }
52 func (m *Memstore) lookupTokensByProfileID(id string) ([]string, error) {
53 m.tokenLock.RLock()
54 defer m.tokenLock.RUnlock()
55 return m.profileTokenLookup[id], nil
56 }
58 func (m *Memstore) lookupClientsByProfileID(id string) []uuid.ID {
59 m.clientLock.RLock()
60 defer m.clientLock.RUnlock()
61 c, ok := m.profileClientLookup[id]
62 if !ok {
63 return []uuid.ID{}
64 }
65 return c
66 }