auth

Paddy 2014-12-07 Parent:d43c3fbf00f3 Child:1fb166575e69

85:1dc4e152e3b0 Go to Latest

auth/memstore.go

Break client verification out, break token returns out. Break client verification out into a helper function to avoid rewriting it for pretty much every grant. Break token returns out into a new function as part of the GrantType, so that implicit grants can redirect with the token value. Split returning the token as JSON into its own exported function, which can be used in multiple grants. Return more relevant information to the template when a user is deciding whether or not to authorize a grant.

Download raw file
View source Diff to previous Annotate
History
1 package auth
2
3 import (
4 "sync"
5
6 "code.secondbit.org/uuid"
7 )
8
9 type memstore struct {
10 tokens map[string]Token
11 refreshTokenLookup map[string]string
12 profileTokenLookup map[string][]string
13 tokenLock sync.RWMutex
14
15 grants map[string]Grant
16 grantLock sync.RWMutex
17
18 clients map[string]Client
19 profileClientLookup map[string][]uuid.ID
20 clientLock sync.RWMutex
21
22 endpoints map[string][]Endpoint
23 endpointLock sync.RWMutex
24
25 profiles map[string]Profile
26 profileLock sync.RWMutex
27
28 logins map[string]Login
29 profileLoginLookup map[string][]string
30 loginLock sync.RWMutex
31
32 sessions map[string]Session
33 sessionLock sync.RWMutex
34 }
35
36 // NewMemstore returns an in-memory version of our datastores,
37 // which is handy for tests. Though the implementation is concurrency-safe,
38 // if makes no attempt to persist the data, and therefore it is inadvisable
39 // to use it in a production setting.
40 func NewMemstore() *memstore {
41 return &memstore{
42 tokens: map[string]Token{},
43 refreshTokenLookup: map[string]string{},
44 profileTokenLookup: map[string][]string{},
45 grants: map[string]Grant{},
46 clients: map[string]Client{},
47 profileClientLookup: map[string][]uuid.ID{},
48 endpoints: map[string][]Endpoint{},
49 profiles: map[string]Profile{},
50 logins: map[string]Login{},
51 profileLoginLookup: map[string][]string{},
52 sessions: map[string]Session{},
53 }
54 }
55
56 func (m *memstore) lookupTokenByRefresh(token string) (string, error) {
57 m.tokenLock.RLock()
58 defer m.tokenLock.RUnlock()
59 t, ok := m.refreshTokenLookup[token]
60 if !ok {
61 return "", ErrTokenNotFound
62 }
63 return t, nil
64 }
65
66 func (m *memstore) lookupTokensByProfileID(id string) ([]string, error) {
67 m.tokenLock.RLock()
68 defer m.tokenLock.RUnlock()
69 return m.profileTokenLookup[id], nil
70 }
71
72 func (m *memstore) lookupClientsByProfileID(id string) []uuid.ID {
73 m.clientLock.RLock()
74 defer m.clientLock.RUnlock()
75 c, ok := m.profileClientLookup[id]
76 if !ok {
77 return []uuid.ID{}
78 }
79 return c
80 }