auth

Paddy 2014-10-26 Parent:e45bfa2abc00 Child:d43c3fbf00f3

58:b3cd7765a7c8 Go to Latest

auth/memstore.go

Require full URLs for Endpoints. The spec says that we SHOULD require full URLs for redirection, but we _can_ offer the ability to set a URL as a "partial URL" if we really must. I see no particular reason to do this, so I've simplified the code by pulling that option out. This means that URLs (as long as they're normalized, which I've filed a bug in the codebase to do) can be checked using simple string comparison, which makes the likelihood of bugs across clientStorage implementations a lot lower.

Download raw file
View source Diff to previous Annotate
History
1 package auth
2
3 import (
4 "sync"
5
6 "code.secondbit.org/uuid"
7 )
8
9 type memstore struct {
10 tokens map[string]Token
11 refreshTokenLookup map[string]string
12 profileTokenLookup map[string][]string
13 tokenLock sync.RWMutex
14
15 grants map[string]Grant
16 grantLock sync.RWMutex
17
18 clients map[string]Client
19 profileClientLookup map[string][]uuid.ID
20 clientLock sync.RWMutex
21
22 endpoints map[string][]Endpoint
23 endpointLock sync.RWMutex
24
25 profiles map[string]Profile
26 profileLock sync.RWMutex
27
28 logins map[string]Login
29 profileLoginLookup map[string][]string
30 loginLock sync.RWMutex
31 }
32
33 // NewMemstore returns an in-memory version of our datastores,
34 // which is handy for tests. Though the implementation is concurrency-safe,
35 // if makes no attempt to persist the data, and therefore it is inadvisable
36 // to use it in a production setting.
37 func NewMemstore() *memstore {
38 return &memstore{
39 tokens: map[string]Token{},
40 refreshTokenLookup: map[string]string{},
41 profileTokenLookup: map[string][]string{},
42 grants: map[string]Grant{},
43 clients: map[string]Client{},
44 profileClientLookup: map[string][]uuid.ID{},
45 endpoints: map[string][]Endpoint{},
46 profiles: map[string]Profile{},
47 logins: map[string]Login{},
48 profileLoginLookup: map[string][]string{},
49 }
50 }
51
52 func (m *memstore) lookupTokenByRefresh(token string) (string, error) {
53 m.tokenLock.RLock()
54 defer m.tokenLock.RUnlock()
55 t, ok := m.refreshTokenLookup[token]
56 if !ok {
57 return "", ErrTokenNotFound
58 }
59 return t, nil
60 }
61
62 func (m *memstore) lookupTokensByProfileID(id string) ([]string, error) {
63 m.tokenLock.RLock()
64 defer m.tokenLock.RUnlock()
65 return m.profileTokenLookup[id], nil
66 }
67
68 func (m *memstore) lookupClientsByProfileID(id string) []uuid.ID {
69 m.clientLock.RLock()
70 defer m.clientLock.RUnlock()
71 c, ok := m.profileClientLookup[id]
72 if !ok {
73 return []uuid.ID{}
74 }
75 return c
76 }