auth

Paddy 2014-11-02 Parent:e45bfa2abc00 Child:d43c3fbf00f3

64:c29c7df35905 Go to Latest

auth/memstore.go

Parse the redirect URI early, add new failure modes to tests. When obtaining a grant code, parse the redirect_uri early as a URL, so we can fail without even hitting the database, if possible. Add a test to cover the scenario where the client doesn't specify an endpoint, and the client has no endpoints registered. Add a test to cover the scenario where the client has two endpoints registered, but doesn't specify an endpoint. Fix the test that tested for invalid URLs by actually using an invalid URL. Apparently, "not a URL" is a valid URL. Go figure.

Download raw file
View source Diff to previous Annotate
History
1 package auth
2
3 import (
4 "sync"
5
6 "code.secondbit.org/uuid"
7 )
8
9 type memstore struct {
10 tokens map[string]Token
11 refreshTokenLookup map[string]string
12 profileTokenLookup map[string][]string
13 tokenLock sync.RWMutex
14
15 grants map[string]Grant
16 grantLock sync.RWMutex
17
18 clients map[string]Client
19 profileClientLookup map[string][]uuid.ID
20 clientLock sync.RWMutex
21
22 endpoints map[string][]Endpoint
23 endpointLock sync.RWMutex
24
25 profiles map[string]Profile
26 profileLock sync.RWMutex
27
28 logins map[string]Login
29 profileLoginLookup map[string][]string
30 loginLock sync.RWMutex
31 }
32
33 // NewMemstore returns an in-memory version of our datastores,
34 // which is handy for tests. Though the implementation is concurrency-safe,
35 // if makes no attempt to persist the data, and therefore it is inadvisable
36 // to use it in a production setting.
37 func NewMemstore() *memstore {
38 return &memstore{
39 tokens: map[string]Token{},
40 refreshTokenLookup: map[string]string{},
41 profileTokenLookup: map[string][]string{},
42 grants: map[string]Grant{},
43 clients: map[string]Client{},
44 profileClientLookup: map[string][]uuid.ID{},
45 endpoints: map[string][]Endpoint{},
46 profiles: map[string]Profile{},
47 logins: map[string]Login{},
48 profileLoginLookup: map[string][]string{},
49 }
50 }
51
52 func (m *memstore) lookupTokenByRefresh(token string) (string, error) {
53 m.tokenLock.RLock()
54 defer m.tokenLock.RUnlock()
55 t, ok := m.refreshTokenLookup[token]
56 if !ok {
57 return "", ErrTokenNotFound
58 }
59 return t, nil
60 }
61
62 func (m *memstore) lookupTokensByProfileID(id string) ([]string, error) {
63 m.tokenLock.RLock()
64 defer m.tokenLock.RUnlock()
65 return m.profileTokenLookup[id], nil
66 }
67
68 func (m *memstore) lookupClientsByProfileID(id string) []uuid.ID {
69 m.clientLock.RLock()
70 defer m.clientLock.RUnlock()
71 c, ok := m.profileClientLookup[id]
72 if !ok {
73 return []uuid.ID{}
74 }
75 return c
76 }