Refactored cloud cache access token provider.

author: Per Larsson <[email protected]> 2022-02-01 13:19:52 +0100
committer: Per Larsson <[email protected]> 2022-02-01 13:19:52 +0100
commit: 14b1cd4930f5bf94ddf0a6979097d27892497523 (patch)
tree: ed596aca1a53173aa723978a8bec31296e72c735
parent: Parital completed cloud cache token provider interface. (diff)
download: zen-14b1cd4930f5bf94ddf0a6979097d27892497523.tar.xz
zen-14b1cd4930f5bf94ddf0a6979097d27892497523.zip
8 files changed, 80 insertions, 69 deletions
diff --git a/zenserver/compute/apply.cpp b/zenserver/compute/apply.cpp
index 15d3acacb..1d32fa35f 100644
--- a/zenserver/compute/apply.cpp
+++ b/zenserver/compute/apply.cpp
@@ -344,7 +344,7 @@ HttpFunctionService::HttpFunctionService(CasStore& Store, CidStore& InCidStore,
 									   .BlobStoreNamespace = "default"sv,
 									   .TokenProvider	   = CloudCacheTokenProvider::MakeFromStaticToken(AccessToken)};
 
-	auto HordeUpstreamEndpoint = MakeHordeUpstreamEndpoint(Options, m_CasStore, m_CidStore);
+	auto HordeUpstreamEndpoint = MakeHordeUpstreamEndpoint(std::move(Options), m_CasStore, m_CidStore);
 	m_UpstreamApply->RegisterEndpoint(std::move(HordeUpstreamEndpoint));
 	m_UpstreamApply->Initialize();
 
diff --git a/zenserver/upstream/jupiter.cpp b/zenserver/upstream/jupiter.cpp
index 86c7e1611..f141856c1 100644
--- a/zenserver/upstream/jupiter.cpp
+++ b/zenserver/upstream/jupiter.cpp
@@ -33,7 +33,15 @@ namespace detail {
 	{
 		CloudCacheSessionState(CloudCacheClient& Client) : m_Client(Client) {}
 
-		const CloudCacheAccessToken& GetAccessToken() { return m_AccessToken; }
+		const CloudCacheAccessToken& GetAccessToken(bool RefreshToken)
+		{
+			if (RefreshToken)
+			{
+				m_AccessToken = m_Client.AcquireAccessToken();
+			}
+
+			return m_AccessToken;
+		}
 
 		cpr::Session& GetSession() { return m_Session; }
 
@@ -68,7 +76,9 @@ CloudCacheSession::~CloudCacheSession()
 CloudCacheResult
 CloudCacheSession::Authenticate()
 {
-	const CloudCacheAccessToken& AccessToken = GetAccessToken();
+	const bool					 RefreshToken = true;
+	const CloudCacheAccessToken& AccessToken  = GetAccessToken(RefreshToken);
+
 	return {.Success = AccessToken.IsValid()};
 }
 
@@ -679,9 +689,9 @@ CloudCacheSession::GetSession()
 }
 
 CloudCacheAccessToken
-CloudCacheSession::GetAccessToken()
+CloudCacheSession::GetAccessToken(bool RefreshToken)
 {
-	return m_SessionState->GetAccessToken();
+	return m_SessionState->GetAccessToken(RefreshToken);
 }
 
 bool
@@ -778,7 +788,7 @@ public:
 
 	virtual ~StaticTokenProvider() = default;
 
-	virtual CloudCacheAccessToken GetAccessToken() final override { return m_Token; }
+	virtual CloudCacheAccessToken AcquireAccessToken() final override { return m_Token; }
 
 private:
 	CloudCacheAccessToken m_Token;
@@ -802,12 +812,12 @@ public:
 
 	virtual ~OAuthClientCredentialsTokenProvider() = default;
 
-	virtual CloudCacheAccessToken GetAccessToken() final override
+	virtual CloudCacheAccessToken AcquireAccessToken() final override
 	{
 		using namespace std::chrono;
 
 		std::string Body =
-			fmt::format("client_id={}&scope=cache_access&grant_type=client_credentials&client_secret={k}", m_ClientId, m_ClientSecret);
+			fmt::format("client_id={}&scope=cache_access&grant_type=client_credentials&client_secret={}", m_ClientId, m_ClientSecret);
 
 		cpr::Response Response =
 			cpr::Post(cpr::Url{m_Url}, cpr::Header{{"Content-Type", "application/x-www-form-urlencoded"}}, cpr::Body{std::move(Body)});
@@ -844,13 +854,14 @@ CloudCacheTokenProvider::MakeFromOAuthClientCredentials(const OAuthClientCredent
 	return std::make_unique<OAuthClientCredentialsTokenProvider>(Params);
 }
 
-CloudCacheClient::CloudCacheClient(const CloudCacheClientOptions& Options)
+CloudCacheClient::CloudCacheClient(CloudCacheClientOptions&& Options)
 : m_Log(zen::logging::Get("jupiter"))
 , m_ServiceUrl(Options.ServiceUrl)
 , m_DdcNamespace(Options.DdcNamespace)
 , m_BlobStoreNamespace(Options.BlobStoreNamespace)
 , m_ConnectTimeout(Options.ConnectTimeout)
 , m_Timeout(Options.Timeout)
+, m_TokenProvider(std::move(Options.TokenProvider))
 {
 }
 
@@ -869,7 +880,7 @@ CloudCacheClient::AcquireAccessToken()
 {
 	ZEN_TRACE_CPU("HordeClient::AcquireAccessToken");
 
-	return m_TokenProvider->GetAccessToken();
+	return m_TokenProvider->AcquireAccessToken();
 }
 
 detail::CloudCacheSessionState*
@@ -877,10 +888,18 @@ CloudCacheClient::AllocSessionState()
 {
 	detail::CloudCacheSessionState* State = nullptr;
 
-	if (RwLock::ExclusiveLockScope _(m_SessionStateLock); !m_SessionStateCache.empty())
+	bool IsTokenValid = false;
+
 	{
-		State = m_SessionStateCache.front();
-		m_SessionStateCache.pop_front();
+		RwLock::ExclusiveLockScope _(m_SessionStateLock);
+
+		if (m_SessionStateCache.empty() == false)
+		{
+			State		 = m_SessionStateCache.front();
+			IsTokenValid = State->m_AccessToken.IsValid();
+
+			m_SessionStateCache.pop_front();
+		}
 	}
 
 	if (State == nullptr)
@@ -890,6 +909,11 @@ CloudCacheClient::AllocSessionState()
 
 	State->Reset(m_ConnectTimeout, m_Timeout);
 
+	if (IsTokenValid == false)
+	{
+		State->m_AccessToken = m_TokenProvider->AcquireAccessToken();
+	}
+
 	return State;
 }
 
diff --git a/zenserver/upstream/jupiter.h b/zenserver/upstream/jupiter.h
index 057488bcc..82b67b8e1 100644
--- a/zenserver/upstream/jupiter.h
+++ b/zenserver/upstream/jupiter.h
@@ -125,7 +125,7 @@ public:
 private:
 	inline spdlog::logger& Log() { return m_Log; }
 	cpr::Session&		   GetSession();
-	CloudCacheAccessToken  GetAccessToken();
+	CloudCacheAccessToken  GetAccessToken(bool RefreshToken = false);
 	bool				   VerifyAccessToken(long StatusCode);
 
 	CloudCacheResult CacheTypeExists(std::string_view TypeId, const IoHash& Key);
@@ -145,7 +145,7 @@ class CloudCacheTokenProvider
 public:
 	virtual ~CloudCacheTokenProvider() = default;
 
-	virtual CloudCacheAccessToken GetAccessToken() = 0;
+	virtual CloudCacheAccessToken AcquireAccessToken() = 0;
 
 	static std::unique_ptr<CloudCacheTokenProvider> MakeFromStaticToken(CloudCacheAccessToken Token);
 
@@ -177,7 +177,7 @@ struct CloudCacheClientOptions
 class CloudCacheClient : public RefCounted
 {
 public:
-	CloudCacheClient(const CloudCacheClientOptions& Options);
+	CloudCacheClient(CloudCacheClientOptions&& Options);
 	~CloudCacheClient();
 
 	CloudCacheAccessToken AcquireAccessToken();
@@ -191,12 +191,12 @@ public:
 
 private:
 	spdlog::logger&							 m_Log;
-	std::unique_ptr<CloudCacheTokenProvider> m_TokenProvider;
 	std::string								 m_ServiceUrl;
 	std::string								 m_DdcNamespace;
 	std::string								 m_BlobStoreNamespace;
 	std::chrono::milliseconds				 m_ConnectTimeout{};
 	std::chrono::milliseconds				 m_Timeout{};
+	std::unique_ptr<CloudCacheTokenProvider> m_TokenProvider;
 	bool									 m_IsValid = false;
 
 	RwLock									   m_SessionStateLock;
diff --git a/zenserver/upstream/upstreamapply.cpp b/zenserver/upstream/upstreamapply.cpp
index fe7f7d9c8..220daab27 100644
--- a/zenserver/upstream/upstreamapply.cpp
+++ b/zenserver/upstream/upstreamapply.cpp
@@ -48,13 +48,13 @@ namespace detail {
 	class HordeUpstreamApplyEndpoint final : public UpstreamApplyEndpoint
 	{
 	public:
-		HordeUpstreamApplyEndpoint(const CloudCacheClientOptions& Options, CasStore& CasStore, CidStore& CidStore)
+		HordeUpstreamApplyEndpoint(CloudCacheClientOptions&& Options, CasStore& CasStore, CidStore& CidStore)
 		: m_Log(logging::Get("upstream-apply"))
 		, m_CasStore(CasStore)
 		, m_CidStore(CidStore)
 		{
 			m_DisplayName = fmt::format("Horde - '{}'", Options.ServiceUrl);
-			m_Client	  = new CloudCacheClient(Options);
+			m_Client	  = new CloudCacheClient(std::move(Options));
 			m_ChannelId	  = fmt::format("zen-{}", zen::GetSessionIdString());
 		}
 
@@ -1561,9 +1561,9 @@ MakeUpstreamApply(const UpstreamApplyOptions& Options, CasStore& CasStore, CidSt
 }
 
 std::unique_ptr<UpstreamApplyEndpoint>
-MakeHordeUpstreamEndpoint(const CloudCacheClientOptions& Options, CasStore& CasStore, CidStore& CidStore)
+MakeHordeUpstreamEndpoint(CloudCacheClientOptions&& Options, CasStore& CasStore, CidStore& CidStore)
 {
-	return std::make_unique<detail::HordeUpstreamApplyEndpoint>(Options, CasStore, CidStore);
+	return std::make_unique<detail::HordeUpstreamApplyEndpoint>(std::move(Options), CasStore, CidStore);
 }
 
 }  // namespace zen
diff --git a/zenserver/upstream/upstreamapply.h b/zenserver/upstream/upstreamapply.h
index ed73ec7f8..114364581 100644
--- a/zenserver/upstream/upstreamapply.h
+++ b/zenserver/upstream/upstreamapply.h
@@ -169,9 +169,7 @@ public:
 
 std::unique_ptr<UpstreamApply> MakeUpstreamApply(const UpstreamApplyOptions& Options, CasStore& CasStore, CidStore& CidStore);
 
-std::unique_ptr<UpstreamApplyEndpoint> MakeHordeUpstreamEndpoint(const CloudCacheClientOptions& Options,
-																 CasStore&						CasStore,
-																 CidStore&						CidStore);
+std::unique_ptr<UpstreamApplyEndpoint> MakeHordeUpstreamEndpoint(CloudCacheClientOptions&& Options, CasStore& CasStore, CidStore& CidStore);
 
 }  // namespace zen
 
diff --git a/zenserver/upstream/upstreamcache.cpp b/zenserver/upstream/upstreamcache.cpp
index 44a8274da..f432d322c 100644
--- a/zenserver/upstream/upstreamcache.cpp
+++ b/zenserver/upstream/upstreamcache.cpp
@@ -85,7 +85,7 @@ namespace detail {
 	class JupiterUpstreamEndpoint final : public UpstreamEndpoint
 	{
 	public:
-		JupiterUpstreamEndpoint(const CloudCacheClientOptions& Options, AuthMgr& Mgr)
+		JupiterUpstreamEndpoint(CloudCacheClientOptions&& Options, AuthMgr& Mgr)
 		: m_AuthMgr(Mgr)
 		, m_Log(zen::logging::Get("upstream"))
 		, m_UseLegacyDdc(Options.UseLegacyDdc)
@@ -93,7 +93,7 @@ namespace detail {
 			ZEN_ASSERT(!Options.Name.empty());
 			m_Info.Name = Options.Name;
 			m_Info.Url	= Options.ServiceUrl;
-			m_Client	= new CloudCacheClient(Options);
+			m_Client	= new CloudCacheClient(std::move(Options));
 		}
 
 		virtual ~JupiterUpstreamEndpoint() = default;
@@ -1490,9 +1490,9 @@ MakeUpstreamCache(const UpstreamCacheOptions& Options, ZenCacheStore& CacheStore
 }
 
 std::unique_ptr<UpstreamEndpoint>
-MakeJupiterUpstreamEndpoint(const CloudCacheClientOptions& Options, AuthMgr& Mgr)
+MakeJupiterUpstreamEndpoint(CloudCacheClientOptions&& Options, AuthMgr& Mgr)
 {
-	return std::make_unique<detail::JupiterUpstreamEndpoint>(Options, Mgr);
+	return std::make_unique<detail::JupiterUpstreamEndpoint>(std::move(Options), Mgr);
 }
 
 std::unique_ptr<UpstreamEndpoint>
diff --git a/zenserver/upstream/upstreamcache.h b/zenserver/upstream/upstreamcache.h
index 5bc9f58d7..8eb852c53 100644
--- a/zenserver/upstream/upstreamcache.h
+++ b/zenserver/upstream/upstreamcache.h
@@ -204,7 +204,7 @@ public:
 
 std::unique_ptr<UpstreamCache> MakeUpstreamCache(const UpstreamCacheOptions& Options, ZenCacheStore& CacheStore, CidStore& CidStore);
 
-std::unique_ptr<UpstreamEndpoint> MakeJupiterUpstreamEndpoint(const CloudCacheClientOptions& Options, AuthMgr& Mgr);
+std::unique_ptr<UpstreamEndpoint> MakeJupiterUpstreamEndpoint(CloudCacheClientOptions&& Options, AuthMgr& Mgr);
 
 std::unique_ptr<UpstreamEndpoint> MakeZenUpstreamEndpoint(const ZenStructuredCacheClientOptions& Options);
 
diff --git a/zenserver/zenserver.cpp b/zenserver/zenserver.cpp
index 4227a296c..a67e9f7e8 100644
--- a/zenserver/zenserver.cpp
+++ b/zenserver/zenserver.cpp
@@ -742,68 +742,57 @@ ZenServer::InitializeStructuredCache(const ZenServerOptions& ServerOptions)
 
 		// Jupiter upstream
 		{
-			/*
 			zen::CloudCacheClientOptions Options;
-			if (UpstreamConfig.JupiterConfig.UseProductionSettings)
-			{
-				Options =
-					zen::CloudCacheClientOptions{.Name				 = "Jupiter-Prod"sv,
-												 .ServiceUrl		 = "https://jupiter.devtools.epicgames.com"sv,
-												 .DdcNamespace		 = "ue.ddc"sv,
-												 .BlobStoreNamespace = "ue.ddc"sv,
-												 .OAuthProvider		 = "https://epicgames.okta.com/oauth2/auso645ojjWVdRI3d0x7/v1/token"sv,
-												 .OAuthClientId		 = "0oao91lrhqPiAlaGD0x7"sv,
-												 .OAuthSecret		 = "-GBWjjenhCgOwhxL5yBKNJECVIoDPH0MK4RDuN7d"sv,
-												 .ConnectTimeout	 = std::chrono::milliseconds(UpstreamConfig.ConnectTimeoutMilliseconds),
-												 .Timeout			 = std::chrono::milliseconds(UpstreamConfig.TimeoutMilliseconds),
-												 .UseLegacyDdc		 = false};
-			}
-			else if (UpstreamConfig.JupiterConfig.UseDevelopmentSettings)
+
+			if (UpstreamConfig.JupiterConfig.UseProductionSettings || UpstreamConfig.JupiterConfig.UseDevelopmentSettings)
 			{
+				std::string EndpointName = "Jupiter-Dev"sv;
+				std::string Url			 = "https://jupiter.devtools-dev.epicgames.com" sv;
+
+				if (UpstreamConfig.JupiterConfig.UseProductionSettings)
+				{
+					EndpointName = "Jupiter-Prod"sv;
+					Url			 = "https://jupiter.devtools.epicgames.com" sv;
+				}
+
+				auto TokenProvider = CloudCacheTokenProvider::MakeFromOAuthClientCredentials(
+					{.Url		   = "https://epicgames.okta.com/oauth2/auso645ojjWVdRI3d0x7/v1/token"sv,
+					 .ClientId	   = "0oao91lrhqPiAlaGD0x7"sv,
+					 .ClientSecret = "-GBWjjenhCgOwhxL5yBKNJECVIoDPH0MK4RDuN7d"sv});
+
 				Options =
-					zen::CloudCacheClientOptions{.Name				 = "Jupiter-Dev"sv,
-												 .ServiceUrl		 = "https://jupiter.devtools-dev.epicgames.com"sv,
+					zen::CloudCacheClientOptions{.Name				 = EndpointName,
+												 .ServiceUrl		 = Url,
 												 .DdcNamespace		 = "ue.ddc"sv,
 												 .BlobStoreNamespace = "ue.ddc"sv,
-												 .OAuthProvider		 = "https://epicgames.okta.com/oauth2/auso645ojjWVdRI3d0x7/v1/token"sv,
-												 .OAuthClientId		 = "0oao91lrhqPiAlaGD0x7"sv,
-												 .OAuthSecret		 = "-GBWjjenhCgOwhxL5yBKNJECVIoDPH0MK4RDuN7d"sv,
 												 .ConnectTimeout	 = std::chrono::milliseconds(UpstreamConfig.ConnectTimeoutMilliseconds),
 												 .Timeout			 = std::chrono::milliseconds(UpstreamConfig.TimeoutMilliseconds),
+												 .TokenProvider		 = std::move(TokenProvider),
 												 .UseLegacyDdc		 = false};
 			}
 			else
 			{
-				const auto JupiterEndpointName =
-					UpstreamConfig.JupiterConfig.Name.empty() ? "Jupiter"sv : UpstreamConfig.JupiterConfig.Name;
+				const auto EndpointName = UpstreamConfig.JupiterConfig.Name.empty() ? "Jupiter"sv : UpstreamConfig.JupiterConfig.Name;
+
+				auto TokenProvider = CloudCacheTokenProvider::MakeFromOAuthClientCredentials(
+					{.Url		   = "https://epicgames.okta.com/oauth2/auso645ojjWVdRI3d0x7/v1/token"sv,
+					 .ClientId	   = "0oao91lrhqPiAlaGD0x7"sv,
+					 .ClientSecret = "-GBWjjenhCgOwhxL5yBKNJECVIoDPH0MK4RDuN7d"sv});
 
 				Options =
-					zen::CloudCacheClientOptions{.Name				 = JupiterEndpointName,
+					zen::CloudCacheClientOptions{.Name				 = EndpointName,
 												 .ServiceUrl		 = UpstreamConfig.JupiterConfig.Url,
 												 .DdcNamespace		 = UpstreamConfig.JupiterConfig.DdcNamespace,
 												 .BlobStoreNamespace = UpstreamConfig.JupiterConfig.Namespace,
-												 .OAuthProvider		 = UpstreamConfig.JupiterConfig.OAuthProvider,
-												 .OAuthClientId		 = UpstreamConfig.JupiterConfig.OAuthClientId,
-												 .OAuthSecret		 = UpstreamConfig.JupiterConfig.OAuthClientSecret,
 												 .ConnectTimeout	 = std::chrono::milliseconds(UpstreamConfig.ConnectTimeoutMilliseconds),
 												 .Timeout			 = std::chrono::milliseconds(UpstreamConfig.TimeoutMilliseconds),
+												 .TokenProvider		 = std::move(TokenProvider),
 												 .UseLegacyDdc		 = false};
 			}
-			*/
-
-			const AuthMgr::OpenIdAccessToken Token = m_AuthMgr->GetOpenIdAccessToken("Okta");
-
-			zen::CloudCacheClientOptions Options =
-				zen::CloudCacheClientOptions{.Name				 = "Jupiter-Prod"sv,
-											 .ServiceUrl		 = "https://jupiter.devtools.epicgames.com"sv,
-											 .DdcNamespace		 = "ue.ddc"sv,
-											 .BlobStoreNamespace = "ue.ddc"sv,
-											 .ConnectTimeout	 = std::chrono::milliseconds(UpstreamConfig.ConnectTimeoutMilliseconds),
-											 .Timeout			 = std::chrono::milliseconds(UpstreamConfig.TimeoutMilliseconds),
-											 .UseLegacyDdc		 = false};
+
 			if (!Options.ServiceUrl.empty())
 			{
-				std::unique_ptr<zen::UpstreamEndpoint> JupiterEndpoint = zen::MakeJupiterUpstreamEndpoint(Options, *m_AuthMgr);
+				std::unique_ptr<zen::UpstreamEndpoint> JupiterEndpoint = zen::MakeJupiterUpstreamEndpoint(std::move(Options), *m_AuthMgr);
 				m_UpstreamCache->RegisterEndpoint(std::move(JupiterEndpoint));
 			}
 		}
author	Per Larsson <[email protected]>	2022-02-01 13:19:52 +0100
committer	Per Larsson <[email protected]>	2022-02-01 13:19:52 +0100
commit	14b1cd4930f5bf94ddf0a6979097d27892497523 (patch)
tree	ed596aca1a53173aa723978a8bec31296e72c735
parent	Parital completed cloud cache token provider interface. (diff)
download	zen-14b1cd4930f5bf94ddf0a6979097d27892497523.tar.xz zen-14b1cd4930f5bf94ddf0a6979097d27892497523.zip