aboutsummaryrefslogtreecommitdiff
path: root/zenserver/upstream
diff options
context:
space:
mode:
authorPer Larsson <[email protected]>2022-02-02 16:56:38 +0100
committerPer Larsson <[email protected]>2022-02-02 16:56:38 +0100
commit5b7c068b482b563443320453064fe5fa5601d446 (patch)
tree3309bc01ef5ab2f4d08580b5e6c1098c6b45570b /zenserver/upstream
parentParse expire time from OpenID refresh token and added OpenId token provider. (diff)
downloadzen-5b7c068b482b563443320453064fe5fa5601d446.tar.xz
zen-5b7c068b482b563443320453064fe5fa5601d446.zip
Added upstream auth config and removed the possibility to add endpoints via REST.
Diffstat (limited to 'zenserver/upstream')
-rw-r--r--zenserver/upstream/jupiter.h3
-rw-r--r--zenserver/upstream/upstreamcache.cpp33
-rw-r--r--zenserver/upstream/upstreamcache.h15
-rw-r--r--zenserver/upstream/upstreamservice.cpp152
4 files changed, 39 insertions, 164 deletions
diff --git a/zenserver/upstream/jupiter.h b/zenserver/upstream/jupiter.h
index 1b9650bdf..47fdc4e17 100644
--- a/zenserver/upstream/jupiter.h
+++ b/zenserver/upstream/jupiter.h
@@ -185,8 +185,6 @@ public:
std::string_view DdcNamespace() const { return m_DdcNamespace; }
std::string_view BlobStoreNamespace() const { return m_BlobStoreNamespace; }
std::string_view ServiceUrl() const { return m_ServiceUrl; }
- bool IsValid() const { return m_IsValid; }
- void SetAccessToken(CloudCacheAccessToken Token);
spdlog::logger& Logger() { return m_Log; }
@@ -198,7 +196,6 @@ private:
std::chrono::milliseconds m_ConnectTimeout{};
std::chrono::milliseconds m_Timeout{};
std::unique_ptr<CloudCacheTokenProvider> m_TokenProvider;
- bool m_IsValid = false;
RwLock m_SessionStateLock;
std::list<detail::CloudCacheSessionState*> m_SessionStateCache;
diff --git a/zenserver/upstream/upstreamcache.cpp b/zenserver/upstream/upstreamcache.cpp
index 58c025b4f..d83542701 100644
--- a/zenserver/upstream/upstreamcache.cpp
+++ b/zenserver/upstream/upstreamcache.cpp
@@ -85,9 +85,7 @@ namespace detail {
class JupiterUpstreamEndpoint final : public UpstreamEndpoint
{
public:
- JupiterUpstreamEndpoint(const CloudCacheClientOptions& Options,
- std::unique_ptr<CloudCacheTokenProvider> TokenProvider,
- AuthMgr& Mgr)
+ JupiterUpstreamEndpoint(const CloudCacheClientOptions& Options, const UpstreamAuthConfig& AuthConfig, AuthMgr& Mgr)
: m_AuthMgr(Mgr)
, m_Log(zen::logging::Get("upstream"))
, m_UseLegacyDdc(Options.UseLegacyDdc)
@@ -95,7 +93,30 @@ namespace detail {
ZEN_ASSERT(!Options.Name.empty());
m_Info.Name = Options.Name;
m_Info.Url = Options.ServiceUrl;
- m_Client = new CloudCacheClient(Options, std::move(TokenProvider));
+
+ std::unique_ptr<CloudCacheTokenProvider> TokenProvider;
+
+ if (AuthConfig.OAuthUrl.empty() == false)
+ {
+ TokenProvider = CloudCacheTokenProvider::MakeFromOAuthClientCredentials(
+ {.Url = AuthConfig.OAuthUrl, .ClientId = AuthConfig.OAuthClientId, .ClientSecret = AuthConfig.OAuthClientSecret});
+ }
+ else if (AuthConfig.OpenIdProvider.empty() == false)
+ {
+ TokenProvider = CloudCacheTokenProvider::MakeFromCallback([this, ProviderName = std::string(AuthConfig.OpenIdProvider)]() {
+ AuthMgr::OpenIdAccessToken Token = m_AuthMgr.GetOpenIdAccessToken(ProviderName);
+ return CloudCacheAccessToken{.Value = Token.AccessToken, .ExpireTime = Token.ExpireTime};
+ });
+ }
+ else
+ {
+ CloudCacheAccessToken AccessToken{.Value = std::string(AuthConfig.AccessToken),
+ .ExpireTime = CloudCacheAccessToken::TimePoint::max()};
+
+ TokenProvider = CloudCacheTokenProvider::MakeFromStaticToken(AccessToken);
+ }
+
+ m_Client = new CloudCacheClient(Options, std::move(TokenProvider));
}
virtual ~JupiterUpstreamEndpoint() = default;
@@ -1491,9 +1512,9 @@ MakeUpstreamCache(const UpstreamCacheOptions& Options, ZenCacheStore& CacheStore
}
std::unique_ptr<UpstreamEndpoint>
-MakeJupiterUpstreamEndpoint(const CloudCacheClientOptions& Options, std::unique_ptr<CloudCacheTokenProvider> TokenProvider, AuthMgr& Mgr)
+MakeJupiterUpstreamEndpoint(const CloudCacheClientOptions& Options, const UpstreamAuthConfig& AuthConfig, AuthMgr& Mgr)
{
- return std::make_unique<detail::JupiterUpstreamEndpoint>(Options, std::move(TokenProvider), Mgr);
+ return std::make_unique<detail::JupiterUpstreamEndpoint>(Options, AuthConfig, Mgr);
}
std::unique_ptr<UpstreamEndpoint>
diff --git a/zenserver/upstream/upstreamcache.h b/zenserver/upstream/upstreamcache.h
index c82af28c6..48601c879 100644
--- a/zenserver/upstream/upstreamcache.h
+++ b/zenserver/upstream/upstreamcache.h
@@ -123,6 +123,15 @@ ToString(UpstreamEndpointState State)
}
}
+struct UpstreamAuthConfig
+{
+ std::string_view OAuthUrl;
+ std::string_view OAuthClientId;
+ std::string_view OAuthClientSecret;
+ std::string_view OpenIdProvider;
+ std::string_view AccessToken;
+};
+
struct UpstreamEndpointStatus
{
std::string Reason;
@@ -205,9 +214,9 @@ public:
std::unique_ptr<UpstreamCache> MakeUpstreamCache(const UpstreamCacheOptions& Options, ZenCacheStore& CacheStore, CidStore& CidStore);
-std::unique_ptr<UpstreamEndpoint> MakeJupiterUpstreamEndpoint(const CloudCacheClientOptions& Options,
- std::unique_ptr<CloudCacheTokenProvider> TokenProvider,
- AuthMgr& Mgr);
+std::unique_ptr<UpstreamEndpoint> MakeJupiterUpstreamEndpoint(const CloudCacheClientOptions& Options,
+ const UpstreamAuthConfig& AuthConfig,
+ AuthMgr& Mgr);
std::unique_ptr<UpstreamEndpoint> MakeZenUpstreamEndpoint(const ZenStructuredCacheClientOptions& Options);
diff --git a/zenserver/upstream/upstreamservice.cpp b/zenserver/upstream/upstreamservice.cpp
index 5f248678a..74ddd7e3e 100644
--- a/zenserver/upstream/upstreamservice.cpp
+++ b/zenserver/upstream/upstreamservice.cpp
@@ -15,57 +15,6 @@ namespace zen {
using namespace std::literals;
-namespace {
- json11::Json TryGetJson(IoBuffer Body, HttpContentType ContentType, std::string& OutError)
- {
- if (!Body)
- {
- OutError = "No data"sv;
- return json11::Json();
- }
-
- if ((ContentType == HttpContentType::kJSON || ContentType == HttpContentType::kCbObject) == false)
- {
- OutError = "Invalid content type"sv;
- return json11::Json();
- }
-
- if (ContentType == ZenContentType::kJSON)
- {
- std::string JsonText(reinterpret_cast<const char*>(Body.GetData()), Body.GetSize());
- return json11::Json::parse(JsonText, OutError);
- }
-
- if (CbObject Obj = LoadCompactBinaryObject(Body))
- {
- ExtendableStringBuilder<512> Sb;
- return json11::Json::parse(Obj.ToJson(Sb).ToString(), OutError);
- }
-
- OutError = "Invalid compact binary"sv;
- return json11::Json();
- }
-
- void WriteErrorResponse(HttpServerRequest& Request, std::string_view Property, std::string_view Reason)
- {
- CbObjectWriter Response;
- Response << "Result"sv << false;
- Response.BeginObject("Error"sv);
- Response << "Property"sv << Property << "Reason"sv << Reason;
- Response.EndObject();
-
- Request.WriteResponse(HttpResponseCode::BadRequest, Response.Save());
- }
-
- void WriteSuccessResponse(HttpServerRequest& Request)
- {
- CbObjectWriter Response;
- Response << "Result"sv << true;
-
- Request.WriteResponse(HttpResponseCode::OK, Response.Save());
- }
-} // namespace
-
HttpUpstreamService::HttpUpstreamService(UpstreamCache& Upstream, AuthMgr& Mgr) : m_Upstream(Upstream), m_AuthMgr(Mgr)
{
m_Router.RegisterRoute(
@@ -90,107 +39,6 @@ HttpUpstreamService::HttpUpstreamService(UpstreamCache& Upstream, AuthMgr& Mgr)
Req.ServerRequest().WriteResponse(HttpResponseCode::OK, Writer.Save());
},
HttpVerb::kGet);
-
- m_Router.RegisterRoute(
- "endpoints",
- [this](HttpRouterRequest& RouterRequest) {
- HttpServerRequest& ServerRequest = RouterRequest.ServerRequest();
- std::string JsonError;
-
- json11::Json Json = TryGetJson(ServerRequest.ReadPayload(), ServerRequest.RequestContentType(), JsonError);
-
- if (!JsonError.empty())
- {
- return ServerRequest.WriteResponse(HttpResponseCode::BadRequest, HttpContentType::kText, JsonError);
- }
-
- const auto Type = Json["Type"].string_value();
- const auto Name = Json["Name"].string_value();
- const auto Url = Json["Url"].string_value();
- const auto Namespace = Json["Namespace"].string_value();
- const auto OAuthProvider = Json["OAuthProvider"].string_value();
- const auto OAuthClientId = Json["OAuthClientId"].string_value();
- const auto OAuthSecret = Json["OAuthSecret"].string_value();
- const auto OAuthToken = Json["OAuthToken"].string_value();
-
- if ((Type == "Horde"sv || Type == "Zen"sv) == false)
- {
- return WriteErrorResponse(ServerRequest, "Type"sv, "Invalid endpoint type, must be Zen or Horde"sv);
- }
-
- if (Name.empty())
- {
- return WriteErrorResponse(ServerRequest, "Name"sv, "Invalid endpoint name"sv);
- }
-
- if (Url.empty())
- {
- return WriteErrorResponse(ServerRequest, "Url"sv, "Invalid endpoint URL"sv);
- }
-
- bool IsNameUnique = true;
- m_Upstream.IterateEndpoints([&Name, &IsNameUnique](UpstreamEndpoint& Ep) {
- IsNameUnique = IsNameUnique && Ep.GetEndpointInfo().Name != Name;
- return IsNameUnique;
- });
-
- if (IsNameUnique == false)
- {
- return WriteErrorResponse(ServerRequest, "Url"sv, "Endpoint name is not unique"sv);
- }
-
- std::unique_ptr<zen::UpstreamEndpoint> Endpoint;
-
- if (Type == "Zen"sv)
- {
- std::vector<std::string> Urls;
- Urls.push_back(Json["Url"].string_value());
- Endpoint = zen::MakeZenUpstreamEndpoint({.Name = Name, .Urls = Urls});
- }
- else
- {
- if (Namespace.empty())
- {
- return WriteErrorResponse(ServerRequest, "Namespace"sv, "Invalid Horde namespace"sv);
- }
-
- if (OAuthProvider.empty())
- {
- return WriteErrorResponse(ServerRequest, "OAuthProvider"sv, "Invalid Horde OAuth provider URL"sv);
- }
-
- if (OAuthToken.empty())
- {
- if (OAuthClientId.empty())
- {
- return WriteErrorResponse(ServerRequest, "OAuthClientId"sv, "Invalid Horde OAuth client ID"sv);
- }
-
- if (OAuthSecret.empty())
- {
- return WriteErrorResponse(ServerRequest, "OAuthSecret"sv, "Invalid Horde OAuth secret"sv);
- }
- }
-
- /*
- const zen::CloudCacheClientOptions Options = {.Name = Name,
- .ServiceUrl = Url,
- .DdcNamespace = Namespace,
- .BlobStoreNamespace = Namespace,
- .OAuthProvider = OAuthProvider,
- .OAuthClientId = OAuthClientId,
- .OAuthSecret = OAuthSecret,
- .AccessToken = OAuthToken};
-
- Endpoint = zen::MakeJupiterUpstreamEndpoint(Options, m_AuthMgr);
- */
- }
-
- m_Upstream.RegisterEndpoint(std::move(Endpoint));
-
- WriteSuccessResponse(ServerRequest);
- },
- HttpVerb::kPost);
}
HttpUpstreamService::~HttpUpstreamService()
generated by cgit v1.2.3 (git 2.25.1) at 2026-04-24 00:33:27 +0000