...

Source file src/golang.conradwood.net/go-easyops/auth/context.go

Documentation: golang.conradwood.net/go-easyops/auth 

     1  package auth
     2  
     3  import (
     4  	"context"
     5  	"encoding/base64"
     6  	"fmt"
     7  	"golang.conradwood.net/apis/auth"
     8  	//"google.golang.org/protobuf/proto"
     9  	//	"golang.conradwood.net/go-easyops/client"
    10  	"golang.conradwood.net/go-easyops/cmdline"
    11  	pctx "golang.conradwood.net/go-easyops/ctx"
    12  	"golang.conradwood.net/go-easyops/tokens"
    13  	"os"
    14  	"time"
    15  )
    16  
    17  const (
    18  	SERBINPREFIX = "CTXUSER-BIN-"
    19  	SERSTRPREFIX = "CTXUSER-STR-"
    20  )
    21  
    22  // return a context with token and/or from environment or so
    23  // this function is obsolete and deprecated. use authremote.Context() instead
    24  func DISContext(t time.Duration) context.Context {
    25  	if tokens.GetUserTokenParameter() != "" || tokens.GetServiceTokenParameter() != "" {
    26  		ctx := tokens.DISContextWithTokenAndTimeout(uint64(t.Seconds()))
    27  		return ctx
    28  	}
    29  	sctx := cmdline.GetEnvContext()
    30  	if sctx == "" {
    31  		fmt.Fprintf(os.Stderr, "[go-easyops] Warning no context with tokens or environment at all\n")
    32  		return nil
    33  	}
    34  	ctx, err := RecreateContextWithTimeout(t, []byte(sctx))
    35  	if err != nil {
    36  		fmt.Fprintf(os.Stderr, "[go-easyops] Warning failed to recreate context from environment: %s\n", err)
    37  		return nil
    38  	}
    39  	return ctx
    40  }
    41  
    42  func ForkContext(ictx context.Context) (context.Context, error) {
    43  	if cmdline.ContextWithBuilder() {
    44  		u := GetSignedUser(ictx)
    45  		s := GetSignedService(ictx)
    46  		cb := pctx.NewContextBuilder()
    47  		cb.WithUser(u)
    48  		cb.WithCallingService(s)
    49  		nctx := cb.ContextWithAutoCancel()
    50  		return nctx, nil
    51  	}
    52  	u := GetSignedUser(ictx)
    53  	if u == nil {
    54  		return DISContext(time.Duration(10) * time.Second), nil
    55  	}
    56  	return DISContextForSignedUser(u)
    57  }
    58  
    59  // this will create a context for a userobject. if the userobject is signed, it will "just work"
    60  // this function is obsolete and deprecated. use authremote.Context() instead
    61  func DISContextForSignedUser(su *auth.SignedUser) (context.Context, error) {
    62  	if su == nil {
    63  		return nil, fmt.Errorf("[go-easyops] ctxforuser: no user specified")
    64  	}
    65  	panic("obsolete codepath")
    66  }
    67  
    68  // this returns a byte sequence, max 256 bytes long which may be used to recreate a users' context at some point in the future
    69  func serialiseContextRaw(ctx context.Context) ([]byte, error) {
    70  	if ctx == nil {
    71  		return nil, fmt.Errorf("Cannot serialise 'nil' context")
    72  	}
    73  	if cmdline.ContextWithBuilder() && pctx.IsContextFromBuilder(ctx) {
    74  		return pctx.SerialiseContext(ctx)
    75  	}
    76  
    77  	panic("obsolete codepath")
    78  }
    79  
    80  // this recreates a context from a previously stored state (see SerialiseContext())
    81  func RecreateContextWithTimeout(t time.Duration, bs []byte) (context.Context, error) {
    82  	if pctx.IsSerialisedByBuilder(bs) {
    83  		return pctx.DeserialiseContextWithTimeout(t, bs)
    84  	}
    85  	return nil, fmt.Errorf("obsolete context to deserialise - context serialised by a version of go easyops no longer supported")
    86  }
    87  
    88  func SerialiseContextToString(ctx context.Context) (string, error) {
    89  	if cmdline.ContextWithBuilder() && pctx.IsContextFromBuilder(ctx) {
    90  		return pctx.SerialiseContextToString(ctx)
    91  	}
    92  	b, err := serialiseContextRaw(ctx)
    93  	if err != nil {
    94  		return "", err
    95  	}
    96  	if len(b) == 0 {
    97  		return "", fmt.Errorf("context serialised to zero bytes")
    98  	}
    99  	s := base64.StdEncoding.EncodeToString(b)
   100  	if len(s) == 0 {
   101  		return "", fmt.Errorf("context serialised to zero bytes")
   102  	}
   103  	return SERSTRPREFIX + s, nil
   104  }
   105  
   106  func SerialiseContext(ctx context.Context) ([]byte, error) {
   107  	if cmdline.ContextWithBuilder() && pctx.IsContextFromBuilder(ctx) {
   108  		return pctx.SerialiseContext(ctx)
   109  	}
   110  	b, err := serialiseContextRaw(ctx)
   111  	if err != nil {
   112  		return nil, err
   113  	}
   114  	if len(b) == 0 {
   115  		return nil, fmt.Errorf("context serialised to zero bytes")
   116  	}
   117  	res := []byte(SERBINPREFIX)
   118  	res = append(res, b...)
   119  	return res, nil
   120  }
   121  
   122  // get signed session from context or nil if none
   123  func DISGetSignedSession(ctx context.Context) *auth.SignedSession {
   124  	return nil
   125  	/*
   126  		ls := pctx.GetLocalState(ctx)
   127  		res := ls.Session()
   128  		if res != nil {
   129  			return res
   130  		}
   131  		cs := rpc.CallStateFromContext(ctx)
   132  		if cs == nil {
   133  			return nil
   134  		}
   135  
   136  		s := cs.SignedSession()
   137  		if s == nil {
   138  			return nil
   139  		}
   140  		if !common.VerifyBytes(s.Session, s.Signature) {
   141  			return nil
   142  		}
   143  		return s
   144  	*/
   145  }
   146  
   147  // get session token from context or "" if none
   148  func GetSessionToken(ctx context.Context) string {
   149  	ls := pctx.GetLocalState(ctx)
   150  	res := ls.Session()
   151  	if res != nil {
   152  		return res.SessionID
   153  	}
   154  	return ""
   155  	/*
   156  		s := GetSignedSession(ctx)
   157  		if s == nil {
   158  			return ""
   159  		}
   160  		sess := &auth.Session{}
   161  		err := utils.UnmarshalBytes(s.Session, sess)
   162  		if err != nil {
   163  			fmt.Printf("[go-easyops] invalid session (%s)\n", err)
   164  			return ""
   165  		}
   166  		return sess.Token
   167  	*/
   168  }
   169  

View as plain text