...

Source file src/golang.conradwood.net/go-easyops/authremote/local_account.go

Documentation: golang.conradwood.net/go-easyops/authremote 

     1  package authremote
     2  
     3  import (
     4  	"context"
     5  	"fmt"
     6  	apb "golang.conradwood.net/apis/auth"
     7  	"golang.conradwood.net/go-easyops/auth"
     8  	"golang.conradwood.net/go-easyops/common"
     9  	"golang.conradwood.net/go-easyops/tokens"
    10  	"golang.conradwood.net/go-easyops/utils"
    11  	"sync"
    12  	"time"
    13  )
    14  
    15  var (
    16  	local_service_lock     sync.Mutex
    17  	local_service          *apb.SignedUser
    18  	local_service_resolved = false
    19  	local_user_lock        sync.Mutex
    20  	local_user             *apb.SignedUser
    21  	local_user_resolved    = false
    22  )
    23  
    24  // the local user account (nil if a service)
    25  func getLocalUserAccount() *apb.SignedUser {
    26  	if local_user_resolved {
    27  		return local_user
    28  	}
    29  	local_user_lock.Lock()
    30  	defer local_user_lock.Unlock()
    31  	if local_user_resolved {
    32  		return local_user
    33  	}
    34  	st := tokens.GetUserTokenParameter()
    35  	if st == "" {
    36  		fmt.Printf("[go-easyops] no user account, assuming cli tool\n")
    37  		local_user_resolved = true
    38  		return nil
    39  	}
    40  	atr := &apb.AuthenticateTokenRequest{Token: st}
    41  	timeout := time.Duration(50) * time.Second
    42  	ctx, cnc := context.WithTimeout(context.Background(), timeout)
    43  	go auto_cancel(cnc, timeout)
    44  	fmt.Printf("[go-easyops] verifying and resolving local user account\n")
    45  	ar, err := GetAuthenticationService().SignedGetByToken(ctx, atr)
    46  	if err != nil {
    47  		fmt.Printf("Unable to resolve user token.(%s)\n", utils.ErrorString(err))
    48  		panic("unable to resolve user token")
    49  	}
    50  	if !ar.Valid {
    51  		fmt.Printf("invalid token: %s\n(%s)\n", ar.PublicMessage, ar.LogMessage)
    52  		panic("Invalid user token")
    53  	}
    54  	fmt.Printf("[go-easyops] local user: %s\n", auth.Description(common.VerifySignedUser(ar.User)))
    55  	local_user = ar.User
    56  	local_user_resolved = true
    57  	return ar.User
    58  }
    59  
    60  // the local service's useraccount (nil if on commandline or service without useraccount)
    61  func GetLocalServiceAccount() *apb.SignedUser {
    62  	if local_service_resolved {
    63  		return local_service
    64  	}
    65  	local_service_lock.Lock()
    66  	defer local_service_lock.Unlock()
    67  	if local_service_resolved {
    68  		return local_service
    69  	}
    70  	st := tokens.GetServiceTokenParameter()
    71  	if st == "" {
    72  		fmt.Printf("[go-easyops] no service account, assuming cli tool\n")
    73  		local_service_resolved = true
    74  		return nil
    75  	}
    76  	fmt.Printf("[go-easyops] verifying and resolving local service account\n")
    77  	atr := &apb.AuthenticateTokenRequest{Token: st}
    78  	timeout := time.Duration(15) * time.Second
    79  	ctx, cnc := context.WithTimeout(context.Background(), timeout)
    80  	go auto_cancel(cnc, timeout)
    81  	ar, err := GetAuthenticationService().SignedGetByToken(ctx, atr)
    82  	if err != nil {
    83  		fmt.Printf("Unable to resolve service token.(%s)\n", utils.ErrorString(err))
    84  		panic("unable to resolve service token")
    85  	}
    86  	if !ar.Valid {
    87  		fmt.Printf("invalid token: %s\n(%s)\n", ar.PublicMessage, ar.LogMessage)
    88  		panic("Invalid service token")
    89  	}
    90  	local_service = ar.User
    91  	local_service_resolved = true
    92  	return ar.User
    93  }
    94  

View as plain text