Skip to content

G
galene
Commit 8a94f4a7 authored by Juliusz Chroboczek's avatar Juliusz Chroboczek
Browse files
Options

Export getStateful, simplify interface. 

We used to return nil, nil if the token didn't exist.
We now return os.ErrNotExist.
parent 0c361664
Show whitespace changes
Inline Side-by-side
Showing with 18 additions and 20 deletions
token/jwt.go
View file @ 8a94f4a7
...@@ -126,6 +126,8 @@ func toStringArray(a interface{}) ([]string, bool) { ...@@ -126,6 +126,8 @@ func toStringArray(a interface{}) ([]string, bool) {
return b, true return b, true
} }
// parseJWT tries to parse a string as a JWT.
// It returns (nil, nil) if the string does not look like a JWT.
func parseJWT(token string, keys []map[string]interface{}) (*JWT, error) { func parseJWT(token string, keys []map[string]interface{}) (*JWT, error) {
t, err := jwt.Parse( t, err := jwt.Parse(
token, token,
......
token/stateful.go
View file @ 8a94f4a7
...@@ -57,20 +57,23 @@ func SetStatefulFilename(filename string) { ...@@ -57,20 +57,23 @@ func SetStatefulFilename(filename string) {
tokens.modTime = time.Time{} tokens.modTime = time.Time{}
} }
func getStateful(token string) (*Stateful, error) { // Get fetches a stateful token.
// It returns os.ErrNotExist if the token doesn't exist.
func Get(token string) (*Stateful, error) {
tokens.mu.Lock() tokens.mu.Lock()
defer tokens.mu.Unlock() defer tokens.mu.Unlock()
err := tokens.load() err := tokens.load()
if err != nil { if err != nil {
if errors.Is(err, os.ErrNotExist) {
return nil, nil
}
return nil, err return nil, err
} }
if tokens.tokens == nil { if tokens.tokens == nil {
return nil, nil return nil, os.ErrNotExist
}
t := tokens.tokens[token]
if t == nil {
return nil, os.ErrNotExist
} }
return tokens.tokens[token], nil return t, nil
} }
func (token *Stateful) Check(host, group string, username *string) (string, []string, error) { func (token *Stateful) Check(host, group string, username *string) (string, []string, error) {
......
token/token.go
View file @ 8a94f4a7
...@@ -2,7 +2,6 @@ package token ...@@ -2,7 +2,6 @@ package token
import ( import (
"errors" "errors"
"os"
) )
var ErrUsernameRequired = errors.New("username required") var ErrUsernameRequired = errors.New("username required")
...@@ -13,21 +12,15 @@ type Token interface { ...@@ -13,21 +12,15 @@ type Token interface {
func Parse(token string, keys []map[string]interface{}) (Token, error) { func Parse(token string, keys []map[string]interface{}) (Token, error) {
// both getStateful and parseJWT may return nil, which we // both getStateful and parseJWT may return nil, which we
// shouldn't cast into an interface. Be very careful. // shouldn't cast into an interface before testing for nil.
s, err1 := getStateful(token) jwt, err := parseJWT(token, keys)
if err1 == nil && s != nil { if err != nil {
return s, nil // parses correctly but doesn't validate
return nil, err
} }
if jwt != nil {
jwt, err2 := parseJWT(token, keys)
if err2 == nil && jwt != nil {
return jwt, nil return jwt, nil
} }
if err1 != nil { return Get(token)
return nil, err1
} else if err2 != nil {
return nil, err2
}
return nil, os.ErrNotExist
} }
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7