jwt: add initial jwt update

This also changes the signature of the constructor to return an error.
This commit is contained in:
Jimmy Zelinskie 2016-09-26 12:00:28 -04:00
parent 7f7f2726b4
commit 46bd349a23
2 changed files with 18 additions and 8 deletions

View file

@ -78,7 +78,11 @@ func (cfg ConfigFile) CreateHooks() (preHooks, postHooks []middleware.Hook, err
if err != nil {
return nil, nil, errors.New("invalid JWT middleware config: " + err.Error())
}
preHooks = append(preHooks, jwt.NewHook(jwtCfg))
hook, err := jwt.NewHook(jwtCfg)
if err != nil {
return nil, nil, errors.New("invalid JWT middleware config: " + err.Error())
}
preHooks = append(preHooks, hook)
case "client approval":
var caCfg clientapproval.Config
err := yaml.Unmarshal(cfgBytes, &caCfg)

View file

@ -50,14 +50,18 @@ type hook struct {
}
// NewHook returns an instance of the JWT middleware.
func NewHook(cfg Config) middleware.Hook {
func NewHook(cfg Config) (middleware.Hook, error) {
h := &hook{
cfg: cfg,
publicKeys: map[string]crypto.PublicKey{},
closing: make(chan struct{}),
}
h.updateKeys()
err := h.updateKeys()
if err != nil {
return nil, errors.New("failed to update initial JWK Set: " + err.Error())
}
go func() {
for {
select {
@ -69,14 +73,14 @@ func NewHook(cfg Config) middleware.Hook {
}
}()
return h
return h, nil
}
func (h *hook) updateKeys() {
func (h *hook) updateKeys() error {
resp, err := http.Get(h.cfg.JWKSetURL)
if err != nil {
log.Errorln("failed to fetch JWK Set: " + err.Error())
return
return err
}
parsedJWKs := map[string]gojwk.Key{}
@ -84,7 +88,7 @@ func (h *hook) updateKeys() {
if err != nil {
resp.Body.Close()
log.Errorln("failed to decode JWK JSON: " + err.Error())
return
return err
}
resp.Body.Close()
@ -93,11 +97,13 @@ func (h *hook) updateKeys() {
publicKey, err := parsedJWK.DecodePublicKey()
if err != nil {
log.Errorln("failed to decode JWK into public key: " + err.Error())
return
return err
}
keys[kid] = publicKey
}
h.publicKeys = keys
return nil
}
func (h *hook) Stop() <-chan error {