jwt: add initial jwt update

This also changes the signature of the constructor to return an error.
This commit is contained in:
Jimmy Zelinskie 2016-09-26 12:00:28 -04:00
parent 7f7f2726b4
commit 46bd349a23
2 changed files with 18 additions and 8 deletions

View file

@ -78,7 +78,11 @@ func (cfg ConfigFile) CreateHooks() (preHooks, postHooks []middleware.Hook, err
if err != nil { if err != nil {
return nil, nil, errors.New("invalid JWT middleware config: " + err.Error()) return nil, nil, errors.New("invalid JWT middleware config: " + err.Error())
} }
preHooks = append(preHooks, jwt.NewHook(jwtCfg)) hook, err := jwt.NewHook(jwtCfg)
if err != nil {
return nil, nil, errors.New("invalid JWT middleware config: " + err.Error())
}
preHooks = append(preHooks, hook)
case "client approval": case "client approval":
var caCfg clientapproval.Config var caCfg clientapproval.Config
err := yaml.Unmarshal(cfgBytes, &caCfg) err := yaml.Unmarshal(cfgBytes, &caCfg)

View file

@ -50,14 +50,18 @@ type hook struct {
} }
// NewHook returns an instance of the JWT middleware. // NewHook returns an instance of the JWT middleware.
func NewHook(cfg Config) middleware.Hook { func NewHook(cfg Config) (middleware.Hook, error) {
h := &hook{ h := &hook{
cfg: cfg, cfg: cfg,
publicKeys: map[string]crypto.PublicKey{}, publicKeys: map[string]crypto.PublicKey{},
closing: make(chan struct{}), closing: make(chan struct{}),
} }
h.updateKeys() err := h.updateKeys()
if err != nil {
return nil, errors.New("failed to update initial JWK Set: " + err.Error())
}
go func() { go func() {
for { for {
select { select {
@ -69,14 +73,14 @@ func NewHook(cfg Config) middleware.Hook {
} }
}() }()
return h return h, nil
} }
func (h *hook) updateKeys() { func (h *hook) updateKeys() error {
resp, err := http.Get(h.cfg.JWKSetURL) resp, err := http.Get(h.cfg.JWKSetURL)
if err != nil { if err != nil {
log.Errorln("failed to fetch JWK Set: " + err.Error()) log.Errorln("failed to fetch JWK Set: " + err.Error())
return return err
} }
parsedJWKs := map[string]gojwk.Key{} parsedJWKs := map[string]gojwk.Key{}
@ -84,7 +88,7 @@ func (h *hook) updateKeys() {
if err != nil { if err != nil {
resp.Body.Close() resp.Body.Close()
log.Errorln("failed to decode JWK JSON: " + err.Error()) log.Errorln("failed to decode JWK JSON: " + err.Error())
return return err
} }
resp.Body.Close() resp.Body.Close()
@ -93,11 +97,13 @@ func (h *hook) updateKeys() {
publicKey, err := parsedJWK.DecodePublicKey() publicKey, err := parsedJWK.DecodePublicKey()
if err != nil { if err != nil {
log.Errorln("failed to decode JWK into public key: " + err.Error()) log.Errorln("failed to decode JWK into public key: " + err.Error())
return return err
} }
keys[kid] = publicKey keys[kid] = publicKey
} }
h.publicKeys = keys h.publicKeys = keys
return nil
} }
func (h *hook) Stop() <-chan error { func (h *hook) Stop() <-chan error {