mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-01-06 05:27:23 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
cf82cf996e644251d7db0a26629c0df21daaaf3f
pinniped/internal/federationdomain/storage/dynamic_global_secret_config.go
Ryan Richard 29e939db7f Upgrade the linter to golangci-lint@v1.55.1 
The unused-parameter linter became stricter, so we adjust it to
allow unused params that start with underscore. It can be nice to keep
unused param names when implementing an interface sometimes, to help
readers understand why it is unused in that particular implementation.
2023-11-02 09:54:16 -07:00

64 lines
2.0 KiB
Go
Raw Blame History

// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
package storage
import (
"context"
"hash"
"time"
"github.com/ory/fosite"
"github.com/ory/fosite/compose"
)
// DynamicGlobalSecretConfig is a wrapper around fosite.Config which allows us to always return dynamic secrets,
// since those secrets can change at any time when they are loaded or reloaded by our controllers.
type DynamicGlobalSecretConfig struct {
fositeConfig *fosite.Config
keyFunc func() []byte
}
var _ compose.HMACSHAStrategyConfigurator = &DynamicGlobalSecretConfig{}
func NewDynamicGlobalSecretConfig(
fositeConfig *fosite.Config,
keyFunc func() []byte,
) *DynamicGlobalSecretConfig {
return &DynamicGlobalSecretConfig{
fositeConfig: fositeConfig,
keyFunc: keyFunc,
}
}
func (d *DynamicGlobalSecretConfig) GetAccessTokenLifespan(ctx context.Context) time.Duration {
return d.fositeConfig.GetAccessTokenLifespan(ctx)
}
func (d *DynamicGlobalSecretConfig) GetRefreshTokenLifespan(ctx context.Context) time.Duration {
return d.fositeConfig.GetRefreshTokenLifespan(ctx)
}
func (d *DynamicGlobalSecretConfig) GetAuthorizeCodeLifespan(ctx context.Context) time.Duration {
return d.fositeConfig.GetAuthorizeCodeLifespan(ctx)
}
func (d *DynamicGlobalSecretConfig) GetTokenEntropy(ctx context.Context) int {
return d.fositeConfig.GetTokenEntropy(ctx)
}
func (d *DynamicGlobalSecretConfig) GetHMACHasher(ctx context.Context) func() hash.Hash {
return d.fositeConfig.GetHMACHasher(ctx)
}
func (d *DynamicGlobalSecretConfig) GetGlobalSecret(_ctx context.Context) ([]byte, error) {
// Always call keyFunc() without ever caching its value, because that is the whole point
// of this type. We want the global secret to be dynamic.
return d.keyFunc(), nil
}
func (d *DynamicGlobalSecretConfig) GetRotatedGlobalSecrets(_ctx context.Context) ([][]byte, error) {
// We don't support having multiple global secrets yet, but when we do we will need to implement this.
return nil, nil
}
Reference in New Issue View Git Blame Copy Permalink