This repository has been archived by the owner on Mar 29, 2024. It is now read-only.
/
storage.go
131 lines (114 loc) · 3.3 KB
/
storage.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
package access
import (
"context"
"errors"
"fmt"
"time"
"github.com/safing/portbase/database"
"github.com/safing/portbase/database/query"
"github.com/safing/portbase/database/record"
"github.com/safing/portbase/formats/dsd"
"github.com/safing/portbase/log"
"github.com/safing/spn/access/token"
)
func loadTokens() {
for _, zone := range persistentZones {
// Get handler of zone.
handler, ok := token.GetHandler(zone)
if !ok {
log.Warningf("spn/access: could not find zone %s for loading tokens", zone)
continue
}
// Get data from database.
r, err := db.Get(fmt.Sprintf(tokenStorageKeyTemplate, zone))
if err != nil {
if errors.Is(err, database.ErrNotFound) {
log.Debugf("spn/access: no %s tokens to load", zone)
} else {
log.Warningf("spn/access: failed to load %s tokens: %s", zone, err)
}
continue
}
// Get wrapper.
wrapper, ok := r.(*record.Wrapper)
if !ok {
log.Warningf("spn/access: failed to parse %s tokens: expected wrapper, got %T", zone, r)
continue
}
// Load into handler.
err = handler.Load(wrapper.Data)
if err != nil {
log.Warningf("spn/access: failed to load %s tokens: %s", zone, err)
}
log.Infof("spn/access: loaded %d %s tokens", handler.Amount(), zone)
}
}
func storeTokens() {
for _, zone := range persistentZones {
// Get handler of zone.
handler, ok := token.GetHandler(zone)
if !ok {
log.Warningf("spn/access: could not find zone %s for storing tokens", zone)
continue
}
// Generate storage key.
storageKey := fmt.Sprintf(tokenStorageKeyTemplate, zone)
// Check if there is data to save.
amount := handler.Amount()
if amount == 0 {
// Remove possible old entry from database.
err := db.Delete(storageKey)
if err != nil {
log.Warningf("spn/access: failed to delete possible old %s tokens from storage: %s", zone, err)
}
log.Debugf("spn/access: no %s tokens to store", zone)
continue
}
// Export data.
data, err := handler.Save()
if err != nil {
log.Warningf("spn/access: failed to export %s tokens for storing: %s", zone, err)
continue
}
// Wrap data into raw record.
r, err := record.NewWrapper(storageKey, nil, dsd.RAW, data)
if err != nil {
log.Warningf("spn/access: failed to prepare %s token export for storing: %s", zone, err)
continue
}
// Let tokens expire after one month.
// This will regularly happen when we switch zones.
r.UpdateMeta()
r.Meta().MakeSecret()
r.Meta().MakeCrownJewel()
r.Meta().SetRelativateExpiry(30 * 86400)
// Save to database.
err = db.Put(r)
if err != nil {
log.Warningf("spn/access: failed to store %s tokens: %s", zone, err)
continue
}
log.Infof("spn/access: stored %d %s tokens", amount, zone)
}
}
func clearTokens() {
for _, zone := range persistentZones {
// Get handler of zone.
handler, ok := token.GetHandler(zone)
if !ok {
log.Warningf("spn/access: could not find zone %s for clearing tokens", zone)
continue
}
// Clear tokens.
handler.Clear()
}
// Purge database storage prefix.
ctx, cancel := context.WithTimeout(module.Ctx, 10*time.Second)
defer cancel()
n, err := db.Purge(ctx, query.New(fmt.Sprintf(tokenStorageKeyTemplate, "")))
if err != nil {
log.Warningf("spn/access: failed to clear token storages: %s", err)
return
}
log.Infof("spn/access: cleared %d token storages", n)
}