github.com/Axway/agent-sdk@v1.1.101/pkg/authz/oauth/providerregistry.go

github.com/Axway/agent-sdk@v1.1.101/pkg/authz/oauth/providerregistry.go (about)

     1  package oauth
     2  
     3  import (
     4  	"fmt"
     5  	"time"
     6  
     7  	"github.com/Axway/agent-sdk/pkg/cache"
     8  	corecfg "github.com/Axway/agent-sdk/pkg/config"
     9  	"github.com/Axway/agent-sdk/pkg/util/log"
    10  )
    11  
    12  const (
    13  	issuerKeyPrefix      = "issuer:"
    14  	tokenEpKeyPrefix     = "tokenEp:"
    15  	mtlsTokenEpKeyPrefix = "mtlsTokenEp:"
    16  	authEpKeyPrefix      = "authEp:"
    17  	metadataURLKeyPrefix = "metadataUrl:"
    18  )
    19  
    20  // ProviderRegistry - interface for provider registry
    21  type ProviderRegistry interface {
    22  	// RegisterProvider - registers the provider using the config
    23  	RegisterProvider(idp corecfg.IDPConfig, tlsCfg corecfg.TLSConfig, proxyURL string, clientTimeout time.Duration) error
    24  	// GetProviderByName - returns the provider from registry based on the name
    25  	GetProviderByName(name string) (Provider, error)
    26  	// GetProviderByIssuer - returns the provider from registry based on the IDP issuer
    27  	GetProviderByIssuer(issuer string) (Provider, error)
    28  	// GetProviderByTokenEndpoint - returns the provider from registry based on the IDP token endpoint
    29  	GetProviderByTokenEndpoint(tokenEndpoint string) (Provider, error)
    30  	// GetProviderByAuthorizationEndpoint - returns the provider from registry based on the IDP authorization endpoint
    31  	GetProviderByAuthorizationEndpoint(authEndpoint string) (Provider, error)
    32  	// GetProviderByMetadataURL - returns the provider from registry based on the IDP metadata URL
    33  	GetProviderByMetadataURL(metadataURL string) (Provider, error)
    34  }
    35  
    36  type providerRegistry struct {
    37  	logger      log.FieldLogger
    38  	providerMap cache.Cache
    39  }
    40  
    41  // NewProviderRegistry - create a new provider registry
    42  func NewProviderRegistry() ProviderRegistry {
    43  	logger := log.NewFieldLogger().
    44  		WithComponent("providerRegistry").
    45  		WithPackage("sdk.agent.authz.oauth")
    46  	return &providerRegistry{
    47  		logger:      logger,
    48  		providerMap: cache.New(),
    49  	}
    50  }
    51  
    52  // RegisterProvider - registers the provider using the config
    53  func (r *providerRegistry) RegisterProvider(idp corecfg.IDPConfig, tlsCfg corecfg.TLSConfig, proxyURL string, clientTimeout time.Duration) error {
    54  	p, err := NewProvider(idp, tlsCfg, proxyURL, clientTimeout)
    55  	if err != nil {
    56  		return err
    57  	}
    58  
    59  	name := p.GetName()
    60  	issuer := p.GetIssuer()
    61  	tokenEndpoint := p.GetTokenEndpoint()
    62  	mtlsTokenEndpoint := p.GetMTLSTokenEndpoint()
    63  	authEndPoint := p.GetAuthorizationEndpoint()
    64  
    65  	r.logger.
    66  		WithField("name", name).
    67  		WithField("issuer", issuer).
    68  		WithField("token-endpoint", tokenEndpoint).
    69  		WithField("authorization-endpoint", authEndPoint).
    70  		Debug("registered IDP provider")
    71  
    72  	r.providerMap.Set(name, p)
    73  	r.providerMap.SetSecondaryKey(name, issuerKeyPrefix+issuer)
    74  	r.providerMap.SetSecondaryKey(name, tokenEpKeyPrefix+tokenEndpoint)
    75  	r.providerMap.SetSecondaryKey(name, metadataURLKeyPrefix+idp.GetMetadataURL())
    76  	if mtlsTokenEndpoint != "" {
    77  		r.providerMap.SetSecondaryKey(name, mtlsTokenEpKeyPrefix+mtlsTokenEndpoint)
    78  	}
    79  	r.providerMap.SetSecondaryKey(name, authEpKeyPrefix+authEndPoint)
    80  
    81  	return nil
    82  }
    83  
    84  // GetProviderByName - returns the provider from registry based on the name
    85  func (r *providerRegistry) GetProviderByName(name string) (Provider, error) {
    86  	p, err := r.providerMap.Get(name)
    87  	if err != nil {
    88  		return nil, err
    89  	}
    90  
    91  	prov, ok := p.(Provider)
    92  	if !ok {
    93  		return nil, fmt.Errorf("unexpected provider entry for %s", name)
    94  	}
    95  	return prov, nil
    96  }
    97  
    98  // GetProviderByTokenEndpoint - returns the provider from registry based on the IDP token endpoint
    99  func (r *providerRegistry) GetProviderByIssuer(issuer string) (Provider, error) {
   100  	return r.getProviderBySecondaryKey(issuerKeyPrefix + issuer)
   101  }
   102  
   103  // GetProviderByTokenEndpoint - returns the provider from registry based on the IDP token endpoint
   104  func (r *providerRegistry) GetProviderByTokenEndpoint(tokenEndpoint string) (Provider, error) {
   105  	p, err := r.getProviderBySecondaryKey(mtlsTokenEpKeyPrefix + tokenEndpoint)
   106  	if err != nil {
   107  		p, err = r.getProviderBySecondaryKey(tokenEpKeyPrefix + tokenEndpoint)
   108  	}
   109  	return p, err
   110  }
   111  
   112  // GetProviderByAuthorizationEndpoint - returns the provider from registry based on the IDP authorization endpoint
   113  func (r *providerRegistry) GetProviderByAuthorizationEndpoint(authEndpoint string) (Provider, error) {
   114  	return r.getProviderBySecondaryKey(authEpKeyPrefix + authEndpoint)
   115  }
   116  
   117  // GetProviderByMetadataURL - returns the provider from registry based on the IDP metadata URL
   118  func (r *providerRegistry) GetProviderByMetadataURL(metadataURL string) (Provider, error) {
   119  	return r.getProviderBySecondaryKey(metadataURLKeyPrefix + metadataURL)
   120  }
   121  
   122  func (r *providerRegistry) getProviderBySecondaryKey(key string) (Provider, error) {
   123  	p, err := r.providerMap.GetBySecondaryKey(key)
   124  	if err != nil {
   125  		return nil, err
   126  	}
   127  
   128  	prov, ok := p.(Provider)
   129  	if !ok {
   130  		return nil, fmt.Errorf("unexpected provider entry for %s", key)
   131  	}
   132  	return prov, nil
   133  }