github.com/hellofresh/janus@v0.0.0-20230925145208-ce8de8183c67/pkg/plugin/oauth2/manager_factory.go

github.com/hellofresh/janus@v0.0.0-20230925145208-ce8de8183c67/pkg/plugin/oauth2/manager_factory.go (about)

     1  package oauth2
     2  
     3  import (
     4  	"context"
     5  	"fmt"
     6  	"strings"
     7  
     8  	"github.com/hellofresh/janus/pkg/jwt"
     9  	log "github.com/sirupsen/logrus"
    10  )
    11  
    12  const (
    13  	// JWT provides a way to check the `exp` field on the JWT and make sure the token is still valid. This is
    14  	// probably the most versatile way to check for tokens, since it doesn't require any storage or extra calls in
    15  	// each request.
    16  	JWT ManagerType = iota
    17  	// Introspection strategy makes sure to validate the provided token on every request against the authentication provider.
    18  	Introspection
    19  )
    20  
    21  var typesMap = map[string]ManagerType{
    22  	"jwt":           JWT,
    23  	"introspection": Introspection,
    24  }
    25  
    26  // ParseType takes a string type and returns the Manager type constant.
    27  func ParseType(lvl string) (ManagerType, error) {
    28  	m, ok := typesMap[strings.ToLower(lvl)]
    29  	if !ok {
    30  		var m ManagerType
    31  		return m, ErrUnknownStrategy
    32  	}
    33  	return m, nil
    34  }
    35  
    36  // ManagerType type
    37  type ManagerType uint8
    38  
    39  // Manager holds the methods to handle tokens
    40  type Manager interface {
    41  	IsKeyAuthorized(ctx context.Context, accessToken string) bool
    42  }
    43  
    44  // ManagerFactory is used for creating a new manager
    45  type ManagerFactory struct {
    46  	oAuthServer *OAuth
    47  }
    48  
    49  // NewManagerFactory creates a new instance of ManagerFactory
    50  func NewManagerFactory(oAuthServer *OAuth) *ManagerFactory {
    51  	return &ManagerFactory{oAuthServer}
    52  }
    53  
    54  // Build creates a manager based on the type
    55  func (f *ManagerFactory) Build(t ManagerType) (Manager, error) {
    56  	// FIXME: make it nicer with BiMap - GetByType, GetByName
    57  	typesMapReversed := make(map[ManagerType]string, len(typesMap))
    58  	for k, v := range typesMap {
    59  		typesMapReversed[v] = k
    60  	}
    61  
    62  	log.WithField("name", typesMapReversed[t]).
    63  		Debug("Building token strategy")
    64  
    65  	switch t {
    66  	case JWT:
    67  		signingMethods, err := f.oAuthServer.TokenStrategy.GetJWTSigningMethods()
    68  		if nil != err {
    69  			return nil, err
    70  		}
    71  
    72  		logEntry := log.WithField("leeway", f.oAuthServer.TokenStrategy.Leeway)
    73  		for i, signingMethod := range signingMethods {
    74  			logEntry = logEntry.WithField(fmt.Sprintf("alg_%d", i), signingMethod.Alg)
    75  		}
    76  		logEntry.Debug("Building JWT token parser")
    77  
    78  		return NewJWTManager(jwt.NewParser(jwt.NewParserConfig(f.oAuthServer.TokenStrategy.Leeway, signingMethods...))), nil
    79  	case Introspection:
    80  		settings, err := f.oAuthServer.TokenStrategy.GetIntrospectionSettings()
    81  		if nil != err {
    82  			return nil, err
    83  		}
    84  
    85  		manager, err := NewIntrospectionManager(f.oAuthServer.Endpoints.Introspect, settings)
    86  		if err != nil {
    87  			return nil, err
    88  		}
    89  
    90  		return manager, nil
    91  	}
    92  
    93  	return nil, ErrUnknownManager
    94  }