Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in
Toggle navigation
D
dex
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
go
dex
Commits
9949a131
Commit
9949a131
authored
Dec 12, 2016
by
rithu john
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
server: modify error messages to use logrus.
parent
6033c459
Expand all
Hide whitespace changes
Inline
Side-by-side
Showing
11 changed files
with
68 additions
and
69 deletions
+68
-69
serve.go
cmd/dex/serve.go
+4
-5
ldap.go
connector/ldap/ldap.go
+3
-4
api.go
server/api.go
+14
-10
api_test.go
server/api_test.go
+1
-1
handlers.go
server/handlers.go
+0
-0
oauth2.go
server/oauth2.go
+12
-13
rotation.go
server/rotation.go
+9
-7
server.go
server/server.go
+7
-9
server_test.go
server/server_test.go
+1
-0
templates.go
server/templates.go
+11
-13
storage.go
storage/kubernetes/storage.go
+6
-7
No files found.
cmd/dex/serve.go
View file @
9949a131
...
...
@@ -6,7 +6,6 @@ import (
"errors"
"fmt"
"io/ioutil"
"log"
"net"
"net/http"
"os"
...
...
@@ -182,19 +181,19 @@ func serve(cmd *cobra.Command, args []string) error {
}
errc
:=
make
(
chan
error
,
3
)
if
c
.
Web
.
HTTP
!=
""
{
log
.
Print
f
(
"listening (http) on %s"
,
c
.
Web
.
HTTP
)
log
ger
.
Error
f
(
"listening (http) on %s"
,
c
.
Web
.
HTTP
)
go
func
()
{
errc
<-
http
.
ListenAndServe
(
c
.
Web
.
HTTP
,
serv
)
}()
}
if
c
.
Web
.
HTTPS
!=
""
{
log
.
Print
f
(
"listening (https) on %s"
,
c
.
Web
.
HTTPS
)
log
ger
.
Error
f
(
"listening (https) on %s"
,
c
.
Web
.
HTTPS
)
go
func
()
{
errc
<-
http
.
ListenAndServeTLS
(
c
.
Web
.
HTTPS
,
c
.
Web
.
TLSCert
,
c
.
Web
.
TLSKey
,
serv
)
}()
}
if
c
.
GRPC
.
Addr
!=
""
{
log
.
Print
f
(
"listening (grpc) on %s"
,
c
.
GRPC
.
Addr
)
log
ger
.
Error
f
(
"listening (grpc) on %s"
,
c
.
GRPC
.
Addr
)
go
func
()
{
errc
<-
func
()
error
{
list
,
err
:=
net
.
Listen
(
"tcp"
,
c
.
GRPC
.
Addr
)
...
...
@@ -202,7 +201,7 @@ func serve(cmd *cobra.Command, args []string) error {
return
fmt
.
Errorf
(
"listen grpc: %v"
,
err
)
}
s
:=
grpc
.
NewServer
(
grpcOptions
...
)
api
.
RegisterDexServer
(
s
,
server
.
NewAPI
(
serverConfig
.
Storage
))
api
.
RegisterDexServer
(
s
,
server
.
NewAPI
(
serverConfig
.
Storage
,
logger
))
return
s
.
Serve
(
list
)
}()
}()
...
...
connector/ldap/ldap.go
View file @
9949a131
...
...
@@ -7,7 +7,6 @@ import (
"encoding/json"
"fmt"
"io/ioutil"
"log"
"net"
"golang.org/x/net/context"
...
...
@@ -328,7 +327,7 @@ func (c *ldapConnector) userEntry(conn *ldap.Conn, username string) (user ldap.E
switch
n
:=
len
(
resp
.
Entries
);
n
{
case
0
:
log
.
Print
f
(
"ldap: no results returned for filter: %q"
,
filter
)
c
.
logger
.
Error
f
(
"ldap: no results returned for filter: %q"
,
filter
)
return
ldap
.
Entry
{},
false
,
nil
case
1
:
return
*
resp
.
Entries
[
0
],
true
,
nil
...
...
@@ -361,7 +360,7 @@ func (c *ldapConnector) Login(ctx context.Context, s connector.Scopes, username,
// Detect a bad password through the LDAP error code.
if
ldapErr
,
ok
:=
err
.
(
*
ldap
.
Error
);
ok
{
if
ldapErr
.
ResultCode
==
ldap
.
LDAPResultInvalidCredentials
{
log
.
Print
f
(
"ldap: invalid password for user %q"
,
user
.
DN
)
c
.
logger
.
Error
f
(
"ldap: invalid password for user %q"
,
user
.
DN
)
incorrectPass
=
true
return
nil
}
...
...
@@ -471,7 +470,7 @@ func (c *ldapConnector) groups(ctx context.Context, user ldap.Entry) ([]string,
}
if
len
(
groups
)
==
0
{
// TODO(ericchiang): Is this going to spam the logs?
log
.
Print
f
(
"ldap: groups search with filter %q returned no groups"
,
filter
)
c
.
logger
.
Error
f
(
"ldap: groups search with filter %q returned no groups"
,
filter
)
}
var
groupNames
[]
string
...
...
server/api.go
View file @
9949a131
...
...
@@ -3,11 +3,11 @@ package server
import
(
"errors"
"fmt"
"log"
"golang.org/x/crypto/bcrypt"
"golang.org/x/net/context"
"github.com/Sirupsen/logrus"
"github.com/coreos/dex/api"
"github.com/coreos/dex/storage"
"github.com/coreos/dex/version"
...
...
@@ -18,12 +18,16 @@ import (
const
apiVersion
=
0
// NewAPI returns a server which implements the gRPC API interface.
func
NewAPI
(
s
storage
.
Storage
)
api
.
DexServer
{
return
dexAPI
{
s
:
s
}
func
NewAPI
(
s
storage
.
Storage
,
logger
logrus
.
FieldLogger
)
api
.
DexServer
{
return
dexAPI
{
s
:
s
,
logger
:
logger
,
}
}
type
dexAPI
struct
{
s
storage
.
Storage
s
storage
.
Storage
logger
logrus
.
FieldLogger
}
func
(
d
dexAPI
)
CreateClient
(
ctx
context
.
Context
,
req
*
api
.
CreateClientReq
)
(
*
api
.
CreateClientResp
,
error
)
{
...
...
@@ -48,7 +52,7 @@ func (d dexAPI) CreateClient(ctx context.Context, req *api.CreateClientReq) (*ap
LogoURL
:
req
.
Client
.
LogoUrl
,
}
if
err
:=
d
.
s
.
CreateClient
(
c
);
err
!=
nil
{
log
.
Print
f
(
"api: failed to create client: %v"
,
err
)
d
.
logger
.
Error
f
(
"api: failed to create client: %v"
,
err
)
// TODO(ericchiang): Surface "already exists" errors.
return
nil
,
fmt
.
Errorf
(
"create client: %v"
,
err
)
}
...
...
@@ -64,7 +68,7 @@ func (d dexAPI) DeleteClient(ctx context.Context, req *api.DeleteClientReq) (*ap
if
err
==
storage
.
ErrNotFound
{
return
&
api
.
DeleteClientResp
{
NotFound
:
true
},
nil
}
log
.
Print
f
(
"api: failed to delete client: %v"
,
err
)
d
.
logger
.
Error
f
(
"api: failed to delete client: %v"
,
err
)
return
nil
,
fmt
.
Errorf
(
"delete client: %v"
,
err
)
}
return
&
api
.
DeleteClientResp
{},
nil
...
...
@@ -104,7 +108,7 @@ func (d dexAPI) CreatePassword(ctx context.Context, req *api.CreatePasswordReq)
UserID
:
req
.
Password
.
UserId
,
}
if
err
:=
d
.
s
.
CreatePassword
(
p
);
err
!=
nil
{
log
.
Print
f
(
"api: failed to create password: %v"
,
err
)
d
.
logger
.
Error
f
(
"api: failed to create password: %v"
,
err
)
return
nil
,
fmt
.
Errorf
(
"create password: %v"
,
err
)
}
...
...
@@ -141,7 +145,7 @@ func (d dexAPI) UpdatePassword(ctx context.Context, req *api.UpdatePasswordReq)
if
err
==
storage
.
ErrNotFound
{
return
&
api
.
UpdatePasswordResp
{
NotFound
:
true
},
nil
}
log
.
Print
f
(
"api: failed to update password: %v"
,
err
)
d
.
logger
.
Error
f
(
"api: failed to update password: %v"
,
err
)
return
nil
,
fmt
.
Errorf
(
"update password: %v"
,
err
)
}
...
...
@@ -158,7 +162,7 @@ func (d dexAPI) DeletePassword(ctx context.Context, req *api.DeletePasswordReq)
if
err
==
storage
.
ErrNotFound
{
return
&
api
.
DeletePasswordResp
{
NotFound
:
true
},
nil
}
log
.
Print
f
(
"api: failed to delete password: %v"
,
err
)
d
.
logger
.
Error
f
(
"api: failed to delete password: %v"
,
err
)
return
nil
,
fmt
.
Errorf
(
"delete password: %v"
,
err
)
}
return
&
api
.
DeletePasswordResp
{},
nil
...
...
@@ -175,7 +179,7 @@ func (d dexAPI) GetVersion(ctx context.Context, req *api.VersionReq) (*api.Versi
func
(
d
dexAPI
)
ListPasswords
(
ctx
context
.
Context
,
req
*
api
.
ListPasswordReq
)
(
*
api
.
ListPasswordResp
,
error
)
{
passwordList
,
err
:=
d
.
s
.
ListPasswords
()
if
err
!=
nil
{
log
.
Print
f
(
"api: failed to list passwords: %v"
,
err
)
d
.
logger
.
Error
f
(
"api: failed to list passwords: %v"
,
err
)
return
nil
,
fmt
.
Errorf
(
"list passwords: %v"
,
err
)
}
...
...
server/api_test.go
View file @
9949a131
...
...
@@ -19,7 +19,7 @@ func TestPassword(t *testing.T) {
}
s
:=
memory
.
New
(
logger
)
serv
:=
NewAPI
(
s
)
serv
:=
NewAPI
(
s
,
logger
)
ctx
:=
context
.
Background
()
p
:=
api
.
Password
{
...
...
server/handlers.go
View file @
9949a131
This diff is collapsed.
Click to expand it.
server/oauth2.go
View file @
9949a131
...
...
@@ -3,7 +3,6 @@ package server
import
(
"encoding/json"
"fmt"
"log"
"net/http"
"net/url"
"strconv"
...
...
@@ -41,20 +40,20 @@ func (err *authErr) ServeHTTP(w http.ResponseWriter, r *http.Request) {
http
.
Redirect
(
w
,
r
,
redirectURI
,
http
.
StatusSeeOther
)
}
func
tokenErr
(
w
http
.
ResponseWriter
,
typ
,
description
string
,
statusCode
int
)
{
func
tokenErr
(
w
http
.
ResponseWriter
,
typ
,
description
string
,
statusCode
int
)
error
{
data
:=
struct
{
Error
string
`json:"error"`
Description
string
`json:"error_description,omitempty"`
}{
typ
,
description
}
body
,
err
:=
json
.
Marshal
(
data
)
if
err
!=
nil
{
log
.
Printf
(
"failed to marshal token error response: %v"
,
err
)
return
return
fmt
.
Errorf
(
"failed to marshal token error response: %v"
,
err
)
}
w
.
Header
()
.
Set
(
"Content-Type"
,
"application/json"
)
w
.
Header
()
.
Set
(
"Content-Length"
,
strconv
.
Itoa
(
len
(
body
)))
w
.
WriteHeader
(
statusCode
)
w
.
Write
(
body
)
return
nil
}
const
(
...
...
@@ -159,7 +158,7 @@ func (s *Server) newIDToken(clientID string, claims storage.Claims, scopes []str
if
!
ok
{
continue
}
isTrusted
,
err
:=
validateCrossClientTrust
(
s
.
storage
,
clientID
,
peerID
)
isTrusted
,
err
:=
s
.
validateCrossClientTrust
(
clientID
,
peerID
)
if
err
!=
nil
{
return
""
,
expiry
,
err
}
...
...
@@ -183,7 +182,7 @@ func (s *Server) newIDToken(clientID string, claims storage.Claims, scopes []str
keys
,
err
:=
s
.
storage
.
GetKeys
()
if
err
!=
nil
{
log
.
Print
f
(
"Failed to get keys: %v"
,
err
)
s
.
logger
.
Error
f
(
"Failed to get keys: %v"
,
err
)
return
""
,
expiry
,
err
}
if
idToken
,
err
=
keys
.
Sign
(
payload
);
err
!=
nil
{
...
...
@@ -195,7 +194,7 @@ func (s *Server) newIDToken(clientID string, claims storage.Claims, scopes []str
// parse the initial request from the OAuth2 client.
//
// For correctness the logic is largely copied from https://github.com/RangelReale/osin.
func
parseAuthorizationRequest
(
s
storage
.
Storage
,
supportedResponseTypes
map
[
string
]
bool
,
r
*
http
.
Request
)
(
req
storage
.
AuthRequest
,
oauth2Err
*
authErr
)
{
func
(
s
*
Server
)
parseAuthorizationRequest
(
supportedResponseTypes
map
[
string
]
bool
,
r
*
http
.
Request
)
(
req
storage
.
AuthRequest
,
oauth2Err
*
authErr
)
{
if
err
:=
r
.
ParseForm
();
err
!=
nil
{
return
req
,
&
authErr
{
""
,
""
,
errInvalidRequest
,
"Failed to parse request."
}
}
...
...
@@ -208,13 +207,13 @@ func parseAuthorizationRequest(s storage.Storage, supportedResponseTypes map[str
clientID
:=
r
.
Form
.
Get
(
"client_id"
)
client
,
err
:=
s
.
GetClient
(
clientID
)
client
,
err
:=
s
.
storage
.
GetClient
(
clientID
)
if
err
!=
nil
{
if
err
==
storage
.
ErrNotFound
{
description
:=
fmt
.
Sprintf
(
"Invalid client_id (%q)."
,
clientID
)
return
req
,
&
authErr
{
""
,
""
,
errUnauthorizedClient
,
description
}
}
log
.
Print
f
(
"Failed to get client: %v"
,
err
)
s
.
logger
.
Error
f
(
"Failed to get client: %v"
,
err
)
return
req
,
&
authErr
{
""
,
""
,
errServerError
,
""
}
}
...
...
@@ -246,7 +245,7 @@ func parseAuthorizationRequest(s storage.Storage, supportedResponseTypes map[str
continue
}
isTrusted
,
err
:=
validateCrossClientTrust
(
s
,
clientID
,
peerID
)
isTrusted
,
err
:=
s
.
validateCrossClientTrust
(
clientID
,
peerID
)
if
err
!=
nil
{
return
req
,
newErr
(
errServerError
,
""
)
}
...
...
@@ -309,14 +308,14 @@ func parseCrossClientScope(scope string) (peerID string, ok bool) {
return
}
func
validateCrossClientTrust
(
s
storage
.
Storage
,
clientID
,
peerID
string
)
(
trusted
bool
,
err
error
)
{
func
(
s
*
Server
)
validateCrossClientTrust
(
clientID
,
peerID
string
)
(
trusted
bool
,
err
error
)
{
if
peerID
==
clientID
{
return
true
,
nil
}
peer
,
err
:=
s
.
GetClient
(
peerID
)
peer
,
err
:=
s
.
storage
.
GetClient
(
peerID
)
if
err
!=
nil
{
if
err
!=
storage
.
ErrNotFound
{
log
.
Print
f
(
"Failed to get client: %v"
,
err
)
s
.
logger
.
Error
f
(
"Failed to get client: %v"
,
err
)
return
false
,
err
}
return
false
,
nil
...
...
server/rotation.go
View file @
9949a131
...
...
@@ -7,12 +7,12 @@ import (
"errors"
"fmt"
"io"
"log"
"time"
"golang.org/x/net/context"
"gopkg.in/square/go-jose.v2"
"github.com/Sirupsen/logrus"
"github.com/coreos/dex/storage"
)
...
...
@@ -57,18 +57,20 @@ type keyRotater struct {
strategy
rotationStrategy
now
func
()
time
.
Time
logger
logrus
.
FieldLogger
}
// startKeyRotation begins key rotation in a new goroutine, closing once the context is canceled.
//
// The method blocks until after the first attempt to rotate keys has completed. That way
// healthy storages will return from this call with valid keys.
func
startKeyRotation
(
ctx
context
.
Context
,
s
storage
.
Storage
,
strategy
rotationStrategy
,
now
func
()
time
.
Time
)
{
rotater
:=
keyRotater
{
s
,
strategy
,
now
}
func
(
s
*
Server
)
startKeyRotation
(
ctx
context
.
Context
,
strategy
rotationStrategy
,
now
func
()
time
.
Time
)
{
rotater
:=
keyRotater
{
s
.
storage
,
strategy
,
now
,
s
.
logger
}
// Try to rotate immediately so properly configured storages will have keys.
if
err
:=
rotater
.
rotate
();
err
!=
nil
{
log
.
Print
f
(
"failed to rotate keys: %v"
,
err
)
s
.
logger
.
Error
f
(
"failed to rotate keys: %v"
,
err
)
}
go
func
()
{
...
...
@@ -78,7 +80,7 @@ func startKeyRotation(ctx context.Context, s storage.Storage, strategy rotationS
return
case
<-
time
.
After
(
time
.
Second
*
30
)
:
if
err
:=
rotater
.
rotate
();
err
!=
nil
{
log
.
Print
f
(
"failed to rotate keys: %v"
,
err
)
s
.
logger
.
Error
f
(
"failed to rotate keys: %v"
,
err
)
}
}
}
...
...
@@ -94,7 +96,7 @@ func (k keyRotater) rotate() error {
if
k
.
now
()
.
Before
(
keys
.
NextRotation
)
{
return
nil
}
log
.
Println
(
"keys expired, rotating"
)
k
.
logger
.
Infof
(
"keys expired, rotating"
)
// Generate the key outside of a storage transaction.
key
,
err
:=
k
.
strategy
.
key
()
...
...
@@ -154,6 +156,6 @@ func (k keyRotater) rotate() error {
if
err
!=
nil
{
return
err
}
log
.
Print
f
(
"keys rotated, next rotation: %s"
,
nextRotation
)
k
.
logger
.
Info
f
(
"keys rotated, next rotation: %s"
,
nextRotation
)
return
nil
}
server/server.go
View file @
9949a131
...
...
@@ -3,7 +3,6 @@ package server
import
(
"errors"
"fmt"
"log"
"net/http"
"net/url"
"path"
...
...
@@ -222,8 +221,8 @@ func newServer(ctx context.Context, c Config, rotationStrategy rotationStrategy)
handlePrefix
(
"/theme"
,
theme
)
s
.
mux
=
r
s
tartKeyRotation
(
ctx
,
c
.
Storage
,
rotationStrategy
,
now
)
s
tartGarbageCollection
(
ctx
,
c
.
Storage
,
value
(
c
.
GCFrequency
,
5
*
time
.
Minute
),
now
)
s
.
startKeyRotation
(
ctx
,
rotationStrategy
,
now
)
s
.
startGarbageCollection
(
ctx
,
value
(
c
.
GCFrequency
,
5
*
time
.
Minute
),
now
)
return
s
,
nil
}
...
...
@@ -260,8 +259,7 @@ func (db passwordDB) Login(ctx context.Context, s connector.Scopes, email, passw
p
,
err
:=
db
.
s
.
GetPassword
(
email
)
if
err
!=
nil
{
if
err
!=
storage
.
ErrNotFound
{
log
.
Printf
(
"get password: %v"
,
err
)
return
connector
.
Identity
{},
false
,
err
return
connector
.
Identity
{},
false
,
fmt
.
Errorf
(
"get password: %v"
,
err
)
}
return
connector
.
Identity
{},
false
,
nil
}
...
...
@@ -333,17 +331,17 @@ func (k *keyCacher) GetKeys() (storage.Keys, error) {
return
storageKeys
,
nil
}
func
startGarbageCollection
(
ctx
context
.
Context
,
s
storage
.
Storage
,
frequency
time
.
Duration
,
now
func
()
time
.
Time
)
{
func
(
s
*
Server
)
startGarbageCollection
(
ctx
context
.
Context
,
frequency
time
.
Duration
,
now
func
()
time
.
Time
)
{
go
func
()
{
for
{
select
{
case
<-
ctx
.
Done
()
:
return
case
<-
time
.
After
(
frequency
)
:
if
r
,
err
:=
s
.
GarbageCollect
(
now
());
err
!=
nil
{
log
.
Print
f
(
"garbage collection failed: %v"
,
err
)
if
r
,
err
:=
s
.
storage
.
GarbageCollect
(
now
());
err
!=
nil
{
s
.
logger
.
Error
f
(
"garbage collection failed: %v"
,
err
)
}
else
if
r
.
AuthRequests
>
0
||
r
.
AuthCodes
>
0
{
log
.
Print
f
(
"garbage collection run, delete auth requests=%d, auth codes=%d"
,
r
.
AuthRequests
,
r
.
AuthCodes
)
s
.
logger
.
Error
f
(
"garbage collection run, delete auth requests=%d, auth codes=%d"
,
r
.
AuthRequests
,
r
.
AuthCodes
)
}
}
}
...
...
server/server_test.go
View file @
9949a131
...
...
@@ -98,6 +98,7 @@ func newTestServer(ctx context.Context, t *testing.T, updateConfig func(c *Confi
Web
:
WebConfig
{
Dir
:
filepath
.
Join
(
os
.
Getenv
(
"GOPATH"
),
"src/github.com/coreos/dex/web"
),
},
Logger
:
logger
,
}
if
updateConfig
!=
nil
{
updateConfig
(
&
config
)
...
...
server/templates.go
View file @
9949a131
...
...
@@ -4,7 +4,6 @@ import (
"fmt"
"io"
"io/ioutil"
"log"
"net/http"
"os"
"path/filepath"
...
...
@@ -178,27 +177,27 @@ func (n byName) Len() int { return len(n) }
func
(
n
byName
)
Less
(
i
,
j
int
)
bool
{
return
n
[
i
]
.
Name
<
n
[
j
]
.
Name
}
func
(
n
byName
)
Swap
(
i
,
j
int
)
{
n
[
i
],
n
[
j
]
=
n
[
j
],
n
[
i
]
}
func
(
t
*
templates
)
login
(
w
http
.
ResponseWriter
,
connectors
[]
connectorInfo
,
authReqID
string
)
{
func
(
t
*
templates
)
login
(
w
http
.
ResponseWriter
,
connectors
[]
connectorInfo
,
authReqID
string
)
error
{
sort
.
Sort
(
byName
(
connectors
))
data
:=
struct
{
Connectors
[]
connectorInfo
AuthReqID
string
}{
connectors
,
authReqID
}
renderTemplate
(
w
,
t
.
loginTmpl
,
data
)
re
turn
re
nderTemplate
(
w
,
t
.
loginTmpl
,
data
)
}
func
(
t
*
templates
)
password
(
w
http
.
ResponseWriter
,
authReqID
,
callback
,
lastUsername
string
,
lastWasInvalid
bool
)
{
func
(
t
*
templates
)
password
(
w
http
.
ResponseWriter
,
authReqID
,
callback
,
lastUsername
string
,
lastWasInvalid
bool
)
error
{
data
:=
struct
{
AuthReqID
string
PostURL
string
Username
string
Invalid
bool
}{
authReqID
,
string
(
callback
),
lastUsername
,
lastWasInvalid
}
renderTemplate
(
w
,
t
.
passwordTmpl
,
data
)
re
turn
re
nderTemplate
(
w
,
t
.
passwordTmpl
,
data
)
}
func
(
t
*
templates
)
approval
(
w
http
.
ResponseWriter
,
authReqID
,
username
,
clientName
string
,
scopes
[]
string
)
{
func
(
t
*
templates
)
approval
(
w
http
.
ResponseWriter
,
authReqID
,
username
,
clientName
string
,
scopes
[]
string
)
error
{
accesses
:=
[]
string
{}
for
_
,
scope
:=
range
scopes
{
access
,
ok
:=
scopeDescriptions
[
scope
]
...
...
@@ -213,14 +212,14 @@ func (t *templates) approval(w http.ResponseWriter, authReqID, username, clientN
AuthReqID
string
Scopes
[]
string
}{
username
,
clientName
,
authReqID
,
accesses
}
renderTemplate
(
w
,
t
.
approvalTmpl
,
data
)
re
turn
re
nderTemplate
(
w
,
t
.
approvalTmpl
,
data
)
}
func
(
t
*
templates
)
oob
(
w
http
.
ResponseWriter
,
code
string
)
{
func
(
t
*
templates
)
oob
(
w
http
.
ResponseWriter
,
code
string
)
error
{
data
:=
struct
{
Code
string
}{
code
}
renderTemplate
(
w
,
t
.
oobTmpl
,
data
)
re
turn
re
nderTemplate
(
w
,
t
.
oobTmpl
,
data
)
}
// small io.Writer utilitiy to determine if executing the template wrote to the underlying response writer.
...
...
@@ -234,15 +233,14 @@ func (w *writeRecorder) Write(p []byte) (n int, err error) {
return
w
.
w
.
Write
(
p
)
}
func
renderTemplate
(
w
http
.
ResponseWriter
,
tmpl
*
template
.
Template
,
data
interface
{})
{
func
renderTemplate
(
w
http
.
ResponseWriter
,
tmpl
*
template
.
Template
,
data
interface
{})
error
{
wr
:=
&
writeRecorder
{
w
:
w
}
if
err
:=
tmpl
.
Execute
(
wr
,
data
);
err
!=
nil
{
log
.
Printf
(
"Error rendering template %s: %s"
,
tmpl
.
Name
(),
err
)
if
!
wr
.
wrote
{
// TODO(ericchiang): replace with better internal server error.
http
.
Error
(
w
,
"Internal server error"
,
http
.
StatusInternalServerError
)
}
return
fmt
.
Errorf
(
"Error rendering template %s: %s"
,
tmpl
.
Name
(),
err
)
}
return
return
nil
}
storage/kubernetes/storage.go
View file @
9949a131
...
...
@@ -3,7 +3,6 @@ package kubernetes
import
(
"errors"
"fmt"
"log"
"net/http"
"strings"
"time"
...
...
@@ -83,11 +82,11 @@ func (c *Config) open(logger logrus.FieldLogger) (*client, error) {
// they'll immediately be available, but ensures that the client will actually try
// once.
if
err
:=
cli
.
createThirdPartyResources
();
err
!=
nil
{
log
.
Print
f
(
"failed creating third party resources: %v"
,
err
)
log
ger
.
Error
f
(
"failed creating third party resources: %v"
,
err
)
go
func
()
{
for
{
if
err
:=
cli
.
createThirdPartyResources
();
err
!=
nil
{
log
.
Print
f
(
"failed creating third party resources: %v"
,
err
)
log
ger
.
Error
f
(
"failed creating third party resources: %v"
,
err
)
}
else
{
return
}
...
...
@@ -119,13 +118,13 @@ func (cli *client) createThirdPartyResources() error {
if
err
!=
nil
{
if
e
,
ok
:=
err
.
(
httpError
);
ok
{
if
e
.
StatusCode
()
==
http
.
StatusConflict
{
log
.
Print
f
(
"third party resource already created %q"
,
r
.
ObjectMeta
.
Name
)
cli
.
logger
.
Error
f
(
"third party resource already created %q"
,
r
.
ObjectMeta
.
Name
)
continue
}
}
return
err
}
log
.
Print
f
(
"create third party resource %q"
,
r
.
ObjectMeta
.
Name
)
cli
.
logger
.
Error
f
(
"create third party resource %q"
,
r
.
ObjectMeta
.
Name
)
}
return
nil
}
...
...
@@ -397,7 +396,7 @@ func (cli *client) GarbageCollect(now time.Time) (result storage.GCResult, err e
for
_
,
authRequest
:=
range
authRequests
.
AuthRequests
{
if
now
.
After
(
authRequest
.
Expiry
)
{
if
err
:=
cli
.
delete
(
resourceAuthRequest
,
authRequest
.
ObjectMeta
.
Name
);
err
!=
nil
{
log
.
Print
f
(
"failed to delete auth request: %v"
,
err
)
cli
.
logger
.
Error
f
(
"failed to delete auth request: %v"
,
err
)
delErr
=
fmt
.
Errorf
(
"failed to delete auth request: %v"
,
err
)
}
result
.
AuthRequests
++
...
...
@@ -415,7 +414,7 @@ func (cli *client) GarbageCollect(now time.Time) (result storage.GCResult, err e
for
_
,
authCode
:=
range
authCodes
.
AuthCodes
{
if
now
.
After
(
authCode
.
Expiry
)
{
if
err
:=
cli
.
delete
(
resourceAuthCode
,
authCode
.
ObjectMeta
.
Name
);
err
!=
nil
{
log
.
Print
f
(
"failed to delete auth code %v"
,
err
)
cli
.
logger
.
Error
f
(
"failed to delete auth code %v"
,
err
)
delErr
=
fmt
.
Errorf
(
"failed to delete auth code: %v"
,
err
)
}
result
.
AuthCodes
++
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment