ContainerImage.Pinniped/internal/secret/cache.go

// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0

package secret

import (
	"sync"
	"sync/atomic"
)

type Cache struct {
	csrfCookieEncoderHashKey atomic.Value
	federationDomainCacheMap sync.Map
}

// New returns an empty Cache.
func New() *Cache { return &Cache{} }

type federationDomainCache struct {
	tokenHMACKey         atomic.Value
	stateEncoderHashKey  atomic.Value
	stateEncoderBlockKey atomic.Value
}

func (c *Cache) GetCSRFCookieEncoderHashKey() []byte {
	return bytesOrNil(c.csrfCookieEncoderHashKey.Load())
}

func (c *Cache) SetCSRFCookieEncoderHashKey(key []byte) {
	c.csrfCookieEncoderHashKey.Store(key)
}

func (c *Cache) GetTokenHMACKey(oidcIssuer string) []byte {
	return bytesOrNil(c.getFederationDomainCache(oidcIssuer).tokenHMACKey.Load())
}

func (c *Cache) SetTokenHMACKey(oidcIssuer string, key []byte) {
	c.getFederationDomainCache(oidcIssuer).tokenHMACKey.Store(key)
}

func (c *Cache) GetStateEncoderHashKey(oidcIssuer string) []byte {
	return bytesOrNil(c.getFederationDomainCache(oidcIssuer).stateEncoderHashKey.Load())
}

func (c *Cache) SetStateEncoderHashKey(oidcIssuer string, key []byte) {
	c.getFederationDomainCache(oidcIssuer).stateEncoderHashKey.Store(key)
}

func (c *Cache) GetStateEncoderBlockKey(oidcIssuer string) []byte {
	return bytesOrNil(c.getFederationDomainCache(oidcIssuer).stateEncoderBlockKey.Load())
}

func (c *Cache) SetStateEncoderBlockKey(oidcIssuer string, key []byte) {
	c.getFederationDomainCache(oidcIssuer).stateEncoderBlockKey.Store(key)
}

func (c *Cache) getFederationDomainCache(oidcIssuer string) *federationDomainCache {
	value, ok := c.federationDomainCacheMap.Load(oidcIssuer)
	if !ok {
		value = &federationDomainCache{}
		c.federationDomainCacheMap.Store(oidcIssuer, value)
	}
	return value.(*federationDomainCache)
}

func bytesOrNil(b interface{}) []byte {
	if b == nil {
		return nil
	}
	return b.([]byte)
}
Add secret.Cache to hold crypto inputs 2020-12-10 21:54:02 +00:00			`// Copyright 2020 the Pinniped contributors. All Rights Reserved.`
			`// SPDX-License-Identifier: Apache-2.0`

			`package secret`

Synchronize the OIDCProvider secrets cache Signed-off-by: Andrew Keesler <akeesler@vmware.com> 2020-12-14 16:32:11 +00:00			`import (`
			`"sync"`
			`"sync/atomic"`
			`)`
Finish first implementation of generic secret generator controller Signed-off-by: Andrew Keesler <akeesler@vmware.com> 2020-12-14 15:36:45 +00:00
Add secret.Cache to hold crypto inputs 2020-12-10 21:54:02 +00:00			`type Cache struct {`
Synchronize the OIDCProvider secrets cache Signed-off-by: Andrew Keesler <akeesler@vmware.com> 2020-12-14 16:32:11 +00:00			`csrfCookieEncoderHashKey atomic.Value`
Rename off of main Signed-off-by: Ryan Richard <richardry@vmware.com> 2020-12-16 22:27:09 +00:00			`federationDomainCacheMap sync.Map`
Add secret.Cache to hold crypto inputs 2020-12-10 21:54:02 +00:00			`}`

Synchronize the OIDCProvider secrets cache Signed-off-by: Andrew Keesler <akeesler@vmware.com> 2020-12-14 16:32:11 +00:00			`// New returns an empty Cache.`
			`func New() *Cache { return &Cache{} }`
Add secret.Cache to hold crypto inputs 2020-12-10 21:54:02 +00:00
Rename off of main Signed-off-by: Ryan Richard <richardry@vmware.com> 2020-12-16 22:27:09 +00:00			`type federationDomainCache struct {`
Synchronize the OIDCProvider secrets cache Signed-off-by: Andrew Keesler <akeesler@vmware.com> 2020-12-14 16:32:11 +00:00			`tokenHMACKey atomic.Value`
			`stateEncoderHashKey atomic.Value`
			`stateEncoderBlockKey atomic.Value`
Add secret.Cache to hold crypto inputs 2020-12-10 21:54:02 +00:00			`}`

Synchronize the OIDCProvider secrets cache Signed-off-by: Andrew Keesler <akeesler@vmware.com> 2020-12-14 16:32:11 +00:00			`func (c *Cache) GetCSRFCookieEncoderHashKey() []byte {`
			`return bytesOrNil(c.csrfCookieEncoderHashKey.Load())`
Add secret.Cache to hold crypto inputs 2020-12-10 21:54:02 +00:00			`}`

Synchronize the OIDCProvider secrets cache Signed-off-by: Andrew Keesler <akeesler@vmware.com> 2020-12-14 16:32:11 +00:00			`func (c *Cache) SetCSRFCookieEncoderHashKey(key []byte) {`
			`c.csrfCookieEncoderHashKey.Store(key)`
Add secret.Cache to hold crypto inputs 2020-12-10 21:54:02 +00:00			`}`

Synchronize the OIDCProvider secrets cache Signed-off-by: Andrew Keesler <akeesler@vmware.com> 2020-12-14 16:32:11 +00:00			`func (c *Cache) GetTokenHMACKey(oidcIssuer string) []byte {`
Rename off of main Signed-off-by: Ryan Richard <richardry@vmware.com> 2020-12-16 22:27:09 +00:00			`return bytesOrNil(c.getFederationDomainCache(oidcIssuer).tokenHMACKey.Load())`
Add secret.Cache to hold crypto inputs 2020-12-10 21:54:02 +00:00			`}`

Synchronize the OIDCProvider secrets cache Signed-off-by: Andrew Keesler <akeesler@vmware.com> 2020-12-14 16:32:11 +00:00			`func (c *Cache) SetTokenHMACKey(oidcIssuer string, key []byte) {`
Rename off of main Signed-off-by: Ryan Richard <richardry@vmware.com> 2020-12-16 22:27:09 +00:00			`c.getFederationDomainCache(oidcIssuer).tokenHMACKey.Store(key)`
Add secret.Cache to hold crypto inputs 2020-12-10 21:54:02 +00:00			`}`

Synchronize the OIDCProvider secrets cache Signed-off-by: Andrew Keesler <akeesler@vmware.com> 2020-12-14 16:32:11 +00:00			`func (c *Cache) GetStateEncoderHashKey(oidcIssuer string) []byte {`
Rename off of main Signed-off-by: Ryan Richard <richardry@vmware.com> 2020-12-16 22:27:09 +00:00			`return bytesOrNil(c.getFederationDomainCache(oidcIssuer).stateEncoderHashKey.Load())`
Add secret.Cache to hold crypto inputs 2020-12-10 21:54:02 +00:00			`}`

Synchronize the OIDCProvider secrets cache Signed-off-by: Andrew Keesler <akeesler@vmware.com> 2020-12-14 16:32:11 +00:00			`func (c *Cache) SetStateEncoderHashKey(oidcIssuer string, key []byte) {`
Rename off of main Signed-off-by: Ryan Richard <richardry@vmware.com> 2020-12-16 22:27:09 +00:00			`c.getFederationDomainCache(oidcIssuer).stateEncoderHashKey.Store(key)`
Add secret.Cache to hold crypto inputs 2020-12-10 21:54:02 +00:00			`}`

Synchronize the OIDCProvider secrets cache Signed-off-by: Andrew Keesler <akeesler@vmware.com> 2020-12-14 16:32:11 +00:00			`func (c *Cache) GetStateEncoderBlockKey(oidcIssuer string) []byte {`
Rename off of main Signed-off-by: Ryan Richard <richardry@vmware.com> 2020-12-16 22:27:09 +00:00			`return bytesOrNil(c.getFederationDomainCache(oidcIssuer).stateEncoderBlockKey.Load())`
Add secret.Cache to hold crypto inputs 2020-12-10 21:54:02 +00:00			`}`

Synchronize the OIDCProvider secrets cache Signed-off-by: Andrew Keesler <akeesler@vmware.com> 2020-12-14 16:32:11 +00:00			`func (c *Cache) SetStateEncoderBlockKey(oidcIssuer string, key []byte) {`
Rename off of main Signed-off-by: Ryan Richard <richardry@vmware.com> 2020-12-16 22:27:09 +00:00			`c.getFederationDomainCache(oidcIssuer).stateEncoderBlockKey.Store(key)`
Add secret.Cache to hold crypto inputs 2020-12-10 21:54:02 +00:00			`}`

Rename off of main Signed-off-by: Ryan Richard <richardry@vmware.com> 2020-12-16 22:27:09 +00:00			`func (c Cache) getFederationDomainCache(oidcIssuer string) federationDomainCache {`
			`value, ok := c.federationDomainCacheMap.Load(oidcIssuer)`
Synchronize the OIDCProvider secrets cache Signed-off-by: Andrew Keesler <akeesler@vmware.com> 2020-12-14 16:32:11 +00:00			`if !ok {`
Rename off of main Signed-off-by: Ryan Richard <richardry@vmware.com> 2020-12-16 22:27:09 +00:00			`value = &federationDomainCache{}`
			`c.federationDomainCacheMap.Store(oidcIssuer, value)`
Synchronize the OIDCProvider secrets cache Signed-off-by: Andrew Keesler <akeesler@vmware.com> 2020-12-14 16:32:11 +00:00			`}`
Rename off of main Signed-off-by: Ryan Richard <richardry@vmware.com> 2020-12-16 22:27:09 +00:00			`return value.(*federationDomainCache)`
Add secret.Cache to hold crypto inputs 2020-12-10 21:54:02 +00:00			`}`

Synchronize the OIDCProvider secrets cache Signed-off-by: Andrew Keesler <akeesler@vmware.com> 2020-12-14 16:32:11 +00:00			`func bytesOrNil(b interface{}) []byte {`
			`if b == nil {`
			`return nil`
			`}`
			`return b.([]byte)`
Add secret.Cache to hold crypto inputs 2020-12-10 21:54:02 +00:00			`}`