From 0d8477ea8ace7f2026094f6306a423121578aa71 Mon Sep 17 00:00:00 2001 From: Andrew Keesler Date: Tue, 3 Nov 2020 12:06:07 -0800 Subject: [PATCH] Add a type for in-memory caching of upstream OIDC Identity Providers Signed-off-by: Ryan Richard --- .../provider/dynamic_upstream_idp_provider.go | 52 +++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100644 internal/oidc/provider/dynamic_upstream_idp_provider.go diff --git a/internal/oidc/provider/dynamic_upstream_idp_provider.go b/internal/oidc/provider/dynamic_upstream_idp_provider.go new file mode 100644 index 00000000..bb26cef2 --- /dev/null +++ b/internal/oidc/provider/dynamic_upstream_idp_provider.go @@ -0,0 +1,52 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package provider + +import ( + "net/url" + "sync" +) + +type UpstreamOIDCIdentityProvider struct { + // A name for this upstream provider, which will be used as a component of the path for the callback endpoint + // hosted by the Supervisor. + Name string + + // The Oauth client ID registered with the upstream provider to be used in the authorization flow. + ClientID string + + // The Authorization Endpoint fetched from discovery. + AuthorizationURL url.URL + + // Scopes to request in authorization flow. + Scopes []string +} + +type DynamicUpstreamIDPProvider interface { + SetIDPList(oidcIDPs []UpstreamOIDCIdentityProvider) + GetIDPList() []UpstreamOIDCIdentityProvider +} + +type dynamicUpstreamIDPProvider struct { + oidcProviders []UpstreamOIDCIdentityProvider + mutex sync.RWMutex +} + +func NewDynamicUpstreamIDPProvider() DynamicUpstreamIDPProvider { + return &dynamicUpstreamIDPProvider{ + oidcProviders: []UpstreamOIDCIdentityProvider{}, + } +} + +func (p *dynamicUpstreamIDPProvider) SetIDPList(oidcIDPs []UpstreamOIDCIdentityProvider) { + p.mutex.Lock() // acquire a write lock + defer p.mutex.Unlock() + p.oidcProviders = oidcIDPs +} + +func (p *dynamicUpstreamIDPProvider) GetIDPList() []UpstreamOIDCIdentityProvider { + p.mutex.RLock() // acquire a read lock + defer p.mutex.RUnlock() + return p.oidcProviders +}