atomicutil: use atomicutil.Value wherever possible (#3517)

* atomicutil: use atomicutil.Value wherever possible * fix test * fix mux router
2025-07-31 07:19:16 +02:00 · 2022-07-28 15:38:38 -06:00 · 2022-07-28 15:38:38 -06:00 · 0ac7e45a21
commit 0ac7e45a21
parent 5c14d2c994
23 changed files with 121 additions and 215 deletions
--- a/authenticate/authenticate.go
+++ b/authenticate/authenticate.go
@ -9,6 +9,7 @@ import (

 	"github.com/pomerium/pomerium/authenticate/handlers/webauthn"
 	"github.com/pomerium/pomerium/config"
+	"github.com/pomerium/pomerium/internal/atomicutil"
 	"github.com/pomerium/pomerium/internal/log"
 	"github.com/pomerium/pomerium/pkg/cryptutil"
 )
@ -39,8 +40,8 @@ func ValidateOptions(o *config.Options) error {
 // Authenticate contains data required to run the authenticate service.
 type Authenticate struct {
 	cfg      *authenticateConfig
-	options  *config.AtomicOptions
-	state    *atomicAuthenticateState
+	options  *atomicutil.Value[*config.Options]
+	state    *atomicutil.Value[*authenticateState]
 	webauthn *webauthn.Handler
 }

@ -49,7 +50,7 @@ func New(cfg *config.Config, options ...Option) (*Authenticate, error) {
 	a := &Authenticate{
 		cfg:     getAuthenticateConfig(options...),
 		options: config.NewAtomicOptions(),
-		state:   newAtomicAuthenticateState(newAuthenticateState()),
+		state:   atomicutil.NewValue(newAuthenticateState()),
 	}
 	a.webauthn = webauthn.New(a.getWebauthnState)

--- a/authenticate/handlers_test.go
+++ b/authenticate/handlers_test.go
@ -26,6 +26,7 @@ import (

 	"github.com/pomerium/pomerium/authenticate/handlers/webauthn"
 	"github.com/pomerium/pomerium/config"
+	"github.com/pomerium/pomerium/internal/atomicutil"
 	"github.com/pomerium/pomerium/internal/encoding"
 	"github.com/pomerium/pomerium/internal/encoding/jws"
 	"github.com/pomerium/pomerium/internal/encoding/mock"
@ -44,7 +45,7 @@ import (
 func testAuthenticate() *Authenticate {
 	redirectURL, _ := url.Parse("https://auth.example.com/oauth/callback")
 	var auth Authenticate
-	auth.state = newAtomicAuthenticateState(&authenticateState{
+	auth.state = atomicutil.NewValue(&authenticateState{
 		redirectURL:  redirectURL,
 		cookieSecret: cryptutil.NewKey(),
 	})
@ -150,7 +151,7 @@ func TestAuthenticate_SignIn(t *testing.T) {
 				cfg: getAuthenticateConfig(WithGetIdentityProvider(func(options *config.Options, idpID string) (identity.Authenticator, error) {
 					return tt.provider, nil
 				})),
-				state: newAtomicAuthenticateState(&authenticateState{
+				state: atomicutil.NewValue(&authenticateState{
 					sharedCipher:     sharedCipher,
 					sessionStore:     tt.session,
 					redirectURL:      uriParseHelper("https://some.example"),
@ -306,7 +307,7 @@ func TestAuthenticate_SignOut(t *testing.T) {
 				cfg: getAuthenticateConfig(WithGetIdentityProvider(func(options *config.Options, idpID string) (identity.Authenticator, error) {
 					return tt.provider, nil
 				})),
-				state: newAtomicAuthenticateState(&authenticateState{
+				state: atomicutil.NewValue(&authenticateState{
 					sessionStore:     tt.sessionStore,
 					encryptedEncoder: mock.Encoder{},
 					sharedEncoder:    mock.Encoder{},
@ -419,7 +420,7 @@ func TestAuthenticate_OAuthCallback(t *testing.T) {
 				cfg: getAuthenticateConfig(WithGetIdentityProvider(func(options *config.Options, idpID string) (identity.Authenticator, error) {
 					return tt.provider, nil
 				})),
-				state: newAtomicAuthenticateState(&authenticateState{
+				state: atomicutil.NewValue(&authenticateState{
 					dataBrokerClient: mockDataBrokerServiceClient{
 						get: func(ctx context.Context, in *databroker.GetRequest, opts ...grpc.CallOption) (*databroker.GetResponse, error) {
 							return nil, fmt.Errorf("not implemented")
@ -554,7 +555,7 @@ func TestAuthenticate_SessionValidatorMiddleware(t *testing.T) {
 				cfg: getAuthenticateConfig(WithGetIdentityProvider(func(options *config.Options, idpID string) (identity.Authenticator, error) {
 					return tt.provider, nil
 				})),
-				state: newAtomicAuthenticateState(&authenticateState{
+				state: atomicutil.NewValue(&authenticateState{
 					cookieSecret:     cryptutil.NewKey(),
 					redirectURL:      uriParseHelper("https://authenticate.corp.beyondperimeter.com"),
 					sessionStore:     tt.session,
@ -644,7 +645,7 @@ func TestAuthenticate_userInfo(t *testing.T) {
 		w := httptest.NewRecorder()
 		r := httptest.NewRequest("GET", "https://authenticate.service.cluster.local/.pomerium/?pomerium_redirect_uri=https://www.example.com", nil)
 		var a Authenticate
-		a.state = newAtomicAuthenticateState(&authenticateState{
+		a.state = atomicutil.NewValue(&authenticateState{
 			cookieSecret: cryptutil.NewKey(),
 		})
 		a.options = config.NewAtomicOptions()
@ -709,7 +710,7 @@ func TestAuthenticate_userInfo(t *testing.T) {
 			})
 			a := &Authenticate{
 				options: o,
-				state: newAtomicAuthenticateState(&authenticateState{
+				state: atomicutil.NewValue(&authenticateState{
 					sessionStore:     tt.sessionStore,
 					encryptedEncoder: signer,
 					sharedEncoder:    signer,
--- a/authenticate/state.go
+++ b/authenticate/state.go
@ -6,7 +6,6 @@ import (
 	"encoding/base64"
 	"fmt"
 	"net/url"
-	"sync/atomic"

 	"github.com/go-jose/go-jose/v3"

@ -172,21 +171,3 @@ func newAuthenticateStateFromConfig(cfg *config.Config) (*authenticateState, err

 	return state, nil
 }
-
-type atomicAuthenticateState struct {
-	atomic.Value
-}
-
-func newAtomicAuthenticateState(state *authenticateState) *atomicAuthenticateState {
-	aas := new(atomicAuthenticateState)
-	aas.Store(state)
-	return aas
-}
-
-func (aas *atomicAuthenticateState) Load() *authenticateState {
-	return aas.Value.Load().(*authenticateState)
-}
-
-func (aas *atomicAuthenticateState) Store(state *authenticateState) {
-	aas.Value.Store(state)
-}