3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-10 15:47:36 +02:00
Code Issues Projects Releases Packages Wiki Activity

fix redirect loop, remove user/session services, remove duplicate deleted_at fields (#1162)

Browse source 
* fix redirect loop, remove user/session services, remove duplicate deleted_at fields

* change loop

* reuse err variable

* wrap errors, use cookie timeout

* wrap error, duplicate if
This commit is contained in:
Caleb Doxsey 2020-07-30 09:41:57 -06:00 committed by GitHub
parent 714363fb07
commit 97f85481f8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
16 changed files with 288 additions and 918 deletions
Download patch file Download diff file Expand all files Collapse all files

12
authenticate/authenticate.go
View file

@ -30,8 +30,6 @@ import (
"github.com/pomerium/pomerium/pkg/cryptutil"
"github.com/pomerium/pomerium/pkg/grpc"
"github.com/pomerium/pomerium/pkg/grpc/databroker"
"github.com/pomerium/pomerium/pkg/grpc/session"
"github.com/pomerium/pomerium/pkg/grpc/user"
)
// ValidateOptions checks that configuration are complete and valid.
@ -101,12 +99,6 @@ type Authenticate struct {
// dataBrokerClient is used to retrieve sessions
dataBrokerClient databroker.DataBrokerServiceClient
// sessionClient is used to create sessions
sessionClient session.SessionServiceClient
// userClient is used to update users
userClient user.UserServiceClient
// guard administrator below.
administratorMu sync.Mutex
// administrators keeps track of administrator users.
@ -164,8 +156,6 @@ func New(opts *config.Options) (*Authenticate, error) {
}
dataBrokerClient := databroker.NewDataBrokerServiceClient(dataBrokerConn)
sessionClient := session.NewSessionServiceClient(dataBrokerConn)
userClient := user.NewUserServiceClient(dataBrokerConn)
qpStore := queryparam.NewStore(encryptedEncoder, urlutil.QueryProgrammaticToken)
headerStore := header.NewStore(encryptedEncoder, httputil.AuthorizationTypePomerium)
@ -207,8 +197,6 @@ func New(opts *config.Options) (*Authenticate, error) {
providerName: opts.Provider,
// grpc client for cache
dataBrokerClient: dataBrokerClient,
sessionClient: sessionClient,
userClient: userClient,
jwk: &jose.JSONWebKeySet{},
templates: template.Must(frontend.NewTemplates()),
}

22
authenticate/handlers.go
View file

@ -444,16 +444,10 @@ func (a *Authenticate) getSessionFromCtx(ctx context.Context) (*sessions.State,
}
func (a *Authenticate) deleteSession(ctx context.Context, sessionID string) error {
if a.sessionClient == nil {
if a.dataBrokerClient == nil {
return nil
}
_, err := a.sessionClient.Add(ctx, &session.AddRequest{
Session: &session.Session{
Id: sessionID,
DeletedAt: ptypes.TimestampNow(),
},
})
err := session.Delete(ctx, a.dataBrokerClient, sessionID)
return err
}
@ -534,11 +528,11 @@ func (a *Authenticate) Dashboard(w http.ResponseWriter, r *http.Request) error {
}
func (a *Authenticate) saveSessionToDataBroker(ctx context.Context, sessionState *sessions.State, accessToken *oauth2.Token) error {
if a.sessionClient == nil || a.userClient == nil {
if a.dataBrokerClient == nil {
return nil
}
sessionExpiry, _ := ptypes.TimestampProto(time.Now().Add(time.Hour))
sessionExpiry, _ := ptypes.TimestampProto(time.Now().Add(a.cookieOptions.Expire))
var idTokenExpiry *timestamppb.Timestamp
if sessionState.Expiry != nil {
idTokenExpiry, _ = ptypes.TimestampProto(sessionState.Expiry.Time())
@ -570,17 +564,13 @@ func (a *Authenticate) saveSessionToDataBroker(ctx context.Context, sessionState
if err != nil {
return fmt.Errorf("authenticate: error retrieving user info: %w", err)
}
_, err = a.userClient.Add(ctx, &user.AddRequest{
User: mu.User,
})
_, err = user.Set(ctx, a.dataBrokerClient, mu.User)
if err != nil {
return fmt.Errorf("authenticate: error saving user: %w", err)
}
}
res, err := a.sessionClient.Add(ctx, &session.AddRequest{
Session: s,
})
res, err := session.Set(ctx, a.dataBrokerClient, s)
if err != nil {
return fmt.Errorf("authenticate: error saving session: %w", err)
}

9
authenticate/handlers_test.go
View file

@ -14,6 +14,7 @@ import (
"time"
"google.golang.org/grpc"
"google.golang.org/protobuf/types/known/emptypb"
"github.com/pomerium/pomerium/internal/encoding"
"github.com/pomerium/pomerium/internal/encoding/jws"
@ -238,6 +239,9 @@ func TestAuthenticate_SignOut(t *testing.T) {
templates: template.Must(frontend.NewTemplates()),
sharedEncoder: mock.Encoder{},
dataBrokerClient: mockDataBrokerServiceClient{
delete: func(ctx context.Context, in *databroker.DeleteRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) {
return nil, nil
},
get: func(ctx context.Context, in *databroker.GetRequest, opts ...grpc.CallOption) (*databroker.GetResponse, error) {
data, err := ptypes.MarshalAny(&session.Session{
Id: "SESSION_ID",
@ -626,9 +630,14 @@ func TestAuthenticate_Dashboard(t *testing.T) {
type mockDataBrokerServiceClient struct {
databroker.DataBrokerServiceClient
delete func(ctx context.Context, in *databroker.DeleteRequest, opts ...grpc.CallOption) (*emptypb.Empty, error)
get func(ctx context.Context, in *databroker.GetRequest, opts ...grpc.CallOption) (*databroker.GetResponse, error)
}
func (m mockDataBrokerServiceClient) Delete(ctx context.Context, in *databroker.DeleteRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) {
return m.delete(ctx, in, opts...)
}
func (m mockDataBrokerServiceClient) Get(ctx context.Context, in *databroker.GetRequest, opts ...grpc.CallOption) (*databroker.GetResponse, error) {
return m.get(ctx, in, opts...)
}

3
authorize/grpc.go
View file

@ -87,9 +87,6 @@ func (a *Authorize) forceSync(ctx context.Context, ss *sessions.State) error {
if s == nil {
return errors.New("session not found")
}
if s.DeletedAt != nil {
return errors.New("session was deleted")
}
a.forceSyncUser(ctx, s.GetUserId())
return nil
}

14
cache/cache.go vendored
View file

@ -19,16 +19,12 @@ import (
"github.com/pomerium/pomerium/internal/urlutil"
"github.com/pomerium/pomerium/pkg/cryptutil"
"github.com/pomerium/pomerium/pkg/grpc/databroker"
"github.com/pomerium/pomerium/pkg/grpc/session"
"github.com/pomerium/pomerium/pkg/grpc/user"
)
// Cache represents the cache service. The cache service is a simple interface
// for storing keyed blobs (bytes) of unstructured data.
type Cache struct {
dataBrokerServer *DataBrokerServer
sessionServer *SessionServer
userServer *UserServer
manager *manager.Manager
localListener net.Listener
@ -73,16 +69,10 @@ func New(opts config.Options) (*Cache, error) {
dataBrokerServer := NewDataBrokerServer(localGRPCServer, opts)
dataBrokerClient := databroker.NewDataBrokerServiceClient(localGRPCConnection)
sessionServer := NewSessionServer(localGRPCServer, dataBrokerClient)
sessionClient := session.NewSessionServiceClient(localGRPCConnection)
userServer := NewUserServer(localGRPCServer, dataBrokerClient)
userClient := user.NewUserServiceClient(localGRPCConnection)
manager := manager.New(
authenticator,
directoryProvider,
sessionClient,
userClient,
dataBrokerClient,
manager.WithGroupRefreshInterval(opts.RefreshDirectoryInterval),
manager.WithGroupRefreshTimeout(opts.RefreshDirectoryTimeout),
@ -90,8 +80,6 @@ func New(opts config.Options) (*Cache, error) {
return &Cache{
dataBrokerServer: dataBrokerServer,
sessionServer: sessionServer,
userServer: userServer,
manager: manager,
localListener: localListener,
@ -104,8 +92,6 @@ func New(opts config.Options) (*Cache, error) {
// Register registers all the gRPC services with the given server.
func (c *Cache) Register(grpcServer *grpc.Server) {
databroker.RegisterDataBrokerServiceServer(grpcServer, c.dataBrokerServer)
session.RegisterSessionServiceServer(grpcServer, c.sessionServer)
user.RegisterUserServiceServer(grpcServer, c.userServer)
}
// Run runs the cache components.

95
cache/session.go vendored
View file

@ -1,95 +0,0 @@
package cache
import (
"context"
"github.com/golang/protobuf/ptypes"
"google.golang.org/grpc"
"google.golang.org/protobuf/types/known/emptypb"
"github.com/pomerium/pomerium/internal/log"
"github.com/pomerium/pomerium/internal/telemetry/trace"
"github.com/pomerium/pomerium/pkg/grpc/databroker"
"github.com/pomerium/pomerium/pkg/grpc/session"
)
// SessionServer implements the session service interface for adding and syncing sessions.
type SessionServer struct {
dataBrokerClient databroker.DataBrokerServiceClient
}
// NewSessionServer creates a new SessionServer.
func NewSessionServer(grpcServer *grpc.Server, dataBrokerClient databroker.DataBrokerServiceClient) *SessionServer {
srv := &SessionServer{
dataBrokerClient: dataBrokerClient,
}
session.RegisterSessionServiceServer(grpcServer, srv)
return srv
}
// Delete deletes a session from the session server.
func (srv *SessionServer) Delete(ctx context.Context, req *session.DeleteRequest) (*emptypb.Empty, error) {
ctx, span := trace.StartSpan(ctx, "session.grpc.Delete")
defer span.End()
log.Info().
Str("service", "session").
Str("session_id", req.GetId()).
Msg("delete")
data, err := ptypes.MarshalAny(new(session.Session))
if err != nil {
return nil, err
}
return srv.dataBrokerClient.Delete(ctx, &databroker.DeleteRequest{
Type: data.GetTypeUrl(),
Id: req.GetId(),
})
}
// Add adds a session to the session server.
func (srv *SessionServer) Add(ctx context.Context, req *session.AddRequest) (*session.AddResponse, error) {
ctx, span := trace.StartSpan(ctx, "session.grpc.Add")
defer span.End()
log.Info().
Str("service", "session").
Str("session_id", req.GetSession().GetId()).
Msg("add")
s := req.GetSession()
data, err := ptypes.MarshalAny(s)
if err != nil {
return nil, err
}
res, err := srv.dataBrokerClient.Set(ctx, &databroker.SetRequest{
Type: data.GetTypeUrl(),
Id: s.GetId(),
Data: data,
})
if err != nil {
return nil, err
}
s.Version = res.GetServerVersion()
data, err = ptypes.MarshalAny(s)
if err != nil {
return nil, err
}
res, err = srv.dataBrokerClient.Set(ctx, &databroker.SetRequest{
Type: data.GetTypeUrl(),
Id: s.GetId(),
Data: data,
})
if err != nil {
return nil, err
}
return &session.AddResponse{
Session: req.Session,
ServerVersion: res.GetServerVersion(),
}, nil
}

54
cache/user.go vendored
View file

@ -1,54 +0,0 @@
package cache
import (
"context"
"github.com/golang/protobuf/ptypes"
"google.golang.org/grpc"
"google.golang.org/protobuf/types/known/emptypb"
"github.com/pomerium/pomerium/internal/log"
"github.com/pomerium/pomerium/internal/telemetry/trace"
"github.com/pomerium/pomerium/pkg/grpc/databroker"
"github.com/pomerium/pomerium/pkg/grpc/user"
)
// UserServer implements the user service interface for syncing users.
type UserServer struct {
dataBrokerClient databroker.DataBrokerServiceClient
}
// NewUserServer creates a new UserServer.
func NewUserServer(grpcServer *grpc.Server, dataBrokerClient databroker.DataBrokerServiceClient) *UserServer {
srv := &UserServer{
dataBrokerClient: dataBrokerClient,
}
user.RegisterUserServiceServer(grpcServer, srv)
return srv
}
// Add adds a user to the user server.
func (srv *UserServer) Add(ctx context.Context, req *user.AddRequest) (*emptypb.Empty, error) {
ctx, span := trace.StartSpan(ctx, "user.grpc.Add")
defer span.End()
log.Info().
Str("service", "user").
Str("user_id", req.GetUser().GetId()).
Msg("add")
data, err := ptypes.MarshalAny(req.GetUser())
if err != nil {
return nil, err
}
_, err = srv.dataBrokerClient.Set(ctx, &databroker.SetRequest{
Type: data.GetTypeUrl(),
Id: req.GetUser().GetId(),
Data: data,
})
if err != nil {
return nil, err
}
return new(emptypb.Empty), nil
}

18
internal/databroker/server.go
View file

@ -140,6 +140,9 @@ func (srv *Server) Get(ctx context.Context, req *databroker.GetRequest) (*databr
if err != nil {
return nil, status.Error(codes.NotFound, "record not found")
}
if record.DeletedAt != nil {
return nil, status.Error(codes.NotFound, "record not found")
}
return &databroker.GetResponse{Record: record}, nil
}
@ -155,16 +158,27 @@ func (srv *Server) GetAll(ctx context.Context, req *databroker.GetAllRequest) (*
if err != nil {
return nil, err
}
records, err := db.GetAll(ctx)
all, err := db.GetAll(ctx)
if err != nil {
return nil, err
}
if len(all) == 0 {
return &databroker.GetAllResponse{ServerVersion: srv.version}, nil
}
var recordVersion string
for _, record := range records {
records := make([]*databroker.Record, 0, len(all))
for _, record := range all {
if record.GetVersion() > recordVersion {
recordVersion = record.GetVersion()
}
if record.DeletedAt == nil {
records = append(records, record)
}
}
return &databroker.GetAllResponse{
ServerVersion: srv.version,
RecordVersion: recordVersion,

59
internal/databroker/server_test.go
View file

@ -8,10 +8,14 @@ import (
"github.com/google/uuid"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/status"
"google.golang.org/protobuf/types/known/anypb"
"github.com/pomerium/pomerium/internal/log"
"github.com/pomerium/pomerium/internal/signal"
"github.com/pomerium/pomerium/pkg/grpc/databroker"
"github.com/pomerium/pomerium/pkg/grpc/session"
"github.com/pomerium/pomerium/pkg/storage"
)
@ -80,3 +84,58 @@ func TestServer_initVersion(t *testing.T) {
assert.Equal(t, srvVersion, srv.version)
})
}
func TestServer_Get(t *testing.T) {
cfg := newServerConfig()
t.Run("ignore deleted", func(t *testing.T) {
srv := newServer(cfg)
s := new(session.Session)
s.Id = "1"
any, err := anypb.New(s)
assert.NoError(t, err)
srv.Set(context.Background(), &databroker.SetRequest{
Type: any.TypeUrl,
Id: s.Id,
Data: any,
})
srv.Delete(context.Background(), &databroker.DeleteRequest{
Type: any.TypeUrl,
Id: s.Id,
})
_, err = srv.Get(context.Background(), &databroker.GetRequest{
Type: any.TypeUrl,
Id: s.Id,
})
assert.Error(t, err)
assert.Equal(t, codes.NotFound, status.Code(err))
})
}
func TestServer_GetAll(t *testing.T) {
cfg := newServerConfig()
t.Run("ignore deleted", func(t *testing.T) {
srv := newServer(cfg)
s := new(session.Session)
s.Id = "1"
any, err := anypb.New(s)
assert.NoError(t, err)
srv.Set(context.Background(), &databroker.SetRequest{
Type: any.TypeUrl,
Id: s.Id,
Data: any,
})
srv.Delete(context.Background(), &databroker.DeleteRequest{
Type: any.TypeUrl,
Id: s.Id,
})
res, err := srv.GetAll(context.Background(), &databroker.GetAllRequest{
Type: any.TypeUrl,
})
assert.NoError(t, err)
assert.Len(t, res.GetRecords(), 0)
})
}

76
internal/identity/manager/manager.go
View file

@ -29,13 +29,22 @@ type Authenticator interface {
UpdateUserInfo(ctx context.Context, t *oauth2.Token, v interface{}) error
}
type (
sessionMessage struct {
record *databroker.Record
session *session.Session
}
userMessage struct {
record *databroker.Record
user *user.User
}
)
// A Manager refreshes identity information using session and user data.
type Manager struct {
cfg *config
authenticator Authenticator
directory directory.Provider
sessionClient session.SessionServiceClient
userClient user.UserServiceClient
dataBrokerClient databroker.DataBrokerServiceClient
log zerolog.Logger
@ -60,8 +69,6 @@ type Manager struct {
func New(
authenticator Authenticator,
directoryProvider directory.Provider,
sessionClient session.SessionServiceClient,
userClient user.UserServiceClient,
dataBrokerClient databroker.DataBrokerServiceClient,
options ...Option,
) *Manager {
@ -69,8 +76,6 @@ func New(
cfg: newConfig(options...),
authenticator: authenticator,
directory: directoryProvider,
sessionClient: sessionClient,
userClient: userClient,
dataBrokerClient: dataBrokerClient,
log: log.With().Str("service", "identity_manager").Logger(),
@ -100,12 +105,12 @@ func (mgr *Manager) Run(ctx context.Context) error {
t, ctx := tomb.WithContext(ctx)
updatedSession := make(chan *session.Session, 1)
updatedSession := make(chan sessionMessage, 1)
t.Go(func() error {
return mgr.syncSessions(ctx, updatedSession)
})
updatedUser := make(chan *user.User, 1)
updatedUser := make(chan userMessage, 1)
t.Go(func() error {
return mgr.syncUsers(ctx, updatedUser)
})
@ -129,8 +134,8 @@ func (mgr *Manager) Run(ctx context.Context) error {
func (mgr *Manager) refreshLoop(
ctx context.Context,
updatedSession <-chan *session.Session,
updatedUser <-chan *user.User,
updatedSession <-chan sessionMessage,
updatedUser <-chan userMessage,
updatedDirectoryUser <-chan *directory.User,
updatedDirectoryGroup <-chan *directory.Group,
) error {
@ -361,7 +366,7 @@ func (mgr *Manager) refreshSession(ctx context.Context, userID, sessionID string
}
s.OauthToken = ToOAuthToken(newToken)
_, err = mgr.sessionClient.Add(ctx, &session.AddRequest{Session: s.Session})
res, err := session.Set(ctx, mgr.dataBrokerClient, s.Session)
if err != nil {
mgr.log.Error().Err(err).
Str("user_id", s.GetUserId()).
@ -370,7 +375,7 @@ func (mgr *Manager) refreshSession(ctx context.Context, userID, sessionID string
return
}
mgr.onUpdateSession(ctx, s.Session)
mgr.onUpdateSession(ctx, sessionMessage{record: res.GetRecord(), session: s.Session})
}
func (mgr *Manager) refreshUser(ctx context.Context, userID string) {
@ -412,7 +417,7 @@ func (mgr *Manager) refreshUser(ctx context.Context, userID string) {
continue
}
_, err = mgr.userClient.Add(ctx, &user.AddRequest{User: u.User})
record, err := user.Set(ctx, mgr.dataBrokerClient, u.User)
if err != nil {
mgr.log.Error().Err(err).
Str("user_id", s.GetUserId()).
@ -421,11 +426,11 @@ func (mgr *Manager) refreshUser(ctx context.Context, userID string) {
continue
}
mgr.onUpdateUser(ctx, u.User)
mgr.onUpdateUser(ctx, userMessage{record: record, user: u.User})
}
}
func (mgr *Manager) syncSessions(ctx context.Context, ch chan<- *session.Session) error {
func (mgr *Manager) syncSessions(ctx context.Context, ch chan<- sessionMessage) error {
mgr.log.Info().Msg("syncing sessions")
any, err := ptypes.MarshalAny(new(session.Session))
@ -455,13 +460,13 @@ func (mgr *Manager) syncSessions(ctx context.Context, ch chan<- *session.Session
select {
case <-ctx.Done():
return ctx.Err()
case ch <- &pbSession:
case ch <- sessionMessage{record: record, session: &pbSession}:
}
}
}
}
func (mgr *Manager) syncUsers(ctx context.Context, ch chan<- *user.User) error {
func (mgr *Manager) syncUsers(ctx context.Context, ch chan<- userMessage) error {
mgr.log.Info().Msg("syncing users")
any, err := ptypes.MarshalAny(new(user.User))
@ -491,7 +496,7 @@ func (mgr *Manager) syncUsers(ctx context.Context, ch chan<- *user.User) error {
select {
case <-ctx.Done():
return ctx.Err()
case ch <- &pbUser:
case ch <- userMessage{record: record, user: &pbUser}:
}
}
}
@ -635,44 +640,44 @@ func (mgr *Manager) syncDirectoryGroups(ctx context.Context, ch chan<- *director
}
}
func (mgr *Manager) onUpdateSession(ctx context.Context, pbSession *session.Session) {
mgr.sessionScheduler.Remove(toSessionSchedulerKey(pbSession.GetUserId(), pbSession.GetId()))
func (mgr *Manager) onUpdateSession(ctx context.Context, msg sessionMessage) {
mgr.sessionScheduler.Remove(toSessionSchedulerKey(msg.session.GetUserId(), msg.session.GetId()))
if pbSession.GetDeletedAt() != nil {
if msg.record.GetDeletedAt() != nil {
// remove from local store
mgr.sessions.Delete(pbSession.GetUserId(), pbSession.GetId())
mgr.sessions.Delete(msg.session.GetUserId(), msg.session.GetId())
return
}
// update session
s, _ := mgr.sessions.Get(pbSession.GetUserId(), pbSession.GetId())
s, _ := mgr.sessions.Get(msg.session.GetUserId(), msg.session.GetId())
s.lastRefresh = time.Now()
s.gracePeriod = mgr.cfg.sessionRefreshGracePeriod
s.coolOffDuration = mgr.cfg.sessionRefreshCoolOffDuration
s.Session = pbSession
s.Session = msg.session
mgr.sessions.ReplaceOrInsert(s)
mgr.sessionScheduler.Add(s.NextRefresh(), toSessionSchedulerKey(pbSession.GetUserId(), pbSession.GetId()))
mgr.sessionScheduler.Add(s.NextRefresh(), toSessionSchedulerKey(msg.session.GetUserId(), msg.session.GetId()))
// create the user if it doesn't exist yet
if _, ok := mgr.users.Get(pbSession.GetUserId()); !ok {
mgr.createUser(ctx, pbSession)
if _, ok := mgr.users.Get(msg.session.GetUserId()); !ok {
mgr.createUser(ctx, msg.session)
}
}
func (mgr *Manager) onUpdateUser(_ context.Context, pbUser *user.User) {
if pbUser.DeletedAt != nil {
mgr.users.Delete(pbUser.GetId())
mgr.userScheduler.Remove(pbUser.GetId())
func (mgr *Manager) onUpdateUser(_ context.Context, msg userMessage) {
if msg.record.DeletedAt != nil {
mgr.users.Delete(msg.user.GetId())
mgr.userScheduler.Remove(msg.user.GetId())
return
}
u, ok := mgr.users.Get(pbUser.GetId())
u, ok := mgr.users.Get(msg.user.GetId())
if ok {
// only reset the refresh time if this is an existing user
u.lastRefresh = time.Now()
}
u.refreshInterval = mgr.cfg.groupRefreshInterval
u.User = pbUser
u.User = msg.user
mgr.users.ReplaceOrInsert(u)
mgr.userScheduler.Add(u.NextRefresh(), u.GetId())
}
@ -692,7 +697,7 @@ func (mgr *Manager) createUser(ctx context.Context, pbSession *session.Session)
},
}
_, err := mgr.userClient.Add(ctx, &user.AddRequest{User: u.User})
_, err := user.Set(ctx, mgr.dataBrokerClient, u.User)
if err != nil {
mgr.log.Error().Err(err).
Str("user_id", pbSession.GetUserId()).
@ -702,8 +707,7 @@ func (mgr *Manager) createUser(ctx context.Context, pbSession *session.Session)
}
func (mgr *Manager) deleteSession(ctx context.Context, pbSession *session.Session) {
pbSession.DeletedAt = ptypes.TimestampNow()
_, err := mgr.sessionClient.Add(ctx, &session.AddRequest{Session: pbSession})
err := session.Delete(ctx, mgr.dataBrokerClient, pbSession.GetId())
if err != nil {
mgr.log.Error().Err(err).
Str("session_id", pbSession.GetId()).

33
pkg/grpc/session/session.go
View file

@ -3,12 +3,27 @@ package session
import (
context "context"
"fmt"
"github.com/golang/protobuf/ptypes"
"google.golang.org/protobuf/types/known/anypb"
"github.com/pomerium/pomerium/pkg/grpc/databroker"
)
// Delete deletes a session from the databroker.
func Delete(ctx context.Context, client databroker.DataBrokerServiceClient, sessionID string) error {
any, _ := ptypes.MarshalAny(new(Session))
_, err := client.Delete(ctx, &databroker.DeleteRequest{
Type: any.GetTypeUrl(),
Id: sessionID,
})
if err != nil {
return fmt.Errorf("error deleting session: %w", err)
}
return nil
}
// Get gets a session from the databroker.
func Get(ctx context.Context, client databroker.DataBrokerServiceClient, sessionID string) (*Session, error) {
any, _ := ptypes.MarshalAny(new(Session))
@ -18,13 +33,27 @@ func Get(ctx context.Context, client databroker.DataBrokerServiceClient, session
Id: sessionID,
})
if err != nil {
return nil, err
return nil, fmt.Errorf("error getting session from databroker: %w", err)
}
var s Session
err = ptypes.UnmarshalAny(res.GetRecord().GetData(), &s)
if err != nil {
return nil, err
return nil, fmt.Errorf("error unmarshaling session from databroker: %w", err)
}
return &s, nil
}
// Set sets a session in the databroker.
func Set(ctx context.Context, client databroker.DataBrokerServiceClient, s *Session) (*databroker.SetResponse, error) {
any, _ := anypb.New(s)
res, err := client.Set(ctx, &databroker.SetRequest{
Type: any.GetTypeUrl(),
Id: s.Id,
Data: any,
})
if err != nil {
return nil, fmt.Errorf("error setting session in databroker: %w", err)
}
return res, nil
}

492
pkg/grpc/session/session.pb.go
View file

@ -7,14 +7,9 @@
package session
import (
context "context"
proto "github.com/golang/protobuf/proto"
any "github.com/golang/protobuf/ptypes/any"
empty "github.com/golang/protobuf/ptypes/empty"
timestamp "github.com/golang/protobuf/ptypes/timestamp"
grpc "google.golang.org/grpc"
codes "google.golang.org/grpc/codes"
status "google.golang.org/grpc/status"
protoreflect "google.golang.org/protobuf/reflect/protoreflect"
protoimpl "google.golang.org/protobuf/runtime/protoimpl"
reflect "reflect"
@ -183,7 +178,6 @@ type Session struct {
Id string `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"`
UserId string `protobuf:"bytes,3,opt,name=user_id,json=userId,proto3" json:"user_id,omitempty"`
ExpiresAt *timestamp.Timestamp `protobuf:"bytes,4,opt,name=expires_at,json=expiresAt,proto3" json:"expires_at,omitempty"`
DeletedAt *timestamp.Timestamp `protobuf:"bytes,5,opt,name=deleted_at,json=deletedAt,proto3" json:"deleted_at,omitempty"`
IdToken *IDToken `protobuf:"bytes,6,opt,name=id_token,json=idToken,proto3" json:"id_token,omitempty"`
OauthToken *OAuthToken `protobuf:"bytes,7,opt,name=oauth_token,json=oauthToken,proto3" json:"oauth_token,omitempty"`
Claims map[string]*any.Any `protobuf:"bytes,8,rep,name=claims,proto3" json:"claims,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
@ -249,13 +243,6 @@ func (x *Session) GetExpiresAt() *timestamp.Timestamp {
return nil
}
func (x *Session) GetDeletedAt() *timestamp.Timestamp {
if x != nil {
return x.DeletedAt
}
return nil
}
func (x *Session) GetIdToken() *IDToken {
if x != nil {
return x.IdToken
@ -277,238 +264,64 @@ func (x *Session) GetClaims() map[string]*any.Any {
return nil
}
type AddRequest struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
Session *Session `protobuf:"bytes,1,opt,name=session,proto3" json:"session,omitempty"`
}
func (x *AddRequest) Reset() {
*x = AddRequest{}
if protoimpl.UnsafeEnabled {
mi := &file_session_proto_msgTypes[3]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
}
func (x *AddRequest) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*AddRequest) ProtoMessage() {}
func (x *AddRequest) ProtoReflect() protoreflect.Message {
mi := &file_session_proto_msgTypes[3]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use AddRequest.ProtoReflect.Descriptor instead.
func (*AddRequest) Descriptor() ([]byte, []int) {
return file_session_proto_rawDescGZIP(), []int{3}
}
func (x *AddRequest) GetSession() *Session {
if x != nil {
return x.Session
}
return nil
}
type AddResponse struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
Session *Session `protobuf:"bytes,1,opt,name=session,proto3" json:"session,omitempty"`
ServerVersion string `protobuf:"bytes,2,opt,name=server_version,json=serverVersion,proto3" json:"server_version,omitempty"`
}
func (x *AddResponse) Reset() {
*x = AddResponse{}
if protoimpl.UnsafeEnabled {
mi := &file_session_proto_msgTypes[4]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
}
func (x *AddResponse) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*AddResponse) ProtoMessage() {}
func (x *AddResponse) ProtoReflect() protoreflect.Message {
mi := &file_session_proto_msgTypes[4]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use AddResponse.ProtoReflect.Descriptor instead.
func (*AddResponse) Descriptor() ([]byte, []int) {
return file_session_proto_rawDescGZIP(), []int{4}
}
func (x *AddResponse) GetSession() *Session {
if x != nil {
return x.Session
}
return nil
}
func (x *AddResponse) GetServerVersion() string {
if x != nil {
return x.ServerVersion
}
return ""
}
type DeleteRequest struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
}
func (x *DeleteRequest) Reset() {
*x = DeleteRequest{}
if protoimpl.UnsafeEnabled {
mi := &file_session_proto_msgTypes[5]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
}
func (x *DeleteRequest) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*DeleteRequest) ProtoMessage() {}
func (x *DeleteRequest) ProtoReflect() protoreflect.Message {
mi := &file_session_proto_msgTypes[5]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use DeleteRequest.ProtoReflect.Descriptor instead.
func (*DeleteRequest) Descriptor() ([]byte, []int) {
return file_session_proto_rawDescGZIP(), []int{5}
}
func (x *DeleteRequest) GetId() string {
if x != nil {
return x.Id
}
return ""
}
var File_session_proto protoreflect.FileDescriptor
var file_session_proto_rawDesc = []byte{
0x0a, 0x0d, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12,
0x07, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72,
0x6f, 0x74, 0x6f, 0x1a, 0x1b, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74,
0x6f, 0x62, 0x75, 0x66, 0x2f, 0x65, 0x6d, 0x70, 0x74, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
0x1a, 0x1f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
0x66, 0x2f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74,
0x6f, 0x22, 0xaf, 0x01, 0x0a, 0x07, 0x49, 0x44, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x16, 0x0a,
0x06, 0x69, 0x73, 0x73, 0x75, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x69,
0x73, 0x73, 0x75, 0x65, 0x72, 0x12, 0x18, 0x0a, 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74,
0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x12,
0x39, 0x0a, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x5f, 0x61, 0x74, 0x18, 0x03, 0x20,
0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52,
0x09, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x41, 0x74, 0x12, 0x37, 0x0a, 0x09, 0x69, 0x73,
0x73, 0x75, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e,
0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x08, 0x69, 0x73, 0x73, 0x75, 0x65,
0x64, 0x41, 0x74, 0x22, 0xae, 0x01, 0x0a, 0x0a, 0x4f, 0x41, 0x75, 0x74, 0x68, 0x54, 0x6f, 0x6b,
0x65, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x74, 0x6f, 0x6b,
0x65, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73,
0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x1d, 0x0a, 0x0a, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x5f, 0x74,
0x79, 0x70, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x74, 0x6f, 0x6b, 0x65, 0x6e,
0x54, 0x79, 0x70, 0x65, 0x12, 0x39, 0x0a, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x5f,
0x61, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73,
0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x41, 0x74, 0x12,
0x23, 0x0a, 0x0d, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e,
0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x54,
0x6f, 0x6b, 0x65, 0x6e, 0x22, 0xac, 0x03, 0x0a, 0x07, 0x53, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e,
0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28,
0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64,
0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x17, 0x0a, 0x07, 0x75, 0x73,
0x65, 0x72, 0x5f, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x75, 0x73, 0x65,
0x72, 0x49, 0x64, 0x12, 0x39, 0x0a, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x5f, 0x61,
0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74,
0x61, 0x6d, 0x70, 0x52, 0x09, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x41, 0x74, 0x12, 0x39,
0x0a, 0x0a, 0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x05, 0x20, 0x01,
0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09,
0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x64, 0x41, 0x74, 0x12, 0x2b, 0x0a, 0x08, 0x69, 0x64, 0x5f,
0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x73, 0x65,
0x73, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x49, 0x44, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x07, 0x69,
0x64, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x34, 0x0a, 0x0b, 0x6f, 0x61, 0x75, 0x74, 0x68, 0x5f,
0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x73, 0x65,
0x73, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x4f, 0x41, 0x75, 0x74, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e,
0x52, 0x0a, 0x6f, 0x61, 0x75, 0x74, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x34, 0x0a, 0x06,
0x63, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x18, 0x08, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x73,
0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x53, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x43,
0x6c, 0x61, 0x69, 0x6d, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x06, 0x63, 0x6c, 0x61, 0x69,
0x6d, 0x73, 0x1a, 0x4f, 0x0a, 0x0b, 0x43, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x45, 0x6e, 0x74, 0x72,
0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03,
0x6b, 0x65, 0x79, 0x12, 0x2a, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01,
0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a,
0x02, 0x38, 0x01, 0x22, 0x38, 0x0a, 0x0a, 0x41, 0x64, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
0x74, 0x12, 0x2a, 0x0a, 0x07, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01,
0x28, 0x0b, 0x32, 0x10, 0x2e, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x53, 0x65, 0x73,
0x73, 0x69, 0x6f, 0x6e, 0x52, 0x07, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0x60, 0x0a,
0x0b, 0x41, 0x64, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x2a, 0x0a, 0x07,
0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e,
0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x53, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x52,
0x07, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x25, 0x0a, 0x0e, 0x73, 0x65, 0x72, 0x76,
0x65, 0x72, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09,
0x52, 0x0d, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x22,
0x1f, 0x0a, 0x0d, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64,
0x32, 0x7c, 0x0a, 0x0e, 0x53, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x53, 0x65, 0x72, 0x76, 0x69,
0x63, 0x65, 0x12, 0x30, 0x0a, 0x03, 0x41, 0x64, 0x64, 0x12, 0x13, 0x2e, 0x73, 0x65, 0x73, 0x73,
0x69, 0x6f, 0x6e, 0x2e, 0x41, 0x64, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x14,
0x2e, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x41, 0x64, 0x64, 0x52, 0x65, 0x73, 0x70,
0x6f, 0x6e, 0x73, 0x65, 0x12, 0x38, 0x0a, 0x06, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x12, 0x16,
0x2e, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x52,
0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x42, 0x2f,
0x5a, 0x2d, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x6f, 0x6d,
0x65, 0x72, 0x69, 0x75, 0x6d, 0x2f, 0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69, 0x75, 0x6d, 0x2f, 0x70,
0x6b, 0x67, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x2f, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x62,
0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74,
0x6f, 0x62, 0x75, 0x66, 0x2f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70,
0x72, 0x6f, 0x74, 0x6f, 0x22, 0xaf, 0x01, 0x0a, 0x07, 0x49, 0x44, 0x54, 0x6f, 0x6b, 0x65, 0x6e,
0x12, 0x16, 0x0a, 0x06, 0x69, 0x73, 0x73, 0x75, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
0x52, 0x06, 0x69, 0x73, 0x73, 0x75, 0x65, 0x72, 0x12, 0x18, 0x0a, 0x07, 0x73, 0x75, 0x62, 0x6a,
0x65, 0x63, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65,
0x63, 0x74, 0x12, 0x39, 0x0a, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x5f, 0x61, 0x74,
0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61,
0x6d, 0x70, 0x52, 0x09, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x41, 0x74, 0x12, 0x37, 0x0a,
0x09, 0x69, 0x73, 0x73, 0x75, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b,
0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x08, 0x69, 0x73,
0x73, 0x75, 0x65, 0x64, 0x41, 0x74, 0x22, 0xae, 0x01, 0x0a, 0x0a, 0x4f, 0x41, 0x75, 0x74, 0x68,
0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f,
0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x61, 0x63, 0x63,
0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x1d, 0x0a, 0x0a, 0x74, 0x6f, 0x6b, 0x65,
0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x74, 0x6f,
0x6b, 0x65, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x12, 0x39, 0x0a, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72,
0x65, 0x73, 0x5f, 0x61, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f,
0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69,
0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73,
0x41, 0x74, 0x12, 0x23, 0x0a, 0x0d, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x74, 0x6f,
0x6b, 0x65, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x72, 0x65, 0x66, 0x72, 0x65,
0x73, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0xf1, 0x02, 0x0a, 0x07, 0x53, 0x65, 0x73, 0x73,
0x69, 0x6f, 0x6e, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01,
0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x0e, 0x0a,
0x02, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x17, 0x0a,
0x07, 0x75, 0x73, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06,
0x75, 0x73, 0x65, 0x72, 0x49, 0x64, 0x12, 0x39, 0x0a, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65,
0x73, 0x5f, 0x61, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f,
0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d,
0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x41,
0x74, 0x12, 0x2b, 0x0a, 0x08, 0x69, 0x64, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x06, 0x20,
0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x49, 0x44,
0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x07, 0x69, 0x64, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x34,
0x0a, 0x0b, 0x6f, 0x61, 0x75, 0x74, 0x68, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x07, 0x20,
0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x4f, 0x41,
0x75, 0x74, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x0a, 0x6f, 0x61, 0x75, 0x74, 0x68, 0x54,
0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x34, 0x0a, 0x06, 0x63, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x18, 0x08,
0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x53,
0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x43, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x45, 0x6e, 0x74,
0x72, 0x79, 0x52, 0x06, 0x63, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x1a, 0x4f, 0x0a, 0x0b, 0x43, 0x6c,
0x61, 0x69, 0x6d, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79,
0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x2a, 0x0a, 0x05, 0x76,
0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f,
0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79,
0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x42, 0x2f, 0x5a, 0x2d, 0x67,
0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69,
0x75, 0x6d, 0x2f, 0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69, 0x75, 0x6d, 0x2f, 0x70, 0x6b, 0x67, 0x2f,
0x67, 0x72, 0x70, 0x63, 0x2f, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x62, 0x06, 0x70, 0x72,
0x6f, 0x74, 0x6f, 0x33,
}
var (
@ -523,40 +336,29 @@ func file_session_proto_rawDescGZIP() []byte {
return file_session_proto_rawDescData
}
var file_session_proto_msgTypes = make([]protoimpl.MessageInfo, 7)
var file_session_proto_msgTypes = make([]protoimpl.MessageInfo, 4)
var file_session_proto_goTypes = []interface{}{
(*IDToken)(nil), // 0: session.IDToken
(*OAuthToken)(nil), // 1: session.OAuthToken
(*Session)(nil), // 2: session.Session
(*AddRequest)(nil), // 3: session.AddRequest
(*AddResponse)(nil), // 4: session.AddResponse
(*DeleteRequest)(nil), // 5: session.DeleteRequest
nil, // 6: session.Session.ClaimsEntry
(*timestamp.Timestamp)(nil), // 7: google.protobuf.Timestamp
(*any.Any)(nil), // 8: google.protobuf.Any
(*empty.Empty)(nil), // 9: google.protobuf.Empty
nil, // 3: session.Session.ClaimsEntry
(*timestamp.Timestamp)(nil), // 4: google.protobuf.Timestamp
(*any.Any)(nil), // 5: google.protobuf.Any
}
var file_session_proto_depIdxs = []int32{
7, // 0: session.IDToken.expires_at:type_name -> google.protobuf.Timestamp
7, // 1: session.IDToken.issued_at:type_name -> google.protobuf.Timestamp
7, // 2: session.OAuthToken.expires_at:type_name -> google.protobuf.Timestamp
7, // 3: session.Session.expires_at:type_name -> google.protobuf.Timestamp
7, // 4: session.Session.deleted_at:type_name -> google.protobuf.Timestamp
0, // 5: session.Session.id_token:type_name -> session.IDToken
1, // 6: session.Session.oauth_token:type_name -> session.OAuthToken
6, // 7: session.Session.claims:type_name -> session.Session.ClaimsEntry
2, // 8: session.AddRequest.session:type_name -> session.Session
2, // 9: session.AddResponse.session:type_name -> session.Session
8, // 10: session.Session.ClaimsEntry.value:type_name -> google.protobuf.Any
3, // 11: session.SessionService.Add:input_type -> session.AddRequest
5, // 12: session.SessionService.Delete:input_type -> session.DeleteRequest
4, // 13: session.SessionService.Add:output_type -> session.AddResponse
9, // 14: session.SessionService.Delete:output_type -> google.protobuf.Empty
13, // [13:15] is the sub-list for method output_type
11, // [11:13] is the sub-list for method input_type
11, // [11:11] is the sub-list for extension type_name
11, // [11:11] is the sub-list for extension extendee
0, // [0:11] is the sub-list for field type_name
4, // 0: session.IDToken.expires_at:type_name -> google.protobuf.Timestamp
4, // 1: session.IDToken.issued_at:type_name -> google.protobuf.Timestamp
4, // 2: session.OAuthToken.expires_at:type_name -> google.protobuf.Timestamp
4, // 3: session.Session.expires_at:type_name -> google.protobuf.Timestamp
0, // 4: session.Session.id_token:type_name -> session.IDToken
1, // 5: session.Session.oauth_token:type_name -> session.OAuthToken
3, // 6: session.Session.claims:type_name -> session.Session.ClaimsEntry
5, // 7: session.Session.ClaimsEntry.value:type_name -> google.protobuf.Any
8, // [8:8] is the sub-list for method output_type
8, // [8:8] is the sub-list for method input_type
8, // [8:8] is the sub-list for extension type_name
8, // [8:8] is the sub-list for extension extendee
0, // [0:8] is the sub-list for field type_name
}
func init() { file_session_proto_init() }
@ -601,42 +403,6 @@ func file_session_proto_init() {
return nil
}
}
file_session_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*AddRequest); i {
case 0:
return &v.state
case 1:
return &v.sizeCache
case 2:
return &v.unknownFields
default:
return nil
}
}
file_session_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*AddResponse); i {
case 0:
return &v.state
case 1:
return &v.sizeCache
case 2:
return &v.unknownFields
default:
return nil
}
}
file_session_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*DeleteRequest); i {
case 0:
return &v.state
case 1:
return &v.sizeCache
case 2:
return &v.unknownFields
default:
return nil
}
}
}
type x struct{}
out := protoimpl.TypeBuilder{
@ -644,9 +410,9 @@ func file_session_proto_init() {
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
RawDescriptor: file_session_proto_rawDesc,
NumEnums: 0,
NumMessages: 7,
NumMessages: 4,
NumExtensions: 0,
NumServices: 1,
NumServices: 0,
},
GoTypes: file_session_proto_goTypes,
DependencyIndexes: file_session_proto_depIdxs,
@ -657,119 +423,3 @@ func file_session_proto_init() {
file_session_proto_goTypes = nil
file_session_proto_depIdxs = nil
}
// Reference imports to suppress errors if they are not otherwise used.
var _ context.Context
var _ grpc.ClientConnInterface
// This is a compile-time assertion to ensure that this generated file
// is compatible with the grpc package it is being compiled against.
const _ = grpc.SupportPackageIsVersion6
// SessionServiceClient is the client API for SessionService service.
//
// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
type SessionServiceClient interface {
Add(ctx context.Context, in *AddRequest, opts ...grpc.CallOption) (*AddResponse, error)
Delete(ctx context.Context, in *DeleteRequest, opts ...grpc.CallOption) (*empty.Empty, error)
}
type sessionServiceClient struct {
cc grpc.ClientConnInterface
}
func NewSessionServiceClient(cc grpc.ClientConnInterface) SessionServiceClient {
return &sessionServiceClient{cc}
}
func (c *sessionServiceClient) Add(ctx context.Context, in *AddRequest, opts ...grpc.CallOption) (*AddResponse, error) {
out := new(AddResponse)
err := c.cc.Invoke(ctx, "/session.SessionService/Add", in, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
func (c *sessionServiceClient) Delete(ctx context.Context, in *DeleteRequest, opts ...grpc.CallOption) (*empty.Empty, error) {
out := new(empty.Empty)
err := c.cc.Invoke(ctx, "/session.SessionService/Delete", in, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
// SessionServiceServer is the server API for SessionService service.
type SessionServiceServer interface {
Add(context.Context, *AddRequest) (*AddResponse, error)
Delete(context.Context, *DeleteRequest) (*empty.Empty, error)
}
// UnimplementedSessionServiceServer can be embedded to have forward compatible implementations.
type UnimplementedSessionServiceServer struct {
}
func (*UnimplementedSessionServiceServer) Add(context.Context, *AddRequest) (*AddResponse, error) {
return nil, status.Errorf(codes.Unimplemented, "method Add not implemented")
}
func (*UnimplementedSessionServiceServer) Delete(context.Context, *DeleteRequest) (*empty.Empty, error) {
return nil, status.Errorf(codes.Unimplemented, "method Delete not implemented")
}
func RegisterSessionServiceServer(s *grpc.Server, srv SessionServiceServer) {
s.RegisterService(&_SessionService_serviceDesc, srv)
}
func _SessionService_Add_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
in := new(AddRequest)
if err := dec(in); err != nil {
return nil, err
}
if interceptor == nil {
return srv.(SessionServiceServer).Add(ctx, in)
}
info := &grpc.UnaryServerInfo{
Server: srv,
FullMethod: "/session.SessionService/Add",
}
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
return srv.(SessionServiceServer).Add(ctx, req.(*AddRequest))
}
return interceptor(ctx, in, info, handler)
}
func _SessionService_Delete_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
in := new(DeleteRequest)
if err := dec(in); err != nil {
return nil, err
}
if interceptor == nil {
return srv.(SessionServiceServer).Delete(ctx, in)
}
info := &grpc.UnaryServerInfo{
Server: srv,
FullMethod: "/session.SessionService/Delete",
}
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
return srv.(SessionServiceServer).Delete(ctx, req.(*DeleteRequest))
}
return interceptor(ctx, in, info, handler)
}
var _SessionService_serviceDesc = grpc.ServiceDesc{
ServiceName: "session.SessionService",
HandlerType: (*SessionServiceServer)(nil),
Methods: []grpc.MethodDesc{
{
MethodName: "Add",
Handler: _SessionService_Add_Handler,
},
{
MethodName: "Delete",
Handler: _SessionService_Delete_Handler,
},
},
Streams: []grpc.StreamDesc{},
Metadata: "session.proto",
}

15
pkg/grpc/session/session.proto
View file

@ -4,7 +4,6 @@ package session;
option go_package = "github.com/pomerium/pomerium/pkg/grpc/session";
import "google/protobuf/any.proto";
import "google/protobuf/empty.proto";
import "google/protobuf/timestamp.proto";
message IDToken {
@ -26,21 +25,7 @@ message Session {
string id = 2;
string user_id = 3;
google.protobuf.Timestamp expires_at = 4;
google.protobuf.Timestamp deleted_at = 5;
IDToken id_token = 6;
OAuthToken oauth_token = 7;
map<string, google.protobuf.Any> claims = 8;
}
message AddRequest { Session session = 1; }
message AddResponse {
Session session = 1;
string server_version = 2;
}
message DeleteRequest { string id = 1; }
service SessionService {
rpc Add(AddRequest) returns (AddResponse);
rpc Delete(DeleteRequest) returns (google.protobuf.Empty);
}

20
pkg/grpc/user/user.go
View file

@ -3,8 +3,10 @@ package user
import (
context "context"
"fmt"
"github.com/golang/protobuf/ptypes"
"google.golang.org/protobuf/types/known/anypb"
"github.com/pomerium/pomerium/internal/protoutil"
"github.com/pomerium/pomerium/pkg/grpc/databroker"
@ -19,13 +21,13 @@ func Get(ctx context.Context, client databroker.DataBrokerServiceClient, userID
Id: userID,
})
if err != nil {
return nil, err
return nil, fmt.Errorf("error getting user from databroker: %w", err)
}
var u User
err = ptypes.UnmarshalAny(res.GetRecord().GetData(), &u)
if err != nil {
return nil, err
return nil, fmt.Errorf("error unmarshaling user from databroker: %w", err)
}
return &u, nil
}
@ -34,3 +36,17 @@ func Get(ctx context.Context, client databroker.DataBrokerServiceClient, userID
func (user *User) GetClaim(claim string) interface{} {
return protoutil.AnyToInterface(user.GetClaims()[claim])
}
// Set sets a user in the databroker.
func Set(ctx context.Context, client databroker.DataBrokerServiceClient, u *User) (*databroker.Record, error) {
any, _ := anypb.New(u)
res, err := client.Set(ctx, &databroker.SetRequest{
Type: any.GetTypeUrl(),
Id: u.Id,
Data: any,
})
if err != nil {
return nil, fmt.Errorf("error setting user in databroker: %w", err)
}
return res.GetRecord(), nil
}

261
pkg/grpc/user/user.pb.go
View file

@ -7,14 +7,8 @@
package user
import (
context "context"
proto "github.com/golang/protobuf/proto"
any "github.com/golang/protobuf/ptypes/any"
empty "github.com/golang/protobuf/ptypes/empty"
timestamp "github.com/golang/protobuf/ptypes/timestamp"
grpc "google.golang.org/grpc"
codes "google.golang.org/grpc/codes"
status "google.golang.org/grpc/status"
protoreflect "google.golang.org/protobuf/reflect/protoreflect"
protoimpl "google.golang.org/protobuf/runtime/protoimpl"
reflect "reflect"
@ -41,9 +35,6 @@ type User struct {
Id string `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"`
Name string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"`
Email string `protobuf:"bytes,4,opt,name=email,proto3" json:"email,omitempty"`
CreatedAt *timestamp.Timestamp `protobuf:"bytes,5,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"`
ModifiedAt *timestamp.Timestamp `protobuf:"bytes,6,opt,name=modified_at,json=modifiedAt,proto3" json:"modified_at,omitempty"`
DeletedAt *timestamp.Timestamp `protobuf:"bytes,7,opt,name=deleted_at,json=deletedAt,proto3" json:"deleted_at,omitempty"`
Claims map[string]*any.Any `protobuf:"bytes,8,rep,name=claims,proto3" json:"claims,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
}
@ -107,27 +98,6 @@ func (x *User) GetEmail() string {
return ""
}
func (x *User) GetCreatedAt() *timestamp.Timestamp {
if x != nil {
return x.CreatedAt
}
return nil
}
func (x *User) GetModifiedAt() *timestamp.Timestamp {
if x != nil {
return x.ModifiedAt
}
return nil
}
func (x *User) GetDeletedAt() *timestamp.Timestamp {
if x != nil {
return x.DeletedAt
}
return nil
}
func (x *User) GetClaims() map[string]*any.Any {
if x != nil {
return x.Claims
@ -135,98 +105,30 @@ func (x *User) GetClaims() map[string]*any.Any {
return nil
}
type AddRequest struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
User *User `protobuf:"bytes,1,opt,name=user,proto3" json:"user,omitempty"`
}
func (x *AddRequest) Reset() {
*x = AddRequest{}
if protoimpl.UnsafeEnabled {
mi := &file_user_proto_msgTypes[1]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
}
func (x *AddRequest) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*AddRequest) ProtoMessage() {}
func (x *AddRequest) ProtoReflect() protoreflect.Message {
mi := &file_user_proto_msgTypes[1]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use AddRequest.ProtoReflect.Descriptor instead.
func (*AddRequest) Descriptor() ([]byte, []int) {
return file_user_proto_rawDescGZIP(), []int{1}
}
func (x *AddRequest) GetUser() *User {
if x != nil {
return x.User
}
return nil
}
var File_user_proto protoreflect.FileDescriptor
var file_user_proto_rawDesc = []byte{
0x0a, 0x0a, 0x75, 0x73, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x04, 0x75, 0x73,
0x65, 0x72, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1b, 0x67,
0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x65,
0x6d, 0x70, 0x74, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x67, 0x6f, 0x6f, 0x67,
0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x74, 0x69, 0x6d, 0x65,
0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x8e, 0x03, 0x0a, 0x04,
0x55, 0x73, 0x65, 0x72, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18,
0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x0e,
0x0a, 0x02, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x12,
0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61,
0x6d, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28,
0x09, 0x52, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x12, 0x39, 0x0a, 0x0a, 0x63, 0x72, 0x65, 0x61,
0x74, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67,
0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54,
0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65,
0x64, 0x41, 0x74, 0x12, 0x3b, 0x0a, 0x0b, 0x6d, 0x6f, 0x64, 0x69, 0x66, 0x69, 0x65, 0x64, 0x5f,
0x61, 0x74, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73,
0x74, 0x61, 0x6d, 0x70, 0x52, 0x0a, 0x6d, 0x6f, 0x64, 0x69, 0x66, 0x69, 0x65, 0x64, 0x41, 0x74,
0x12, 0x39, 0x0a, 0x0a, 0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x07,
0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70,
0x52, 0x09, 0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x64, 0x41, 0x74, 0x12, 0x2e, 0x0a, 0x06, 0x63,
0x6c, 0x61, 0x69, 0x6d, 0x73, 0x18, 0x08, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x75, 0x73,
0x65, 0x72, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x2e, 0x43, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x45, 0x6e,
0x74, 0x72, 0x79, 0x52, 0x06, 0x63, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x1a, 0x4f, 0x0a, 0x0b, 0x43,
0x6c, 0x61, 0x69, 0x6d, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65,
0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x2a, 0x0a, 0x05,
0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f,
0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e,
0x79, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x2c, 0x0a, 0x0a,
0x41, 0x64, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1e, 0x0a, 0x04, 0x75, 0x73,
0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0a, 0x2e, 0x75, 0x73, 0x65, 0x72, 0x2e,
0x55, 0x73, 0x65, 0x72, 0x52, 0x04, 0x75, 0x73, 0x65, 0x72, 0x32, 0x3e, 0x0a, 0x0b, 0x55, 0x73,
0x65, 0x72, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x2f, 0x0a, 0x03, 0x41, 0x64, 0x64,
0x12, 0x10, 0x2e, 0x75, 0x73, 0x65, 0x72, 0x2e, 0x41, 0x64, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65,
0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x42, 0x2c, 0x5a, 0x2a, 0x67, 0x69,
0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69, 0x75,
0x6d, 0x2f, 0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69, 0x75, 0x6d, 0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x67,
0x72, 0x70, 0x63, 0x2f, 0x75, 0x73, 0x65, 0x72, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xdb, 0x01,
0x0a, 0x04, 0x55, 0x73, 0x65, 0x72, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f,
0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e,
0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64,
0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04,
0x6e, 0x61, 0x6d, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x18, 0x04, 0x20,
0x01, 0x28, 0x09, 0x52, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x12, 0x2e, 0x0a, 0x06, 0x63, 0x6c,
0x61, 0x69, 0x6d, 0x73, 0x18, 0x08, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x75, 0x73, 0x65,
0x72, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x2e, 0x43, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x45, 0x6e, 0x74,
0x72, 0x79, 0x52, 0x06, 0x63, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x1a, 0x4f, 0x0a, 0x0b, 0x43, 0x6c,
0x61, 0x69, 0x6d, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79,
0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x2a, 0x0a, 0x05, 0x76,
0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f,
0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79,
0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x42, 0x2c, 0x5a, 0x2a, 0x67,
0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69,
0x75, 0x6d, 0x2f, 0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69, 0x75, 0x6d, 0x2f, 0x70, 0x6b, 0x67, 0x2f,
0x67, 0x72, 0x70, 0x63, 0x2f, 0x75, 0x73, 0x65, 0x72, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f,
0x33,
}
var (
@ -241,29 +143,20 @@ func file_user_proto_rawDescGZIP() []byte {
return file_user_proto_rawDescData
}
var file_user_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
var file_user_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
var file_user_proto_goTypes = []interface{}{
(*User)(nil), // 0: user.User
(*AddRequest)(nil), // 1: user.AddRequest
nil, // 2: user.User.ClaimsEntry
(*timestamp.Timestamp)(nil), // 3: google.protobuf.Timestamp
(*any.Any)(nil), // 4: google.protobuf.Any
(*empty.Empty)(nil), // 5: google.protobuf.Empty
nil, // 1: user.User.ClaimsEntry
(*any.Any)(nil), // 2: google.protobuf.Any
}
var file_user_proto_depIdxs = []int32{
3, // 0: user.User.created_at:type_name -> google.protobuf.Timestamp
3, // 1: user.User.modified_at:type_name -> google.protobuf.Timestamp
3, // 2: user.User.deleted_at:type_name -> google.protobuf.Timestamp
2, // 3: user.User.claims:type_name -> user.User.ClaimsEntry
0, // 4: user.AddRequest.user:type_name -> user.User
4, // 5: user.User.ClaimsEntry.value:type_name -> google.protobuf.Any
1, // 6: user.UserService.Add:input_type -> user.AddRequest
5, // 7: user.UserService.Add:output_type -> google.protobuf.Empty
7, // [7:8] is the sub-list for method output_type
6, // [6:7] is the sub-list for method input_type
6, // [6:6] is the sub-list for extension type_name
6, // [6:6] is the sub-list for extension extendee
0, // [0:6] is the sub-list for field type_name
1, // 0: user.User.claims:type_name -> user.User.ClaimsEntry
2, // 1: user.User.ClaimsEntry.value:type_name -> google.protobuf.Any
2, // [2:2] is the sub-list for method output_type
2, // [2:2] is the sub-list for method input_type
2, // [2:2] is the sub-list for extension type_name
2, // [2:2] is the sub-list for extension extendee
0, // [0:2] is the sub-list for field type_name
}
func init() { file_user_proto_init() }
@ -284,18 +177,6 @@ func file_user_proto_init() {
return nil
}
}
file_user_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*AddRequest); i {
case 0:
return &v.state
case 1:
return &v.sizeCache
case 2:
return &v.unknownFields
default:
return nil
}
}
}
type x struct{}
out := protoimpl.TypeBuilder{
@ -303,9 +184,9 @@ func file_user_proto_init() {
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
RawDescriptor: file_user_proto_rawDesc,
NumEnums: 0,
NumMessages: 3,
NumMessages: 2,
NumExtensions: 0,
NumServices: 1,
NumServices: 0,
},
GoTypes: file_user_proto_goTypes,
DependencyIndexes: file_user_proto_depIdxs,
@ -316,83 +197,3 @@ func file_user_proto_init() {
file_user_proto_goTypes = nil
file_user_proto_depIdxs = nil
}
// Reference imports to suppress errors if they are not otherwise used.
var _ context.Context
var _ grpc.ClientConnInterface
// This is a compile-time assertion to ensure that this generated file
// is compatible with the grpc package it is being compiled against.
const _ = grpc.SupportPackageIsVersion6
// UserServiceClient is the client API for UserService service.
//
// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
type UserServiceClient interface {
Add(ctx context.Context, in *AddRequest, opts ...grpc.CallOption) (*empty.Empty, error)
}
type userServiceClient struct {
cc grpc.ClientConnInterface
}
func NewUserServiceClient(cc grpc.ClientConnInterface) UserServiceClient {
return &userServiceClient{cc}
}
func (c *userServiceClient) Add(ctx context.Context, in *AddRequest, opts ...grpc.CallOption) (*empty.Empty, error) {
out := new(empty.Empty)
err := c.cc.Invoke(ctx, "/user.UserService/Add", in, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
// UserServiceServer is the server API for UserService service.
type UserServiceServer interface {
Add(context.Context, *AddRequest) (*empty.Empty, error)
}
// UnimplementedUserServiceServer can be embedded to have forward compatible implementations.
type UnimplementedUserServiceServer struct {
}
func (*UnimplementedUserServiceServer) Add(context.Context, *AddRequest) (*empty.Empty, error) {
return nil, status.Errorf(codes.Unimplemented, "method Add not implemented")
}
func RegisterUserServiceServer(s *grpc.Server, srv UserServiceServer) {
s.RegisterService(&_UserService_serviceDesc, srv)
}
func _UserService_Add_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
in := new(AddRequest)
if err := dec(in); err != nil {
return nil, err
}
if interceptor == nil {
return srv.(UserServiceServer).Add(ctx, in)
}
info := &grpc.UnaryServerInfo{
Server: srv,
FullMethod: "/user.UserService/Add",
}
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
return srv.(UserServiceServer).Add(ctx, req.(*AddRequest))
}
return interceptor(ctx, in, info, handler)
}
var _UserService_serviceDesc = grpc.ServiceDesc{
ServiceName: "user.UserService",
HandlerType: (*UserServiceServer)(nil),
Methods: []grpc.MethodDesc{
{
MethodName: "Add",
Handler: _UserService_Add_Handler,
},
},
Streams: []grpc.StreamDesc{},
Metadata: "user.proto",
}

9
pkg/grpc/user/user.proto
View file

@ -4,20 +4,11 @@ package user;
option go_package = "github.com/pomerium/pomerium/pkg/grpc/user";
import "google/protobuf/any.proto";
import "google/protobuf/empty.proto";
import "google/protobuf/timestamp.proto";
message User {
string version = 1;
string id = 2;
string name = 3;
string email = 4;
google.protobuf.Timestamp created_at = 5;
google.protobuf.Timestamp modified_at = 6;
google.protobuf.Timestamp deleted_at = 7;
map<string, google.protobuf.Any> claims = 8;
}
message AddRequest { User user = 1; }
service UserService { rpc Add(AddRequest) returns (google.protobuf.Empty); }