authenticate: add databroker versions to session cookie (#2709)

* authenticate: add databroker versions to session cookie authorize: wait for databroker synchronization on updated sessions * fix test
2025-05-22 13:37:19 +02:00 · 2021-10-26 14:45:53 -06:00 · 2021-10-26 14:45:53 -06:00 · d390e80b30
commit d390e80b30
parent b2c76c3816
6 changed files with 192 additions and 32 deletions
--- a/authorize/sync_test.go
+++ b/authorize/sync_test.go
@ -19,6 +19,43 @@ import (
 	"github.com/pomerium/pomerium/pkg/protoutil"
 )

+func TestAuthorize_forceSyncToVersion(t *testing.T) {
+	o := &config.Options{
+		AuthenticateURLString: "https://authN.example.com",
+		DataBrokerURLString:   "https://databroker.example.com",
+		SharedKey:             "gXK6ggrlIW2HyKyUF9rUO4azrDgxhDPWqw9y+lJU7B8=",
+		Policies:              testPolicies(t),
+	}
+	a, err := New(&config.Config{Options: o})
+	require.NoError(t, err)
+
+	a.store.UpdateRecord(1, &databroker.Record{
+		Version: 1,
+	})
+	t.Run("ready", func(t *testing.T) {
+		ctx, cancel := context.WithCancel(context.Background())
+		cancel()
+		assert.True(t, a.forceSyncToVersion(ctx, 1, 1))
+	})
+	t.Run("not ready", func(t *testing.T) {
+		ctx, cancel := context.WithCancel(context.Background())
+		cancel()
+		assert.False(t, a.forceSyncToVersion(ctx, 1, 2))
+	})
+	t.Run("becomes ready", func(t *testing.T) {
+		ctx, clearTimeout := context.WithTimeout(context.Background(), time.Second*10)
+		defer clearTimeout()
+
+		go func() {
+			<-time.After(time.Millisecond * 100)
+			a.store.UpdateRecord(1, &databroker.Record{
+				Version: 2,
+			})
+		}()
+		assert.True(t, a.forceSyncToVersion(ctx, 1, 2))
+	})
+}
+
 func TestAuthorize_waitForRecordSync(t *testing.T) {
 	ctx, clearTimeout := context.WithTimeout(context.Background(), time.Second*30)
 	defer clearTimeout()