feature/databroker: user data and session refactor project (#926)

* databroker: add databroker, identity manager, update cache (#864) * databroker: add databroker, identity manager, update cache * fix cache tests * directory service (#885) * directory: add google and okta * add onelogin * add directory provider * initialize before sync, upate google provider, remove dead code * add azure provider * fix azure provider * fix gitlab * add gitlab test, fix azure test * hook up okta * remove dead code * fix tests * fix flaky test * authorize: use databroker data for rego policy (#904) * wip * add directory provider * initialize before sync, upate google provider, remove dead code * fix flaky test * update authorize to use databroker data * implement signed jwt * wait for session and user to appear * fix test * directory service (#885) * directory: add google and okta * add onelogin * add directory provider * initialize before sync, upate google provider, remove dead code * add azure provider * fix azure provider * fix gitlab * add gitlab test, fix azure test * hook up okta * remove dead code * fix tests * fix flaky test * remove log line * only redirect when no session id exists * prepare rego query as part of create * return on ctx done * retry on disconnect for sync * move jwt signing * use != * use parent ctx for wait * remove session state, remove logs * rename function * add log message * pre-allocate slice * use errgroup * return nil on eof for sync * move check * disable timeout on gRPC requests in envoy * fix gitlab test * use v4 backoff * authenticate: databroker changes (#914) * wip * add directory provider * initialize before sync, upate google provider, remove dead code * fix flaky test * update authorize to use databroker data * implement signed jwt * wait for session and user to appear * fix test * directory service (#885) * directory: add google and okta * add onelogin * add directory provider * initialize before sync, upate google provider, remove dead code * add azure provider * fix azure provider * fix gitlab * add gitlab test, fix azure test * hook up okta * remove dead code * fix tests * fix flaky test * remove log line * only redirect when no session id exists * prepare rego query as part of create * return on ctx done * retry on disconnect for sync * move jwt signing * use != * use parent ctx for wait * remove session state, remove logs * rename function * add log message * pre-allocate slice * use errgroup * return nil on eof for sync * move check * disable timeout on gRPC requests in envoy * fix dashboard * delete session on logout * permanently delete sessions once they are marked as deleted * remove permanent delete * fix tests * remove groups and refresh test * databroker: remove dead code, rename cache url, move dashboard (#925) * wip * add directory provider * initialize before sync, upate google provider, remove dead code * fix flaky test * update authorize to use databroker data * implement signed jwt * wait for session and user to appear * fix test * directory service (#885) * directory: add google and okta * add onelogin * add directory provider * initialize before sync, upate google provider, remove dead code * add azure provider * fix azure provider * fix gitlab * add gitlab test, fix azure test * hook up okta * remove dead code * fix tests * fix flaky test * remove log line * only redirect when no session id exists * prepare rego query as part of create * return on ctx done * retry on disconnect for sync * move jwt signing * use != * use parent ctx for wait * remove session state, remove logs * rename function * add log message * pre-allocate slice * use errgroup * return nil on eof for sync * move check * disable timeout on gRPC requests in envoy * fix dashboard * delete session on logout * permanently delete sessions once they are marked as deleted * remove permanent delete * fix tests * remove cache service * remove kv * remove refresh docs * remove obsolete cache docs * add databroker url option * cache: use memberlist to detect multiple instances * add databroker service url * remove cache service * remove kv * remove refresh docs * remove obsolete cache docs * add databroker url option * cache: use memberlist to detect multiple instances * add databroker service url * wip * remove groups and refresh test * fix redirect, signout * remove databroker client from proxy * remove unused method * remove user dashboard test * handle missing session ids * session: reject sessions with no id * sessions: invalidate old sessions via databroker server version (#930) * session: add a version field tied to the databroker server version that can be used to invalidate sessions * fix tests * add log * authenticate: create user record immediately, call "get" directly in authorize (#931)
2025-08-03 00:40:25 +02:00 · 2020-06-19 07:52:44 -06:00 · 2020-06-19 07:52:44 -06:00 · dbd7f55b20
commit dbd7f55b20
parent 39cdb31170
115 changed files with 8479 additions and 3584 deletions
--- a/proxy/handlers.go
+++ b/proxy/handlers.go
@ -18,7 +18,7 @@ import (

 // registerDashboardHandlers returns the proxy service's ServeMux
 func (p *Proxy) registerDashboardHandlers(r *mux.Router) *mux.Router {
-	h := r.PathPrefix(dashboardURL).Subrouter()
+	h := r.PathPrefix(dashboardPath).Subrouter()
 	h.Use(middleware.SetHeaders(httputil.HeadersContentSecurityPolicy))
 	// 1. Retrieve the user session and add it to the request context
 	h.Use(sessions.RetrieveSession(p.sessionStore))
@ -32,7 +32,7 @@ func (p *Proxy) registerDashboardHandlers(r *mux.Router) *mux.Router {
 		csrf.ErrorHandler(httputil.HandlerFunc(httputil.CSRFFailureHandler)),
 	))
 	// dashboard endpoints can be used by user's to view, or modify their session
-	h.Path("/").Handler(httputil.HandlerFunc(p.UserDashboard)).Methods(http.MethodGet)
+	h.Path("/").HandlerFunc(p.UserDashboard).Methods(http.MethodGet)
 	h.Path("/sign_out").HandlerFunc(p.SignOut).Methods(http.MethodGet, http.MethodPost)
 	// admin endpoints authorization is also delegated to authorizer service
 	admin := h.PathPrefix("/admin").Subrouter()
@ -41,7 +41,7 @@ func (p *Proxy) registerDashboardHandlers(r *mux.Router) *mux.Router {
 	// Authenticate service callback handlers and middleware
 	// callback used to set route-scoped session and redirect back to destination
 	// only accept signed requests (hmac) from other trusted pomerium services
-	c := r.PathPrefix(dashboardURL + "/callback").Subrouter()
+	c := r.PathPrefix(dashboardPath + "/callback").Subrouter()
 	c.Use(middleware.ValidateSignature(p.SharedKey))

 	c.Path("/").
@ -51,7 +51,7 @@ func (p *Proxy) registerDashboardHandlers(r *mux.Router) *mux.Router {

 	c.Path("/").Handler(httputil.HandlerFunc(p.Callback)).Methods(http.MethodGet)
 	// Programmatic API handlers and middleware
-	a := r.PathPrefix(dashboardURL + "/api").Subrouter()
+	a := r.PathPrefix(dashboardPath + "/api").Subrouter()
 	// login api handler generates a user-navigable login url to authenticate
 	a.Path("/v1/login").Handler(httputil.HandlerFunc(p.ProgrammaticLogin)).
 		Queries(urlutil.QueryRedirectURI, "").
@ -85,28 +85,19 @@ func (p *Proxy) SignOut(w http.ResponseWriter, r *http.Request) {
 	httputil.Redirect(w, r, urlutil.NewSignedURL(p.SharedKey, &signoutURL).String(), http.StatusFound)
 }

-// UserDashboard lets users investigate, and refresh their current session.
-// It also contains certain administrative actions like user impersonation.
-//
-// Nota bene: This endpoint does authentication, not authorization.
-func (p *Proxy) UserDashboard(w http.ResponseWriter, r *http.Request) error {
-	jwt, err := sessions.FromContext(r.Context())
-	if err != nil {
-		return err
-	}
-	var s sessions.State
-	if err := p.encoder.Unmarshal([]byte(jwt), &s); err != nil {
-		return httputil.NewError(http.StatusBadRequest, err)
+// UserDashboard redirects to the authenticate dasbhoard.
+func (p *Proxy) UserDashboard(w http.ResponseWriter, r *http.Request) {
+	redirectURL := urlutil.GetAbsoluteURL(r).String()
+	if ref := r.Header.Get(httputil.HeaderReferrer); ref != "" {
+		redirectURL = ref
 	}

-	p.templates.ExecuteTemplate(w, "dashboard.html", map[string]interface{}{
-		"Session":           s,
-		"csrfField":         csrf.TemplateField(r),
-		"ImpersonateAction": urlutil.QueryImpersonateAction,
-		"ImpersonateEmail":  urlutil.QueryImpersonateEmail,
-		"ImpersonateGroups": urlutil.QueryImpersonateGroups,
+	url := p.authenticateDashboardURL.ResolveReference(&url.URL{
+		RawQuery: url.Values{
+			urlutil.QueryRedirectURI: {redirectURL},
+		}.Encode(),
 	})
-	return nil
+	httputil.Redirect(w, r, url.String(), http.StatusFound)
 }

 // Impersonate takes the result of a form and adds user impersonation details
@ -114,7 +105,7 @@ func (p *Proxy) UserDashboard(w http.ResponseWriter, r *http.Request) error {
 // administrative user. Requests are redirected back to the user dashboard.
 func (p *Proxy) Impersonate(w http.ResponseWriter, r *http.Request) error {
 	redirectURL := urlutil.GetAbsoluteURL(r)
-	redirectURL.Path = dashboardURL // redirect back to the dashboard
+	redirectURL.Path = dashboardPath // redirect back to the dashboard
 	signinURL := *p.authenticateSigninURL
 	q := signinURL.Query()
 	q.Set(urlutil.QueryRedirectURI, redirectURL.String())
@ -168,7 +159,7 @@ func (p *Proxy) ProgrammaticLogin(w http.ResponseWriter, r *http.Request) error
 	}
 	signinURL := *p.authenticateSigninURL
 	callbackURI := urlutil.GetAbsoluteURL(r)
-	callbackURI.Path = dashboardURL + "/callback/"
+	callbackURI.Path = dashboardPath + "/callback/"
 	q := signinURL.Query()
 	q.Set(urlutil.QueryCallbackURI, callbackURI.String())
 	q.Set(urlutil.QueryRedirectURI, redirectURI.String())