authorize: remove DataBrokerData (#1846)

* authorize: remove DataBrokerData * fix method name
2025-08-04 09:19:39 +02:00 · 2021-02-02 11:40:21 -07:00 · 2021-02-02 11:40:21 -07:00 · eed873b263
commit eed873b263
parent 2f3c73baf3
10 changed files with 263 additions and 322 deletions
--- a/authorize/evaluator/store.go
+++ b/authorize/evaluator/store.go
@ -2,10 +2,15 @@ package evaluator

 import (
 	"context"
+	"encoding/json"
 	"fmt"

+	"github.com/google/uuid"
 	"github.com/open-policy-agent/opa/storage"
 	"github.com/open-policy-agent/opa/storage/inmem"
+	"google.golang.org/protobuf/proto"
+	"google.golang.org/protobuf/types/known/anypb"
+	"google.golang.org/protobuf/types/known/timestamppb"

 	"github.com/pomerium/pomerium/config"
 	"github.com/pomerium/pomerium/internal/log"
@ -24,12 +29,66 @@ func NewStore() *Store {
 	}
 }

+// NewStoreFromProtos creates a new Store from an existing set of protobuf messages.
+func NewStoreFromProtos(msgs ...proto.Message) *Store {
+	s := NewStore()
+	for _, msg := range msgs {
+		any, err := anypb.New(msg)
+		if err != nil {
+			continue
+		}
+
+		record := new(databroker.Record)
+		record.CreatedAt = timestamppb.Now()
+		record.ModifiedAt = timestamppb.Now()
+		record.Version = uuid.New().String()
+		record.Id = uuid.New().String()
+		record.Data = any
+		record.Type = any.TypeUrl
+		if hasID, ok := msg.(interface{ GetId() string }); ok {
+			record.Id = hasID.GetId()
+		}
+
+		s.UpdateRecord(record)
+	}
+	return s
+}
+
 // ClearRecords removes all the records from the store.
 func (s *Store) ClearRecords(typeURL string) {
 	rawPath := fmt.Sprintf("/databroker_data/%s", typeURL)
 	s.delete(rawPath)
 }

+// GetRecordData gets a record's data from the store. `nil` is returned
+// if no record exists for the given type and id.
+func (s *Store) GetRecordData(typeURL, id string) proto.Message {
+	rawPath := fmt.Sprintf("/databroker_data/%s/%s", typeURL, id)
+	data := s.get(rawPath)
+	if data == nil {
+		return nil
+	}
+
+	any := anypb.Any{
+		TypeUrl: typeURL,
+	}
+	msg, err := any.UnmarshalNew()
+	if err != nil {
+		return nil
+	}
+
+	bs, err := json.Marshal(data)
+	if err != nil {
+		return nil
+	}
+	err = json.Unmarshal(bs, &msg)
+	if err != nil {
+		return nil
+	}
+
+	return msg
+}
+
 // UpdateRoutePolicies updates the route policies in the store.
 func (s *Store) UpdateRoutePolicies(routePolicies []config.Policy) {
 	s.write("/route_policies", routePolicies)
@ -85,6 +144,27 @@ func (s *Store) delete(rawPath string) {
 	}
 }

+func (s *Store) get(rawPath string) (value interface{}) {
+	p, ok := storage.ParsePath(rawPath)
+	if !ok {
+		log.Error().
+			Str("path", rawPath).
+			Msg("opa-store: invalid path, ignoring data")
+		return nil
+	}
+
+	var err error
+	value, err = storage.ReadOne(context.Background(), s.opaStore, p)
+	if storage.IsNotFound(err) {
+		return nil
+	} else if err != nil {
+		log.Error().Err(err).Msg("opa-store: error reading data")
+		return nil
+	}
+
+	return value
+}
+
 func (s *Store) write(rawPath string, value interface{}) {
 	p, ok := storage.ParsePath(rawPath)
 	if !ok {