From 7fa384c47c7a97db7f667797bfc8e1ea78167f39 Mon Sep 17 00:00:00 2001 From: Greg Steuck Date: Wed, 28 Jul 2021 12:43:45 -0700 Subject: pkg/auth: move jwt to auth to be shared by syz-hub clients --- dashboard/dashapi/dashapi.go | 34 ++++++++++++++++++++++++++++------ 1 file changed, 28 insertions(+), 6 deletions(-) (limited to 'dashboard/dashapi/dashapi.go') diff --git a/dashboard/dashapi/dashapi.go b/dashboard/dashapi/dashapi.go index d36adaa68..b583f893d 100644 --- a/dashboard/dashapi/dashapi.go +++ b/dashboard/dashapi/dashapi.go @@ -17,7 +17,10 @@ import ( "net/url" "reflect" "strings" + "sync" "time" + + "github.com/google/syzkaller/pkg/auth" ) type Dashboard struct { @@ -45,11 +48,11 @@ type ( func NewCustom(client, addr, key string, ctor RequestCtor, doer RequestDoer, logger RequestLogger, errorHandler func(error)) (*Dashboard, error) { if key == "" { - token, err := retrieveJwtToken(ctor, doer) + token, err := auth.RetrieveJwtToken(ctor, doer) if err != nil { return nil, err } - doer = atachJwtToken(ctor, doer, token) + doer = attachJwtToken(ctor, doer, token) } return &Dashboard{ Client: client, @@ -62,6 +65,29 @@ func NewCustom(client, addr, key string, ctor RequestCtor, doer RequestDoer, }, nil } +// Augments the given doer with an authorization header carrying the +// given token. The token gets refreshed when it becomes stale. +func attachJwtToken(ctor RequestCtor, doer RequestDoer, token *auth.ExpiringToken) RequestDoer { + lock := sync.Mutex{} + return func(req *http.Request) (*http.Response, error) { + lock.Lock() + if token.Expiration.Before(time.Now()) { + // Keeping the lock while making http request is dubious, but + // making multiple concurrent requests is not any better. + t, err := auth.RetrieveJwtToken(ctor, doer) + if err != nil { + // Can't get a new token, so returning the error preemptively. + lock.Unlock() + return nil, err + } + *token = *t + } + req.Header.Add("Authorization", "Bearer "+token.Token) + lock.Unlock() + return doer(req) + } +} + // Build describes all aspects of a kernel build. type Build struct { Manager string @@ -570,10 +596,6 @@ const ( ReportBisectFix // Fix bisection result for an already reported bug. ) -const ( - DashboardAudience = "https://syzkaller.appspot.com/api" -) - func (dash *Dashboard) Query(method string, req, reply interface{}) error { if dash.logger != nil { dash.logger("API(%v): %#v", method, req) -- cgit mrf-deployment