-
Notifications
You must be signed in to change notification settings - Fork 2.5k
/
Copy pathuaa.go
84 lines (69 loc) · 2.29 KB
/
uaa.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
// Copyright The OpenTelemetry Authors
// SPDX-License-Identifier: Apache-2.0
package cloudfoundryreceiver // import "github.com/open-telemetry/opentelemetry-collector-contrib/receiver/cloudfoundryreceiver"
import (
"fmt"
"sync"
"time"
"github.com/cloudfoundry-incubator/uaago"
"go.uber.org/zap"
)
const (
// time added to expiration time to reduce chance of using expired token due to network latency
expirationTimeBuffer = -5 * time.Second
)
type UAATokenProvider struct {
client *uaago.Client
logger *zap.Logger
username string
password string
tlsSkipVerify bool
cachedToken string
expirationTime *time.Time
mutex *sync.Mutex
}
func newUAATokenProvider(logger *zap.Logger, config LimitedClientConfig, username string, password string) (*UAATokenProvider, error) {
client, err := uaago.NewClient(config.Endpoint)
if err != nil {
return nil, err
}
logger.Debug(fmt.Sprintf("creating new cloud foundry UAA token client with url %s username %s", config.Endpoint, username))
return &UAATokenProvider{
logger: logger,
client: client,
username: username,
password: password,
tlsSkipVerify: config.TLSSetting.InsecureSkipVerify,
cachedToken: "",
expirationTime: nil,
mutex: &sync.Mutex{},
}, nil
}
func (utp *UAATokenProvider) ProvideToken() (string, error) {
utp.mutex.Lock()
defer utp.mutex.Unlock()
now := time.Now()
if utp.expirationTime != nil {
if utp.expirationTime.Before(now) {
utp.logger.Debug("cloud foundry UAA token has expired")
utp.cachedToken = ""
}
}
if utp.cachedToken != "" {
return utp.cachedToken, nil
}
token, expiresInSeconds, err := utp.client.GetAuthTokenWithExpiresIn(utp.username, utp.password, utp.tlsSkipVerify)
if err != nil {
return "", fmt.Errorf("get auth token from UAA: %w", err)
}
if expiresInSeconds > 0 {
expirationTime := now.Add(time.Duration(int64(expiresInSeconds) * time.Second.Nanoseconds())).Add(expirationTimeBuffer)
utp.expirationTime = &expirationTime
utp.logger.Debug(fmt.Sprintf("received new cloud foundry UAA token which expires in %d seconds", expiresInSeconds))
} else {
utp.expirationTime = nil
utp.logger.Debug("received new cloud foundry UAA token with no expiration time")
}
utp.cachedToken = token
return token, nil
}