Skip to content

Commit

Permalink
tokens, tokens, tokens... tokens all the way down (#820, #834)
Browse files Browse the repository at this point in the history
  • Loading branch information
@michaelquigley
michaelquigley committed Feb 4, 2025
1 parent 3a08a84 commit a71f9eb
Show file tree
Hide file tree
Showing 105 changed files with 504 additions and 505 deletions.
4 changes: 2 additions & 2 deletions cmd/zrok/accessPrivate.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -118,7 +118,7 @@ func (cmd *accessPrivateCommand) accessLocal(args []string, root env_core.Root)

auth := httptransport.APIKeyAuth("X-TOKEN", "header", root.Environment().Token)
req := share.NewAccessParams()
req.Body.ShrToken = shrToken
req.Body.ShareToken = shrToken
req.Body.EnvZID = root.Environment().ZitiIdentity

accessResp, err := zrok.Share.Access(req, auth)
Expand Down Expand Up @@ -321,7 +321,7 @@ func (cmd *accessPrivateCommand) shutdown(frontendName, envZId, shrToken string,
logrus.Infof("shutting down '%v'", shrToken)
req := share.NewUnaccessParams()
req.Body.FrontendToken = frontendName
req.Body.ShrToken = shrToken
req.Body.ShareToken = shrToken
req.Body.EnvZID = envZId
if _, err := zrok.Share.Unaccess(req, auth); err == nil {
logrus.Debugf("shutdown complete")
Expand Down
2 changes: 1 addition & 1 deletion cmd/zrok/invite.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ func (cmd *inviteCommand) run(_ *cobra.Command, _ []string) {

req := account.NewInviteParams()
req.Body.Email = email
req.Body.InvToken = invToken
req.Body.InviteToken = invToken
_, err = zrok.Account.Invite(req)
if err != nil {
cmd.endpointError(env.ApiEndpoint())
Expand Down
2 changes: 1 addition & 1 deletion cmd/zrok/modifyShare.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ func (cmd *modifyShareCommand) run(_ *cobra.Command, args []string) {

if len(cmd.addAccessGrants) > 0 || len(cmd.removeAccessGrants) > 0 {
req := share.NewUpdateShareParams()
req.Body.ShrToken = shrToken
req.Body.ShareToken = shrToken
req.Body.AddAccessGrants = cmd.addAccessGrants
req.Body.RemoveAccessGrants = cmd.removeAccessGrants
if _, err := zrok.Share.UpdateShare(req, auth); err != nil {
Expand Down
2 changes: 1 addition & 1 deletion cmd/zrok/release.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ func (cmd *releaseCommand) run(_ *cobra.Command, args []string) {
auth := httptransport.APIKeyAuth("X-TOKEN", "header", env.Environment().Token)
req := share.NewUnshareParams()
req.Body.EnvZID = env.Environment().ZitiIdentity
req.Body.ShrToken = shrToken
req.Body.ShareToken = shrToken
req.Body.Reserved = true
if _, err := zrok.Share.Unshare(req, auth); err != nil {
if !panicInstead {
Expand Down
6 changes: 3 additions & 3 deletions cmd/zrok/shareReserved.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@ func (cmd *shareReservedCommand) shareLocal(args []string, root env_core.Root) {
}
auth := httptransport.APIKeyAuth("X-TOKEN", "header", root.Environment().Token)
req := metadata.NewGetShareDetailParams()
req.ShrToken = shrToken
req.ShareToken = shrToken
resp, err := zrok.Metadata.GetShareDetail(req, auth)
if err != nil {
cmd.error("unable to retrieve reserved share", err)
Expand All @@ -132,7 +132,7 @@ func (cmd *shareReservedCommand) shareLocal(args []string, root env_core.Root) {

if resp.Payload.BackendProxyEndpoint != target {
upReq := share.NewUpdateShareParams()
upReq.Body.ShrToken = shrToken
upReq.Body.ShareToken = shrToken
upReq.Body.BackendProxyEndpoint = target
if _, err := zrok.Share.UpdateShare(upReq, auth); err != nil {
cmd.error("unable to update backend target", err)
Expand Down Expand Up @@ -320,7 +320,7 @@ func (cmd *shareReservedCommand) shareLocal(args []string, root env_core.Root) {
if cmd.subordinate {
data := make(map[string]interface{})
data[subordinate.MessageKey] = subordinate.BootMessage
data["token"] = resp.Payload.Token
data["token"] = resp.Payload.ShareToken
data["backend_mode"] = resp.Payload.BackendMode
data["share_mode"] = resp.Payload.ShareMode
if resp.Payload.FrontendEndpoint != "" {
Expand Down
4 changes: 2 additions & 2 deletions cmd/zrok/testLoopPublic.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -216,7 +216,7 @@ func (l *looper) startup() {
if err != nil {
panic(err)
}
l.shrToken = tunnelResp.Payload.ShrToken
l.shrToken = tunnelResp.Payload.ShareToken
l.proxyEndpoint = tunnelResp.Payload.FrontendProxyEndpoints[0]
}

Expand Down Expand Up @@ -283,7 +283,7 @@ func (l *looper) shutdown() {

req := share.NewUnshareParams()
req.Body.EnvZID = l.env.ZitiIdentity
req.Body.ShrToken = l.shrToken
req.Body.ShareToken = l.shrToken
if _, err := l.zrok.Share.Unshare(req, l.auth); err != nil {
logrus.Errorf("error shutting down looper #%d: %v", l.id, err)
}
Expand Down
2 changes: 1 addition & 1 deletion controller/access.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ func (h *accessHandler) Handle(params share.AccessParams, principal *rest_model_
return share.NewAccessNotFound()
}

shrToken := params.Body.ShrToken
shrToken := params.Body.ShareToken
shr, err := str.FindShareWithToken(shrToken, trx)
if err != nil {
logrus.Errorf("error finding share with token '%v': %v", shrToken, err)
Expand Down
2 changes: 1 addition & 1 deletion controller/environmentDetail.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ func (h *environmentDetailHandler) Handle(params metadata.GetEnvironmentDetailPa
sparkData = append(sparkData, &rest_model_zrok.SparkDataSample{Rx: float64(sparkRx[shr.Token][i]), Tx: float64(sparkTx[shr.Token][i])})
}
es.Shares = append(es.Shares, &rest_model_zrok.Share{
Token: shr.Token,
ShareToken: shr.Token,
ZID: shr.ZId,
ShareMode: shr.ShareMode,
BackendMode: shr.BackendMode,
Expand Down
2 changes: 1 addition & 1 deletion controller/frontendDetail.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ func (h *getFrontendDetailHandler) Handle(params metadata.GetFrontendDetailParam
logrus.Errorf("error getting share for frontend '%d': %v", fe.Id, err)
return metadata.NewGetFrontendDetailInternalServerError()
}
payload.ShrToken = shr.Token
payload.ShareToken = shr.Token
}
return metadata.NewGetFrontendDetailOK().WithPayload(payload)
}
4 changes: 2 additions & 2 deletions controller/invite.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,9 +43,9 @@ func (h *inviteHandler) Handle(params account.InviteParams) middleware.Responder
defer func() { _ = tx.Rollback() }()

if h.cfg.Invites != nil && h.cfg.Invites.TokenStrategy == "store" {
inviteToken, err := str.FindInviteTokenByToken(params.Body.InvToken, tx)
inviteToken, err := str.FindInviteTokenByToken(params.Body.InviteToken, tx)
if err != nil {
logrus.Errorf("cannot get invite token '%v' for '%v': %v", params.Body.InvToken, params.Body.Email, err)
logrus.Errorf("cannot get invite token '%v' for '%v': %v", params.Body.InviteToken, params.Body.Email, err)
return account.NewInviteBadRequest().WithPayload("missing invite token")
}
if err := str.DeleteInviteToken(inviteToken.Id, tx); err != nil {
Expand Down
6 changes: 3 additions & 3 deletions controller/metrics.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -165,9 +165,9 @@ func (h *getShareMetricsHandler) Handle(params metadata.GetShareMetricsParams, p
return metadata.NewGetEnvironmentMetricsInternalServerError()
}
defer func() { _ = trx.Rollback() }()
shr, err := str.FindShareWithToken(params.ShrToken, trx)
shr, err := str.FindShareWithToken(params.ShareToken, trx)
if err != nil {
logrus.Errorf("error finding share '%v' for '%v': %v", params.ShrToken, principal.Email, err)
logrus.Errorf("error finding share '%v' for '%v': %v", params.ShareToken, principal.Email, err)
return metadata.NewGetShareMetricsUnauthorized()
}
env, err := str.GetEnvironment(shr.EnvironmentId, trx)
Expand All @@ -176,7 +176,7 @@ func (h *getShareMetricsHandler) Handle(params metadata.GetShareMetricsParams, p
return metadata.NewGetShareMetricsUnauthorized()
}
if env.AccountId != nil && int64(*env.AccountId) != principal.ID {
logrus.Errorf("user '%v' does not own share '%v'", principal.Email, params.ShrToken)
logrus.Errorf("user '%v' does not own share '%v'", principal.Email, params.ShareToken)
return metadata.NewGetShareMetricsUnauthorized()
}

Expand Down
4 changes: 2 additions & 2 deletions controller/orgAccountOverview.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,7 @@ func (h *orgAccountOverviewHandler) Handle(params metadata.OrgAccountOverviewPar
beProxyEndpoint = *shr.BackendProxyEndpoint
}
envShr := &rest_model_zrok.Share{
Token: shr.Token,
ShareToken: shr.Token,
ZID: shr.ZId,
ShareMode: shr.ShareMode,
BackendMode: shr.BackendMode,
Expand Down Expand Up @@ -132,7 +132,7 @@ func (h *orgAccountOverviewHandler) Handle(params metadata.OrgAccountOverviewPar
logrus.Errorf("error getting share for frontend '%v': %v", fe.ZId, err)
return metadata.NewOverviewInternalServerError()
}
envFe.ShrToken = feShr.Token
envFe.ShareToken = feShr.Token
}
ear.Frontends = append(ear.Frontends, envFe)
}
Expand Down
4 changes: 2 additions & 2 deletions controller/overview.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ func (h *overviewHandler) Handle(_ metadata.OverviewParams, principal *rest_mode
beProxyEndpoint = *shr.BackendProxyEndpoint
}
envShr := &rest_model_zrok.Share{
Token: shr.Token,
ShareToken: shr.Token,
ZID: shr.ZId,
ShareMode: shr.ShareMode,
BackendMode: shr.BackendMode,
Expand Down Expand Up @@ -98,7 +98,7 @@ func (h *overviewHandler) Handle(_ metadata.OverviewParams, principal *rest_mode
logrus.Errorf("error getting share for frontend '%v': %v", fe.ZId, err)
return metadata.NewOverviewInternalServerError()
}
envFe.ShrToken = feShr.Token
envFe.ShareToken = feShr.Token
}
ear.Frontends = append(ear.Frontends, envFe)
}
Expand Down
22 changes: 11 additions & 11 deletions controller/register.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,39 +19,39 @@ func newRegisterHandler(cfg *config.Config) *registerHandler {
}
}
func (h *registerHandler) Handle(params account.RegisterParams) middleware.Responder {
if params.Body.RegToken == "" || params.Body.Password == "" {
if params.Body.RegisterToken == "" || params.Body.Password == "" {
logrus.Error("missing token or password")
return account.NewRegisterNotFound()
}
logrus.Infof("received register request for registration token '%v'", params.Body.RegToken)
logrus.Infof("received register request for registration token '%v'", params.Body.RegisterToken)

tx, err := str.Begin()
if err != nil {
logrus.Errorf("error starting transaction for registration token '%v': %v", params.Body.RegToken, err)
logrus.Errorf("error starting transaction for registration token '%v': %v", params.Body.RegisterToken, err)
return account.NewRegisterInternalServerError()
}
defer func() { _ = tx.Rollback() }()

ar, err := str.FindAccountRequestWithToken(params.Body.RegToken, tx)
ar, err := str.FindAccountRequestWithToken(params.Body.RegisterToken, tx)
if err != nil {
logrus.Errorf("error finding account request with registration token '%v': %v", params.Body.RegToken, err)
logrus.Errorf("error finding account request with registration token '%v': %v", params.Body.RegisterToken, err)
return account.NewRegisterNotFound()
}

accountToken, err := CreateToken()
if err != nil {
logrus.Errorf("error creating account token for request '%v' (%v): %v", params.Body.RegToken, ar.Email, err)
logrus.Errorf("error creating account token for request '%v' (%v): %v", params.Body.RegisterToken, ar.Email, err)
return account.NewRegisterInternalServerError()
}

if err := validatePassword(h.cfg, params.Body.Password); err != nil {
logrus.Errorf("password not valid for request '%v', (%v): %v", params.Body.RegToken, ar.Email, err)
logrus.Errorf("password not valid for request '%v', (%v): %v", params.Body.RegisterToken, ar.Email, err)
return account.NewRegisterUnprocessableEntity().WithPayload(rest_model_zrok.ErrorMessage(err.Error()))
}

hpwd, err := HashPassword(params.Body.Password)
if err != nil {
logrus.Errorf("error hashing password for request '%v' (%v): %v", params.Body.RegToken, ar.Email, err)
logrus.Errorf("error hashing password for request '%v' (%v): %v", params.Body.RegisterToken, ar.Email, err)
return account.NewRegisterInternalServerError()
}
a := &store.Account{
Expand All @@ -61,17 +61,17 @@ func (h *registerHandler) Handle(params account.RegisterParams) middleware.Respo
Token: accountToken,
}
if _, err := str.CreateAccount(a, tx); err != nil {
logrus.Errorf("error creating account for request '%v' (%v): %v", params.Body.RegToken, ar.Email, err)
logrus.Errorf("error creating account for request '%v' (%v): %v", params.Body.RegisterToken, ar.Email, err)
return account.NewRegisterInternalServerError()
}

if err := str.DeleteAccountRequest(ar.Id, tx); err != nil {
logrus.Errorf("error deleteing account request '%v' (%v): %v", params.Body.RegToken, ar.Email, err)
logrus.Errorf("error deleteing account request '%v' (%v): %v", params.Body.RegisterToken, ar.Email, err)
return account.NewRegisterInternalServerError()
}

if err := tx.Commit(); err != nil {
logrus.Errorf("error committing '%v' (%v): %v", params.Body.RegToken, ar.Email, err)
logrus.Errorf("error committing '%v' (%v): %v", params.Body.RegisterToken, ar.Email, err)
return account.NewRegisterInternalServerError()
}

Expand Down
2 changes: 1 addition & 1 deletion controller/share.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -209,7 +209,7 @@ func (h *shareHandler) Handle(params share.ShareParams, principal *rest_model_zr

return share.NewShareCreated().WithPayload(&rest_model_zrok.ShareResponse{
FrontendProxyEndpoints: frontendEndpoints,
ShrToken: shrToken,
ShareToken: shrToken,
})
}

Expand Down
8 changes: 4 additions & 4 deletions controller/shareDetail.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,9 +21,9 @@ func (h *shareDetailHandler) Handle(params metadata.GetShareDetailParams, princi
return metadata.NewGetShareDetailInternalServerError()
}
defer func() { _ = tx.Rollback() }()
shr, err := str.FindShareWithToken(params.ShrToken, tx)
shr, err := str.FindShareWithToken(params.ShareToken, tx)
if err != nil {
logrus.Errorf("error finding share '%v': %v", params.ShrToken, err)
logrus.Errorf("error finding share '%v': %v", params.ShareToken, err)
return metadata.NewGetShareDetailNotFound()
}
envs, err := str.FindEnvironmentsForAccount(int(principal.ID), tx)
Expand All @@ -39,7 +39,7 @@ func (h *shareDetailHandler) Handle(params metadata.GetShareDetailParams, princi
}
}
if !found {
logrus.Errorf("environment not matched for share '%v' for account '%v'", params.ShrToken, principal.Email)
logrus.Errorf("environment not matched for share '%v' for account '%v'", params.ShareToken, principal.Email)
return metadata.NewGetShareDetailNotFound()
}
sparkRx := make(map[string][]int64)
Expand Down Expand Up @@ -69,7 +69,7 @@ func (h *shareDetailHandler) Handle(params metadata.GetShareDetailParams, princi
sparkData = append(sparkData, &rest_model_zrok.SparkDataSample{Rx: float64(sparkRx[shr.Token][i]), Tx: float64(sparkTx[shr.Token][i])})
}
return metadata.NewGetShareDetailOK().WithPayload(&rest_model_zrok.Share{
Token: shr.Token,
ShareToken: shr.Token,
ZID: shr.ZId,
ShareMode: shr.ShareMode,
BackendMode: shr.BackendMode,
Expand Down
2 changes: 1 addition & 1 deletion controller/unaccess.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ func newUnaccessHandler() *unaccessHandler {

func (h *unaccessHandler) Handle(params share.UnaccessParams, principal *rest_model_zrok.Principal) middleware.Responder {
feToken := params.Body.FrontendToken
shrToken := params.Body.ShrToken
shrToken := params.Body.ShareToken
envZId := params.Body.EnvZID
logrus.Infof("processing unaccess request for frontend '%v' (share '%v', environment '%v')", feToken, shrToken, envZId)

Expand Down
2 changes: 1 addition & 1 deletion controller/unshare.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ func (h *unshareHandler) Handle(params share.UnshareParams, principal *rest_mode
logrus.Errorf("error getting edge client for '%v': %v", principal.Email, err)
return share.NewUnshareInternalServerError()
}
shrToken := params.Body.ShrToken
shrToken := params.Body.ShareToken
shrZId, err := h.findShareZId(shrToken, edge)
if err != nil {
logrus.Errorf("error finding share identity for '%v' (%v): %v", shrToken, principal.Email, err)
Expand Down
2 changes: 1 addition & 1 deletion controller/updateShare.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ func newUpdateShareHandler() *updateShareHandler {
}

func (h *updateShareHandler) Handle(params share.UpdateShareParams, principal *rest_model_zrok.Principal) middleware.Responder {
shrToken := params.Body.ShrToken
shrToken := params.Body.ShareToken
backendProxyEndpoint := params.Body.BackendProxyEndpoint

tx, err := str.Begin()
Expand Down
8 changes: 4 additions & 4 deletions controller/verify.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,18 +13,18 @@ func newVerifyHandler() *verifyHandler {
}

func (h *verifyHandler) Handle(params account.VerifyParams) middleware.Responder {
if params.Body.RegistrationToken != "" {
logrus.Debugf("received verify request for registration token '%v'", params.Body.RegistrationToken)
if params.Body.RegisterToken != "" {
logrus.Debugf("received verify request for registration token '%v'", params.Body.RegisterToken)
tx, err := str.Begin()
if err != nil {
logrus.Errorf("error starting transaction: %v", err)
return account.NewVerifyInternalServerError()
}
defer func() { _ = tx.Rollback() }()

ar, err := str.FindAccountRequestWithToken(params.Body.RegistrationToken, tx)
ar, err := str.FindAccountRequestWithToken(params.Body.RegisterToken, tx)
if err != nil {
logrus.Errorf("error finding account request with registration token '%v': %v", params.Body.RegistrationToken, err)
logrus.Errorf("error finding account request with registration token '%v': %v", params.Body.RegisterToken, err)
return account.NewVerifyNotFound()
}

Expand Down
4 changes: 2 additions & 2 deletions rest_client_zrok/account/invite_responses.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions rest_client_zrok/account/register_responses.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions rest_client_zrok/account/verify_responses.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit a71f9eb

Please sign in to comment.