From 8c1f7883aec777e926f0172af15afc0876a94a61 Mon Sep 17 00:00:00 2001 From: Emil Lerch Date: Sat, 24 Feb 2024 14:30:14 -0800 Subject: [PATCH] fix multiple requests/move cred fill to initialization --- src/main.zig | 32 +++++++++++++++----------------- 1 file changed, 15 insertions(+), 17 deletions(-) diff --git a/src/main.zig b/src/main.zig index 8d80c74..0fe18da 100644 --- a/src/main.zig +++ b/src/main.zig @@ -13,6 +13,13 @@ pub const std_options = struct { }; pub fn main() !u8 { + var fb_allocator = std.heap.FixedBufferAllocator.init(&creds_buf); + const allocator = fb_allocator.allocator(); + fillRootCreds(allocator) catch |e| { + log.err("Error filling root creds. Base authentication will not work until this is fixed: {}", .{e}); + return e; + }; + return try universal_lambda.run(null, handler); } @@ -96,11 +103,6 @@ fn authenticateUser(allocator: std.mem.Allocator, context: universal_lambda_inte .target = target, .headers = headers, }; - if (root_creds == null) { - root_creds = std.StringHashMap(signing.Credentials).init(allocator); - root_account_mapping = std.StringHashMap([]const u8).init(allocator); - Account.root_key_mapping = std.StringHashMap([]const u8).init(allocator); - } const auth_bypass = @import("builtin").mode == .Debug and try std.process.hasEnvVar(allocator, "DEBUG_AUTHN_BYPASS"); const is_authenticated = auth_bypass or @@ -125,7 +127,7 @@ fn authenticateUser(allocator: std.mem.Allocator, context: universal_lambda_inte } var test_credential: signing.Credentials = undefined; -var root_creds: ?std.StringHashMap(signing.Credentials) = null; +var root_creds: std.StringHashMap(signing.Credentials) = undefined; var root_account_mapping: std.StringHashMap([]const u8) = undefined; var creds_buf: [8192]u8 = undefined; fn getCreds(access: []const u8) ?signing.Credentials { @@ -135,20 +137,16 @@ fn getCreds(access: []const u8) ?signing.Credentials { // 2. Creds from the root file, ideally used only for bootstrapping // 3. Creds from STS GetAccessKeyInfo API call, which should be 99%+ of ops if (std.mem.eql(u8, access, "ACCESS")) return test_credential; - fillRootCreds() catch |e| { - log.err("Error filling root creds. Base authentication will not work until this is fixed: {}", .{e}); - return null; - }; - log.debug("Creds for access key {s}: {any}", .{ access, root_creds.?.get(access) != null }); - if (root_creds.?.get(access)) |c| return c; + log.debug("Creds for access key {s}: {any}", .{ access, root_creds.get(access) != null }); + if (root_creds.get(access)) |c| return c; log.err("Creds not found in store. STS GetAccessKeyInfo call is not yet implemented", .{}); return null; } -fn fillRootCreds() !void { - if (root_creds.?.count() > 0) return; - var fb_allocator = std.heap.FixedBufferAllocator.init(&creds_buf); - const allocator = fb_allocator.allocator(); +fn fillRootCreds(allocator: std.mem.Allocator) !void { + root_creds = std.StringHashMap(signing.Credentials).init(allocator); + root_account_mapping = std.StringHashMap([]const u8).init(allocator); + Account.root_key_mapping = std.StringHashMap([]const u8).init(allocator); var file = std.fs.cwd().openFile("access_keys.csv", .{}) catch |e| { log.err("Could not open access_keys.csv to access root creds: {}", .{e}); return e; @@ -197,7 +195,7 @@ fn fillRootCreds() !void { return error.TooFewValues; } const global_access_key = try allocator.dupe(u8, access_key); - try root_creds.?.put(global_access_key, .{ + try root_creds.put(global_access_key, .{ .access_key = global_access_key, // we need to copy all these into our global buffer .secret_key = try allocator.dupe(u8, secret_key), .session_token = null,