fix multiple requests/move cred fill to initialization
This commit is contained in:
parent
d7489c1fb7
commit
8c1f7883ae
32
src/main.zig
32
src/main.zig
|
@ -13,6 +13,13 @@ pub const std_options = struct {
|
||||||
};
|
};
|
||||||
|
|
||||||
pub fn main() !u8 {
|
pub fn main() !u8 {
|
||||||
|
var fb_allocator = std.heap.FixedBufferAllocator.init(&creds_buf);
|
||||||
|
const allocator = fb_allocator.allocator();
|
||||||
|
fillRootCreds(allocator) catch |e| {
|
||||||
|
log.err("Error filling root creds. Base authentication will not work until this is fixed: {}", .{e});
|
||||||
|
return e;
|
||||||
|
};
|
||||||
|
|
||||||
return try universal_lambda.run(null, handler);
|
return try universal_lambda.run(null, handler);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -96,11 +103,6 @@ fn authenticateUser(allocator: std.mem.Allocator, context: universal_lambda_inte
|
||||||
.target = target,
|
.target = target,
|
||||||
.headers = headers,
|
.headers = headers,
|
||||||
};
|
};
|
||||||
if (root_creds == null) {
|
|
||||||
root_creds = std.StringHashMap(signing.Credentials).init(allocator);
|
|
||||||
root_account_mapping = std.StringHashMap([]const u8).init(allocator);
|
|
||||||
Account.root_key_mapping = std.StringHashMap([]const u8).init(allocator);
|
|
||||||
}
|
|
||||||
const auth_bypass =
|
const auth_bypass =
|
||||||
@import("builtin").mode == .Debug and try std.process.hasEnvVar(allocator, "DEBUG_AUTHN_BYPASS");
|
@import("builtin").mode == .Debug and try std.process.hasEnvVar(allocator, "DEBUG_AUTHN_BYPASS");
|
||||||
const is_authenticated = auth_bypass or
|
const is_authenticated = auth_bypass or
|
||||||
|
@ -125,7 +127,7 @@ fn authenticateUser(allocator: std.mem.Allocator, context: universal_lambda_inte
|
||||||
}
|
}
|
||||||
|
|
||||||
var test_credential: signing.Credentials = undefined;
|
var test_credential: signing.Credentials = undefined;
|
||||||
var root_creds: ?std.StringHashMap(signing.Credentials) = null;
|
var root_creds: std.StringHashMap(signing.Credentials) = undefined;
|
||||||
var root_account_mapping: std.StringHashMap([]const u8) = undefined;
|
var root_account_mapping: std.StringHashMap([]const u8) = undefined;
|
||||||
var creds_buf: [8192]u8 = undefined;
|
var creds_buf: [8192]u8 = undefined;
|
||||||
fn getCreds(access: []const u8) ?signing.Credentials {
|
fn getCreds(access: []const u8) ?signing.Credentials {
|
||||||
|
@ -135,20 +137,16 @@ fn getCreds(access: []const u8) ?signing.Credentials {
|
||||||
// 2. Creds from the root file, ideally used only for bootstrapping
|
// 2. Creds from the root file, ideally used only for bootstrapping
|
||||||
// 3. Creds from STS GetAccessKeyInfo API call, which should be 99%+ of ops
|
// 3. Creds from STS GetAccessKeyInfo API call, which should be 99%+ of ops
|
||||||
if (std.mem.eql(u8, access, "ACCESS")) return test_credential;
|
if (std.mem.eql(u8, access, "ACCESS")) return test_credential;
|
||||||
fillRootCreds() catch |e| {
|
log.debug("Creds for access key {s}: {any}", .{ access, root_creds.get(access) != null });
|
||||||
log.err("Error filling root creds. Base authentication will not work until this is fixed: {}", .{e});
|
if (root_creds.get(access)) |c| return c;
|
||||||
return null;
|
|
||||||
};
|
|
||||||
log.debug("Creds for access key {s}: {any}", .{ access, root_creds.?.get(access) != null });
|
|
||||||
if (root_creds.?.get(access)) |c| return c;
|
|
||||||
log.err("Creds not found in store. STS GetAccessKeyInfo call is not yet implemented", .{});
|
log.err("Creds not found in store. STS GetAccessKeyInfo call is not yet implemented", .{});
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
fn fillRootCreds() !void {
|
fn fillRootCreds(allocator: std.mem.Allocator) !void {
|
||||||
if (root_creds.?.count() > 0) return;
|
root_creds = std.StringHashMap(signing.Credentials).init(allocator);
|
||||||
var fb_allocator = std.heap.FixedBufferAllocator.init(&creds_buf);
|
root_account_mapping = std.StringHashMap([]const u8).init(allocator);
|
||||||
const allocator = fb_allocator.allocator();
|
Account.root_key_mapping = std.StringHashMap([]const u8).init(allocator);
|
||||||
var file = std.fs.cwd().openFile("access_keys.csv", .{}) catch |e| {
|
var file = std.fs.cwd().openFile("access_keys.csv", .{}) catch |e| {
|
||||||
log.err("Could not open access_keys.csv to access root creds: {}", .{e});
|
log.err("Could not open access_keys.csv to access root creds: {}", .{e});
|
||||||
return e;
|
return e;
|
||||||
|
@ -197,7 +195,7 @@ fn fillRootCreds() !void {
|
||||||
return error.TooFewValues;
|
return error.TooFewValues;
|
||||||
}
|
}
|
||||||
const global_access_key = try allocator.dupe(u8, access_key);
|
const global_access_key = try allocator.dupe(u8, access_key);
|
||||||
try root_creds.?.put(global_access_key, .{
|
try root_creds.put(global_access_key, .{
|
||||||
.access_key = global_access_key, // we need to copy all these into our global buffer
|
.access_key = global_access_key, // we need to copy all these into our global buffer
|
||||||
.secret_key = try allocator.dupe(u8, secret_key),
|
.secret_key = try allocator.dupe(u8, secret_key),
|
||||||
.session_token = null,
|
.session_token = null,
|
||||||
|
|
Loading…
Reference in New Issue
Block a user