From d194cd778adf0f55e8760b054615131448201b51 Mon Sep 17 00:00:00 2001 From: Lukasz Raczylo Date: Wed, 19 Feb 2025 11:56:31 +0000 Subject: [PATCH] gofmt the updated files. --- cache.go | 2 +- helpers_test.go | 26 +++++++++++++------------- main.go | 38 +++++++++++++++++++------------------- main_test.go | 8 ++++---- 4 files changed, 37 insertions(+), 37 deletions(-) diff --git a/cache.go b/cache.go index 2a2f6ef..471ddb6 100644 --- a/cache.go +++ b/cache.go @@ -139,7 +139,7 @@ func (c *Cache) Cleanup() { func (c *Cache) evictOldest() { now := time.Now() elem := c.order.Front() - + // First try to find an expired item from the front for elem != nil { entry := elem.Value.(lruEntry) diff --git a/helpers_test.go b/helpers_test.go index 96a3c45..a55372c 100644 --- a/helpers_test.go +++ b/helpers_test.go @@ -9,7 +9,7 @@ import ( func TestTokenBlacklistSizeLimit(t *testing.T) { tb := NewTokenBlacklist() - + // Add tokens up to maxSize for i := 0; i < 1000; i++ { tb.Add(fmt.Sprintf("token%d", i), time.Now().Add(time.Hour)) @@ -31,12 +31,12 @@ func TestTokenBlacklistSizeLimit(t *testing.T) { func TestTokenBlacklistExpiredCleanup(t *testing.T) { tb := NewTokenBlacklist() - + // Add some expired tokens for i := 0; i < 500; i++ { tb.Add(fmt.Sprintf("expired%d", i), time.Now().Add(-time.Hour)) } - + // Add some valid tokens for i := 0; i < 500; i++ { tb.Add(fmt.Sprintf("valid%d", i), time.Now().Add(time.Hour)) @@ -62,14 +62,14 @@ func TestTokenBlacklistExpiredCleanup(t *testing.T) { func TestTokenBlacklistOldestEviction(t *testing.T) { tb := NewTokenBlacklist() - + // Add tokens at capacity with different expiration times baseTime := time.Now() oldestToken := "oldest" - + // Add oldest token first tb.Add(oldestToken, baseTime.Add(time.Hour)) - + // Fill up to capacity with newer tokens for i := 0; i < 999; i++ { tb.Add(fmt.Sprintf("token%d", i), baseTime.Add(time.Hour*2)) @@ -96,7 +96,7 @@ func TestTokenBlacklistMemoryUsage(t *testing.T) { // Force initial GC runtime.GC() - + // Record initial memory stats var m1, m2 runtime.MemStats runtime.ReadMemStats(&m1) @@ -105,12 +105,12 @@ func TestTokenBlacklistMemoryUsage(t *testing.T) { for i := 0; i < iterations; i++ { // Add new token tb.Add(fmt.Sprintf("token%d", i), time.Now().Add(time.Hour)) - + // Periodically check blacklisted status if i%100 == 0 { tb.IsBlacklisted(fmt.Sprintf("token%d", i-50)) } - + // Periodically cleanup if i%1000 == 0 { tb.Cleanup() @@ -180,7 +180,7 @@ func TestTokenCacheMemoryUsage(t *testing.T) { // Force initial GC runtime.GC() - + // Record initial memory stats var m1, m2 runtime.MemStats runtime.ReadMemStats(&m1) @@ -191,15 +191,15 @@ func TestTokenCacheMemoryUsage(t *testing.T) { "sub": fmt.Sprintf("user%d", i), "exp": time.Now().Add(time.Hour).Unix(), } - + // Add to cache tc.Set(fmt.Sprintf("token%d", i), claims, time.Hour) - + // Periodically retrieve if i%100 == 0 { tc.Get(fmt.Sprintf("token%d", i-50)) } - + // Periodically cleanup if i%1000 == 0 { tc.Cleanup() diff --git a/main.go b/main.go index cf24e7a..540fbd1 100644 --- a/main.go +++ b/main.go @@ -533,20 +533,20 @@ func (t *TraefikOidc) ServeHTTP(rw http.ResponseWriter, req *http.Request) { // Set user information in headers req.Header.Set("X-Forwarded-User", email) - + // Set OIDC-specific headers req.Header.Set("X-Auth-Request-Redirect", req.URL.RequestURI()) req.Header.Set("X-Auth-Request-User", email) if idToken := session.GetAccessToken(); idToken != "" { req.Header.Set("X-Auth-Request-Token", idToken) } - + // Set security headers rw.Header().Set("X-Frame-Options", "DENY") rw.Header().Set("X-Content-Type-Options", "nosniff") rw.Header().Set("X-XSS-Protection", "1; mode=block") rw.Header().Set("Referrer-Policy", "strict-origin-when-cross-origin") - + // Set CORS headers origin := req.Header.Get("Origin") if origin != "" { @@ -554,14 +554,14 @@ func (t *TraefikOidc) ServeHTTP(rw http.ResponseWriter, req *http.Request) { rw.Header().Set("Access-Control-Allow-Credentials", "true") rw.Header().Set("Access-Control-Allow-Methods", "GET, POST, OPTIONS") rw.Header().Set("Access-Control-Allow-Headers", "Authorization, Content-Type") - + // Handle preflight requests if req.Method == "OPTIONS" { rw.WriteHeader(http.StatusOK) return } } - + // Process the request t.next.ServeHTTP(rw, req) } @@ -697,9 +697,9 @@ func (t *TraefikOidc) buildAuthURL(redirectURL, state, nonce string) string { // Extract issuer base URL issuerURL, err := url.Parse(t.issuerURL) if err == nil { - return fmt.Sprintf("%s://%s%s?%s", - issuerURL.Scheme, - issuerURL.Host, + return fmt.Sprintf("%s://%s%s?%s", + issuerURL.Scheme, + issuerURL.Host, t.authURL, params.Encode()) } @@ -709,17 +709,17 @@ func (t *TraefikOidc) buildAuthURL(redirectURL, state, nonce string) string { // startTokenCleanup starts the token cleanup goroutine func (t *TraefikOidc) startTokenCleanup() { - ticker := time.NewTicker(1 * time.Minute) // Run cleanup every minute - go func() { - defer ticker.Stop() - for range ticker.C { - t.logger.Debug("Starting token cleanup cycle") -t.tokenCache.Cleanup() -t.tokenBlacklist.Cleanup() -t.jwkCache.Cleanup() // Assuming jwkCache is the cache from cache.go - // Removed runtime.GC() call - } - }() + ticker := time.NewTicker(1 * time.Minute) // Run cleanup every minute + go func() { + defer ticker.Stop() + for range ticker.C { + t.logger.Debug("Starting token cleanup cycle") + t.tokenCache.Cleanup() + t.tokenBlacklist.Cleanup() + t.jwkCache.Cleanup() // Assuming jwkCache is the cache from cache.go + // Removed runtime.GC() call + } + }() } // RevokeToken adds the token to the blacklist diff --git a/main_test.go b/main_test.go index 883b6b3..943e5a2 100644 --- a/main_test.go +++ b/main_test.go @@ -1782,7 +1782,7 @@ func TestBuildAuthURL(t *testing.T) { issuerURL string redirectURL string state string - nonce string + nonce string expectedPrefix string }{ { @@ -1791,7 +1791,7 @@ func TestBuildAuthURL(t *testing.T) { issuerURL: "https://auth.example.com", redirectURL: "https://app.example.com/callback", state: "test-state", - nonce: "test-nonce", + nonce: "test-nonce", expectedPrefix: "https://auth.example.com/oauth/authorize?", }, { @@ -1800,7 +1800,7 @@ func TestBuildAuthURL(t *testing.T) { issuerURL: "https://logto.example.com", redirectURL: "https://app.example.com/callback", state: "test-state", - nonce: "test-nonce", + nonce: "test-nonce", expectedPrefix: "https://logto.example.com/oidc/auth?", }, { @@ -1809,7 +1809,7 @@ func TestBuildAuthURL(t *testing.T) { issuerURL: "https://auth.example.com:8443", redirectURL: "https://app.example.com/callback", state: "test-state", - nonce: "test-nonce", + nonce: "test-nonce", expectedPrefix: "https://auth.example.com:8443/sign-in?", }, }