Made auth and sessions managers configurable

CHANGELOG.md

@@ -0,0 +1,4 @@
+# This Branch:
+
+- Refactored AuthManager and SessionManagers so that any identity provider / Session data handler can be used
+- Enables swtching out storage managers

api_definition_manager.go

@@ -14,6 +14,23 @@ import (
 	"time"
 )
 
+type AuthProviderCode string
+type SessionProviderCode string
+const (
+	DefaultAuthProvider AuthProviderCode = "default"
+	DefaultSessionProvider SessionProviderCode = "default"
+)
+
+type AuthProviderMeta struct {
+	Name AuthProviderCode	`bson:"name" json:"name"`
+	Meta interface{}		`bson:"meta" json:"meta"`
+}
+
+type SessionProviderMeta struct {
+	Name SessionProviderCode	`bson:"name" json:"name"`
+	Meta interface{}			`bson:"meta" json:"meta"`
+}
+
 // APIDefinition represents the configuration for a single proxied API and it's versions.
 type APIDefinition struct {
 	ID               bson.ObjectId `bson:"_id,omitempty" json:"id"`
@@ -44,6 +61,8 @@ type APIDefinition struct {
 		StripListenPath bool   `bson:"strip_listen_path" json:"strip_listen_path"`
 	} `bson:"proxy" json:"proxy"`
 	Active  bool                   `bson:"active" json:"active"`
+	AuthProvider AuthProviderMeta	`bson:"auth_provider" json:"auth_provider"`
+	SessionProvider SessionProviderMeta	`bson:"session_provider" json:"session_provider"`
 	RawData map[string]interface{} `bson:"raw_data,omitempty" json:"raw_data,omitempty"` // Not used in actual configuration, loaded by config for plugable arc
 }
 
@@ -127,9 +146,26 @@ func (a *APIDefinitionLoader) Connect() {
 func (a *APIDefinitionLoader) MakeSpec(thisAppConfig APIDefinition) APISpec {
 	newAppSpec := APISpec{}
 	newAppSpec.APIDefinition = thisAppConfig
-	// Create the auth manager and session manager so we can support multiple IdP's
-	newAppSpec.AuthManager = &AuthorisationManager{}
-	newAppSpec.SessionManager = &SessionManager{}
+
+	// Add any new session managers or auth handlers here
+	if newAppSpec.APIDefinition.AuthProvider.Name != "" {
+		switch newAppSpec.APIDefinition.AuthProvider.Name {
+			case DefaultAuthProvider: newAppSpec.AuthManager = &DefaultAuthorisationManager{}
+			default: newAppSpec.AuthManager = &DefaultAuthorisationManager{}
+		}
+	} else {
+		newAppSpec.AuthManager = &DefaultAuthorisationManager{}
+	}
+
+	if newAppSpec.APIDefinition.SessionProvider.Name != "" {
+		switch newAppSpec.APIDefinition.SessionProvider.Name {
+			case DefaultSessionProvider: newAppSpec.SessionManager = &DefaultSessionManager{}
+			default: newAppSpec.SessionManager = &DefaultSessionManager{}
+		}
+	} else {
+		newAppSpec.SessionManager = &DefaultSessionManager{}
+	}
+
 
 	newAppSpec.RxPaths = make(map[string][]URLSpec)
 	newAppSpec.WhiteListEnabled = make(map[string]bool)

auth_manager.go

@@ -26,31 +26,30 @@ type SessionHandler interface {
 	RemoveSession(keyName string)
 	GetSessionDetail(keyName string) (SessionState, bool)
 	GetSessions(filter string) []string
-
 }
 
 type KeyGenerator interface {
 	GenerateAuthKey(OrgID string) string
 	GenerateHMACSecret() string
 }
 
-// AuthorisationManager implements AuthorisationHandler,
+// DefaultAuthorisationManager implements AuthorisationHandler,
 // requires a StorageHandler to interact with key store
-type AuthorisationManager struct {
+type DefaultAuthorisationManager struct {
 	Store StorageHandler
 }
 
-type SessionManager struct {
+type DefaultSessionManager struct {
 	Store StorageHandler
 }
 
-func (b *AuthorisationManager) Init(store StorageHandler) {
+func (b *DefaultAuthorisationManager) Init(store StorageHandler) {
 	b.Store = store
 	b.Store.Connect()
 }
 
 // IsKeyAuthorised checks if key exists and can be read into a SessionState object
-func (b AuthorisationManager) IsKeyAuthorised(keyName string) (bool, SessionState) {
+func (b DefaultAuthorisationManager) IsKeyAuthorised(keyName string) (bool, SessionState) {
 	jsonKeyVal, err := b.Store.GetKey(keyName)
 	var newSession SessionState
 	if err != nil {
@@ -68,7 +67,7 @@ func (b AuthorisationManager) IsKeyAuthorised(keyName string) (bool, SessionStat
 }
 
 // IsKeyExpired checks if a key has expired, if the value of SessionState.Expires is 0, it will be ignored
-func (b AuthorisationManager) IsKeyExpired(newSession *SessionState) bool {
+func (b DefaultAuthorisationManager) IsKeyExpired(newSession *SessionState) bool {
 	if newSession.Expires >= 1 {
 		diff := newSession.Expires - time.Now().Unix()
 		if diff > 0 {
@@ -79,25 +78,25 @@ func (b AuthorisationManager) IsKeyExpired(newSession *SessionState) bool {
 	return false
 }
 
-func (b *SessionManager) Init(store StorageHandler) {
+func (b *DefaultSessionManager) Init(store StorageHandler) {
 	b.Store = store
 	b.Store.Connect()
 }
 
 // UpdateSession updates the session state in the storage engine
-func (b SessionManager) UpdateSession(keyName string, session SessionState) {
+func (b DefaultSessionManager) UpdateSession(keyName string, session SessionState) {
 	v, _ := json.Marshal(session)
 	keyExp := (session.Expires - time.Now().Unix()) + 300 // Add 5 minutes to key expiry, just in case
 
 	b.Store.SetKey(keyName, string(v), keyExp)
 }
 
-func (b SessionManager) RemoveSession(keyName string) {
+func (b DefaultSessionManager) RemoveSession(keyName string) {
 	b.Store.DeleteKey(keyName)
 }
 
 // GetSessionDetail returns the session detail using the storage engine (either in memory or Redis)
-func (b SessionManager) GetSessionDetail(keyName string) (SessionState, bool) {
+func (b DefaultSessionManager) GetSessionDetail(keyName string) (SessionState, bool) {
 	jsonKeyVal, err := b.Store.GetKey(keyName)
 	var thisSession SessionState
 	if err != nil {
@@ -115,7 +114,7 @@ func (b SessionManager) GetSessionDetail(keyName string) (SessionState, bool) {
 }
 
 // GetSessions returns all sessions in the key store that match a filter key (a prefix)
-func (b SessionManager) GetSessions(filter string) []string {
+func (b DefaultSessionManager) GetSessions(filter string) []string {
 	return b.Store.GetKeys(filter)
 }
 

main.go

@@ -18,7 +18,6 @@ import (
 )
 
 var log = logrus.New()
-//var authManager = AuthorisationManager{}
 var config = Config{}
 var templates = &template.Template{}
 var analytics = RedisAnalyticsHandler{}
@@ -170,15 +169,14 @@ func loadApps(APISpecs []APISpec, Muxer *http.ServeMux) {
 		}
 
 		// Initialise the auth and session managers (use Redis for now)
+		// TODO: Make this configurable
 		referenceSpec.Init(&redisStore, &redisStore)
 
 		if referenceSpec.UseOauth2 {
 			thisOauthManager := addOAuthHandlers(&referenceSpec, Muxer, false)
 			referenceSpec.OAuthManager = thisOauthManager
 		}
 
-
-
 		proxy := TykNewSingleHostReverseProxy(remote)
 		referenceSpec.target = remote
 

oauth_manager_test.go

@@ -255,7 +255,7 @@ func GetToken() tokenData {
 
 	var thisResponse = tokenData{}
 	body, _ := ioutil.ReadAll(recorder.Body)
-	fmt.Println(string(body))
+//	fmt.Println(string(body))
 	err := json.Unmarshal(body, &thisResponse)
 	if err != nil {
 		fmt.Println(err)

session_manager.go

@@ -1,8 +1,6 @@
 package main
 
 import (
-	"encoding/json"
-	"fmt"
 	"time"
 )
 
@@ -116,8 +114,5 @@ func createSampleSession() SessionState {
 	thisSession.AccessRights = map[string]AccessDefinition{}
 	thisSession.AccessRights["1"] = simpleDef
 
-	b, _ := json.Marshal(thisSession)
-
-	fmt.Println(string(b))
 	return thisSession
 }