elan-ev · LukasKalbertodt · Feb 22, 2024 · Dec 14, 2023 · Jan 16, 2024 · Jan 24, 2024
diff --git a/.deployment/templates/config.toml b/.deployment/templates/config.toml
@@ -23,7 +23,8 @@ unix_socket = "/opt/tobira/{{ id }}/socket/tobira.sock"
 unix_socket_permissions = 0o777
 
 [auth]
-mode = "login-proxy"
+source = "tobira-session"
+session.from_session_endpoint = "trust-auth-headers"
 login_page.note.en = 'Dummy users: "jose", "morgan", "björk", "sabine" and "admin". Password for all: "tobira".'
 login_page.note.de = 'Testnutzer: "jose", "morgan", "björk", "sabine" und "admin". Passwort für alle: "tobira".'
 

diff --git a/backend/Cargo.lock b/backend/Cargo.lock
diff --git a/backend/Cargo.toml b/backend/Cargo.toml
@@ -74,6 +74,7 @@ time = "0.3"
 tokio = { version = "=1.28", features = ["fs", "rt-multi-thread", "macros", "time"] }
 tokio-postgres = { version = "0.7", features = ["with-chrono-0_4", "with-serde_json-1"] }
 tokio-postgres-rustls = "0.10.0"
+url = "2.4.1"
 
 [target.'cfg(target_os = "linux")'.dependencies]
 procfs = "0.15.1"

diff --git a/backend/src/auth/cache.rs b/backend/src/auth/cache.rs
@@ -1,14 +1,83 @@
-use std::{time::{Instant, Duration}, collections::HashSet};
+use std::{collections::HashSet, hash::Hash, time::{Instant, Duration}};
 
 use dashmap::{DashMap, mapref::entry::Entry};
 use deadpool_postgres::Client;
+use hyper::HeaderMap;
+use prometheus_client::metrics::counter::Counter;
 
-use crate::prelude::*;
+use crate::{config::Config, prelude::*};
 
+use super::{config::CallbackConfig, User};
+
+pub struct Caches {
+    pub(crate) user: UserCache,
+    pub(crate) callback: AuthCallbackCache,
+}
+
+impl Caches {
+    pub fn new() -> Self {
+        Self {
+            user: UserCache::new(),
+            callback: AuthCallbackCache::new(),
+        }
+    }
+
+    /// Starts a daemon that regularly removes outdated entries from the cache.
+    pub(crate) async fn maintainence_task(&self, config: &Config) -> ! {
+        fn cleanup<K: Eq + Hash, V>(
+            now: Instant,
+            map: &DashMap<K, V>,
+            cache_duration: Duration,
+            mut timestamp: impl FnMut(&V) -> Instant,
+        ) -> Option<Instant> {
+            let mut out = None;
+            map.retain(|_, v| {
+                let instant = timestamp(v);
+                let is_outdated = now.saturating_duration_since(instant) > cache_duration;
+                if !is_outdated {
+                    out = match out {
+                        None => Some(instant),
+                        Some(existing) => Some(std::cmp::min(existing, instant)),
+                    };
+                }
+                !is_outdated
+            });
+            out.map(|out| out + cache_duration)
+        }
+
+        let empty_wait_time = std::cmp::min(CACHE_DURATION, config.auth.callback.cache_duration);
+        tokio::time::sleep(empty_wait_time).await;
+
+        loop {
+            let now = Instant::now();
+            let next_user_action =
+                cleanup(now, &self.user.0, CACHE_DURATION, |v| v.last_written_to_db);
+            let next_callback_action =
+                cleanup(now, &self.callback.map, config.auth.callback.cache_duration, |v| v.timestamp);
+
+            // We will wait until the next entry in the hashmap gets stale, but
+            // at least 30s to not do cleanup too often. In case there are no
+            // entries currently, it will also retry in 30s. But we will wait
+            // at most as long as we would do for an empty cache.
+            let next_action = [next_user_action, next_callback_action].into_iter()
+                .filter_map(|x| x)
+                .min();
+            let wait_duration = std::cmp::min(
+                std::cmp::max(
+                    next_action.map(|i| i.saturating_duration_since(now))
+                        .unwrap_or(empty_wait_time),
+                    Duration::from_secs(30),
+                ),
+                empty_wait_time,
+            );
+            tokio::time::sleep(wait_duration).await;
+        }
+    }
+}
 
 const CACHE_DURATION: Duration = Duration::from_secs(60 * 10);
 
-struct CacheEntry {
+struct UserCacheEntry {
     display_name: String,
     email: Option<String>,
     roles: HashSet<String>,
@@ -23,10 +92,10 @@ struct CacheEntry {
 /// This works fine in multi-node setups: each node just has its local cache and
 /// prevents some DB writes. But as this data is never used otherwise, we don't
 /// run into data inconsistency problems.
-pub(crate) struct UserCache(DashMap<String, CacheEntry>);
+pub(crate) struct UserCache(DashMap<String, UserCacheEntry>);
 
 impl UserCache {
-    pub(crate) fn new() -> Self {
+    fn new() -> Self {
         Self(DashMap::new())
     }
 
@@ -50,7 +119,7 @@ impl UserCache {
             Entry::Vacant(vacant) => {
                 let res = Self::write_to_db(user, db).await;
                 if res.is_ok() {
-                    vacant.insert(CacheEntry {
+                    vacant.insert(UserCacheEntry {
                         display_name: user.display_name.clone(),
                         email: user.email.clone(),
                         roles: user.roles.clone(),
@@ -95,3 +164,88 @@ impl UserCache {
     }
 }
 
+
+// ---------------------------------------------------------------------------
+
+#[derive(PartialEq, Eq)]
+struct AuthCallbackCacheKey(HeaderMap);
+
+impl Hash for AuthCallbackCacheKey {
+    fn hash<H: std::hash::Hasher>(&self, state: &mut H) {
+        // Sigh, unfortunately this requires us to sort the headers in order to
+        // get the same hash for the same set of headers. Well, there might be
+        // some clever ways to avoid that, but the `Hasher` trait is quite
+        // limited and does not allow these clever tricks, at least not without
+        // basically writing your own hashing logic.
+        let mut keys = self.0.keys().collect::<Vec<_>>();
+        keys.sort_by_key(|hn| hn.as_str());
+
+        for key in keys {
+            for value in self.0.get_all(key) {
+                key.hash(state);
+                b": ".hash(state);
+                value.hash(state);
+                state.write_u8(b'\n');
+            }
+        }
+    }
+}
+
+struct AuthCallbackCacheEntry {
+    user: Option<User>,
+    timestamp: Instant,
+}
+
+
+/// Cache for `auth-callback` calls.
+pub(crate) struct AuthCallbackCache {
+    map: DashMap<AuthCallbackCacheKey, AuthCallbackCacheEntry>,
+    // Metrics
+    hits: Counter,
+    misses: Counter,
+}
+
+impl AuthCallbackCache {
+    fn new() -> Self {
+        Self {
+            map: DashMap::new(),
+            hits: Counter::default(),
+            misses: Counter::default(),
+        }
+    }
+
+    pub(crate) fn hits(&self) -> &Counter {
+        &self.hits
+    }
+
+    pub(crate) fn misses(&self) -> &Counter {
+        &self.misses
+    }
+    pub(crate) fn size(&self) -> usize {
+        self.map.len()
+    }
+
+    pub(super) fn get(&self, key: &HeaderMap, config: &CallbackConfig) -> Option<Option<User>> {
+        // TODO: this `clone` should not be necessary. It can be removed with
+        // `#[repr(transparent)]` and an `unsafe`, but I don't want to just
+        // throw around `unsafe` here.
+        let out = self.map.get(&AuthCallbackCacheKey(key.clone()))
+            .filter(|e| e.timestamp.elapsed() < config.cache_duration)
+            .map(|e| e.user.clone());
+
+        match out.is_some() {
+            true => self.hits.inc(),
+            false => self.misses.inc(),
+        };
+
+        out
+    }
+
+    pub(super) fn insert(&self, key: HeaderMap, user: Option<User>) {
+        self.map.insert(AuthCallbackCacheKey(key), AuthCallbackCacheEntry {
+            user,
+            timestamp: Instant::now(),
+        });
+    }
+}
+