c/ooni-probe-cli
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ooni-probe-cli/internal/engine/ooapi/login.go

296 lines
8.0 KiB
Go
Raw Normal View History

engine/ooapi: autogenerated API with login and caching (#234) * internal/engine/ooapi: auto-generated API client * feat: introduce the callers abstraction * feat: implement API caching on disk * feat: implement cloneWithToken when we require login * feat: implement login * fix: do not cache all APIs * feat: start making space for more tests * feat: implement caching policy * feat: write tests for caching layer * feat: add integration tests and fix some minor issues * feat: write much more unit tests * feat: add some more easy unit tests * feat: add tests that use a local server While there, make sure many fields we care about are OK. * doc: write basic documentation * fix: tweak sentence * doc: improve ooapi documentation * doc(ooapi): other documentation improvements * fix(ooapi): remove caching for most APIs We discussed this topic yesterday with @FedericoCeratto. The only place where we want LRU caching is MeasurementMeta. * feat(ooapi): improve handling of errors during login This was also discussed yesterday with @FedericoCeratto * fix(swaggerdiff_test.go): temporarily disable Before I work on this, I need to tend onto other tasks. * fix(ootest): add one more test case We're going towards 100% coverage of this package, as it ought to be. * feat(ooapi): test cases for when the probe clock is off * fix(ooapi): change test to have 100% unittest coverage * feat: sync server and client APIs definition Companion PR: https://github.com/ooni/api/pull/218 * fix(ooapi): start testing again against API * fix(ooapi): only generate each file once * chore: set version to 3.7.0-alpha While there, make sure we don't always skip a currently failing riseupvpn test, and slightly clarify the readme. * fix(kvstore): less scoped error message
2021-03-04 11:51:07 +01:00
// Code generated by go generate; DO NOT EDIT.
// 2021-02-26 15:45:52.62521737 +0100 CET m=+0.000161706
package ooapi
//go:generate go run ./internal/generator -file login.go
import (
"context"
"errors"
"github.com/ooni/probe-cli/v3/internal/engine/ooapi/apimodel"
)
// PsiphonConfigAPIWithLogin implements login for PsiphonConfigAPI.
type PsiphonConfigAPIWithLogin struct {
API PsiphonConfigCloner // mandatory
JSONCodec JSONCodec // optional
KVStore KVStore // mandatory
RegisterAPI RegisterCaller // mandatory
LoginAPI LoginCaller // mandatory
}
// Call logins, if needed, then calls the API.
func (api *PsiphonConfigAPIWithLogin) Call(ctx context.Context, req *apimodel.PsiphonConfigRequest) (apimodel.PsiphonConfigResponse, error) {
token, err := api.maybeLogin(ctx)
if err != nil {
return nil, err
}
resp, err := api.API.WithToken(token).Call(ctx, req)
if errors.Is(err, ErrUnauthorized) {
// Maybe the clock is just off? Let's try to obtain
// a token again and see if this fixes it.
if token, err = api.forceLogin(ctx); err == nil {
switch resp, err = api.API.WithToken(token).Call(ctx, req); err {
case nil:
return resp, nil
case ErrUnauthorized:
// fallthrough
default:
return nil, err
}
}
// Okay, this seems a broader problem. How about we try
// and re-register ourselves again instead?
token, err = api.forceRegister(ctx)
if err != nil {
return nil, err
}
resp, err = api.API.WithToken(token).Call(ctx, req)
// fallthrough
}
if err != nil {
return nil, err
}
return resp, nil
}
func (api *PsiphonConfigAPIWithLogin) jsonCodec() JSONCodec {
if api.JSONCodec != nil {
return api.JSONCodec
}
return &defaultJSONCodec{}
}
func (api *PsiphonConfigAPIWithLogin) readstate() (*loginState, error) {
data, err := api.KVStore.Get(loginKey)
if err != nil {
return nil, err
}
var ls loginState
if err := api.jsonCodec().Decode(data, &ls); err != nil {
return nil, err
}
return &ls, nil
}
func (api *PsiphonConfigAPIWithLogin) writestate(ls *loginState) error {
data, err := api.jsonCodec().Encode(*ls)
if err != nil {
return err
}
return api.KVStore.Set(loginKey, data)
}
func (api *PsiphonConfigAPIWithLogin) doRegister(ctx context.Context, password string) (string, error) {
req := newRegisterRequest(password)
ls := &loginState{}
resp, err := api.RegisterAPI.Call(ctx, req)
if err != nil {
return "", err
}
ls.ClientID = resp.ClientID
ls.Password = req.Password
return api.doLogin(ctx, ls)
}
func (api *PsiphonConfigAPIWithLogin) forceRegister(ctx context.Context) (string, error) {
var password string
// If we already have a previous password, let us keep
// using it. This will allow a new version of the API to
// be able to continue to identify this probe. (This
// assumes that we have a stateless API that generates
// the user ID as a signature of the password plus a
// timestamp and that the key to generate the signature
// is not lost. If all these conditions are met, we
// can then serve better test targets to more long running
// (and therefore trusted) probes.)
if ls, err := api.readstate(); err == nil {
password = ls.Password
}
if password == "" {
password = newRandomPassword()
}
return api.doRegister(ctx, password)
}
func (api *PsiphonConfigAPIWithLogin) forceLogin(ctx context.Context) (string, error) {
ls, err := api.readstate()
if err != nil {
return "", err
}
return api.doLogin(ctx, ls)
}
func (api *PsiphonConfigAPIWithLogin) maybeLogin(ctx context.Context) (string, error) {
ls, _ := api.readstate()
if ls == nil || !ls.credentialsValid() {
return api.forceRegister(ctx)
}
if !ls.tokenValid() {
return api.doLogin(ctx, ls)
}
return ls.Token, nil
}
func (api *PsiphonConfigAPIWithLogin) doLogin(ctx context.Context, ls *loginState) (string, error) {
req := &apimodel.LoginRequest{
ClientID: ls.ClientID,
Password: ls.Password,
}
resp, err := api.LoginAPI.Call(ctx, req)
if err != nil {
return "", err
}
ls.Token = resp.Token
ls.Expire = resp.Expire
if err := api.writestate(ls); err != nil {
return "", err
}
return ls.Token, nil
}
var _ PsiphonConfigCaller = &PsiphonConfigAPIWithLogin{}
// TorTargetsAPIWithLogin implements login for TorTargetsAPI.
type TorTargetsAPIWithLogin struct {
API TorTargetsCloner // mandatory
JSONCodec JSONCodec // optional
KVStore KVStore // mandatory
RegisterAPI RegisterCaller // mandatory
LoginAPI LoginCaller // mandatory
}
// Call logins, if needed, then calls the API.
func (api *TorTargetsAPIWithLogin) Call(ctx context.Context, req *apimodel.TorTargetsRequest) (apimodel.TorTargetsResponse, error) {
token, err := api.maybeLogin(ctx)
if err != nil {
return nil, err
}
resp, err := api.API.WithToken(token).Call(ctx, req)
if errors.Is(err, ErrUnauthorized) {
// Maybe the clock is just off? Let's try to obtain
// a token again and see if this fixes it.
if token, err = api.forceLogin(ctx); err == nil {
switch resp, err = api.API.WithToken(token).Call(ctx, req); err {
case nil:
return resp, nil
case ErrUnauthorized:
// fallthrough
default:
return nil, err
}
}
// Okay, this seems a broader problem. How about we try
// and re-register ourselves again instead?
token, err = api.forceRegister(ctx)
if err != nil {
return nil, err
}
resp, err = api.API.WithToken(token).Call(ctx, req)
// fallthrough
}
if err != nil {
return nil, err
}
return resp, nil
}
func (api *TorTargetsAPIWithLogin) jsonCodec() JSONCodec {
if api.JSONCodec != nil {
return api.JSONCodec
}
return &defaultJSONCodec{}
}
func (api *TorTargetsAPIWithLogin) readstate() (*loginState, error) {
data, err := api.KVStore.Get(loginKey)
if err != nil {
return nil, err
}
var ls loginState
if err := api.jsonCodec().Decode(data, &ls); err != nil {
return nil, err
}
return &ls, nil
}
func (api *TorTargetsAPIWithLogin) writestate(ls *loginState) error {
data, err := api.jsonCodec().Encode(*ls)
if err != nil {
return err
}
return api.KVStore.Set(loginKey, data)
}
func (api *TorTargetsAPIWithLogin) doRegister(ctx context.Context, password string) (string, error) {
req := newRegisterRequest(password)
ls := &loginState{}
resp, err := api.RegisterAPI.Call(ctx, req)
if err != nil {
return "", err
}
ls.ClientID = resp.ClientID
ls.Password = req.Password
return api.doLogin(ctx, ls)
}
func (api *TorTargetsAPIWithLogin) forceRegister(ctx context.Context) (string, error) {
var password string
// If we already have a previous password, let us keep
// using it. This will allow a new version of the API to
// be able to continue to identify this probe. (This
// assumes that we have a stateless API that generates
// the user ID as a signature of the password plus a
// timestamp and that the key to generate the signature
// is not lost. If all these conditions are met, we
// can then serve better test targets to more long running
// (and therefore trusted) probes.)
if ls, err := api.readstate(); err == nil {
password = ls.Password
}
if password == "" {
password = newRandomPassword()
}
return api.doRegister(ctx, password)
}
func (api *TorTargetsAPIWithLogin) forceLogin(ctx context.Context) (string, error) {
ls, err := api.readstate()
if err != nil {
return "", err
}
return api.doLogin(ctx, ls)
}
func (api *TorTargetsAPIWithLogin) maybeLogin(ctx context.Context) (string, error) {
ls, _ := api.readstate()
if ls == nil || !ls.credentialsValid() {
return api.forceRegister(ctx)
}
if !ls.tokenValid() {
return api.doLogin(ctx, ls)
}
return ls.Token, nil
}
func (api *TorTargetsAPIWithLogin) doLogin(ctx context.Context, ls *loginState) (string, error) {
req := &apimodel.LoginRequest{
ClientID: ls.ClientID,
Password: ls.Password,
}
resp, err := api.LoginAPI.Call(ctx, req)
if err != nil {
return "", err
}
ls.Token = resp.Token
ls.Expire = resp.Expire
if err := api.writestate(ls); err != nil {
return "", err
}
return ls.Token, nil
}
var _ TorTargetsCaller = &TorTargetsAPIWithLogin{}
Reference in New Issue Copy Permalink