2023-10-23 12:05:20 +00:00
|
|
|
// Package redis implements a Redis backed storage for secrets
|
|
|
|
package redis
|
2017-08-03 12:13:53 +00:00
|
|
|
|
|
|
|
import (
|
2023-06-09 23:36:01 +00:00
|
|
|
"context"
|
2023-10-23 12:05:20 +00:00
|
|
|
"errors"
|
2017-08-03 12:13:53 +00:00
|
|
|
"fmt"
|
|
|
|
"os"
|
2018-05-05 11:56:53 +00:00
|
|
|
"strings"
|
2023-06-09 23:36:01 +00:00
|
|
|
"time"
|
2017-08-03 12:13:53 +00:00
|
|
|
|
2023-10-23 12:05:20 +00:00
|
|
|
"github.com/Luzifer/ots/pkg/storage"
|
2023-06-14 13:20:14 +00:00
|
|
|
"github.com/gofrs/uuid"
|
2023-06-09 23:36:01 +00:00
|
|
|
redis "github.com/redis/go-redis/v9"
|
2017-08-03 12:13:53 +00:00
|
|
|
)
|
|
|
|
|
2023-10-23 12:05:20 +00:00
|
|
|
const (
|
|
|
|
redisDefaultPrefix = "io.luzifer.ots"
|
|
|
|
redisScanCount = 10
|
|
|
|
)
|
2023-06-09 23:36:01 +00:00
|
|
|
|
2017-08-03 12:13:53 +00:00
|
|
|
type storageRedis struct {
|
2023-06-09 23:36:01 +00:00
|
|
|
conn *redis.Client
|
2017-08-03 12:13:53 +00:00
|
|
|
}
|
|
|
|
|
2023-10-23 12:05:20 +00:00
|
|
|
// New returns a new Redis backed storage
|
|
|
|
func New() (storage.Storage, error) {
|
2017-08-03 12:13:53 +00:00
|
|
|
if os.Getenv("REDIS_URL") == "" {
|
|
|
|
return nil, fmt.Errorf("REDIS_URL environment variable not set")
|
|
|
|
}
|
|
|
|
|
2023-06-09 23:36:01 +00:00
|
|
|
// We replace the old URI format
|
|
|
|
// tcp://auth:password@127.0.0.1:6379/0
|
|
|
|
// with the new one
|
|
|
|
// redis://<user>:<password>@<host>:<port>/<db_number>
|
|
|
|
// in order to maintain backwards compatibility
|
|
|
|
opt, err := redis.ParseURL(strings.Replace(os.Getenv("REDIS_URL"), "tcp://", "redis://", 1))
|
2017-08-03 12:13:53 +00:00
|
|
|
if err != nil {
|
2023-10-23 12:05:20 +00:00
|
|
|
return nil, fmt.Errorf("parsing REDIS_URL: %w", err)
|
2017-08-03 12:13:53 +00:00
|
|
|
}
|
|
|
|
|
2018-05-05 11:56:53 +00:00
|
|
|
s := &storageRedis{
|
2023-06-09 23:36:01 +00:00
|
|
|
conn: redis.NewClient(opt),
|
2018-05-05 11:56:53 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return s, nil
|
|
|
|
}
|
|
|
|
|
2023-10-23 12:05:20 +00:00
|
|
|
func (s storageRedis) Count() (n int64, err error) {
|
|
|
|
var cursor uint64
|
|
|
|
|
|
|
|
for {
|
|
|
|
var keys []string
|
|
|
|
|
|
|
|
keys, cursor, err = s.conn.Scan(context.Background(), cursor, s.redisKey("*"), redisScanCount).Result()
|
|
|
|
if err != nil {
|
|
|
|
return n, fmt.Errorf("scanning stored keys: %w", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
n += int64(len(keys))
|
|
|
|
if cursor == 0 {
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return n, nil
|
|
|
|
}
|
|
|
|
|
2023-06-09 23:36:01 +00:00
|
|
|
func (s storageRedis) Create(secret string, expireIn time.Duration) (string, error) {
|
2018-10-06 18:08:21 +00:00
|
|
|
id := uuid.Must(uuid.NewV4()).String()
|
2023-06-10 18:36:11 +00:00
|
|
|
err := s.conn.Set(context.Background(), s.redisKey(id), secret, expireIn).Err()
|
2023-10-23 12:05:20 +00:00
|
|
|
if err != nil {
|
|
|
|
return "", fmt.Errorf("writing redis key: %w", err)
|
|
|
|
}
|
2017-08-03 12:13:53 +00:00
|
|
|
|
2023-10-23 12:05:20 +00:00
|
|
|
return id, nil
|
2017-08-03 12:13:53 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (s storageRedis) ReadAndDestroy(id string) (string, error) {
|
2023-06-09 23:36:01 +00:00
|
|
|
secret, err := s.conn.Get(context.Background(), s.redisKey(id)).Result()
|
2017-08-03 12:13:53 +00:00
|
|
|
if err != nil {
|
2023-06-09 23:36:01 +00:00
|
|
|
if errors.Is(err, redis.Nil) {
|
2023-10-23 12:05:20 +00:00
|
|
|
return "", storage.ErrSecretNotFound
|
2023-06-09 23:36:01 +00:00
|
|
|
}
|
2023-10-23 12:05:20 +00:00
|
|
|
return "", fmt.Errorf("getting key: %w", err)
|
2017-08-03 12:13:53 +00:00
|
|
|
}
|
|
|
|
|
2023-06-09 23:36:01 +00:00
|
|
|
err = s.conn.Del(context.Background(), s.redisKey(id)).Err()
|
2023-10-23 12:05:20 +00:00
|
|
|
if err != nil {
|
|
|
|
return secret, fmt.Errorf("deleting key: %w", err)
|
|
|
|
}
|
|
|
|
return secret, nil
|
2017-08-03 12:13:53 +00:00
|
|
|
}
|
2018-05-05 11:56:53 +00:00
|
|
|
|
2023-10-04 20:53:29 +00:00
|
|
|
func (storageRedis) redisKey(id string) string {
|
2023-06-09 23:36:01 +00:00
|
|
|
prefix := redisDefaultPrefix
|
|
|
|
if prfx := os.Getenv("REDIS_KEY"); prfx != "" {
|
|
|
|
prefix = prfx
|
|
|
|
}
|
|
|
|
|
|
|
|
return strings.Join([]string{prefix, id}, ":")
|
2018-05-05 11:56:53 +00:00
|
|
|
}
|