Make maxRetries and delay configurable with config files
This commit is contained in:
Rob Kenis
parent
96c5dbd992
commit
d0e5852835
@ -17,6 +17,7 @@ package auth
|
|||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"github.com/fatedier/frp/pkg/util/xlog"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/coreos/go-oidc/v3/oidc"
|
"github.com/coreos/go-oidc/v3/oidc"
|
||||||
@ -31,6 +32,8 @@ type OidcAuthProvider struct {
|
|||||||
additionalAuthScopes []v1.AuthScope
|
additionalAuthScopes []v1.AuthScope
|
||||||
|
|
||||||
tokenGenerator *clientcredentials.Config
|
tokenGenerator *clientcredentials.Config
|
||||||
|
|
||||||
|
retryConfig v1.AuthRetryConfig
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewOidcAuthSetter(additionalAuthScopes []v1.AuthScope, cfg v1.AuthOIDCClientConfig) *OidcAuthProvider {
|
func NewOidcAuthSetter(additionalAuthScopes []v1.AuthScope, cfg v1.AuthOIDCClientConfig) *OidcAuthProvider {
|
||||||
@ -54,16 +57,19 @@ func NewOidcAuthSetter(additionalAuthScopes []v1.AuthScope, cfg v1.AuthOIDCClien
|
|||||||
return &OidcAuthProvider{
|
return &OidcAuthProvider{
|
||||||
additionalAuthScopes: additionalAuthScopes,
|
additionalAuthScopes: additionalAuthScopes,
|
||||||
tokenGenerator: tokenGenerator,
|
tokenGenerator: tokenGenerator,
|
||||||
|
retryConfig: cfg.AuthRetryConfig,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func withRetries(retries int, fn func() (accessToken string, error error)) (accessToken string, err error) {
|
func withRetries(retries int, delay time.Duration, fn func() (accessToken string, error error)) (accessToken string, err error) {
|
||||||
exponentialBackOff := time.Second * 1
|
xl := xlog.FromContextSafe(context.Background())
|
||||||
|
exponentialBackOff := time.Second * delay
|
||||||
for i := 0; i < retries; i++ {
|
for i := 0; i < retries; i++ {
|
||||||
accessToken, err = fn()
|
accessToken, err = fn()
|
||||||
if err == nil {
|
if err == nil {
|
||||||
return accessToken, nil
|
return accessToken, nil
|
||||||
}
|
}
|
||||||
|
xl.Warn("Failed to generate OIDC token for login: %v. Retrying %i more times", err, retries-i)
|
||||||
time.Sleep(exponentialBackOff)
|
time.Sleep(exponentialBackOff)
|
||||||
exponentialBackOff *= 2
|
exponentialBackOff *= 2
|
||||||
}
|
}
|
||||||
@ -71,7 +77,7 @@ func withRetries(retries int, fn func() (accessToken string, error error)) (acce
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (auth *OidcAuthProvider) generateAccessToken() (accessToken string, err error) {
|
func (auth *OidcAuthProvider) generateAccessToken() (accessToken string, err error) {
|
||||||
return withRetries(10, func() (accessToken string, error error) {
|
return withRetries(auth.retryConfig.MaxRetries, auth.retryConfig.RetryDelay, func() (accessToken string, error error) {
|
||||||
tokenObj, err := auth.tokenGenerator.Token(context.Background())
|
tokenObj, err := auth.tokenGenerator.Token(context.Background())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", fmt.Errorf("couldn't generate OIDC token for login: %v", err)
|
return "", fmt.Errorf("couldn't generate OIDC token for login: %v", err)
|
||||||
|
|||||||
@ -38,6 +38,9 @@ type ClientCommonConfig struct {
|
|||||||
// changed to "{user}.{proxy_name}".
|
// changed to "{user}.{proxy_name}".
|
||||||
User string `json:"user,omitempty"`
|
User string `json:"user,omitempty"`
|
||||||
|
|
||||||
|
// AuthRetryConfig specifies the retry strategy for retrieving access tokens.
|
||||||
|
AuthRetryConfig AuthRetryConfig `json:"authRetry,omitempty"`
|
||||||
|
|
||||||
// ServerAddr specifies the address of the server to connect to. By
|
// ServerAddr specifies the address of the server to connect to. By
|
||||||
// default, this value is "0.0.0.0".
|
// default, this value is "0.0.0.0".
|
||||||
ServerAddr string `json:"serverAddr,omitempty"`
|
ServerAddr string `json:"serverAddr,omitempty"`
|
||||||
@ -197,4 +200,6 @@ type AuthOIDCClientConfig struct {
|
|||||||
// AdditionalEndpointParams specifies additional parameters to be sent
|
// AdditionalEndpointParams specifies additional parameters to be sent
|
||||||
// this field will be transfer to map[string][]string in OIDC token generator.
|
// this field will be transfer to map[string][]string in OIDC token generator.
|
||||||
AdditionalEndpointParams map[string]string `json:"additionalEndpointParams,omitempty"`
|
AdditionalEndpointParams map[string]string `json:"additionalEndpointParams,omitempty"`
|
||||||
|
// AuthRetryConfig specifies the retry strategy for retrieving access tokens.
|
||||||
|
AuthRetryConfig AuthRetryConfig `json:"authRetry,omitempty"`
|
||||||
}
|
}
|
||||||
|
|||||||
@ -16,6 +16,7 @@ package v1
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"github.com/fatedier/frp/pkg/util/util"
|
"github.com/fatedier/frp/pkg/util/util"
|
||||||
|
"time"
|
||||||
)
|
)
|
||||||
|
|
||||||
type AuthScope string
|
type AuthScope string
|
||||||
@ -115,3 +116,12 @@ type HTTPPluginOptions struct {
|
|||||||
type HeaderOperations struct {
|
type HeaderOperations struct {
|
||||||
Set map[string]string `json:"set,omitempty"`
|
Set map[string]string `json:"set,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type AuthRetryConfig struct {
|
||||||
|
// MaxRetries specifies the maximum number of retries to authenticate
|
||||||
|
// with frps. By default, this value is 0.
|
||||||
|
MaxRetries int `json:"maxRetries,omitempty"`
|
||||||
|
// RetryDelay specifies the delay between retries to authenticate with
|
||||||
|
// frps, in seconds. By default, this value is 1.
|
||||||
|
RetryDelay time.Duration `json:"retryDelay,omitempty"`
|
||||||
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user