Skip to content

Commit

Permalink
Remove bottleneck from ZTA implementations
Browse files Browse the repository at this point in the history
  • Loading branch information
@josevalim
josevalim committed Sep 16, 2023
1 parent b427a0e commit e37b2ce
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 12 deletions.
11 changes: 5 additions & 6 deletions lib/livebook/zta/cloudflare.ex
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,8 +28,8 @@ defmodule Livebook.ZTA.Cloudflare do

def authenticate(name, conn, fields: fields) do
token = get_req_header(conn, @assertion)
user = GenServer.call(name, {:authenticate, token, fields})
{conn, user}
{identity, keys} = GenServer.call(name, :info, :infinity)
{conn, authenticate_user(token, fields, identity, keys)}
end

@impl true
Expand All @@ -39,9 +39,8 @@ defmodule Livebook.ZTA.Cloudflare do
end

@impl true
def handle_call({:authenticate, token, fields}, _from, state) do
user = authenticated_user(token, fields, state.identity, state.keys)
{:reply, user, state}
def handle_call(:info, _from, state) do
{:reply, {state.identity, state.keys}, state}
end

@impl true
Expand All @@ -56,7 +55,7 @@ defmodule Livebook.ZTA.Cloudflare do
keys
end

defp authenticated_user(token, _fields, identity, keys) do
defp authenticate_user(token, _fields, identity, keys) do
with [encoded_token] <- token,
{:ok, token} <- verify_token(encoded_token, keys),
:ok <- verify_iss(token, identity.iss),
Expand Down
11 changes: 5 additions & 6 deletions lib/livebook/zta/google_iap.ex
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,8 +32,8 @@ defmodule Livebook.ZTA.GoogleIAP do

def authenticate(name, conn, fields: fields) do
token = get_req_header(conn, @assertion)
user = GenServer.call(name, {:authenticate, token, fields})
{conn, user}
{identity, keys} = GenServer.call(name, :info, :infinity)
{conn, authenticate_user(token, fields, identity, keys)}
end

@impl true
Expand All @@ -43,9 +43,8 @@ defmodule Livebook.ZTA.GoogleIAP do
end

@impl true
def handle_call({:authenticate, token, fields}, _from, state) do
user = authenticated_user(token, fields, state.identity, state.keys)
{:reply, user, state}
def handle_call(:info, _from, state) do
{:reply, {state.identity, state.keys}, state}
end

@impl true
Expand All @@ -60,7 +59,7 @@ defmodule Livebook.ZTA.GoogleIAP do
keys
end

defp authenticated_user(token, _fields, identity, keys) do
defp authenticate_user(token, _fields, identity, keys) do
with [encoded_token] <- token,
{:ok, token} <- verify_token(encoded_token, keys),
:ok <- verify_iss(token, identity.iss, identity.key) do
Expand Down

0 comments on commit e37b2ce

Please sign in to comment.