Skip to content

Commit

Permalink
cmd: Resolves recursive stack overflow (ory#81)
Browse files Browse the repository at this point in the history
Closes ory#80
  • Loading branch information
arekkas authored Jul 7, 2018
1 parent 1387f9f commit 0594cda
Show file tree
Hide file tree
Showing 3 changed files with 37 additions and 34 deletions.
65 changes: 34 additions & 31 deletions cmd/helper_server.go
Original file line number Diff line number Diff line change
Expand Up @@ -50,53 +50,56 @@ func getHydraSDK() hydra.SDK {
return sdk
}

func refreshRules(m rule.Refresher, fails int) {
func refreshRules(m rule.Refresher) {
duration, _ := time.ParseDuration(viper.GetString("RULES_REFRESH_INTERVAL"))
if duration == 0 {
duration = time.Second * 30
}

if err := m.Refresh(); err != nil {
logger.WithError(err).WithField("retry", fails).Errorln("Unable to refresh rules")
if fails > 15 {
logger.WithError(err).WithField("retry", fails).Fatalf("Terminating after retry %d\n", fails)
}

time.Sleep(time.Second * time.Duration(fails+1))
refreshRules(m, fails+1)
return
}
var fails int
for {
if err := m.Refresh(); err != nil {
logger.WithError(err).WithField("retry", fails).Errorln("Unable to refresh rules")
if fails > 15 {
logger.WithError(err).WithField("retry", fails).Fatalf("Terminating after retry %d\n", fails)
}

time.Sleep(duration)
time.Sleep(time.Second * time.Duration(fails+1))

refreshRules(m, 0)
fails++
} else {
time.Sleep(duration)
fails = 0
}
}
}

func refreshKeys(k rsakey.Manager, fails int) {
func refreshKeys(k rsakey.Manager) {
duration, _ := time.ParseDuration(viper.GetString("CREDENTIALS_ISSUER_ID_TOKEN_JWK_REFRESH_INTERVAL"))
if duration == 0 {
duration = time.Minute * 5
}

if err := k.Refresh(); err != nil {
logger.WithError(err).WithField("retry", fails).Errorln("Unable to refresh keys for signing ID Token, 'id_token' credentials issuer will not work.")
//if fails > 15 {
// logger.WithError(err).WithField("retry", fails).Fatalf("Terminating after retry %d\n", fails)
//}

wait := fails
if wait > 10 {
wait = 10
var fails int
for {
if err := k.Refresh(); err != nil {
logger.WithError(err).WithField("retry", fails).Errorln("Unable to refresh keys for signing ID Token, 'id_token' credentials issuer will not work.")
//if fails > 15 {
// logger.WithError(err).WithField("retry", fails).Fatalf("Terminating after retry %d\n", fails)
//}

wait := fails
if wait > 10 {
wait = 10
}
time.Sleep(time.Second * time.Duration(wait^2))

fails++
} else {
fails = 0
time.Sleep(duration)
}
time.Sleep(time.Second * time.Duration(wait^2))

refreshKeys(k, fails+1)
return
}

time.Sleep(duration)

refreshKeys(k, 1)
}

func keyManagerFactory(l logrus.FieldLogger) (keyManager rsakey.Manager, err error) {
Expand Down
2 changes: 1 addition & 1 deletion cmd/serve_api.go
Original file line number Diff line number Diff line change
Expand Up @@ -109,7 +109,7 @@ HTTP CONTROLS
n.UseHandler(router)
ch := cors.New(corsx.ParseOptions()).Handler(n)

go refreshKeys(keyManager, 0)
go refreshKeys(keyManager)

addr := fmt.Sprintf("%s:%s", viper.GetString("HOST"), viper.GetString("PORT"))
server := graceful.WithDefaults(&http.Server{
Expand Down
4 changes: 2 additions & 2 deletions cmd/serve_proxy.go
Original file line number Diff line number Diff line change
Expand Up @@ -159,8 +159,8 @@ OTHER CONTROLS
logger.WithError(err).Fatalln("Unable to initialize the ID Token signing algorithm")
}

go refreshRules(matcher, 0)
go refreshKeys(keyManager, 0)
go refreshRules(matcher)
go refreshKeys(keyManager)

var authorizers = []proxy.Authorizer{
proxy.NewAuthorizerAllow(),
Expand Down

0 comments on commit 0594cda

Please sign in to comment.