logical/framework: simplify calculation of lease renew
This commit is contained in:
Armon Dadgar
parent
ae02203624
commit
cfab07b19f
|
|
@ -13,7 +13,7 @@ import (
|
|||
// setting it to 2 hours forces a renewal within the next 2 hours again.
|
||||
//
|
||||
// maxSession is the maximum session length allowed since the original
|
||||
// issue time. If this is zero, it is ignored,.
|
||||
// issue time. If this is zero, it is ignored.
|
||||
func LeaseExtend(max, maxSession time.Duration) OperationFunc {
|
||||
return func(req *logical.Request, data *FieldData) (*logical.Response, error) {
|
||||
lease := detectLease(req)
|
||||
|
|
@ -21,55 +21,44 @@ func LeaseExtend(max, maxSession time.Duration) OperationFunc {
|
|||
return nil, fmt.Errorf("no lease options for request")
|
||||
}
|
||||
|
||||
// Sanity check the desired increment
|
||||
switch {
|
||||
// Protect against negative leases
|
||||
case lease.LeaseIncrement < 0:
|
||||
return logical.ErrorResponse(
|
||||
"increment must be greater than 0"), logical.ErrInvalidRequest
|
||||
|
||||
// If no lease increment, or too large of an increment, use the max
|
||||
case max > 0 && lease.LeaseIncrement == 0, max > 0 && lease.LeaseIncrement > max:
|
||||
lease.LeaseIncrement = max
|
||||
}
|
||||
|
||||
// Get the current time
|
||||
now := time.Now().UTC()
|
||||
|
||||
// Check if we're passed the issue limit
|
||||
var maxSessionTime time.Time
|
||||
if maxSession > 0 {
|
||||
maxSessionTime = lease.LeaseIssue.Add(maxSession)
|
||||
if maxSessionTime.Sub(now) <= 0 {
|
||||
if maxSessionTime.Before(now) {
|
||||
return logical.ErrorResponse(fmt.Sprintf(
|
||||
"lease can only be renewed up to %s past original issue",
|
||||
maxSession)), logical.ErrInvalidRequest
|
||||
}
|
||||
}
|
||||
|
||||
// Protect against negative leases
|
||||
if lease.LeaseIncrement < 0 {
|
||||
return logical.ErrorResponse(
|
||||
"increment must be greater than 0"), logical.ErrInvalidRequest
|
||||
}
|
||||
|
||||
// If the lease is zero, then assume max
|
||||
if lease.LeaseIncrement == 0 {
|
||||
lease.LeaseIncrement = max
|
||||
}
|
||||
|
||||
// If the increment is greater than the amount of time we have left
|
||||
// on our session, set it to that.
|
||||
if !maxSessionTime.IsZero() {
|
||||
diff := maxSessionTime.Sub(lease.ExpirationTime())
|
||||
if diff < lease.LeaseIncrement {
|
||||
lease.LeaseIncrement = diff
|
||||
}
|
||||
// The new lease is the minimum of the requested LeaseIncrement
|
||||
// or the maxSessionTime
|
||||
requestedLease := now.Add(lease.LeaseIncrement)
|
||||
if !maxSessionTime.IsZero() && requestedLease.After(maxSessionTime) {
|
||||
requestedLease = maxSessionTime
|
||||
}
|
||||
|
||||
// Determine the requested lease
|
||||
newLease := lease.IncrementedLease(lease.LeaseIncrement)
|
||||
|
||||
if max > 0 {
|
||||
// Determine if the requested lease is too long
|
||||
maxExpiration := now.Add(max)
|
||||
newExpiration := now.Add(newLease)
|
||||
if newExpiration.Sub(maxExpiration) > 0 {
|
||||
// The new expiration is past the max expiration. In this
|
||||
// case, admit the longest lease we can.
|
||||
newLease = maxExpiration.Sub(lease.ExpirationTime())
|
||||
}
|
||||
}
|
||||
newLeaseDuration := requestedLease.Sub(now)
|
||||
|
||||
// Set the lease
|
||||
lease.Lease = newLease
|
||||
lease.Lease = newLeaseDuration
|
||||
return &logical.Response{Auth: req.Auth, Secret: req.Secret}, nil
|
||||
}
|
||||
}
|
||||
|
|
@ -80,6 +69,5 @@ func detectLease(req *logical.Request) *logical.LeaseOptions {
|
|||
} else if req.Secret != nil {
|
||||
return &req.Secret.LeaseOptions
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue