Skip to content

Commit

Permalink
Use a pool for redis connection
Browse files Browse the repository at this point in the history
  • Loading branch information
Tharsanan1 authored and tharindu1st committed Oct 31, 2023
1 parent a46a634 commit d9066ec
Showing 1 changed file with 38 additions and 33 deletions.
71 changes: 38 additions & 33 deletions common-controller/internal/web/notify_handler.go
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,8 @@ import (
"io/ioutil"
"strings"
"encoding/base64"
"encoding/json"
"encoding/json"
utilruntime "k8s.io/apimachinery/pkg/util/runtime"
)

const tokenRevocationType = "TOKEN_REVOCATION"
Expand Down Expand Up @@ -61,6 +62,7 @@ var (
tokenExpiryDivider = "_##_"
authKeyPath string
authKeyHeader string
rdb *redis.Client
)

func init() {
Expand All @@ -77,6 +79,41 @@ func init() {
redisRevokedTokenChannel = conf.CommonController.Redis.RevokedTokenChannel
authKeyPath = conf.CommonController.Sts.AuthKeyPath
authKeyHeader = conf.CommonController.Sts.AuthKeyHeader
utilruntime.Must(initRedisClient())
}

// initRedisClient initializes the redis connection
func initRedisClient() error {
if isTLSEnabled {
cert, err := tls.LoadX509KeyPair(redisUserCertPath, redisUserKeyPath)
if err != nil {
return err;
}
caCert, err := os.ReadFile(redisCACertPath)
if err != nil {
return err;
}
caCertPool := x509.NewCertPool()
caCertPool.AppendCertsFromPEM(caCert)

rdb = redis.NewClient(&redis.Options{
Addr: redisAddr,
Username: redisUsername,
Password: redisPassword,
TLSConfig: &tls.Config{
MinVersion: tls.VersionTLS12,
Certificates: []tls.Certificate{cert},
RootCAs: caCertPool,
},
})
} else {
rdb = redis.NewClient(&redis.Options{
Addr: redisAddr,
Username: redisUsername,
Password: redisPassword,
})
}
return nil;
}

// NotifyHandler handles notify requests
Expand Down Expand Up @@ -135,38 +172,6 @@ func generateKey(jti string) string {
}

func storeTokenInRedis(token string, expiry int64) error {
var rdb *redis.Client
if isTLSEnabled {
cert, err := tls.LoadX509KeyPair(redisUserCertPath, redisUserKeyPath)
if err != nil {
return err;
}

caCert, err := os.ReadFile(redisCACertPath)
if err != nil {
return err;
}
caCertPool := x509.NewCertPool()
caCertPool.AppendCertsFromPEM(caCert)

rdb = redis.NewClient(&redis.Options{
Addr: redisAddr,
Username: redisUsername,
Password: redisPassword,
TLSConfig: &tls.Config{
MinVersion: tls.VersionTLS12,
Certificates: []tls.Certificate{cert},
RootCAs: caCertPool,
},
})
} else {
rdb = redis.NewClient(&redis.Options{
Addr: redisAddr,
Username: redisUsername,
Password: redisPassword,
})
}
defer rdb.Close()
key := generateKey(token)
err := rdb.Do(context.Background(), "set", key, expiry, "EXAT", expiry).Err()
if err != nil {
Expand Down

0 comments on commit d9066ec

Please sign in to comment.