fix: use decay map

Author: jmattheis

api/oidc.go

@@ -8,13 +8,13 @@ import (
 	"fmt"
 	"log"
 	"net/http"
-	"sync"
 	"time"
 
 	"github.com/gin-gonic/gin"
 	"github.com/gotify/server/v2/auth"
 	"github.com/gotify/server/v2/config"
 	"github.com/gotify/server/v2/database"
+	"github.com/gotify/server/v2/decaymap"
 	"github.com/gotify/server/v2/model"
 	"github.com/zitadel/oidc/v3/pkg/client/rp"
 	httphelper "github.com/zitadel/oidc/v3/pkg/http"
@@ -60,7 +60,7 @@ func NewOIDC(conf *config.Configuration, db *database.GormDatabase, userChangeNo
 		PasswordStrength:   conf.PassStrength,
 		SecureCookie:       conf.Server.SecureCookie,
 		AutoRegister:       conf.OIDC.AutoRegister,
-		pendingSessions:    make(map[string]*pendingOIDCSession),
+		pendingSessions:    decaymap.NewDecayMap[string, *pendingOIDCSession](time.Now(), pendingSessionMaxAge),
 	}
 }
 
@@ -81,32 +81,7 @@ type OIDCAPI struct {
 	PasswordStrength   int
 	SecureCookie       bool
 	AutoRegister       bool
-	pendingSessions    map[string]*pendingOIDCSession
-	pendingSessionsMu  sync.Mutex
-}
-
-func (a *OIDCAPI) storePendingSession(state string, session *pendingOIDCSession) {
-	a.pendingSessionsMu.Lock()
-	defer a.pendingSessionsMu.Unlock()
-	for s, sess := range a.pendingSessions {
-		if time.Since(sess.CreatedAt) > pendingSessionMaxAge {
-			delete(a.pendingSessions, s)
-		}
-	}
-	a.pendingSessions[state] = session
-}
-
-func (a *OIDCAPI) popPendingSession(state string) (*pendingOIDCSession, bool) {
-	a.pendingSessionsMu.Lock()
-	session, ok := a.pendingSessions[state]
-	if ok {
-		delete(a.pendingSessions, state)
-	}
-	a.pendingSessionsMu.Unlock()
-	if !ok || time.Since(session.CreatedAt) > pendingSessionMaxAge {
-		return nil, false
-	}
-	return session, true
+	pendingSessions    *decaymap.DecayMap[string, *pendingOIDCSession]
 }
 
 // swagger:operation GET /auth/oidc/login oidc oidcLogin
@@ -142,7 +117,7 @@ func (a *OIDCAPI) LoginHandler() gin.HandlerFunc {
 			http.Error(w, fmt.Sprintf("failed to generate state: %v", err), http.StatusInternalServerError)
 			return
 		}
-		a.storePendingSession(state, &pendingOIDCSession{ClientName: clientName, CreatedAt: time.Now()})
+		a.pendingSessions.Set(time.Now(), state, &pendingOIDCSession{ClientName: clientName, CreatedAt: time.Now()})
 		rp.AuthURLHandler(func() string { return state }, a.Provider)(w, r)
 	})
 }
@@ -237,7 +212,7 @@ func (a *OIDCAPI) ExternalAuthorizeHandler(ctx *gin.Context) {
 		ctx.AbortWithError(http.StatusInternalServerError, err)
 		return
 	}
-	a.storePendingSession(state, &pendingOIDCSession{
+	a.pendingSessions.Set(time.Now(), state, &pendingOIDCSession{
 		RedirectURI: req.RedirectURI, ClientName: req.Name, CreatedAt: time.Now(),
 	})
 	authOpts := []rp.AuthURLOpt{
@@ -364,3 +339,11 @@ func (a *OIDCAPI) createClient(name string, userID uint) (*model.Client, error)
 	}
 	return client, a.DB.CreateClient(client)
 }
+
+func (a *OIDCAPI) popPendingSession(key string) (*pendingOIDCSession, bool) {
+	session, ok := a.pendingSessions.Pop(key)
+	if ok && time.Since(session.CreatedAt) < pendingSessionMaxAge {
+		return session, true
+	}
+	return nil, false
+}

api/oidc_test.go

@@ -7,6 +7,7 @@ import (
 	"time"
 
 	"github.com/gin-gonic/gin"
+	"github.com/gotify/server/v2/decaymap"
 	"github.com/gotify/server/v2/mode"
 	"github.com/gotify/server/v2/test"
 	"github.com/gotify/server/v2/test/testdb"
@@ -46,7 +47,7 @@ func (s *OIDCSuite) BeforeTest(suiteName, testName string) {
 		UserChangeNotifier: notifier,
 		UsernameClaim:      "preferred_username",
 		AutoRegister:       true,
-		pendingSessions:    make(map[string]*pendingOIDCSession),
+		pendingSessions:    decaymap.NewDecayMap[string, *pendingOIDCSession](time.Now(), pendingSessionMaxAge),
 	}
 }
 
@@ -60,48 +61,6 @@ func (s *OIDCSuite) Test_GenerateState_Unique() {
 	assert.NotEqual(s.T(), s1, s2)
 }
 
-func (s *OIDCSuite) Test_StoreAndPopPendingSession() {
-	session := &pendingOIDCSession{RedirectURI: "app://cb", ClientName: "phone", CreatedAt: time.Now()}
-	s.a.storePendingSession("state1", session)
-
-	got, ok := s.a.popPendingSession("state1")
-	assert.True(s.T(), ok)
-	assert.Equal(s.T(), "app://cb", got.RedirectURI)
-
-	// second pop returns nothing (consumed)
-	_, ok = s.a.popPendingSession("state1")
-	assert.False(s.T(), ok)
-}
-
-func (s *OIDCSuite) Test_PopPendingSession_UnknownState() {
-	_, ok := s.a.popPendingSession("doesnotexist")
-	assert.False(s.T(), ok)
-}
-
-func (s *OIDCSuite) Test_PopPendingSession_Expired() {
-	session := &pendingOIDCSession{RedirectURI: "x", ClientName: "x", CreatedAt: time.Now().Add(-11 * time.Minute)}
-	s.a.storePendingSession("old", session)
-
-	_, ok := s.a.popPendingSession("old")
-	assert.False(s.T(), ok)
-}
-
-func (s *OIDCSuite) Test_StorePendingSession_PrunesExpired() {
-	expired := &pendingOIDCSession{CreatedAt: time.Now().Add(-11 * time.Minute)}
-	s.a.pendingSessions["stale"] = expired
-
-	fresh := &pendingOIDCSession{CreatedAt: time.Now()}
-	s.a.storePendingSession("fresh", fresh)
-
-	s.a.pendingSessionsMu.Lock()
-	_, staleExists := s.a.pendingSessions["stale"]
-	_, freshExists := s.a.pendingSessions["fresh"]
-	s.a.pendingSessionsMu.Unlock()
-
-	assert.False(s.T(), staleExists)
-	assert.True(s.T(), freshExists)
-}
-
 func (s *OIDCSuite) Test_ResolveUser_ExistingUser() {
 	s.db.NewUserWithName(1, "alice")
 
@@ -224,7 +183,7 @@ func (s *OIDCSuite) Test_ExternalTokenHandler_InvalidJSON() {
 
 func (s *OIDCSuite) Test_ExternalTokenHandler_UnknownState() {
 	s.ctx.Request = httptest.NewRequest("POST", "/auth/oidc/external/token", strings.NewReader(
-		`{"code":"abc","state":"bogus:1234","code_verifier":"v"}`,
+		`{"code":"abc","state":"bogus","code_verifier":"v"}`,
 	))
 	s.ctx.Request.Header.Set("Content-Type", "application/json")
 

decaymap/decaymap.go

@@ -7,7 +7,7 @@ import (
 
 // DecayMap is a coarse-grained paired map that bulk-frees outdated entries.
 type DecayMap[K comparable, V any] struct {
-	mu         sync.RWMutex
+	mu         sync.Mutex
 	maps       [2]map[K]V
 	epoch      time.Time
 	lastInsert time.Time
@@ -24,16 +24,21 @@ func NewDecayMap[K comparable, V any](epoch time.Time, period time.Duration) *De
 	}
 }
 
-// Attempts to retrieve a value from the store, does not guarantee the value is unexpired.
-func (m *DecayMap[K, V]) Get(key K) (res V, ok bool) {
-	m.mu.RLock()
-	defer m.mu.RUnlock()
-	res, ok = m.maps[0][key]
+// Attempts to retrieve and remove a value from the store, does not guarantee the value is unexpired.
+func (m *DecayMap[K, V]) Pop(key K) (V, bool) {
+	m.mu.Lock()
+	defer m.mu.Unlock()
+	res, ok := m.maps[0][key]
 	if ok {
-		return
+		delete(m.maps[0], key)
+		return res, ok
 	}
 	res, ok = m.maps[1][key]
-	return
+	if ok {
+		delete(m.maps[1], key)
+		return res, ok
+	}
+	return res, ok
 }
 
 // Sets a value in the store, overwriting the existing value if exists.

decaymap/decaymap_test.go

@@ -1,39 +1,41 @@
-
 package decaymap
 
 import (
-	"fmt"
 	"testing"
 	"time"
 
 	"github.com/stretchr/testify/assert"
 )
 
-func TestDecayMap2(t *testing.T) {
+func TestDecayMap(t *testing.T) {
 	epoch := time.Now()
-	dm := NewDecayMap[string, string](epoch, 10*time.Millisecond)
-
-	now := epoch
-	for ts := 0; ts < 100; ts++ {
-		dm.Set(now, fmt.Sprintf("key%d", ts), fmt.Sprintf("value%d", ts))
-		for backts := 0; backts < ts; backts++ {
-			res, ok := dm.Get(fmt.Sprintf("key%d", backts))
-			if ts-backts <= 10 {
-				assert.True(t, ok)
-				assert.Equal(t, fmt.Sprintf("value%d", backts), res)
-			} else if ts-backts >= 20 {
-				assert.False(t, ok)
-				assert.Equal(t, "", res)
-			}
-		}
-		now = now.Add(1 * time.Millisecond)
-	}
-
-	now = now.Add(20 * time.Millisecond)
-	dm.Set(now, "dummy", "dummy") // rachet internal state
-	for ts := 0; ts < 100; ts++ {
-		res, ok := dm.Get(fmt.Sprintf("key%d", ts))
-		assert.False(t, ok)
-		assert.Equal(t, "", res)
-	}
+	dm := NewDecayMap[string, string](epoch, 10*time.Second)
+
+	dm.Set(epoch.Add(1*time.Second), "11", "value11")
+	dm.Set(epoch.Add(2*time.Second), "12", "value12")
+	dm.Set(epoch.Add(3*time.Second), "13", "value13")
+
+	value, ok := dm.Pop("11")
+	assert.True(t, ok)
+	assert.Equal(t, "value11", value)
+
+	_, ok = dm.Pop("11")
+	assert.False(t, ok)
+
+	dm.Set(epoch.Add(11*time.Second), "21", "value21")
+	dm.Set(epoch.Add(12*time.Second), "22", "value22")
+	dm.Set(epoch.Add(13*time.Second), "23", "value23")
+
+	value, ok = dm.Pop("21")
+	assert.True(t, ok)
+	assert.Equal(t, "value21", value)
+
+	value, ok = dm.Pop("12")
+	assert.True(t, ok)
+	assert.Equal(t, "value12", value)
+
+	dm.Set(epoch.Add(21*time.Second), "31", "value31")
+
+	_, ok = dm.Pop("13")
+	assert.False(t, ok)
 }