rename variables

Author: StekPerepolnen

ydb/mvp/oidc_proxy/context.cpp

@@ -7,8 +7,7 @@
 #include "oidc_settings.h"
 #include "context.h"
 
-namespace NMVP {
-namespace NOIDC {
+namespace NMVP::NOIDC {
 
 TContext::TContext(const TInitializer& initializer)
     : State(initializer.State)
@@ -94,5 +93,4 @@ TStringBuf TContext::GetRequestedUrl(const NHttp::THttpIncomingRequestPtr& reque
     return requestedUrl;
 }
 
-} // NOIDC
-} // NMVP
+} // NMVP::NOIDC

ydb/mvp/oidc_proxy/context.h

@@ -10,8 +10,7 @@ using THttpIncomingRequestPtr = TIntrusivePtr<THttpIncomingRequest>;
 
 }
 
-namespace NMVP {
-namespace NOIDC {
+namespace NMVP::NOIDC {
 
 class TContext {
 public:
@@ -45,5 +44,4 @@ class TContext {
     TString GenerateCookie(const TString& key) const;
 };
 
-} // NOIDC
-} // NMVP
+} // NMVP::NOIDC

ydb/mvp/oidc_proxy/mvp.cpp

@@ -28,8 +28,7 @@
 
 NActors::IActor* CreateMemProfiler();
 
-namespace NMVP {
-namespace NOIDC {
+namespace NMVP::NOIDC {
 
 namespace {
 
@@ -418,5 +417,4 @@ THolder<NActors::TActorSystemSetup> TMVP::BuildActorSystemSetup(int argc, char**
 
 TAtomic TMVP::Quit = false;
 
-} // NOIDC
-} // NMVP
+} // NMVP::NOIDC

ydb/mvp/oidc_proxy/mvp.h

@@ -12,8 +12,7 @@
 #include <contrib/libs/yaml-cpp/include/yaml-cpp/yaml.h>
 #include "oidc_settings.h"
 
-namespace NMVP {
-namespace NOIDC {
+namespace NMVP::NOIDC {
 
 const TString& GetEServiceName(NActors::NLog::EComponent component);
 
@@ -72,5 +71,4 @@ class TMVP {
     int Shutdown();
 };
 
-} // namespace NOIDC
-} // namespace NMVP
+} // NMVP::NOIDC

ydb/mvp/oidc_proxy/oidc_client.cpp

@@ -4,8 +4,9 @@
 #include "oidc_impersonate_start_page_nebius.h"
 #include "oidc_impersonate_stop_page_nebius.h"
 
-namespace NMVP {
-namespace NOIDC {
+namespace NMVP::NOIDC {
+
+using namespace NActors;
 
 void InitOIDC(NActors::TActorSystem& actorSystem,
               const NActors::TActorId& httpProxyId,
@@ -37,5 +38,4 @@ void InitOIDC(NActors::TActorSystem& actorSystem,
                     );
 }
 
-}  // NOIDC
-}  // NMVP
+} // NMVP::NOIDC

ydb/mvp/oidc_proxy/oidc_client.h

@@ -5,12 +5,10 @@ class TActorSystem;
 struct TActorId;
 
 }  // NActors
-namespace NMVP {
-namespace NOIDC {
+namespace NMVP::NOIDC {
 
 struct TOpenIdConnectSettings;
 
 void InitOIDC(NActors::TActorSystem& actorSystem, const NActors::TActorId& httpProxyId, const TOpenIdConnectSettings& settings);
 
-}  // NOIDC
-}  // NMVP
+} // NMVP::NOIDC

ydb/mvp/oidc_proxy/oidc_impersonate_start_page_nebius.cpp

@@ -1,4 +1,5 @@
 #include <library/cpp/string_utils/base64/base64.h>
+#include <library/cpp/string_utils/quote/quote.h>
 #include <ydb/library/actors/http/http.h>
 #include <ydb/library/security/util.h>
 #include <ydb/mvp/core/mvp_log.h>
@@ -7,21 +8,21 @@
 #include "oidc_session_create.h"
 #include "oidc_impersonate_start_page_nebius.h"
 
-namespace NMVP {
-namespace NOIDC {
+namespace NMVP::NOIDC {
 
 THandlerImpersonateStart::THandlerImpersonateStart(const NActors::TActorId& sender,
-                                                const NHttp::THttpIncomingRequestPtr& request,
-                                                const NActors::TActorId& httpProxyId,
-                                                const TOpenIdConnectSettings& settings)
+                                                   const NHttp::THttpIncomingRequestPtr& request,
+                                                   const NActors::TActorId& httpProxyId,
+                                                   const TOpenIdConnectSettings& settings)
     : Sender(sender)
     , Request(request)
     , HttpProxyId(httpProxyId)
     , Settings(settings)
 {}
 
 void THandlerImpersonateStart::Bootstrap(const NActors::TActorContext& ctx) {
-    LOG_DEBUG_S(ctx, EService::MVP, "Start impersonation process");
+    BLOG_D("Start impersonation process");
+
     NHttp::TUrlParameters urlParameters(Request->URL);
     TString serviceAccountId = urlParameters["service_account_id"];
 
@@ -31,32 +32,26 @@ void THandlerImpersonateStart::Bootstrap(const NActors::TActorContext& ctx) {
     TString sessionCookieName = CreateNameSessionCookie(Settings.ClientId);
     TStringBuf sessionCookieValue = cookies.Get(sessionCookieName);
     if (!sessionCookieValue.Empty()) {
-        LOG_DEBUG_S(ctx, EService::MVP, "Using session cookie (" << sessionCookieName << ": " << NKikimr::MaskTicket(sessionCookieValue) << ")");
+        BLOG_D("Using session cookie (" << sessionCookieName << ": " << NKikimr::MaskTicket(sessionCookieValue) << ")");
     }
+    TString sessionToken = DecodeToken(sessionCookieValue);
+    TStringBuf impersonatedCookieValue = GetCookie(cookies, CreateNameImpersonatedCookie(Settings.ClientId));
 
-    TString sessionToken = DecodeToken(sessionCookieValue, ctx);
-
-    TString jsonError;
     if (sessionToken.empty()) {
-        jsonError = "Wrong impersonate parameter: session cookie not found";
-    } else if (serviceAccountId.empty()) {
-        jsonError = "Wrong impersonate parameter: account_id not found";
+        return ReplyBadRequestAndDie("Wrong impersonate parameter: session cookie not found", ctx);
     }
-
-    if (jsonError) {
-        NHttp::THeadersBuilder responseHeaders;
-        responseHeaders.Set("Content-Type", "text/plain");
-        SetCORS(Request, &responseHeaders);
-        NHttp::THttpOutgoingResponsePtr httpResponse = Request->CreateResponse("400", "Bad Request", responseHeaders, jsonError);
-        ctx.Send(Sender, new NHttp::TEvHttpProxy::TEvHttpOutgoingResponse(httpResponse));
-        Die(ctx);
-    } else {
-        RequestImpersonatedToken(sessionToken, serviceAccountId, ctx);
+    if (!impersonatedCookieValue.empty()) {
+        return ReplyBadRequestAndDie("Wrong impersonate parameter: impersonated cookie already exists", ctx);
     }
+    if (serviceAccountId.empty()) {
+        return ReplyBadRequestAndDie("Wrong impersonate parameter: service_account_id not found", ctx);
+    }
+
+    RequestImpersonatedToken(sessionToken, serviceAccountId, ctx);
 }
 
 void THandlerImpersonateStart::RequestImpersonatedToken(const TString& sessionToken, const TString& serviceAccountId, const NActors::TActorContext& ctx) {
-    LOG_DEBUG_S(ctx, EService::MVP, "Request impersonated token");
+    BLOG_D("Request impersonated token");
     NHttp::THttpOutgoingRequestPtr httpRequest = NHttp::THttpOutgoingRequest::CreateRequestPost(Settings.GetImpersonateEndpointURL());
     httpRequest->Set<&NHttp::THttpRequest::ContentType>("application/x-www-form-urlencoded");
 
@@ -70,7 +65,9 @@ void THandlerImpersonateStart::RequestImpersonatedToken(const TString& sessionTo
     TStringBuilder body;
     body << "session=" << sessionToken
          << "&service_account_id=" << serviceAccountId;
-    httpRequest->Set<&NHttp::THttpRequest::Body>(body);
+    TString bodyStr = body;
+    CGIEscape(bodyStr);
+    httpRequest->Set<&NHttp::THttpRequest::Body>(bodyStr);
 
     ctx.Send(HttpProxyId, new NHttp::TEvHttpProxy::TEvHttpOutgoingRequest(httpRequest));
     Become(&THandlerImpersonateStart::StateWork);
@@ -79,24 +76,22 @@ void THandlerImpersonateStart::RequestImpersonatedToken(const TString& sessionTo
 void THandlerImpersonateStart::ProcessImpersonatedToken(const TString& impersonatedToken, const NActors::TActorContext& ctx) {
     TString impersonatedCookieName = CreateNameImpersonatedCookie(Settings.ClientId);
     TString impersonatedCookieValue = Base64Encode(impersonatedToken);
-    LOG_DEBUG_S(ctx, EService::MVP, "Set impersonated cookie: (" << impersonatedCookieName << ": " << NKikimr::MaskTicket(impersonatedCookieValue) << ")");
+    BLOG_D("Set impersonated cookie: (" << impersonatedCookieName << ": " << NKikimr::MaskTicket(impersonatedCookieValue) << ")");
 
     NHttp::THeadersBuilder responseHeaders;
     responseHeaders.Set("Set-Cookie", CreateSecureCookie(impersonatedCookieName, impersonatedCookieValue));
     SetCORS(Request, &responseHeaders);
-    NHttp::THttpOutgoingResponsePtr httpResponse;
-    httpResponse = Request->CreateResponse("200", "OK", responseHeaders);
-    ctx.Send(Sender, new NHttp::TEvHttpProxy::TEvHttpOutgoingResponse(httpResponse));
-    Die(ctx);
+    NHttp::THttpOutgoingResponsePtr httpResponse = Request->CreateResponse("200", "OK", responseHeaders);
+    ReplyAndDie(httpResponse, ctx);
 }
 
 void THandlerImpersonateStart::Handle(NHttp::TEvHttpProxy::TEvHttpIncomingResponse::TPtr event, const NActors::TActorContext& ctx) {
     NHttp::THttpOutgoingResponsePtr httpResponse;
     if (event->Get()->Error.empty() && event->Get()->Response) {
         NHttp::THttpIncomingResponsePtr response = event->Get()->Response;
-        LOG_DEBUG_S(ctx, EService::MVP, "Incoming response from authorization server: " << response->Status);
+        BLOG_D("Incoming response from authorization server: " << response->Status);
         if (response->Status == "200") {
-            TStringBuf jsonError;
+            TStringBuf errorMessage;
             NJson::TJsonValue jsonValue;
             NJson::TJsonReaderConfig jsonConfig;
             if (NJson::ReadJsonTree(response->Body, &jsonConfig, &jsonValue)) {
@@ -106,34 +101,45 @@ void THandlerImpersonateStart::Handle(NHttp::TEvHttpProxy::TEvHttpIncomingRespon
                     ProcessImpersonatedToken(impersonatedToken, ctx);
                     return;
                 } else {
-                    jsonError = "Wrong OIDC provider response: impersonated token not found";
+                    errorMessage = "Wrong OIDC provider response: impersonated token not found";
                 }
             } else {
-                jsonError =  "Wrong OIDC response";
+                errorMessage =  "Wrong OIDC response";
             }
             NHttp::THeadersBuilder responseHeaders;
             responseHeaders.Set("Content-Type", "text/plain");
             SetCORS(Request, &responseHeaders);
-            httpResponse = Request->CreateResponse("400", "Bad Request", responseHeaders, jsonError);
+            return ReplyAndDie(Request->CreateResponse("400", "Bad Request", responseHeaders, errorMessage), ctx);
         } else {
             NHttp::THeadersBuilder responseHeaders;
             NHttp::THeaders headers(response->Headers);
             if (headers.Has("Content-Type")) {
                 responseHeaders.Set("Content-Type", headers.Get("Content-Type"));
             }
             SetCORS(Request, &responseHeaders);
-            httpResponse = Request->CreateResponse(response->Status, response->Message, responseHeaders, response->Body);
+            return ReplyAndDie(Request->CreateResponse(response->Status, response->Message, responseHeaders, response->Body), ctx);
         }
     } else {
         NHttp::THeadersBuilder responseHeaders;
         responseHeaders.Set("Content-Type", "text/plain");
         SetCORS(Request, &responseHeaders);
-        httpResponse = Request->CreateResponse("400", "Bad Request", responseHeaders, event->Get()->Error);
+        return ReplyAndDie(Request->CreateResponse("400", "Bad Request", responseHeaders, event->Get()->Error), ctx);
     }
+}
+
+void THandlerImpersonateStart::ReplyAndDie(NHttp::THttpOutgoingResponsePtr httpResponse, const NActors::TActorContext& ctx) {
     ctx.Send(Sender, new NHttp::TEvHttpProxy::TEvHttpOutgoingResponse(httpResponse));
     Die(ctx);
 }
 
+void THandlerImpersonateStart::ReplyBadRequestAndDie(const TString& errorMessage, const NActors::TActorContext& ctx) {
+    NHttp::THeadersBuilder responseHeaders;
+    responseHeaders.Set("Content-Type", "text/plain");
+    SetCORS(Request, &responseHeaders);
+    NHttp::THttpOutgoingResponsePtr httpResponse = Request->CreateResponse("400", "Bad Request", responseHeaders, errorMessage);
+    ReplyAndDie(httpResponse, ctx);
+}
+
 TImpersonateStartPageHandler::TImpersonateStartPageHandler(const NActors::TActorId& httpProxyId, const TOpenIdConnectSettings& settings)
     : TBase(&TImpersonateStartPageHandler::StateWork)
     , HttpProxyId(httpProxyId)
@@ -144,5 +150,4 @@ void TImpersonateStartPageHandler::Handle(NHttp::TEvHttpProxy::TEvHttpIncomingRe
     ctx.Register(new THandlerImpersonateStart(event->Sender, event->Get()->Request, HttpProxyId, Settings));
 }
 
-} // NOIDC
-} // NMVP
+} // NMVP::NOIDC

ydb/mvp/oidc_proxy/oidc_impersonate_start_page_nebius.h

@@ -3,8 +3,9 @@
 #include "oidc_settings.h"
 #include "context.h"
 
-namespace NMVP {
-namespace NOIDC {
+namespace NMVP::NOIDC {
+
+using namespace NActors;
 
 class THandlerImpersonateStart : public NActors::TActorBootstrapped<THandlerImpersonateStart> {
 private:
@@ -13,23 +14,25 @@ class THandlerImpersonateStart : public NActors::TActorBootstrapped<THandlerImpe
 protected:
     const NActors::TActorId Sender;
     const NHttp::THttpIncomingRequestPtr Request;
-    NActors::TActorId HttpProxyId;
+    const NActors::TActorId HttpProxyId;
     const TOpenIdConnectSettings Settings;
 
 public:
     THandlerImpersonateStart(const NActors::TActorId& sender,
                              const NHttp::THttpIncomingRequestPtr& request,
                              const NActors::TActorId& httpProxyId,
                              const TOpenIdConnectSettings& settings);
+    void Bootstrap(const NActors::TActorContext& ctx);
     void RequestImpersonatedToken(const TString&, const TString&, const NActors::TActorContext&);
     void ProcessImpersonatedToken(const TString& impersonatedToken, const NActors::TActorContext& ctx);
-
-    void Bootstrap(const NActors::TActorContext& ctx);
     void Handle(NHttp::TEvHttpProxy::TEvHttpIncomingResponse::TPtr event, const NActors::TActorContext& ctx);
+    void ReplyAndDie(NHttp::THttpOutgoingResponsePtr httpResponse, const NActors::TActorContext& ctx);
+    void ReplyBadRequestAndDie(const TString& errorMessage, const NActors::TActorContext& ctx);
 
     STFUNC(StateWork) {
         switch (ev->GetTypeRewrite()) {
             HFunc(NHttp::TEvHttpProxy::TEvHttpIncomingResponse, Handle);
+            cFunc(TEvents::TEvPoisonPill::EventType, PassAway);
         }
     }
 };
@@ -47,9 +50,9 @@ class TImpersonateStartPageHandler : public NActors::TActor<TImpersonateStartPag
     STFUNC(StateWork) {
         switch (ev->GetTypeRewrite()) {
             HFunc(NHttp::TEvHttpProxy::TEvHttpIncomingRequest, Handle);
+            cFunc(TEvents::TEvPoisonPill::EventType, PassAway);
         }
     }
 };
 
-}  // NOIDC
-}  // NMVP
+} // NMVP::NOIDC

ydb/mvp/oidc_proxy/oidc_impersonate_stop_page_nebius.cpp

@@ -1,14 +1,14 @@
 #include "openid_connect.h"
 #include "oidc_session_create.h"
 #include "oidc_impersonate_stop_page_nebius.h"
+#include <ydb/library/actors/core/events.h>
 
-namespace NMVP {
-namespace NOIDC {
+namespace NMVP::NOIDC {
 
 THandlerImpersonateStop::THandlerImpersonateStop(const NActors::TActorId& sender,
-                                                const NHttp::THttpIncomingRequestPtr& request,
-                                                const NActors::TActorId& httpProxyId,
-                                                const TOpenIdConnectSettings& settings)
+                                                 const NHttp::THttpIncomingRequestPtr& request,
+                                                 const NActors::TActorId& httpProxyId,
+                                                 const TOpenIdConnectSettings& settings)
     : Sender(sender)
     , Request(request)
     , HttpProxyId(httpProxyId)
@@ -17,14 +17,18 @@ THandlerImpersonateStop::THandlerImpersonateStop(const NActors::TActorId& sender
 
 void THandlerImpersonateStop::Bootstrap(const NActors::TActorContext& ctx) {
     TString impersonatedCookieName = CreateNameImpersonatedCookie(Settings.ClientId);
-    LOG_DEBUG_S(ctx, EService::MVP, "Clear impersonated cookie: (" << impersonatedCookieName << ")");
+    BLOG_D("Clear impersonated cookie: (" << impersonatedCookieName << ")");
 
     NHttp::THeadersBuilder responseHeaders;
     responseHeaders.Set("Set-Cookie", ClearSecureCookie(impersonatedCookieName));
     SetCORS(Request, &responseHeaders);
 
     NHttp::THttpOutgoingResponsePtr httpResponse;
     httpResponse = Request->CreateResponse("200", "OK", responseHeaders);
+    ReplyAndDie(httpResponse, ctx);
+}
+
+void THandlerImpersonateStop::ReplyAndDie(NHttp::THttpOutgoingResponsePtr httpResponse, const NActors::TActorContext& ctx) {
     ctx.Send(Sender, new NHttp::TEvHttpProxy::TEvHttpOutgoingResponse(httpResponse));
     Die(ctx);
 }
@@ -39,5 +43,4 @@ void TImpersonateStopPageHandler::Handle(NHttp::TEvHttpProxy::TEvHttpIncomingReq
     ctx.Register(new THandlerImpersonateStop(event->Sender, event->Get()->Request, HttpProxyId, Settings));
 }
 
-} // NOIDC
-} // NMVP
+} // NMVP::NOIDC