dex/server/rotation.go

package server

import (
	"context"
	"crypto/rand"
	"crypto/rsa"
	"encoding/hex"
	"errors"
	"fmt"
	"io"
	"time"

	"gopkg.in/square/go-jose.v2"

	"github.com/dexidp/dex/pkg/log"
	"github.com/dexidp/dex/storage"
)

var errAlreadyRotated = errors.New("keys already rotated by another server instance")

// rotationStrategy describes a strategy for generating cryptographic keys, how
// often to rotate them, and how long they can validate signatures after rotation.
type rotationStrategy struct {
	// Time between rotations.
	rotationFrequency time.Duration

	// After being rotated how long should the key be kept around for validating
	// signatures?
	idTokenValidFor time.Duration

	// Keys are always RSA keys. Though cryptopasta recommends ECDSA keys, not every
	// client may support these (e.g. github.com/coreos/go-oidc/oidc).
	key func() (*rsa.PrivateKey, error)
}

// staticRotationStrategy returns a strategy which never rotates keys.
func staticRotationStrategy(key *rsa.PrivateKey) rotationStrategy {
	return rotationStrategy{
		// Setting these values to 100 years is easier than having a flag indicating no rotation.
		rotationFrequency: time.Hour * 8760 * 100,
		idTokenValidFor:   time.Hour * 8760 * 100,
		key:               func() (*rsa.PrivateKey, error) { return key, nil },
	}
}

// defaultRotationStrategy returns a strategy which rotates keys every provided period,
// holding onto the public parts for some specified amount of time.
func defaultRotationStrategy(rotationFrequency, idTokenValidFor time.Duration) rotationStrategy {
	return rotationStrategy{
		rotationFrequency: rotationFrequency,
		idTokenValidFor:   idTokenValidFor,
		key: func() (*rsa.PrivateKey, error) {
			return rsa.GenerateKey(rand.Reader, 2048)
		},
	}
}

type keyRotator struct {
	storage.Storage

	strategy rotationStrategy
	now      func() time.Time

	logger log.Logger
}

// startKeyRotation begins key rotation in a new goroutine, closing once the context is canceled.
//
// The method blocks until after the first attempt to rotate keys has completed. That way
// healthy storages will return from this call with valid keys.
func (s *Server) startKeyRotation(ctx context.Context, strategy rotationStrategy, now func() time.Time) {
	rotator := keyRotator{s.storage, strategy, now, s.logger}

	// Try to rotate immediately so properly configured storages will have keys.
	if err := rotator.rotate(); err != nil {
		if err == errAlreadyRotated {
			s.logger.Infof("Key rotation not needed: %v", err)
		} else {
			s.logger.Errorf("failed to rotate keys: %v", err)
		}
	}

	go func() {
		for {
			select {
			case <-ctx.Done():
				return
			case <-time.After(time.Second * 30):
				if err := rotator.rotate(); err != nil {
					s.logger.Errorf("failed to rotate keys: %v", err)
				}
			}
		}
	}()
}

func (k keyRotator) rotate() error {
	keys, err := k.GetKeys()
	if err != nil && err != storage.ErrNotFound {
		return fmt.Errorf("get keys: %v", err)
	}
	if k.now().Before(keys.NextRotation) {
		return nil
	}
	k.logger.Infof("keys expired, rotating")

	// Generate the key outside of a storage transaction.
	key, err := k.strategy.key()
	if err != nil {
		return fmt.Errorf("generate key: %v", err)
	}
	b := make([]byte, 20)
	if _, err := io.ReadFull(rand.Reader, b); err != nil {
		panic(err)
	}
	keyID := hex.EncodeToString(b)
	priv := &jose.JSONWebKey{
		Key:       key,
		KeyID:     keyID,
		Algorithm: "RS256",
		Use:       "sig",
	}
	pub := &jose.JSONWebKey{
		Key:       key.Public(),
		KeyID:     keyID,
		Algorithm: "RS256",
		Use:       "sig",
	}

	var nextRotation time.Time
	err = k.Storage.UpdateKeys(func(keys storage.Keys) (storage.Keys, error) {
		tNow := k.now()

		// if you are running multiple instances of dex, another instance
		// could have already rotated the keys.
		if tNow.Before(keys.NextRotation) {
			return storage.Keys{}, errAlreadyRotated
		}

		expired := func(key storage.VerificationKey) bool {
			return tNow.After(key.Expiry)
		}

		// Remove any verification keys that have expired.
		i := 0
		for _, key := range keys.VerificationKeys {
			if !expired(key) {
				keys.VerificationKeys[i] = key
				i++
			}
		}
		keys.VerificationKeys = keys.VerificationKeys[:i]

		if keys.SigningKeyPub != nil {
			// Move current signing key to a verification only key, throwing
			// away the private part.
			verificationKey := storage.VerificationKey{
				PublicKey: keys.SigningKeyPub,
				// After demoting the signing key, keep the token around for at least
				// the amount of time an ID Token is valid for. This ensures the
				// verification key won't expire until all ID Tokens it's signed
				// expired as well.
				Expiry: tNow.Add(k.strategy.idTokenValidFor),
			}
			keys.VerificationKeys = append(keys.VerificationKeys, verificationKey)
		}

		nextRotation = k.now().Add(k.strategy.rotationFrequency)
		keys.SigningKey = priv
		keys.SigningKeyPub = pub
		keys.NextRotation = nextRotation
		return keys, nil
	})
	if err != nil {
		return err
	}
	k.logger.Infof("keys rotated, next rotation: %s", nextRotation)
	return nil
}
initial commit 2016-07-26 01:30:28 +05:30			`package server`

			`import (`
*: update go-oidc and use standard library's context package 2017-03-09 00:03:19 +05:30			`"context"`
initial commit 2016-07-26 01:30:28 +05:30			`"crypto/rand"`
			`"crypto/rsa"`
			`"encoding/hex"`
server/rotation.go: Fix key rotation with multiple dex instances. 2017-07-19 22:49:20 +05:30			`"errors"`
initial commit 2016-07-26 01:30:28 +05:30			`"fmt"`
			`"io"`
			`"time"`

			`"gopkg.in/square/go-jose.v2"`

Add logger interface and stop relying on Logrus directly 2019-02-22 17:49:23 +05:30			`"github.com/dexidp/dex/pkg/log"`
*: github.com/coreos/dex -> github.com/dexidp/dex Signed-off-by: Stephan Renatus <srenatus@chef.io> 2018-09-03 12:14:44 +05:30			`"github.com/dexidp/dex/storage"`
initial commit 2016-07-26 01:30:28 +05:30			`)`

server/rotation.go: Fix key rotation with multiple dex instances. 2017-07-19 22:49:20 +05:30			`var errAlreadyRotated = errors.New("keys already rotated by another server instance")`

initial commit 2016-07-26 01:30:28 +05:30			`// rotationStrategy describes a strategy for generating cryptographic keys, how`
			`// often to rotate them, and how long they can validate signatures after rotation.`
			`type rotationStrategy struct {`
			`// Time between rotations.`
server: rename "rotationStrategy.period" to "rotationFrequency" gorename command run: gorename \ -from '"github.com/coreos/dex/server".rotationStrategy.period' \ -to rotationFrequency 2016-10-17 23:25:05 +05:30			`rotationFrequency time.Duration`
initial commit 2016-07-26 01:30:28 +05:30
server: fix expiry detection for verification keys 2017-03-02 01:33:28 +05:30			`// After being rotated how long should the key be kept around for validating`
spelling: signatures Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> 2020-12-20 08:31:59 +05:30			`// signatures?`
server: fix expiry detection for verification keys 2017-03-02 01:33:28 +05:30			`idTokenValidFor time.Duration`
initial commit 2016-07-26 01:30:28 +05:30
			`// Keys are always RSA keys. Though cryptopasta recommends ECDSA keys, not every`
			`// client may support these (e.g. github.com/coreos/go-oidc/oidc).`
			`key func() (*rsa.PrivateKey, error)`
			`}`

			`// staticRotationStrategy returns a strategy which never rotates keys.`
			`func staticRotationStrategy(key *rsa.PrivateKey) rotationStrategy {`
			`return rotationStrategy{`
			`// Setting these values to 100 years is easier than having a flag indicating no rotation.`
server: rename "rotationStrategy.period" to "rotationFrequency" gorename command run: gorename \ -from '"github.com/coreos/dex/server".rotationStrategy.period' \ -to rotationFrequency 2016-10-17 23:25:05 +05:30			`rotationFrequency: time.Hour * 8760 * 100,`
server: fix expiry detection for verification keys 2017-03-02 01:33:28 +05:30			`idTokenValidFor: time.Hour * 8760 * 100,`
server: rename "rotationStrategy.period" to "rotationFrequency" gorename command run: gorename \ -from '"github.com/coreos/dex/server".rotationStrategy.period' \ -to rotationFrequency 2016-10-17 23:25:05 +05:30			`key: func() (*rsa.PrivateKey, error) { return key, nil },`
initial commit 2016-07-26 01:30:28 +05:30			`}`
			`}`

			`// defaultRotationStrategy returns a strategy which rotates keys every provided period,`
			`// holding onto the public parts for some specified amount of time.`
server: fix expiry detection for verification keys 2017-03-02 01:33:28 +05:30			`func defaultRotationStrategy(rotationFrequency, idTokenValidFor time.Duration) rotationStrategy {`
initial commit 2016-07-26 01:30:28 +05:30			`return rotationStrategy{`
server: rename "rotationStrategy.period" to "rotationFrequency" gorename command run: gorename \ -from '"github.com/coreos/dex/server".rotationStrategy.period' \ -to rotationFrequency 2016-10-17 23:25:05 +05:30			`rotationFrequency: rotationFrequency,`
server: fix expiry detection for verification keys 2017-03-02 01:33:28 +05:30			`idTokenValidFor: idTokenValidFor,`
initial commit 2016-07-26 01:30:28 +05:30			`key: func() (*rsa.PrivateKey, error) {`
			`return rsa.GenerateKey(rand.Reader, 2048)`
			`},`
			`}`
			`}`

spelling: rotator Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> 2020-12-20 08:31:56 +05:30			`type keyRotator struct {`
initial commit 2016-07-26 01:30:28 +05:30			`storage.Storage`

			`strategy rotationStrategy`
{cmd,server}: move garbage collection logic to server 2016-10-13 07:21:32 +05:30			`now func() time.Time`
server: modify error messages to use logrus. 2016-12-13 04:24:01 +05:30
Add logger interface and stop relying on Logrus directly 2019-02-22 17:49:23 +05:30			`logger log.Logger`
initial commit 2016-07-26 01:30:28 +05:30			`}`

{cmd,server}: move garbage collection logic to server 2016-10-13 07:21:32 +05:30			`// startKeyRotation begins key rotation in a new goroutine, closing once the context is canceled.`
			`//`
			`// The method blocks until after the first attempt to rotate keys has completed. That way`
			`// healthy storages will return from this call with valid keys.`
server: modify error messages to use logrus. 2016-12-13 04:24:01 +05:30			`func (s *Server) startKeyRotation(ctx context.Context, strategy rotationStrategy, now func() time.Time) {`
spelling: rotator Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> 2020-12-20 08:31:56 +05:30			`rotator := keyRotator{s.storage, strategy, now, s.logger}`
initial commit 2016-07-26 01:30:28 +05:30
{cmd,server}: move garbage collection logic to server 2016-10-13 07:21:32 +05:30			`// Try to rotate immediately so properly configured storages will have keys.`
spelling: rotator Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> 2020-12-20 08:31:56 +05:30			`if err := rotator.rotate(); err != nil {`
server/rotation.go: Fix key rotation with multiple dex instances. 2017-07-19 22:49:20 +05:30			`if err == errAlreadyRotated {`
			`s.logger.Infof("Key rotation not needed: %v", err)`
			`} else {`
			`s.logger.Errorf("failed to rotate keys: %v", err)`
			`}`
initial commit 2016-07-26 01:30:28 +05:30			`}`

			`go func() {`
{cmd,server}: move garbage collection logic to server 2016-10-13 07:21:32 +05:30			`for {`
			`select {`
			`case <-ctx.Done():`
			`return`
server: fix key rotation polling 2016-10-17 23:17:47 +05:30			`case <-time.After(time.Second * 30):`
spelling: rotator Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> 2020-12-20 08:31:56 +05:30			`if err := rotator.rotate(); err != nil {`
server: modify error messages to use logrus. 2016-12-13 04:24:01 +05:30			`s.logger.Errorf("failed to rotate keys: %v", err)`
{cmd,server}: move garbage collection logic to server 2016-10-13 07:21:32 +05:30			`}`
initial commit 2016-07-26 01:30:28 +05:30			`}`
			`}`
			`}()`
			`}`

spelling: rotator Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> 2020-12-20 08:31:56 +05:30			`func (k keyRotator) rotate() error {`
initial commit 2016-07-26 01:30:28 +05:30			`keys, err := k.GetKeys()`
			`if err != nil && err != storage.ErrNotFound {`
			`return fmt.Errorf("get keys: %v", err)`
			`}`
			`if k.now().Before(keys.NextRotation) {`
			`return nil`
			`}`
server: modify error messages to use logrus. 2016-12-13 04:24:01 +05:30			`k.logger.Infof("keys expired, rotating")`
initial commit 2016-07-26 01:30:28 +05:30
			`// Generate the key outside of a storage transaction.`
			`key, err := k.strategy.key()`
			`if err != nil {`
			`return fmt.Errorf("generate key: %v", err)`
			`}`
			`b := make([]byte, 20)`
			`if _, err := io.ReadFull(rand.Reader, b); err != nil {`
			`panic(err)`
			`}`
			`keyID := hex.EncodeToString(b)`
			`priv := &jose.JSONWebKey{`
			`Key: key,`
			`KeyID: keyID,`
			`Algorithm: "RS256",`
			`Use: "sig",`
			`}`
			`pub := &jose.JSONWebKey{`
			`Key: key.Public(),`
			`KeyID: keyID,`
			`Algorithm: "RS256",`
			`Use: "sig",`
			`}`

			`var nextRotation time.Time`
			`err = k.Storage.UpdateKeys(func(keys storage.Keys) (storage.Keys, error) {`
			`tNow := k.now()`
server/rotation.go: avoid displaying the "keys already rotated" error 2017-04-11 23:18:08 +05:30
			`// if you are running multiple instances of dex, another instance`
			`// could have already rotated the keys.`
initial commit 2016-07-26 01:30:28 +05:30			`if tNow.Before(keys.NextRotation) {`
server/rotation.go: Fix key rotation with multiple dex instances. 2017-07-19 22:49:20 +05:30			`return storage.Keys{}, errAlreadyRotated`
initial commit 2016-07-26 01:30:28 +05:30			`}`

server: fix expiry detection for verification keys 2017-03-02 01:33:28 +05:30			`expired := func(key storage.VerificationKey) bool {`
			`return tNow.After(key.Expiry)`
			`}`
server: fixes for the implicit and hybrid flow Accept the following response_type for the implicit flow: id_token token id_token And the following for hybrid flow code id_token code token code token id_token This corrects the previous behavior of the implicit flow, which only accepted "token" (now correctly rejected). 2017-01-10 00:16:16 +05:30
server: fix expiry detection for verification keys 2017-03-02 01:33:28 +05:30			`// Remove any verification keys that have expired.`
			`i := 0`
initial commit 2016-07-26 01:30:28 +05:30			`for _, key := range keys.VerificationKeys {`
server: fix expiry detection for verification keys 2017-03-02 01:33:28 +05:30			`if !expired(key) {`
initial commit 2016-07-26 01:30:28 +05:30			`keys.VerificationKeys[i] = key`
			`i++`
			`}`
			`}`
			`keys.VerificationKeys = keys.VerificationKeys[:i]`

			`if keys.SigningKeyPub != nil {`
server: fix expiry detection for verification keys 2017-03-02 01:33:28 +05:30			`// Move current signing key to a verification only key, throwing`
			`// away the private part.`
initial commit 2016-07-26 01:30:28 +05:30			`verificationKey := storage.VerificationKey{`
			`PublicKey: keys.SigningKeyPub,`
server: fix expiry detection for verification keys 2017-03-02 01:33:28 +05:30			`// After demoting the signing key, keep the token around for at least`
			`// the amount of time an ID Token is valid for. This ensures the`
			`// verification key won't expire until all ID Tokens it's signed`
			`// expired as well.`
			`Expiry: tNow.Add(k.strategy.idTokenValidFor),`
initial commit 2016-07-26 01:30:28 +05:30			`}`
			`keys.VerificationKeys = append(keys.VerificationKeys, verificationKey)`
			`}`

server: rename "rotationStrategy.period" to "rotationFrequency" gorename command run: gorename \ -from '"github.com/coreos/dex/server".rotationStrategy.period' \ -to rotationFrequency 2016-10-17 23:25:05 +05:30			`nextRotation = k.now().Add(k.strategy.rotationFrequency)`
initial commit 2016-07-26 01:30:28 +05:30			`keys.SigningKey = priv`
			`keys.SigningKeyPub = pub`
			`keys.NextRotation = nextRotation`
			`return keys, nil`
			`})`
			`if err != nil {`
			`return err`
			`}`
server: modify error messages to use logrus. 2016-12-13 04:24:01 +05:30			`k.logger.Infof("keys rotated, next rotation: %s", nextRotation)`
initial commit 2016-07-26 01:30:28 +05:30			`return nil`
			`}`