fix #2009

MAIF · Oct 14, 2024 · 4738df5 · 4738df5
1 parent 96cf63d
commit 4738df5
Showing 1 changed file with 39 additions and 29 deletions.
diff --git a/otoroshi/app/actions/privateapps.scala b/otoroshi/app/actions/privateapps.scala
@@ -1,9 +1,9 @@
 package otoroshi.actions
 
 import java.util.concurrent.TimeUnit
-
 import akka.http.scaladsl.util.FastFuture
 import akka.http.scaladsl.util.FastFuture._
+import akka.stream.scaladsl.{Sink, Source}
 import otoroshi.auth.GenericOauth2Module
 import otoroshi.cluster._
 import otoroshi.env.Env
@@ -13,6 +13,7 @@ import play.api.mvc._
 import scala.concurrent.duration._
 import scala.concurrent.{ExecutionContext, Future}
 import otoroshi.utils.http.RequestImplicits._
+import otoroshi.utils.syntax.implicits.BetterSyntax
 
 case class PrivateAppsActionContext[A](
     request: Request[A],
@@ -39,37 +40,46 @@ class PrivateAppsAction(val parser: BodyParser[AnyContent])(implicit env: Env)
 
     def perform() = {
       env.datastores.globalConfigDataStore.singleton().flatMap { globalConfig =>
-        val cookieOpt = request.cookies.find(c => c.name.startsWith("oto-papps-"))
-        cookieOpt.flatMap(env.extractPrivateSessionId).map { id =>
-          // request.cookies.get("oto-papps").flatMap(env.extractPrivateSessionId).map { id =>
+        val cookies = request.cookies.filter(c => c.name.startsWith("oto-papps-")).toSeq
+        val validCookies = cookies.flatMap(env.extractPrivateSessionId)
+        if (validCookies.nonEmpty) {
           if (Cluster.logger.isDebugEnabled)
-            Cluster.logger.debug(s"private apps session checking for $id - from action")
-          env.datastores.privateAppsUserDataStore.findById(id).flatMap {
-            case Some(user)                                           =>
-              user.withAuthModuleConfig(a => GenericOauth2Module.handleTokenRefresh(a, user))
-              block(PrivateAppsActionContext(request, Seq(user), globalConfig))
-            case None if env.clusterConfig.mode == ClusterMode.Worker => {
-              if (Cluster.logger.isDebugEnabled)
-                Cluster.logger.debug(s"private apps session $id not found locally - from action")
-              env.clusterAgent.isSessionValid(id, Some(request)).flatMap {
-                case Some(user) =>
-                  user.save(Duration(user.expiredAt.getMillis - System.currentTimeMillis(), TimeUnit.MILLISECONDS))
-                  block(PrivateAppsActionContext(request, Seq(user), globalConfig))
-                case None       => block(PrivateAppsActionContext(request, Seq.empty, globalConfig))
+            Cluster.logger.debug(s"private apps session checking for ${validCookies.mkString(", ")} - from action")
+          Source(validCookies.toList)
+            .mapAsync(1) { id =>
+              env.datastores.privateAppsUserDataStore.findById(id).map(opt => (id, opt))
+            }
+            .mapAsync(1) {
+              case (_, Some(user)) => {
+                user.withAuthModuleConfig(a => GenericOauth2Module.handleTokenRefresh(a, user))
+                user.some.vfuture
               }
+              case (id, None) if env.clusterConfig.mode == ClusterMode.Worker => {
+                if (Cluster.logger.isDebugEnabled) Cluster.logger.debug(s"private apps session $id not found locally - from action")
+                env.clusterAgent.isSessionValid(id, Some(request)).flatMap {
+                  case Some(user) => user.save(Duration(user.expiredAt.getMillis - System.currentTimeMillis(), TimeUnit.MILLISECONDS)).map(_.some)
+                  case None => None.vfuture
+                }
+              }
+              case (_, None) => None.vfuture
             }
-            case None                                                 => block(PrivateAppsActionContext(request, Seq.empty, globalConfig))
-          }
-        } getOrElse {
-          cookieOpt match {
-            case None         => block(PrivateAppsActionContext(request, Seq.empty, globalConfig))
-            case Some(cookie) =>
-              block(PrivateAppsActionContext(request, Seq.empty, globalConfig)).fast
-                .map(
-                  _.discardingCookies(
-                    env.removePrivateSessionCookiesWithSuffix(host, cookie.name.replace("oto-papps-", "")): _*
-                  )
-                )
+            .collect {
+              case Some(user) => user
+            }
+            .runWith(Sink.seq)(env.otoroshiMaterializer).flatMap { users =>
+              block(PrivateAppsActionContext(request, users, globalConfig))
+            }
+        } else {
+          if (cookies.nonEmpty) {
+            block(PrivateAppsActionContext(request, Seq.empty, globalConfig)).fast
+              .map { result =>
+                val discardingCookies: Seq[DiscardingCookie] = cookies.flatMap { cookie =>
+                  env.removePrivateSessionCookiesWithSuffix(host, cookie.name.replace("oto-papps-", ""))
+                }
+                result.discardingCookies(discardingCookies: _*)
+              }
+          } else {
+            block(PrivateAppsActionContext(request, Seq.empty, globalConfig))
           }
         }
       }