Extension of Redis Session Store to Support Redis Cluster (#363)

* Extend the redis session store to support redis cluster * rename function newRedisClient to newRedisCmdable * update docs about redis cluster as session store * update autocomplete script with redis cluster options * add check about conflict between option redis-use-sentinel and redis-use-cluster * update change log * Update docs/configuration/sessions.md Co-Authored-By: Joel Speed <Joel.speed@hotmail.co.uk> * Update pkg/sessions/redis/redis_store.go Co-Authored-By: Joel Speed <Joel.speed@hotmail.co.uk> * add the dropped option back Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2025-08-08 22:46:33 +02:00 · 2020-02-06 09:59:12 -08:00
parent 3ae261031e
commit 18d20364a8
7 changed files with 33 additions and 9 deletions
--- a/pkg/apis/options/sessions.go
+++ b/pkg/apis/options/sessions.go
@@ -27,6 +27,8 @@ type RedisStoreOptions struct {
 	UseSentinel            bool     `flag:"redis-use-sentinel" cfg:"redis_use_sentinel" env:"OAUTH2_PROXY_REDIS_USE_SENTINEL"`
 	SentinelMasterName     string   `flag:"redis-sentinel-master-name" cfg:"redis_sentinel_master_name" env:"OAUTH2_PROXY_REDIS_SENTINEL_MASTER_NAME"`
 	SentinelConnectionURLs []string `flag:"redis-sentinel-connection-urls" cfg:"redis_sentinel_connection_urls" env:"OAUTH2_PROXY_REDIS_SENTINEL_CONNECTION_URLS"`
+	UseCluster             bool     `flag:"redis-use-cluster" cfg:"redis_use_cluster" env:"OAUTH2_PROXY_REDIS_USE_CLUSTER"`
+	ClusterConnectionURLs  []string `flag:"redis-cluster-connection-urls" cfg:"redis_cluster_connection_urls" env:"OAUTH2_PROXY_REDIS_CLUSTER_CONNECTION_URLS"`
 	RedisCAPath            string   `flag:"redis-ca-path" cfg:"redis_ca_path" env:"OAUTH2_PROXY_REDIS_CA_PATH"`
 	RedisInsecureTLS       bool     `flag:"redis-insecure-skip-tls-verify" cfg:"redis_insecure_skip_tls_verify" env:"OAUTH2_PROXY_REDIS_INSECURE_SKIP_TLS_VERIFY"`
 }
--- a/pkg/sessions/redis/redis_store.go
+++ b/pkg/sessions/redis/redis_store.go
@@ -33,19 +33,19 @@ type TicketData struct {
 type SessionStore struct {
 	CookieCipher  *encryption.Cipher
 	CookieOptions *options.CookieOptions
-	Client        *redis.Client
+	Cmdable       redis.Cmdable
 }

 // NewRedisSessionStore initialises a new instance of the SessionStore from
 // the configuration given
 func NewRedisSessionStore(opts *options.SessionOptions, cookieOpts *options.CookieOptions) (sessions.SessionStore, error) {
-	client, err := newRedisClient(opts.RedisStoreOptions)
+	cmdable, err := newRedisCmdable(opts.RedisStoreOptions)
 	if err != nil {
 		return nil, fmt.Errorf("error constructing redis client: %v", err)
 	}

 	rs := &SessionStore{
-		Client:        client,
+		Cmdable:       cmdable,
 		CookieCipher:  opts.Cipher,
 		CookieOptions: cookieOpts,
 	}
@@ -53,7 +53,11 @@ func NewRedisSessionStore(opts *options.SessionOptions, cookieOpts *options.Cook

 }

-func newRedisClient(opts options.RedisStoreOptions) (*redis.Client, error) {
+func newRedisCmdable(opts options.RedisStoreOptions) (redis.Cmdable, error) {
+	if opts.UseSentinel && opts.UseCluster {
+		return nil, fmt.Errorf("options redis-use-sentinel and redis-use-cluster are mutually exclusive")
+	}
+
 	if opts.UseSentinel {
 		client := redis.NewFailoverClient(&redis.FailoverOptions{
 			MasterName:    opts.SentinelMasterName,
@@ -62,6 +66,13 @@ func newRedisClient(opts options.RedisStoreOptions) (*redis.Client, error) {
 		return client, nil
 	}

+	if opts.UseCluster {
+		client := redis.NewClusterClient(&redis.ClusterOptions{
+			Addrs: opts.ClusterConnectionURLs,
+		})
+		return client, nil
+	}
+
 	opt, err := redis.ParseURL(opts.RedisConnectionURL)
 	if err != nil {
 		return nil, fmt.Errorf("unable to parse redis url: %s", err)
@@ -152,7 +163,7 @@ func (store *SessionStore) loadSessionFromString(value string) (*sessions.Sessio
 		return nil, err
 	}

-	result, err := store.Client.Get(ticket.asHandle(store.CookieOptions.CookieName)).Result()
+	result, err := store.Cmdable.Get(ticket.asHandle(store.CookieOptions.CookieName)).Result()
 	if err != nil {
 		return nil, err
 	}
@@ -203,7 +214,7 @@ func (store *SessionStore) Clear(rw http.ResponseWriter, req *http.Request) erro
 	// If there's an issue decoding the ticket, ignore it
 	ticket, _ := decodeTicket(store.CookieOptions.CookieName, val)
 	if ticket != nil {
-		_, err := store.Client.Del(ticket.asHandle(store.CookieOptions.CookieName)).Result()
+		_, err := store.Cmdable.Del(ticket.asHandle(store.CookieOptions.CookieName)).Result()
 		if err != nil {
 			return fmt.Errorf("error clearing cookie from redis: %s", err)
 		}
@@ -243,7 +254,7 @@ func (store *SessionStore) storeValue(value string, expiration time.Duration, re
 	stream.XORKeyStream(ciphertext, []byte(value))

 	handle := ticket.asHandle(store.CookieOptions.CookieName)
-	err = store.Client.Set(handle, ciphertext, expiration).Err()
+	err = store.Cmdable.Set(handle, ciphertext, expiration).Err()
 	if err != nil {
 		return "", err
 	}