-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.html
334 lines (245 loc) · 20.1 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
<!DOCTYPE html>
<html xmlns="https://www.w3.org/1999/xhtml" xml:lang="en" lang="en-us">
<head>
<link href="https://gmpg.org/xfn/11" rel="profile">
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1">
<title>Rafal Gajdulewicz · Rafal Gajdulewicz</title>
<link rel="stylesheet" href="https://gajdulewicz.com/css/poole.css">
<link rel="stylesheet" href="https://gajdulewicz.com/css/hyde.css">
<link rel="stylesheet" href="https://gajdulewicz.com/css/poole-overrides.css">
<link rel="stylesheet" href="https://gajdulewicz.com/css/hyde-overrides.css">
<link rel="stylesheet" href="https://gajdulewicz.com/css/hyde-x.css">
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=PT+Sans:400,400italic,700|Abril+Fatface">
<link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css">
<link href="https://fonts.googleapis.com/css?family=Raleway:400,300" rel="stylesheet" type="text/css">
<link rel="apple-touch-icon-precomposed" sizes="144x144" href="https://gajdulewicz.com/touch-icon-144-precomposed.png">
<link href="https://gajdulewicz.com/favicon.png" rel="icon">
<link href="https://gajdulewicz.com/index.xml" rel="alternate" type="application/rss+xml" title="Rafal Gajdulewicz · Rafal Gajdulewicz" />
<meta name="description" content="">
<meta name="keywords" content="">
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-67347513-1', 'auto');
ga('send', 'pageview');
</script>
</head>
<body class="theme-base-08 layout-reverse">
<div class="sidebar">
<div class="container">
<div class="sidebar-about">
<h1>Rafal Gajdulewicz</h1>
</div>
<ul class="sidebar-nav">
<li class="sidebar-nav-item"><a href="https://gajdulewicz.com/">Posts</a></li>
<li class="sidebar-nav-item"><a href="https://gajdulewicz.com/about/">About me</a></li>
</ul>
<ul class="sidebar-nav">
<li class="sidebar-nav-item">
<a href="https://github.com/rafax"><i class="fa fa-github-square fa-3x"></i></a>
<a href="https://linkedin.com/in/gajdulewicz"><i class="fa fa-linkedin-square fa-3x"></i></a>
<a href="https://twitter.com/gdlwcz"><i class="fa fa-twitter-square fa-3x"></i></a>
</li>
</ul>
</div>
</div>
<div class="content container">
<div class="posts">
<div class="post">
<h1 class="post-title">
<a href="https://gajdulewicz.com/blog/2016/04/09/issuing-and-validating-tokens-part-1-problem-description/">Issuing and validating tokens part 1: Problem description</a>
</h1>
<span class="post-date">Apr 9, 2016 · 2 minute read · <a href="https://gajdulewicz.com/blog/2016/04/09/issuing-and-validating-tokens-part-1-problem-description/#disqus_thread">Comments</a>
<br/>
</span>
<p>Many of the projects I do at work and in my free time require two components to exchange and validate some sort of tokens - whether it’s OAuth2 access tokens, session cookies, API keys or other types of data that is generally passed as a string and represents information about the user.</p>
<p>We generally apply one on two approaches to issuing and validating tokens:</p>
<ul>
<li>persist them in some sort of database and load them on every request</li>
<li>encrypt, sign and verify them cryptographically</li>
</ul>
<p>First way allows us to make the token smaller (as additional information will generally be stored in the DB) and makes it easier to expire them, but it requires DB lookups and API calls. Second approach means the tokens are larger and harder to expire, but it doesn’t require a DB and (in case of asymmetric encryption) can save API calls.</p>
<p>I want to compare the performance of those two approaches, so I plan to develop a simple API project that will issue tokens and allow clients to validate them using an API call. To add some background let’s assume users can purchase subscriptions in our book library, and whenever a purchase is completed we issue a token that can be used to get subscription expiry date, its level (say <em>All books</em> or <em>Books older than 1 year</em>) and platforms for which it is available.</p>
<p>API will have two endpoints - one for issuing tokens and one for verifying them. We are most interested in performance of the verify endpoint, as it directly impacts the (otherwise quick) user experience. We will investigate:</p>
<ul>
<li>GUIDs and data stored in Postgres</li>
<li>GUIDs and data stored in Redis</li>
<li>JWTs containing all user data and encrypted symmetrically</li>
<li>JWTs containing all user data and encrypted asymmetrically</li>
</ul>
<p>The last option gives us the possibility of sharing our public key with a trusted client so that the payload can be decrypted without hitting the API - we’ll try to benchmark that as a separate option. I included both Redis and Postgres as I generally use Postgres as the source of truth database - we’ll see how much can be gained by moving hot data to Redis.</p>
<p>Next post will include code and basic tests, and we’ll see where we can go from there.</p>
</div>
<div class="post">
<h1 class="post-title">
<a href="https://gajdulewicz.com/blog/2016/03/05/go-gotchas---loop-variable-and-goroutines/">Go gotchas - loop variable and goroutines</a>
</h1>
<span class="post-date">Mar 5, 2016 · 2 minute read · <a href="https://gajdulewicz.com/blog/2016/03/05/go-gotchas---loop-variable-and-goroutines/#disqus_thread">Comments</a>
</span>
<p><a href="https://gajdulewicz.com/blog/2015/07/20/go-gotchas---waitgroup-and-struct-paramaters-/-method-receivers/">Another</a> Golang issue with goroutines and for loops today :) This time let’s assume we start with a simple for loop that calls an anonymous function:
<div class="highlight" style="background: #f8f8f8"><pre style="line-height: 125%"><span></span><span style="color: #008000; font-weight: bold">package</span> main
<span style="color: #008000; font-weight: bold">import</span> (
<span style="color: #BA2121">"fmt"</span>
<span style="color: #BA2121">"sync"</span>
)
<span style="color: #008000; font-weight: bold">func</span> main() {
numbers <span style="color: #666666">:=</span> []<span style="color: #B00040">int</span>{<span style="color: #666666">1</span>, <span style="color: #666666">2</span>, <span style="color: #666666">3</span>, <span style="color: #666666">4</span>, <span style="color: #666666">5</span>, <span style="color: #666666">6</span>}
<span style="color: #408080; font-style: italic">// WaitGroup will be used to wait for child goroutines</span>
<span style="color: #008000; font-weight: bold">var</span> wg sync.WaitGroup
<span style="color: #008000; font-weight: bold">for</span> _, n <span style="color: #666666">:=</span> <span style="color: #008000; font-weight: bold">range</span> numbers {
wg.Add(<span style="color: #666666">1</span>)
<span style="color: #008000; font-weight: bold">func</span> foo() {
fmt.Printf(<span style="color: #BA2121">"%d "</span>, n)
wg.Done()
}()
}
wg.Wait()
}
</pre></div>
This works fine and prints</p>
<p><code>1 2 3 4 5 6</code></p>
<p>but to run the anonymous function in child goroutines - we will add a <code>go</code> keyword before the function call:
<div class="highlight" style="background: #f8f8f8"><pre style="line-height: 125%"><span></span><span style="color: #008000; font-weight: bold">package</span> main
<span style="color: #008000; font-weight: bold">import</span> (
<span style="color: #BA2121">"fmt"</span>
<span style="color: #BA2121">"sync"</span>
)
<span style="color: #008000; font-weight: bold">func</span> main() {
numbers <span style="color: #666666">:=</span> []<span style="color: #B00040">int</span>{<span style="color: #666666">1</span>, <span style="color: #666666">2</span>, <span style="color: #666666">3</span>, <span style="color: #666666">4</span>, <span style="color: #666666">5</span>, <span style="color: #666666">6</span>}
<span style="color: #408080; font-style: italic">// WaitGroup will be used to wait for child goroutines</span>
<span style="color: #008000; font-weight: bold">var</span> wg sync.WaitGroup
<span style="color: #008000; font-weight: bold">for</span> _, n <span style="color: #666666">:=</span> <span style="color: #008000; font-weight: bold">range</span> numbers {
wg.Add(<span style="color: #666666">1</span>)
<span style="background-color: #ffffcc"> <span style="color: #008000; font-weight: bold">go</span> <span style="color: #008000; font-weight: bold">func</span> foo() {
</span> fmt.Printf(<span style="color: #BA2121">"%d "</span>, n)
wg.Done()
}()
}
wg.Wait()
}
</pre></div>
and check the result - we would expect to get the same thing as above, or the same numbers in different order, but instead we get</p>
<p><code>6 6 6 6 6 6</code></p>
<p>What’s wrong? We see that all goroutines see the same value of n, and the value they see is equal to the last value of this variable. This suggests that goroutines access the variable not when they are started, but at a later time, when the for loop has run through all elements of <code>numbers</code>.</p>
<p>This is in fact true - the anonymous function closes over the variable, and uses it’s value from the time it was executing, not from the time it was started. To fix the issue we can do two things - copy the loop variable to the for block:
<div class="highlight" style="background: #f8f8f8"><pre style="line-height: 125%"><span></span><span style="color: #008000; font-weight: bold">for</span> _, n <span style="color: #666666">:=</span> <span style="color: #008000; font-weight: bold">range</span> numbers {
wg.Add(<span style="color: #666666">1</span>)
<span style="background-color: #ffffcc"> <span style="color: #008000; font-weight: bold">var</span> n = n
</span> <span style="color: #008000; font-weight: bold">go</span> <span style="color: #008000; font-weight: bold">func</span> foo() {
fmt.Printf(<span style="color: #BA2121">"%d "</span>, n)
wg.Done()
}()
}
</pre></div>
or binding the variable to a parameter of the anonymous function:
<div class="highlight" style="background: #f8f8f8"><pre style="line-height: 125%"><span></span><span style="color: #008000; font-weight: bold">for</span> _, n <span style="color: #666666">:=</span> <span style="color: #008000; font-weight: bold">range</span> numbers {
wg.Add(<span style="color: #666666">1</span>)
<span style="background-color: #ffffcc"> <span style="color: #008000; font-weight: bold">go</span> <span style="color: #008000; font-weight: bold">func</span> foo(n <span style="color: #B00040">int</span>) {
</span> fmt.Printf(<span style="color: #BA2121">"%d "</span>, n)
wg.Done()
<span style="background-color: #ffffcc"> }(n)
</span>}
</pre></div>
Both of those are correct, I prefer the second one but this is really a matter of taste. This problem is not specific to Go, and some other languages go to great lengths to help programmers avoid this trap - <a href="https://stackoverflow.com/questions/12112881/has-foreachs-use-of-variables-been-changed-in-c-sharp-5">Microsoft introduced a backwards incompatible change in C# 5.0 to fix this</a>.</p>
</div>
<div class="post">
<h1 class="post-title">
<a href="https://gajdulewicz.com/blog/2015/07/20/go-gotchas---waitgroup-and-struct-paramaters-/-method-receivers/">Go gotchas - WaitGroup (and struct paramaters / method receivers)</a>
</h1>
<span class="post-date">Jul 20, 2015 · 3 minute read · <a href="https://gajdulewicz.com/blog/2015/07/20/go-gotchas---waitgroup-and-struct-paramaters-/-method-receivers/#disqus_thread">Comments</a>
</span>
<p><a href="https://golang.org/">Go</a> has been my go-to side project language for quite some time now (since before v1.0), and when I started the <a href="https://cryptopals.com">Matasano crypto challenges</a> it seemed like a perfect fit for a number of reasons - it doesn’t force me to write a lot of boilerplate, is low-level enough to allow implementing your own crypto primitives and it comes with a rich standard library (I am looking at you Scala). I made my way through the first set and while solving one of the problems I wanted to run a certain function in parallel.</p>
<p>The simplest way of making this use all CPU cores is to run each calculation in it’s own goroutine, and the standard way tracking if all of them completed is using a sync.WaitGroup - for simplicity’s sake this code assumes we only care about side effects (printing) and do not consume the result:
<div class="highlight" style="background: #f8f8f8"><pre style="line-height: 125%"><span></span><span style="color: #008000; font-weight: bold">package</span> main
<span style="color: #008000; font-weight: bold">import</span> (
<span style="color: #BA2121">"fmt"</span>
<span style="color: #BA2121">"sync"</span>
)
<span style="color: #008000; font-weight: bold">func</span> main() {
numbers <span style="color: #666666">:=</span> []<span style="color: #B00040">int</span>{<span style="color: #666666">1</span>, <span style="color: #666666">2</span>, <span style="color: #666666">3</span>, <span style="color: #666666">4</span>, <span style="color: #666666">5</span>, <span style="color: #666666">6</span>, <span style="color: #666666">7</span>, <span style="color: #666666">8</span>, <span style="color: #666666">9</span>, <span style="color: #666666">10</span>}
<span style="color: #008000; font-weight: bold">var</span> wg sync.WaitGroup
<span style="color: #008000; font-weight: bold">for</span> _, n <span style="color: #666666">:=</span> <span style="color: #008000; font-weight: bold">range</span> numbers {
wg.Add(<span style="color: #666666">1</span>)
<span style="color: #008000; font-weight: bold">go</span> <span style="color: #008000; font-weight: bold">func</span>(in <span style="color: #B00040">int</span>) {
fmt.Printf(<span style="color: #BA2121">"%d: %d\n"</span>, in, cpuIntensive(in))
wg.Done()
}(n)
}
wg.Wait()
}
<span style="color: #408080; font-style: italic">// does something CPU intensive</span>
<span style="color: #008000; font-weight: bold">func</span> cpuIntensive(n <span style="color: #B00040">int</span>) <span style="color: #B00040">int</span> {
<span style="color: #008000; font-weight: bold">return</span> n <span style="color: #666666">*</span> n <span style="color: #666666">*</span> n
}
</pre></div>
This works fine, but wouldn’t it be nice to extract the anonymous function to make things more readable / testable:</p>
<p><div class="highlight" style="background: #f8f8f8"><pre style="line-height: 125%"><span></span><span style="color: #008000; font-weight: bold">package</span> main
<span style="color: #008000; font-weight: bold">import</span> (
<span style="color: #BA2121">"fmt"</span>
<span style="color: #BA2121">"sync"</span>
)
<span style="color: #008000; font-weight: bold">func</span> main() {
numbers <span style="color: #666666">:=</span> []<span style="color: #B00040">int</span>{<span style="color: #666666">1</span>, <span style="color: #666666">10</span>, <span style="color: #666666">100</span>, <span style="color: #666666">1000</span>}
<span style="color: #008000; font-weight: bold">var</span> wg sync.WaitGroup
<span style="color: #008000; font-weight: bold">for</span> _, n <span style="color: #666666">:=</span> <span style="color: #008000; font-weight: bold">range</span> numbers {
wg.Add(<span style="color: #666666">1</span>)
<span style="color: #008000; font-weight: bold">go</span> runInGoroutine(n, wg)
}
wg.Wait()
}
<span style="color: #008000; font-weight: bold">func</span> runInGoroutine(in <span style="color: #B00040">int</span>, wg sync.WaitGroup) {
fmt.Printf(<span style="color: #BA2121">"cpuIntensive(%d): %d\n"</span>, in, cpuIntensive(in))
wg.Done()
}
<span style="color: #408080; font-style: italic">// does something CPU intensive</span>
<span style="color: #008000; font-weight: bold">func</span> cpuIntensive(n <span style="color: #B00040">int</span>) <span style="color: #B00040">int</span> {
<span style="color: #008000; font-weight: bold">return</span> n <span style="color: #666666">*</span> n <span style="color: #666666">*</span> n
}
</pre></div>
Turns out it’s not that simple - this code completes the calculations but fails with
<code>
fatal error: all goroutines are asleep - deadlock!
</code></p>
<p>What is happening here - we only extracted a function? Go is kind enough to let us know that our program is deadlocked - but why? Our simple refactoring wasn’t correct - we changed the way the code run in goroutine uses the sync.WaitGroup variable. Previously it closed (as in <a href="https://en.wikipedia.org/wiki/Closure_(computer_programming">closure</a>) over it, now it takes it as a parameter.</p>
<p>The issue is that the WaitGroup is passed by value, so each goroutine gets a copy of the WaitGroup. This means that when we call wg.Wait() we are waiting on a WaitGroup that will never be modified by child goroutines, and we will never exit the main function. The fix is simple - we pass a pointer to all goroutines, letting WaitGroup take care of concurrent modifications:
<div class="highlight" style="background: #f8f8f8"><pre style="line-height: 125%"><span></span><span style="color: #008000; font-weight: bold">package</span> main
<span style="color: #008000; font-weight: bold">import</span> (
<span style="color: #BA2121">"fmt"</span>
<span style="color: #BA2121">"sync"</span>
)
<span style="color: #008000; font-weight: bold">func</span> main() {
numbers <span style="color: #666666">:=</span> []<span style="color: #B00040">int</span>{<span style="color: #666666">1</span>, <span style="color: #666666">10</span>, <span style="color: #666666">100</span>, <span style="color: #666666">1000</span>}
<span style="color: #008000; font-weight: bold">var</span> wg sync.WaitGroup
<span style="color: #008000; font-weight: bold">for</span> _, n <span style="color: #666666">:=</span> <span style="color: #008000; font-weight: bold">range</span> numbers {
wg.Add(<span style="color: #666666">1</span>)
<span style="background-color: #ffffcc"> <span style="color: #008000; font-weight: bold">go</span> runInGoroutine(n, <span style="color: #666666">&</span>wg)
</span> }
wg.Wait()
}
<span style="background-color: #ffffcc"><span style="color: #008000; font-weight: bold">func</span> runInGoroutine(in <span style="color: #B00040">int</span>, wg <span style="color: #666666">*</span>sync.WaitGroup) {
</span> fmt.Printf(<span style="color: #BA2121">"cpuIntensive(%d): %d\n"</span>, in, cpuIntensive(in))
wg.Done()
}
<span style="color: #408080; font-style: italic">// does something CPU intensive</span>
<span style="color: #008000; font-weight: bold">func</span> cpuIntensive(n <span style="color: #B00040">int</span>) <span style="color: #B00040">int</span> {
<span style="color: #008000; font-weight: bold">return</span> n <span style="color: #666666">*</span> n <span style="color: #666666">*</span> n
}
</pre></div>
Point to remember - whenever you are mutating parameters (or for that matter <a href="https://tour.golang.org/methods/3">method receivers</a>) make sure you are referencing the original object, not a copy.</p>
</div>
</div>
</div>
<script type="text/javascript">
var disqus_shortname = "blog-gajdulewicz-com";
(function () {
var s = document.createElement('script'); s.async = true;
s.type = 'text/javascript';
s.src = '//' + disqus_shortname + '.disqus.com/count.js';
(document.getElementsByTagName('HEAD')[0] || document.getElementsByTagName('BODY')[0]).appendChild(s);
}());
</script>
</body>
</html>