refactor: name RW mutexes consistently (#2822)

Followup on #2819

Signed-off-by: Alexander Yastrebov <[email protected]>

Author: AlexanderYastrebov

filters/auth/jwt_validation.go

@@ -26,15 +26,16 @@ type (
 	}
 )
 
-var m sync.RWMutex
-
 var refreshInterval = time.Hour
 var refreshRateLimit = time.Minute * 5
 var refreshTimeout = time.Second * 10
 var refreshUnknownKID = true
 
 // the map of jwks keyfunctions stored per jwksUri
-var jwksMap map[string]*keyfunc.JWKS = make(map[string]*keyfunc.JWKS)
+var (
+	jwksMu  sync.RWMutex
+	jwksMap map[string]*keyfunc.JWKS = make(map[string]*keyfunc.JWKS)
+)
 
 func NewJwtValidationWithOptions(o TokenintrospectionOptions) filters.Spec {
 	return &jwtValidationSpec{
@@ -75,16 +76,16 @@ func (s *jwtValidationSpec) CreateFilter(args []interface{}) (filters.Filter, er
 }
 
 func hasKeyFunction(url string) bool {
-	m.RLock()
-	defer m.RUnlock()
+	jwksMu.RLock()
+	defer jwksMu.RUnlock()
 
 	_, ok := jwksMap[url]
 	return ok
 }
 
 func putKeyFunction(url string, jwks *keyfunc.JWKS) {
-	m.Lock()
-	defer m.Unlock()
+	jwksMu.Lock()
+	defer jwksMu.Unlock()
 
 	jwksMap[url] = jwks
 }
@@ -114,8 +115,8 @@ func registerKeyFunction(url string) (err error) {
 }
 
 func getKeyFunction(url string) (jwks *keyfunc.JWKS) {
-	m.RLock()
-	defer m.RUnlock()
+	jwksMu.RLock()
+	defer jwksMu.RUnlock()
 
 	return jwksMap[url]
 }

filters/auth/oidc_introspection.go

@@ -19,7 +19,7 @@ const (
 	oidcClaimsCacheKey = "oidcclaimscachekey"
 )
 
-var gjsonModifierMutex = sync.RWMutex{}
+var gjsonMu sync.RWMutex
 
 type (
 	oidcIntrospectionSpec struct {
@@ -87,16 +87,16 @@ func (spec *oidcIntrospectionSpec) CreateFilter(args []interface{}) (filters.Fil
 		return nil, filters.ErrInvalidFilterParameters
 	}
 
-	gjsonModifierMutex.RLock()
+	gjsonMu.RLock()
 	// method is not thread safe
 	modExists := gjson.ModifierExists("_", gjsonThisModifier)
-	gjsonModifierMutex.RUnlock()
+	gjsonMu.RUnlock()
 
 	if !modExists {
-		gjsonModifierMutex.Lock()
+		gjsonMu.Lock()
 		// method is not thread safe
 		gjson.AddModifier("_", gjsonThisModifier)
-		gjsonModifierMutex.Unlock()
+		gjsonMu.Unlock()
 	}
 
 	return filter, nil

proxy/backendtest/backendrecorder.go

@@ -18,9 +18,9 @@ type RecordedRequest struct {
 
 type BackendRecorderHandler struct {
 	server   *httptest.Server
-	requests []RecordedRequest
-	mutex    sync.RWMutex
 	done     <-chan time.Time
+	mu       sync.RWMutex
+	requests []RecordedRequest
 }
 
 func NewBackendRecorder(closeAfter time.Duration) *BackendRecorderHandler {
@@ -42,18 +42,18 @@ func (rec *BackendRecorderHandler) ServeHTTP(w http.ResponseWriter, r *http.Requ
 	if err != nil {
 		log.Errorf("backendrecorder: error writing reading request body: %v", err)
 	}
-	rec.mutex.Lock()
+	rec.mu.Lock()
 	rec.requests = append(rec.requests, RecordedRequest{
 		URL:  r.URL,
 		Body: string(body),
 	})
-	rec.mutex.Unlock()
+	rec.mu.Unlock()
 }
 
 func (rec *BackendRecorderHandler) GetRequests() []RecordedRequest {
-	rec.mutex.RLock()
+	rec.mu.RLock()
 	requests := rec.requests
-	rec.mutex.RUnlock()
+	rec.mu.RUnlock()
 	return requests
 }
 

secrets/encrypter.go

@@ -49,8 +49,8 @@ func newFileSecretSource(file string) SecretSource {
 }
 
 type Encrypter struct {
+	mu           sync.RWMutex
 	cipherSuites []cipher.AEAD
-	mux          sync.RWMutex
 	secretSource SecretSource
 	closer       chan struct{}
 	closedHook   chan struct{}
@@ -78,8 +78,8 @@ func WithSource(s SecretSource) (*Encrypter, error) {
 }
 
 func (e *Encrypter) CreateNonce() ([]byte, error) {
-	e.mux.RLock()
-	defer e.mux.RUnlock()
+	e.mu.RLock()
+	defer e.mu.RUnlock()
 	if len(e.cipherSuites) > 0 {
 		nonce := make([]byte, e.cipherSuites[0].NonceSize())
 		if _, err := io.ReadFull(crand.Reader, nonce); err != nil {
@@ -92,8 +92,8 @@ func (e *Encrypter) CreateNonce() ([]byte, error) {
 
 // Encrypt encrypts given plaintext
 func (e *Encrypter) Encrypt(plaintext []byte) ([]byte, error) {
-	e.mux.RLock()
-	defer e.mux.RUnlock()
+	e.mu.RLock()
+	defer e.mu.RUnlock()
 	if len(e.cipherSuites) > 0 {
 		nonce, err := e.CreateNonce()
 		if err != nil {
@@ -106,8 +106,8 @@ func (e *Encrypter) Encrypt(plaintext []byte) ([]byte, error) {
 
 // Decrypt decrypts given cipher text
 func (e *Encrypter) Decrypt(cipherText []byte) ([]byte, error) {
-	e.mux.RLock()
-	defer e.mux.RUnlock()
+	e.mu.RLock()
+	defer e.mu.RUnlock()
 	for _, c := range e.cipherSuites {
 		nonceSize := c.NonceSize()
 		if len(cipherText) < nonceSize {
@@ -147,8 +147,8 @@ func (e *Encrypter) RefreshCiphers() error {
 		}
 		suites[i] = aesgcm
 	}
-	e.mux.Lock()
-	defer e.mux.Unlock()
+	e.mu.Lock()
+	defer e.mu.Unlock()
 	e.cipherSuites = suites
 	return nil
 }