(refactor) plugins to remove dependencies to kong.tools and use more PDK #3845
Conversation
bungle
force-pushed
the
feat/plugins-update-new-apis-pt2
branch
6 times, most recently
from
42e7340
to
8174bf7
Compare
| ) | ||
| end, | ||
| }, { __index = function(_, generator) | ||
| kong.log.err("Invalid generator: " .. generator) |
There was a problem hiding this comment.
This extra metatable that's added for error-checking only is effectively dead code, because the schema guarantees that conf.generator is always valid. I think we could remove this and make generators a simple table.
There was a problem hiding this comment.
(I realize this was in the original code already, just noticed that and thought we could clean it up)
kong/plugins/hmac-auth/access.lua
Outdated
| @@ -28,6 +24,7 @@ local DIGEST = "digest" | |||
| local SIGNATURE_NOT_VALID = "HMAC signature cannot be verified" | |||
| local SIGNATURE_NOT_SAME = "HMAC signature does not match" | |||
|
|
|||
|
|
|||
| local new_tab | |||
There was a problem hiding this comment.
new_tab can be removed and replaced by kong.table.new
kong/plugins/hmac-auth/access.lua
Outdated
| -- parse the header to retrieve hamc parameters | ||
| if authorization_header then | ||
| local iterator, iter_err = ngx_gmatch(authorization_header, "\\s*[Hh]mac\\s*username=\"(.+)\",\\s*algorithm=\"(.+)\",\\s*headers=\"(.+)\",\\s*signature=\"(.+)\"") | ||
| local iterator, iter_err = re_gmatch(authorization_header, | ||
| "\\s*[Hh]mac\\s*username=\"(.+)\",\\s*algorithm=\"(.+)\",\\s*headers=\"(.+)\",\\s*signature=\"(.+)\"") |
There was a problem hiding this comment.
you can reduce the line by breaking this long string into shorter ones connected by .. (don't worry, the compiler's constant-subexpression-elimination will make it into a single string)
kong/plugins/hmac-auth/access.lua
Outdated
| local signature_2 = ngx_decode_base64(hmac_params.signature) | ||
|
|
||
| local function validate_signature(hmac_params) | ||
| local signature_1 = create_hash(ngx.var.request_uri, hmac_params) |
There was a problem hiding this comment.
It's unfortunate we still need to rely on ngx.var.request_uri here, but I guess it's because we don't have an exact equivalent in the PDK, right? Would this be our best shot sticking to the current PDK API?
local function get_path_and_query()
local p = ngx.request.get_path()
local q = ngx.request.get_raw_query()
return (q ~= "") and (p .. "?" .. q) or p
end(which is inefficient because get_path strips the query from ngx.var.request_uri and then this adds it back, I know.)
Is this pattern common enough to warrant a kong.request.get_path_and_query function? (The aws-lambda plugin does the same as the above, but that's mostly for backwards compat with the "request_uri" info being forwarded)
| local ctx = ngx.ctx | ||
| if ctx.delay_response and not ctx.delayed_response then | ||
| ctx.delayed_response = { | ||
| local shared_ctx = kong.ctx.shared |
There was a problem hiding this comment.
The whole delayed_response logic (and flush function) can be replaced by kong.response.exit, which takes care of it. It is possible to just do
if content then
return kong.response.exit(status, content, {
["Content-Type"] = conf.content_type
})
endinstead of this whole block, also removing the flush function above.
| end | ||
|
|
||
|
|
||
| local function get_timestamps(now) |
There was a problem hiding this comment.
Copying these functions multiple times inside the same plugin feels wrong. If the idea is to move them out of kong.tools.* and into the plugin, then maybe create a timestamps utility module inside the plugin for them?
There was a problem hiding this comment.
Only two times. Is that the threshold, when to make a new library and modification to rocks.
There was a problem hiding this comment.
I can get back to just using kong.tools.timestamp module.
| local fmt = string.format | ||
|
|
||
|
|
||
| local NULL_UUID = "00000000-0000-0000-0000-000000000000" | ||
| local log_err = kong and kong.log.err or function(...) |
There was a problem hiding this comment.
Is this here because of tests where kong is not available? If that's the case, I'd rather just populate kong.log.err in the test case before testing this module instead of leaking ngx.log here.
bungle
force-pushed
the
feat/plugins-update-new-apis-pt2
branch
2 times, most recently
from
7e7efbf
to
44830e1
Compare
bungle
force-pushed
the
feat/plugins-update-new-apis-pt2
branch
from
44830e1
to
f427b25
Compare
bungle
force-pushed
the
feat/plugins-update-new-apis-pt2
branch
4 times, most recently
from
ffe251b
to
b16b0d3
Compare
kong/plugins/acl/handler.lua
Outdated
| ngx_log(ngx_error, "[acl plugin] Cannot identify the consumer, add an ", | ||
| "authentication plugin to use the ACL plugin") | ||
| return responses.send_HTTP_FORBIDDEN("You cannot consume this service") | ||
| kong.log.err("Cannot identify the consumer, add an authentication " .. |
There was a problem hiding this comment.
It is still preferred to use the variadic form of this function, (, instead of ..).
| end | ||
|
|
||
| return re_find(str, uuid_regex, 'ioj') ~= nil | ||
| end |
There was a problem hiding this comment.
Why are we duplicating is_valid_uuid? This is a blocker. The scope of this work is not to get rid of kong.tools.utils.
kong/plugins/jwt/asn_sequence.lua
Outdated
| return input | ||
| end | ||
|
|
||
|
|
There was a problem hiding this comment.
Such vendor files ideally should be left untouched and are not subject to our coding style, as pulling fixes from upstream becomes harder.
kong/plugins/ldap-auth/handler.lua
Outdated
| LdapAuthHandler.PRIORITY = 1002 | ||
| LdapAuthHandler.VERSION = "0.1.0" | ||
| LdapAuthHandler.VERSION = "0.1.1" |
There was a problem hiding this comment.
All of these massive updates warrant increasing the second digit (e.g. 0.2.0) in all of these plugins, instead of the patch digit.
…uest-termination plugin
bungle
force-pushed
the
feat/plugins-update-new-apis-pt2
branch
from
b16b0d3
to
0ad4aa3
Compare
Summary
This contains changes to following plugins and their test suite? This is rebased on @hishamhm's https://github.com/Kong/kong/tree/feat/plugins-update-new-apis branch (#3844) which should be merged and REVIEWed before this.
Also contains a small fix to a typo on key-auth plugin.