Add a server option to specify the default authentication method (#2936)

The current default authentication method is hardcoded to `SCRAM` and if one wants a different default, something like this is currently required: CONFIGURE INSTANCE INSERT Auth { priority := 0, method := (INSERT Trust), }; This is problematic because this configuration is persistent, so it's harder to start an insecure server temporarily. This patch adds the new `--default-auth-method` argument as well as its companion `EDGEDB_SERVER_DEFAULT_AUTH_METHOD` environment variable to set the default authentication method. `SCRAM` is still the default, but devmode servers (`edb cli`) now set to `--default-auth-method=Trust` as before.
edgedb · Sep 14, 2021 · eebe504 · eebe504
1 parent a8b3bc2
commit eebe504
Show file tree

Hide file tree

Showing 5 changed files with 31 additions and 37 deletions.
diff --git a/edb/server/args.py b/edb/server/args.py
@@ -60,7 +60,6 @@ class StartupScript(NamedTuple):
 
 class ServerConfig(NamedTuple):
 
-    insecure: bool
     data_dir: pathlib.Path
     backend_dsn: str
     backend_adaptive_ha: bool
@@ -96,6 +95,7 @@ class ServerConfig(NamedTuple):
     tls_key_file: Optional[pathlib.Path]
     generate_self_signed_cert: bool
 
+    default_auth_method: str
     allow_insecure_binary_clients: bool
     allow_insecure_http_clients: bool
 
@@ -402,6 +402,18 @@ def _writer(status: str) -> None:
         envvar="EDGEDB_SERVER_ALLOW_INSECURE_HTTP_CLIENTS",
         type=bool, is_flag=True, hidden=True,
         help='Allow non-TLS client HTTP connections.'),
+    click.option(
+        "--default-auth-method",
+        envvar="EDGEDB_SERVER_DEFAULT_AUTH_METHOD",
+        type=click.Choice(
+            ['SCRAM', 'Trust'],
+            case_sensitive=True,
+        ),
+        help=(
+            "The default authentication method to use when none is "
+            "explicitly configured. Defaults to 'SCRAM'."
+        ),
+    ),
     click.option(
         '--instance-name',
         envvar="EDGEDB_SERVER_INSTANCE_NAME",
@@ -490,6 +502,9 @@ def parse_args(**kwargs: Any):
 
     del kwargs['postgres_dsn']
 
+    if not kwargs['default_auth_method']:
+        kwargs['default_auth_method'] = 'SCRAM'
+
     if kwargs['temp_dir']:
         if kwargs['data_dir']:
             abort('--temp-dir is incompatible with --data-dir/-D')

diff --git a/edb/server/bootstrap.py b/edb/server/bootstrap.py
@@ -27,8 +27,6 @@
 import pickle
 import re
 
-import immutables
-
 from edb import buildmeta
 from edb import errors
 
@@ -938,39 +936,10 @@ async def _configure(
     ctx: BootstrapContext,
     schema: s_schema.Schema,
     compiler: edbcompiler.Compiler,
-    *,
-    insecure: bool = False,
 ) -> None:
     config_spec = config.get_settings()
-
-    scripts = []
     settings: Mapping[str, config.SettingValue] = {}
 
-    if insecure:
-        scripts.append('''
-            CONFIGURE INSTANCE INSERT Auth {
-                priority := 0,
-                method := (INSERT Trust),
-            };
-        ''')
-
-    for script in scripts:
-        _, sql = compile_bootstrap_script(
-            compiler,
-            schema,
-            script,
-            single_statement=True,
-        )
-
-        if debug.flags.bootstrap:
-            debug.header('Bootstrap')
-            debug.dump_code(sql, lexer='sql')
-
-        config_op_data = await ctx.conn.fetchval(sql)
-        if config_op_data is not None and isinstance(config_op_data, str):
-            config_op = config.Operation.from_json(config_op_data)
-            settings = config_op.apply(config_spec, immutables.Map())
-
     config_json = config.to_json(config_spec, settings, include_source=False)
     block = dbops.PLTopBlock()
     dbops.UpdateMetadata(
@@ -1376,7 +1345,6 @@ async def _bootstrap(
             ctx._replace(conn=conn),
             schema=schema,
             compiler=compiler,
-            insecure=args.insecure,
         )
     finally:
         await conn.close()

diff --git a/edb/server/main.py b/edb/server/main.py
@@ -198,6 +198,7 @@ async def _run_server(
             allow_insecure_binary_clients=args.allow_insecure_binary_clients,
             allow_insecure_http_clients=args.allow_insecure_http_clients,
             backend_adaptive_ha=args.backend_adaptive_ha,
+            default_auth_method=args.default_auth_method,
         )
         await sc.wait_for(ss.init())
 
@@ -316,6 +317,10 @@ async def run_server(
     else:
         logger.info(f'EdgeDB server ({info_details}) is starting.')
 
+    logger.debug(
+        f"defaulting to the '{args.default_auth_method}' authentication method"
+    )
+
     _init_parsers()
 
     pg_cluster_init_by_us = False
@@ -486,7 +491,7 @@ def bump_rlimit_nofile() -> None:
                 logger.warning('could not set RLIMIT_NOFILE')
 
 
-def server_main(*, insecure=False, **kwargs):
+def server_main(**kwargs):
     logsetup.setup_logging(kwargs['log_level'], kwargs['log_to'])
     exceptions.install_excepthook()
 
@@ -497,7 +502,7 @@ def server_main(*, insecure=False, **kwargs):
     if kwargs['devmode'] is not None:
         devmode.enable_dev_mode(kwargs['devmode'])
 
-    server_args = srvargs.parse_args(insecure=insecure, **kwargs)
+    server_args = srvargs.parse_args(**kwargs)
 
     if kwargs['background']:
         daemon_opts = {'detach_process': True}

diff --git a/edb/server/server.py b/edb/server/server.py
@@ -113,6 +113,7 @@ def __init__(
         status_sink: Optional[Callable[[str], None]] = None,
         startup_script: Optional[srvargs.StartupScript] = None,
         backend_adaptive_ha: bool = False,
+        default_auth_method: str,
     ):
 
         self._loop = asyncio.get_running_loop()
@@ -193,6 +194,7 @@ def __init__(
         self._tls_cert_file = None
         self._sslctx = None
 
+        self._default_auth_method = default_auth_method
         self._allow_insecure_binary_clients = allow_insecure_binary_clients
         self._allow_insecure_http_clients = allow_insecure_http_clients
         if backend_adaptive_ha:
@@ -1239,7 +1241,9 @@ async def get_auth_method(self, user):
                 if match:
                     return auth.method
 
-        return config.get_settings().get_type_by_name('SCRAM')()
+        auth_type = config.get_settings().get_type_by_name(
+            self._default_auth_method)
+        return auth_type()
 
     def get_sys_query(self, key):
         return self._sys_queries[key]

diff --git a/edb/tools/edb.py b/edb/tools/edb.py
@@ -51,7 +51,9 @@ def server(version=False, **kwargs):
 
     os.environ['EDGEDB_DEBUG_SERVER'] = '1'
     debug.init_debug_flags()
-    srv_main.server_main(insecure=True, **kwargs)
+    if not kwargs.get('default_auth_method'):
+        kwargs['default_auth_method'] = 'Trust'
+    srv_main.server_main(**kwargs)
 
 
 # Import at the end of the file so that "edb.tools.edb.edbcommands"