feat:support rls to push xds client

polarismesh · May 26, 2023 · bd3062a · bd3062a
1 parent 094ef01
commit bd3062a
Show file tree

Hide file tree

Showing 11 changed files with 46 additions and 47 deletions.
diff --git a/auth/auth.go b/auth/auth.go
@@ -28,17 +28,43 @@ import (
 	"github.com/polarismesh/polaris/store"
 )
 
+const (
+	// DefaultUserMgnPluginName default user server name
+	DefaultUserMgnPluginName = "defaultUser"
+	// DefaultStrategyMgnPluginName default strategy server name
+	DefaultStrategyMgnPluginName = "defaultStrategy"
+)
+
 // Config 鉴权能力的相关配置参数
 type Config struct {
 	// Name 原AuthServer名称，已废弃
 	Name string
 	// Option 原AuthServer的option，已废弃
+	// Deprecated
 	Option map[string]interface{}
-
 	// User UserOperator的相关配置
-	User UserConfig `yaml:"user"`
+	User *UserConfig `yaml:"user"`
 	// Strategy StrategyOperator的相关配置
-	Strategy StrategyConfig `yaml:"strategy"`
+	Strategy *StrategyConfig `yaml:"strategy"`
+}
+
+func (c *Config) setDefault() {
+	if c.User == nil {
+		c.User = &UserConfig{
+			Name: DefaultUserMgnPluginName,
+			Option: map[string]interface{}{
+				"": nil,
+			},
+		}
+	}
+	if c.Strategy == nil {
+		c.Strategy = &StrategyConfig{
+			Name: DefaultStrategyMgnPluginName,
+			Option: map[string]interface{}{
+				"": nil,
+			},
+		}
+	}
 }
 
 // UserConfig UserOperator的相关配置
@@ -110,6 +136,7 @@ func GetStrategyServer() (StrategyServer, error) {
 func Initialize(ctx context.Context, authOpt *Config, storage store.Store, cacheMgn *cache.CacheManager) error {
 	var err error
 	once.Do(func() {
+		authOpt.setDefault()
 		err = initialize(ctx, authOpt, storage, cacheMgn)
 	})
 

diff --git a/auth/defaultauth/auth_checker_test.go b/auth/defaultauth/auth_checker_test.go
@@ -85,11 +85,11 @@ func Test_defaultAuthChecker_VerifyCredential(t *testing.T) {
 
 	checker := &defaultAuthChecker{}
 	checker.Initialize(&auth.Config{
-		User: auth.UserConfig{
+		User: &auth.UserConfig{
 			Name:   "",
 			Option: map[string]interface{}{},
 		},
-		Strategy: auth.StrategyConfig{
+		Strategy: &auth.StrategyConfig{
 			Name: "",
 			Option: map[string]interface{}{
 				"": nil,
@@ -1136,11 +1136,11 @@ func Test_defaultAuthChecker_Initialize(t *testing.T) {
 		reset(true)
 		authChecker := &defaultAuthChecker{}
 		err := authChecker.Initialize(&auth.Config{
-			User: auth.UserConfig{
+			User: &auth.UserConfig{
 				Name:   "",
 				Option: map[string]interface{}{"salt": "polarismesh@2021"},
 			},
-			Strategy: auth.StrategyConfig{
+			Strategy: &auth.StrategyConfig{
 				Name: "",
 				Option: map[string]interface{}{
 					"consoleOpen": true,
@@ -1162,11 +1162,11 @@ func Test_defaultAuthChecker_Initialize(t *testing.T) {
 		reset(true)
 		authChecker := &defaultAuthChecker{}
 		err := authChecker.Initialize(&auth.Config{
-			User: auth.UserConfig{
+			User: &auth.UserConfig{
 				Name:   "",
 				Option: map[string]interface{}{"salt": "polarismesh@2021"},
 			},
-			Strategy: auth.StrategyConfig{
+			Strategy: &auth.StrategyConfig{
 				Name: "",
 				Option: map[string]interface{}{
 					"consoleOpen": true,

diff --git a/auth/defaultauth/default.go b/auth/defaultauth/default.go
@@ -21,13 +21,6 @@ import (
 	"github.com/polarismesh/polaris/auth"
 )
 
-const (
-	// UserMgnPluginName default user server name
-	UserMgnPluginName = "defaultUserManager"
-	// StrategyMgnPluginName default strategy server name
-	StrategyMgnPluginName = "defaultStrategyManager"
-)
-
 func init() {
 	_ = auth.RegisterUserServer(&userAuthAbility{})
 	_ = auth.RegisterStrategyServer(&strategyAuthAbility{})

diff --git a/auth/defaultauth/strategy_authability.go b/auth/defaultauth/strategy_authability.go
@@ -60,7 +60,7 @@ func (svr *strategyAuthAbility) Initialize(authOpt *auth.Config, storage store.S
 
 // Name of the user operator plugin
 func (svr *strategyAuthAbility) Name() string {
-	return "defaultStrategyManager"
+	return auth.DefaultStrategyMgnPluginName
 }
 
 // CreateStrategy creates a new strategy.

diff --git a/auth/defaultauth/strategy_test.go b/auth/defaultauth/strategy_test.go
@@ -103,13 +103,13 @@ func newStrategyTest(t *testing.T) *StrategyTest {
 
 	checker := &defaultAuthChecker{}
 	checker.Initialize(&auth.Config{
-		User: auth.UserConfig{
+		User: &auth.UserConfig{
 			Name: "",
 			Option: map[string]interface{}{
 				"salt": "polarismesh@2021",
 			},
 		},
-		Strategy: auth.StrategyConfig{
+		Strategy: &auth.StrategyConfig{
 			Name: "",
 			Option: map[string]interface{}{
 				"consoleOpen": true,

diff --git a/auth/defaultauth/user_authability.go b/auth/defaultauth/user_authability.go
@@ -65,7 +65,7 @@ func (svr *userAuthAbility) Initialize(authOpt *auth.Config, storage store.Store
 
 // Name of the user operator plugin
 func (svr *userAuthAbility) Name() string {
-	return "defaultUserManager"
+	return auth.DefaultUserMgnPluginName
 }
 
 // CreateUsers 创建用户，只能由超级账户 or 主账户调用

diff --git a/go.mod b/go.mod
@@ -87,6 +87,4 @@ require (
 	github.com/polarismesh/specification v1.3.1
 )
 
-require gopkg.in/natefinch/lumberjack.v2 v2.0.0 // indirect
-
 replace gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.2
diff --git a/go.sum b/go.sum
@@ -379,8 +379,8 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
-github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
-github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
+github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8=
+github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw=
 github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=

diff --git a/release/conf/polaris-server.yaml b/release/conf/polaris-server.yaml
@@ -300,13 +300,13 @@ auth:
   # auth's option has migrated to auth.user and auth.strategy
   # it's still available when filling auth.option, but you will receive warning log that auth.option has deprecated.
   user:
-    name: defaultUserManager
+    name: defaultUser
     option:
       # Token encrypted SALT, you need to rely on this SALT to decrypt the information of the Token when analyzing the Token
       # The length of SALT needs to satisfy the following one：len(salt) in [16, 24, 32]
       salt: polarismesh@2021
   strategy:
-    name: defaultStrategyManager
+    name: defaultStrategy
     option:
       # Console power switch, open default
       consoleOpen: true

diff --git a/service/default_test.go b/service/default_test.go
@@ -43,14 +43,7 @@ func Test_Initialize(t *testing.T) {
 	s := mock.NewMockStore(ctrl)
 
 	_, _, err := auth.TestInitialize(context.Background(), &auth.Config{
-		User: auth.UserConfig{
-			Name:   "defaultUserManager",
-			Option: map[string]interface{}{},
-		},
-		Strategy: auth.StrategyConfig{
-			Name:   "defaultStrategyManager",
-			Option: map[string]interface{}{},
-		},
+		Option: map[string]interface{}{},
 	}, s, nil)
 	assert.NoError(t, err)
 

diff --git a/service/service_test.go b/service/service_test.go
@@ -1378,19 +1378,7 @@ func TestConcurrencyCreateSameService(t *testing.T) {
 		}, mockStore)
 		assert.NoError(t, err)
 
-		userMgn, strategyMgn, err := auth.TestInitialize(ctx, &auth.Config{
-			User: auth.UserConfig{
-				Name:   "defaultUserManager",
-				Option: map[string]interface{}{},
-			},
-			Strategy: auth.StrategyConfig{
-				Name: "defaultStrategyManager",
-				Option: map[string]interface{}{
-					"clientOpen":  false,
-					"consoleOpen": false,
-				},
-			},
-		}, mockStore, cacheMgr)
+		userMgn, strategyMgn, err := auth.TestInitialize(ctx, &auth.Config{}, mockStore, cacheMgr)
 		assert.NoError(t, err)
 
 		nsSvr, err = namespace.TestInitialize(ctx, &namespace.Config{