From bd3062a191465df99ad4c0d1897382c69481bdf3 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Fri, 26 May 2023 10:37:27 +0800 Subject: [PATCH] feat:support rls to push xds client --- auth/auth.go | 33 +++++++++++++++++++++--- auth/defaultauth/auth_checker_test.go | 12 ++++----- auth/defaultauth/default.go | 7 ----- auth/defaultauth/strategy_authability.go | 2 +- auth/defaultauth/strategy_test.go | 4 +-- auth/defaultauth/user_authability.go | 2 +- go.mod | 2 -- go.sum | 4 +-- release/conf/polaris-server.yaml | 4 +-- service/default_test.go | 9 +------ service/service_test.go | 14 +--------- 11 files changed, 46 insertions(+), 47 deletions(-) diff --git a/auth/auth.go b/auth/auth.go index e1c5fdf13..9b360693f 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -28,17 +28,43 @@ import ( "github.com/polarismesh/polaris/store" ) +const ( + // DefaultUserMgnPluginName default user server name + DefaultUserMgnPluginName = "defaultUser" + // DefaultStrategyMgnPluginName default strategy server name + DefaultStrategyMgnPluginName = "defaultStrategy" +) + // Config 鉴权能力的相关配置参数 type Config struct { // Name 原AuthServer名称,已废弃 Name string // Option 原AuthServer的option,已废弃 + // Deprecated Option map[string]interface{} - // User UserOperator的相关配置 - User UserConfig `yaml:"user"` + User *UserConfig `yaml:"user"` // Strategy StrategyOperator的相关配置 - Strategy StrategyConfig `yaml:"strategy"` + Strategy *StrategyConfig `yaml:"strategy"` +} + +func (c *Config) setDefault() { + if c.User == nil { + c.User = &UserConfig{ + Name: DefaultUserMgnPluginName, + Option: map[string]interface{}{ + "": nil, + }, + } + } + if c.Strategy == nil { + c.Strategy = &StrategyConfig{ + Name: DefaultStrategyMgnPluginName, + Option: map[string]interface{}{ + "": nil, + }, + } + } } // UserConfig UserOperator的相关配置 @@ -110,6 +136,7 @@ func GetStrategyServer() (StrategyServer, error) { func Initialize(ctx context.Context, authOpt *Config, storage store.Store, cacheMgn *cache.CacheManager) error { var err error once.Do(func() { + authOpt.setDefault() err = initialize(ctx, authOpt, storage, cacheMgn) }) diff --git a/auth/defaultauth/auth_checker_test.go b/auth/defaultauth/auth_checker_test.go index 216de3164..c2c3ad9b6 100644 --- a/auth/defaultauth/auth_checker_test.go +++ b/auth/defaultauth/auth_checker_test.go @@ -85,11 +85,11 @@ func Test_defaultAuthChecker_VerifyCredential(t *testing.T) { checker := &defaultAuthChecker{} checker.Initialize(&auth.Config{ - User: auth.UserConfig{ + User: &auth.UserConfig{ Name: "", Option: map[string]interface{}{}, }, - Strategy: auth.StrategyConfig{ + Strategy: &auth.StrategyConfig{ Name: "", Option: map[string]interface{}{ "": nil, @@ -1136,11 +1136,11 @@ func Test_defaultAuthChecker_Initialize(t *testing.T) { reset(true) authChecker := &defaultAuthChecker{} err := authChecker.Initialize(&auth.Config{ - User: auth.UserConfig{ + User: &auth.UserConfig{ Name: "", Option: map[string]interface{}{"salt": "polarismesh@2021"}, }, - Strategy: auth.StrategyConfig{ + Strategy: &auth.StrategyConfig{ Name: "", Option: map[string]interface{}{ "consoleOpen": true, @@ -1162,11 +1162,11 @@ func Test_defaultAuthChecker_Initialize(t *testing.T) { reset(true) authChecker := &defaultAuthChecker{} err := authChecker.Initialize(&auth.Config{ - User: auth.UserConfig{ + User: &auth.UserConfig{ Name: "", Option: map[string]interface{}{"salt": "polarismesh@2021"}, }, - Strategy: auth.StrategyConfig{ + Strategy: &auth.StrategyConfig{ Name: "", Option: map[string]interface{}{ "consoleOpen": true, diff --git a/auth/defaultauth/default.go b/auth/defaultauth/default.go index 3e13bcd31..ec3a430e8 100644 --- a/auth/defaultauth/default.go +++ b/auth/defaultauth/default.go @@ -21,13 +21,6 @@ import ( "github.com/polarismesh/polaris/auth" ) -const ( - // UserMgnPluginName default user server name - UserMgnPluginName = "defaultUserManager" - // StrategyMgnPluginName default strategy server name - StrategyMgnPluginName = "defaultStrategyManager" -) - func init() { _ = auth.RegisterUserServer(&userAuthAbility{}) _ = auth.RegisterStrategyServer(&strategyAuthAbility{}) diff --git a/auth/defaultauth/strategy_authability.go b/auth/defaultauth/strategy_authability.go index 0d126876b..8e974f2b3 100644 --- a/auth/defaultauth/strategy_authability.go +++ b/auth/defaultauth/strategy_authability.go @@ -60,7 +60,7 @@ func (svr *strategyAuthAbility) Initialize(authOpt *auth.Config, storage store.S // Name of the user operator plugin func (svr *strategyAuthAbility) Name() string { - return "defaultStrategyManager" + return auth.DefaultStrategyMgnPluginName } // CreateStrategy creates a new strategy. diff --git a/auth/defaultauth/strategy_test.go b/auth/defaultauth/strategy_test.go index 0810c624d..554b894f6 100644 --- a/auth/defaultauth/strategy_test.go +++ b/auth/defaultauth/strategy_test.go @@ -103,13 +103,13 @@ func newStrategyTest(t *testing.T) *StrategyTest { checker := &defaultAuthChecker{} checker.Initialize(&auth.Config{ - User: auth.UserConfig{ + User: &auth.UserConfig{ Name: "", Option: map[string]interface{}{ "salt": "polarismesh@2021", }, }, - Strategy: auth.StrategyConfig{ + Strategy: &auth.StrategyConfig{ Name: "", Option: map[string]interface{}{ "consoleOpen": true, diff --git a/auth/defaultauth/user_authability.go b/auth/defaultauth/user_authability.go index 0b95b7900..fa02341e6 100644 --- a/auth/defaultauth/user_authability.go +++ b/auth/defaultauth/user_authability.go @@ -65,7 +65,7 @@ func (svr *userAuthAbility) Initialize(authOpt *auth.Config, storage store.Store // Name of the user operator plugin func (svr *userAuthAbility) Name() string { - return "defaultUserManager" + return auth.DefaultUserMgnPluginName } // CreateUsers 创建用户,只能由超级账户 or 主账户调用 diff --git a/go.mod b/go.mod index e2402e833..feefe8456 100644 --- a/go.mod +++ b/go.mod @@ -87,6 +87,4 @@ require ( github.com/polarismesh/specification v1.3.1 ) -require gopkg.in/natefinch/lumberjack.v2 v2.0.0 // indirect - replace gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.2 diff --git a/go.sum b/go.sum index 5c80ad063..3f6228a20 100644 --- a/go.sum +++ b/go.sum @@ -379,8 +379,8 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8= +github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= diff --git a/release/conf/polaris-server.yaml b/release/conf/polaris-server.yaml index a60180749..e1f89a41c 100644 --- a/release/conf/polaris-server.yaml +++ b/release/conf/polaris-server.yaml @@ -300,13 +300,13 @@ auth: # auth's option has migrated to auth.user and auth.strategy # it's still available when filling auth.option, but you will receive warning log that auth.option has deprecated. user: - name: defaultUserManager + name: defaultUser option: # Token encrypted SALT, you need to rely on this SALT to decrypt the information of the Token when analyzing the Token # The length of SALT needs to satisfy the following one:len(salt) in [16, 24, 32] salt: polarismesh@2021 strategy: - name: defaultStrategyManager + name: defaultStrategy option: # Console power switch, open default consoleOpen: true diff --git a/service/default_test.go b/service/default_test.go index 7e2c9de02..f5a2a4c45 100644 --- a/service/default_test.go +++ b/service/default_test.go @@ -43,14 +43,7 @@ func Test_Initialize(t *testing.T) { s := mock.NewMockStore(ctrl) _, _, err := auth.TestInitialize(context.Background(), &auth.Config{ - User: auth.UserConfig{ - Name: "defaultUserManager", - Option: map[string]interface{}{}, - }, - Strategy: auth.StrategyConfig{ - Name: "defaultStrategyManager", - Option: map[string]interface{}{}, - }, + Option: map[string]interface{}{}, }, s, nil) assert.NoError(t, err) diff --git a/service/service_test.go b/service/service_test.go index c3474acec..6733352cd 100644 --- a/service/service_test.go +++ b/service/service_test.go @@ -1378,19 +1378,7 @@ func TestConcurrencyCreateSameService(t *testing.T) { }, mockStore) assert.NoError(t, err) - userMgn, strategyMgn, err := auth.TestInitialize(ctx, &auth.Config{ - User: auth.UserConfig{ - Name: "defaultUserManager", - Option: map[string]interface{}{}, - }, - Strategy: auth.StrategyConfig{ - Name: "defaultStrategyManager", - Option: map[string]interface{}{ - "clientOpen": false, - "consoleOpen": false, - }, - }, - }, mockStore, cacheMgr) + userMgn, strategyMgn, err := auth.TestInitialize(ctx, &auth.Config{}, mockStore, cacheMgr) assert.NoError(t, err) nsSvr, err = namespace.TestInitialize(ctx, &namespace.Config{