mirror of https://github.com/status-im/consul.git
acl: change authmethod.Validator to take a logger (#7758)
This commit is contained in:
parent
8927b54121
commit
54ba8e3868
|
@ -25,7 +25,7 @@ func (s *Server) loadAuthMethodValidator(idx uint64, method *structs.ACLAuthMeth
|
|||
return v, nil
|
||||
}
|
||||
|
||||
v, err := authmethod.NewValidator(method)
|
||||
v, err := authmethod.NewValidator(s.logger, method)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("auth method validator for %q could not be initialized: %v", method.Name, err)
|
||||
}
|
||||
|
|
|
@ -2111,7 +2111,7 @@ func (a *ACL) AuthMethodSet(args *structs.ACLAuthMethodSetRequest, reply *struct
|
|||
|
||||
// Instantiate a validator but do not cache it yet. This will validate the
|
||||
// configuration.
|
||||
if _, err := authmethod.NewValidator(method); err != nil {
|
||||
if _, err := authmethod.NewValidator(a.srv.logger, method); err != nil {
|
||||
return fmt.Errorf("Invalid Auth Method: %v", err)
|
||||
}
|
||||
|
||||
|
|
|
@ -6,6 +6,7 @@ import (
|
|||
"sync"
|
||||
|
||||
"github.com/hashicorp/consul/agent/structs"
|
||||
"github.com/hashicorp/go-hclog"
|
||||
"github.com/mitchellh/mapstructure"
|
||||
)
|
||||
|
||||
|
@ -24,7 +25,7 @@ type Cache interface {
|
|||
Purge()
|
||||
}
|
||||
|
||||
type ValidatorFactory func(method *structs.ACLAuthMethod) (Validator, error)
|
||||
type ValidatorFactory func(logger hclog.Logger, method *structs.ACLAuthMethod) (Validator, error)
|
||||
|
||||
type Validator interface {
|
||||
// Name returns the name of the auth method backing this validator.
|
||||
|
@ -131,7 +132,7 @@ func (c *authMethodCache) Purge() {
|
|||
// NewValidator instantiates a new Validator for the given auth method
|
||||
// configuration. If no auth method is registered with the provided type an
|
||||
// error is returned.
|
||||
func NewValidator(method *structs.ACLAuthMethod) (Validator, error) {
|
||||
func NewValidator(logger hclog.Logger, method *structs.ACLAuthMethod) (Validator, error) {
|
||||
typesMu.RLock()
|
||||
factory, ok := types[method.Type]
|
||||
typesMu.RUnlock()
|
||||
|
@ -140,7 +141,9 @@ func NewValidator(method *structs.ACLAuthMethod) (Validator, error) {
|
|||
return nil, fmt.Errorf("no auth method registered with type: %s", method.Type)
|
||||
}
|
||||
|
||||
return factory(method)
|
||||
logger = logger.Named("authmethod").With("type", method.Type, "name", method.Name)
|
||||
|
||||
return factory(logger, method)
|
||||
}
|
||||
|
||||
// Types returns a sorted list of the names of the registered types.
|
||||
|
|
|
@ -8,6 +8,7 @@ import (
|
|||
"github.com/hashicorp/consul/agent/consul/authmethod"
|
||||
"github.com/hashicorp/consul/agent/structs"
|
||||
cleanhttp "github.com/hashicorp/go-cleanhttp"
|
||||
"github.com/hashicorp/go-hclog"
|
||||
"gopkg.in/square/go-jose.v2/jwt"
|
||||
authv1 "k8s.io/api/authentication/v1"
|
||||
client_metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
|
@ -20,7 +21,7 @@ import (
|
|||
|
||||
func init() {
|
||||
// register this as an available auth method type
|
||||
authmethod.Register("kubernetes", func(method *structs.ACLAuthMethod) (authmethod.Validator, error) {
|
||||
authmethod.Register("kubernetes", func(_ hclog.Logger, method *structs.ACLAuthMethod) (authmethod.Validator, error) {
|
||||
v, err := NewValidator(method)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
|
@ -7,6 +7,7 @@ import (
|
|||
"github.com/hashicorp/consul/acl"
|
||||
"github.com/hashicorp/consul/agent/consul/authmethod"
|
||||
"github.com/hashicorp/consul/agent/structs"
|
||||
"github.com/hashicorp/go-hclog"
|
||||
"github.com/hashicorp/go-uuid"
|
||||
)
|
||||
|
||||
|
@ -84,7 +85,7 @@ type Config struct {
|
|||
enterpriseConfig `mapstructure:",squash"`
|
||||
}
|
||||
|
||||
func newValidator(method *structs.ACLAuthMethod) (authmethod.Validator, error) {
|
||||
func newValidator(logger hclog.Logger, method *structs.ACLAuthMethod) (authmethod.Validator, error) {
|
||||
if method.Type != "testing" {
|
||||
return nil, fmt.Errorf("%q is not a testing auth method", method.Name)
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue