fix(scram): change the name from `scram_http` to `scram_restapi`
This commit is contained in:
firest
parent
c728b98e79
commit
141d8144e4
|
|
@ -25,7 +25,7 @@
|
|||
start(_StartType, _StartArgs) ->
|
||||
ok = emqx_authz:register_source(?AUTHZ_TYPE, emqx_authz_http),
|
||||
ok = emqx_authn:register_provider(?AUTHN_TYPE, emqx_authn_http),
|
||||
ok = emqx_authn:register_provider(?AUTHN_TYPE_SCRAM, emqx_authn_scram_http),
|
||||
ok = emqx_authn:register_provider(?AUTHN_TYPE_SCRAM, emqx_authn_scram_restapi),
|
||||
{ok, Sup} = emqx_auth_http_sup:start_link(),
|
||||
{ok, Sup}.
|
||||
|
||||
|
|
|
|||
|
|
@ -2,7 +2,13 @@
|
|||
%% Copyright (c) 2024 EMQ Technologies Co., Ltd. All Rights Reserved.
|
||||
%%--------------------------------------------------------------------
|
||||
|
||||
-module(emqx_authn_scram_http).
|
||||
%% Note:
|
||||
%% This is not an implementation of the RFC 7804:
|
||||
%% Salted Challenge Response HTTP Authentication Mechanism.
|
||||
%% This backend is an implementation of scram,
|
||||
%% which uses an external web resource as a source of user information.
|
||||
|
||||
-module(emqx_authn_scram_restapi).
|
||||
|
||||
-include_lib("emqx_auth/include/emqx_authn.hrl").
|
||||
-include_lib("emqx/include/logger.hrl").
|
||||
|
|
@ -95,7 +101,7 @@ retrieve(
|
|||
) ->
|
||||
Request = emqx_authn_http:generate_request(Credential#{username := Username}, State),
|
||||
Response = emqx_resource:simple_sync_query(ResourceId, {Method, Request, RequestTimeout}),
|
||||
?TRACE_AUTHN_PROVIDER("scram_http_response", #{
|
||||
?TRACE_AUTHN_PROVIDER("scram_restapi_response", #{
|
||||
request => emqx_authn_http:request_for_log(Credential, State),
|
||||
response => emqx_authn_http:response_for_log(Response),
|
||||
resource => ResourceId
|
||||
|
|
@ -119,7 +125,7 @@ handle_response(Headers, Body) ->
|
|||
{error, Reason} = Error ->
|
||||
?TRACE_AUTHN_PROVIDER(
|
||||
error,
|
||||
"parse_scram_http_response_failed",
|
||||
"parse_scram_restapi_response_failed",
|
||||
#{content_type => ContentType, body => Body, reason => Reason}
|
||||
),
|
||||
Error
|
||||
|
|
@ -2,7 +2,7 @@
|
|||
%% Copyright (c) 2024 EMQ Technologies Co., Ltd. All Rights Reserved.
|
||||
%%--------------------------------------------------------------------
|
||||
|
||||
-module(emqx_authn_scram_http_schema).
|
||||
-module(emqx_authn_scram_restapi_schema).
|
||||
|
||||
-behaviour(emqx_authn_schema).
|
||||
|
||||
|
|
@ -22,16 +22,16 @@
|
|||
namespace() -> "authn".
|
||||
|
||||
refs() ->
|
||||
[?R_REF(scram_http_get), ?R_REF(scram_http_post)].
|
||||
[?R_REF(scram_restapi_get), ?R_REF(scram_restapi_post)].
|
||||
|
||||
select_union_member(
|
||||
#{<<"mechanism">> := ?AUTHN_MECHANISM_SCRAM_BIN, <<"backend">> := ?AUTHN_BACKEND_BIN} = Value
|
||||
) ->
|
||||
case maps:get(<<"method">>, Value, undefined) of
|
||||
<<"get">> ->
|
||||
[?R_REF(scram_http_get)];
|
||||
[?R_REF(scram_restapi_get)];
|
||||
<<"post">> ->
|
||||
[?R_REF(scramm_http_post)];
|
||||
[?R_REF(scram_restapi_post)];
|
||||
Else ->
|
||||
throw(#{
|
||||
reason => "unknown_http_method",
|
||||
|
|
@ -43,20 +43,20 @@ select_union_member(
|
|||
select_union_member(_Value) ->
|
||||
undefined.
|
||||
|
||||
fields(scram_http_get) ->
|
||||
fields(scram_restapi_get) ->
|
||||
[
|
||||
{method, #{type => get, required => true, desc => ?DESC(emqx_authn_http_schema, method)}},
|
||||
{headers, fun emqx_authn_http_schema:headers_no_content_type/1}
|
||||
] ++ common_fields();
|
||||
fields(scram_http_post) ->
|
||||
fields(scram_restapi_post) ->
|
||||
[
|
||||
{method, #{type => post, required => true, desc => ?DESC(emqx_authn_http_schema, method)}},
|
||||
{headers, fun emqx_authn_http_schema:headers/1}
|
||||
] ++ common_fields().
|
||||
|
||||
desc(scram_http_get) ->
|
||||
desc(scram_restapi_get) ->
|
||||
?DESC(emqx_authn_http_schema, get);
|
||||
desc(scram_http_post) ->
|
||||
desc(scram_restapi_post) ->
|
||||
?DESC(emqx_authn_http_schema, post);
|
||||
desc(_) ->
|
||||
undefined.
|
||||
|
|
@ -2,7 +2,7 @@
|
|||
%% Copyright (c) 2024 EMQ Technologies Co., Ltd. All Rights Reserved.
|
||||
%%--------------------------------------------------------------------
|
||||
|
||||
-module(emqx_authn_scram_http_SUITE).
|
||||
-module(emqx_authn_scram_restapi_SUITE).
|
||||
|
||||
-compile(export_all).
|
||||
-compile(nowarn_export_all).
|
||||
|
|
@ -54,11 +54,11 @@ init_per_testcase(_Case, Config) ->
|
|||
[authentication],
|
||||
?GLOBAL
|
||||
),
|
||||
{ok, _} = emqx_authn_scram_http_test_server:start_link(?HTTP_PORT, ?HTTP_PATH),
|
||||
{ok, _} = emqx_authn_scram_restapi_test_server:start_link(?HTTP_PORT, ?HTTP_PATH),
|
||||
Config.
|
||||
|
||||
end_per_testcase(_Case, _Config) ->
|
||||
ok = emqx_authn_scram_http_test_server:stop().
|
||||
ok = emqx_authn_scram_restapi_test_server:stop().
|
||||
|
||||
%%------------------------------------------------------------------------------
|
||||
%% Tests
|
||||
|
|
@ -72,7 +72,9 @@ t_create(_Config) ->
|
|||
{create_authenticator, ?GLOBAL, AuthConfig}
|
||||
),
|
||||
|
||||
{ok, [#{provider := emqx_authn_scram_http}]} = emqx_authn_chains:list_authenticators(?GLOBAL).
|
||||
{ok, [#{provider := emqx_authn_scram_restapi}]} = emqx_authn_chains:list_authenticators(
|
||||
?GLOBAL
|
||||
).
|
||||
|
||||
t_create_invalid(_Config) ->
|
||||
AuthConfig = raw_config(),
|
||||
|
|
@ -329,7 +331,7 @@ test_is_superuser(State, ExpectedIsSuperuser) ->
|
|||
ClientFirstMessage = esasl_scram:client_first_message(Username),
|
||||
|
||||
{continue, ServerFirstMessage, ServerCache} =
|
||||
emqx_authn_scram_http:authenticate(
|
||||
emqx_authn_scram_restapi:authenticate(
|
||||
#{
|
||||
auth_method => <<"SCRAM-SHA-512">>,
|
||||
auth_data => ClientFirstMessage,
|
||||
|
|
@ -349,7 +351,7 @@ test_is_superuser(State, ExpectedIsSuperuser) ->
|
|||
),
|
||||
|
||||
{ok, UserInfo1, ServerFinalMessage} =
|
||||
emqx_authn_scram_http:authenticate(
|
||||
emqx_authn_scram_restapi:authenticate(
|
||||
#{
|
||||
auth_method => <<"SCRAM-SHA-512">>,
|
||||
auth_data => ClientFinalMessage,
|
||||
|
|
@ -399,7 +401,7 @@ set_user_handler(Username, Password, IsSuperuser) ->
|
|||
),
|
||||
{ok, Req, State}
|
||||
end,
|
||||
ok = emqx_authn_scram_http_test_server:set_handler(Handler).
|
||||
ok = emqx_authn_scram_restapi_test_server:set_handler(Handler).
|
||||
|
||||
init_auth() ->
|
||||
init_auth(raw_config()).
|
||||
|
|
@ -2,7 +2,7 @@
|
|||
%% Copyright (c) 2024 EMQ Technologies Co., Ltd. All Rights Reserved.
|
||||
%%--------------------------------------------------------------------
|
||||
|
||||
-module(emqx_authn_scram_http_test_server).
|
||||
-module(emqx_authn_scram_restapi_test_server).
|
||||
|
||||
-behaviour(supervisor).
|
||||
-behaviour(cowboy_handler).
|
||||
|
|
@ -51,7 +51,7 @@ authn_mods(ee) ->
|
|||
authn_mods(ce) ++
|
||||
[
|
||||
emqx_gcp_device_authn_schema,
|
||||
emqx_authn_scram_http_schema
|
||||
emqx_authn_scram_restapi_schema
|
||||
].
|
||||
|
||||
authz() ->
|
||||
|
|
|
|||
|
|
@ -383,7 +383,7 @@ schema_authn() ->
|
|||
emqx_dashboard_swagger:schema_with_examples(
|
||||
emqx_authn_schema:authenticator_type_without([
|
||||
emqx_authn_scram_mnesia_schema,
|
||||
emqx_authn_scram_http_schema
|
||||
emqx_authn_scram_restapi_schema
|
||||
]),
|
||||
emqx_authn_api:authenticator_examples()
|
||||
).
|
||||
|
|
|
|||
|
|
@ -1 +1,5 @@
|
|||
Added a HTTP backend for the authentication mechanism `scram`.
|
||||
|
||||
Note: This is not an implementation of the RFC 7804: Salted Challenge Response HTTP Authentication Mechanism.
|
||||
|
||||
This backend is an implementation of scram that uses an external web resource as a source of user information.
|
||||
|
|
|
|||
Loading…
Reference in New Issue