yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

refactor: rename gssapi to kerberos 

gssapi is the type kerberos is the backend.
This commit is contained in:
zmstone 2024-08-02 09:36:28 +02:00
parent 30420f0481
commit 6364bab0a6
10 changed files with 31 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
apps/emqx_auth_gssapi/BSL.txt → apps/emqx_auth_kerberos/BSL.txt
View File

10
apps/emqx_auth_gssapi/include/emqx_auth_gssapi.hrl → apps/emqx_auth_kerberos/include/emqx_auth_kerberos.hrl
View File

@ -2,15 +2,15 @@
%% Copyright (c) 2024 EMQ Technologies Co., Ltd. All Rights Reserved.
%%--------------------------------------------------------------------
-ifndef(EMQX_AUTH_GSSAPI_HRL).
-define(EMQX_AUTH_GSSAPI_HRL, true).
-ifndef(EMQX_AUTH_KERBEROS_HRL).
-define(EMQX_AUTH_KERBEROS_HRL, true).
-define(AUTHN_MECHANISM_GSSAPI, gssapi).
-define(AUTHN_MECHANISM_GSSAPI_BIN, <<"gssapi">>).
-define(AUTHN_BACKEND, gssapi).
-define(AUTHN_BACKEND_BIN, <<"gssapi">>).
-define(AUTHN_BACKEND, kerberos).
-define(AUTHN_BACKEND_BIN, <<"kerberos">>).
-define(AUTHN_TYPE_GSSAPI, {?AUTHN_MECHANISM_GSSAPI, ?AUTHN_BACKEND}).
-define(AUTHN_TYPE_KERBEROS, {?AUTHN_MECHANISM_GSSAPI, ?AUTHN_BACKEND}).
-endif.

0
apps/emqx_auth_gssapi/rebar.config → apps/emqx_auth_kerberos/rebar.config
View File

6
apps/emqx_auth_gssapi/src/emqx_auth_gssapi.app.src → apps/emqx_auth_kerberos/src/emqx_auth_kerberos.app.src
View File

@ -1,9 +1,9 @@
%% -*- mode: erlang -*-
{application, emqx_auth_gssapi, [
{description, "EMQX gssapi Authentication"},
{application, emqx_auth_kerberos, [
{description, "EMQX Kerberos Authentication"},
{vsn, "0.1.0"},
{registered, []},
{mod, {emqx_auth_gssapi_app, []}},
{mod, {emqx_auth_kerberos_app, []}},
{applications, [
kernel,
stdlib,

10
apps/emqx_auth_gssapi/src/emqx_auth_gssapi_app.erl → apps/emqx_auth_kerberos/src/emqx_auth_kerberos_app.erl
View File

@ -2,19 +2,19 @@
%% Copyright (c) 2024 EMQ Technologies Co., Ltd. All Rights Reserved.
%%--------------------------------------------------------------------
-module(emqx_auth_gssapi_app).
-module(emqx_auth_kerberos_app).
-include("emqx_auth_gssapi.hrl").
-include("emqx_auth_kerberos.hrl").
-behaviour(application).
-export([start/2, stop/1]).
start(_StartType, _StartArgs) ->
ok = emqx_authn:register_provider(?AUTHN_TYPE_GSSAPI, emqx_authn_gssapi),
{ok, Sup} = emqx_auth_gssapi_sup:start_link(),
ok = emqx_authn:register_provider(?AUTHN_TYPE_KERBEROS, emqx_authn_kerberos),
{ok, Sup} = emqx_auth_kerberos_sup:start_link(),
{ok, Sup}.
stop(_State) ->
ok = emqx_authn:deregister_provider(?AUTHN_TYPE_GSSAPI),
ok = emqx_authn:deregister_provider(?AUTHN_TYPE_KERBEROS),
ok.

2
apps/emqx_auth_gssapi/src/emqx_auth_gssapi_sup.erl → apps/emqx_auth_kerberos/src/emqx_auth_kerberos_sup.erl
View File

@ -2,7 +2,7 @@
%% Copyright (c) 2024 EMQ Technologies Co., Ltd. All Rights Reserved.
%%--------------------------------------------------------------------
-module(emqx_auth_gssapi_sup).
-module(emqx_auth_kerberos_sup).
-behaviour(supervisor).

12
apps/emqx_auth_gssapi/src/emqx_authn_gssapi.erl → apps/emqx_auth_kerberos/src/emqx_authn_kerberos.erl
View File

@ -2,9 +2,9 @@
%% Copyright (c) 2024 EMQ Technologies Co., Ltd. All Rights Reserved.
%%--------------------------------------------------------------------
-module(emqx_authn_gssapi).
-module(emqx_authn_kerberos).
-include("emqx_auth_gssapi.hrl").
-include("emqx_auth_kerberos.hrl").
-include_lib("emqx_auth/include/emqx_authn.hrl").
-include_lib("typerefl/include/types.hrl").
@ -44,7 +44,7 @@ destroy(_) ->
authenticate(
#{
auth_method := <<"GSSAPI">>,
auth_method := <<"GSSAPI-KERBEROS">>,
auth_data := AuthData,
auth_cache := AuthCache
},
@ -71,7 +71,7 @@ auth_new(Principal) ->
{ok, SaslConn} ->
{ok, SaslConn};
Error ->
?TRACE_AUTHN_PROVIDER("sasl_gssapi_new_failed", #{
?TRACE_AUTHN_PROVIDER("sasl_kerberos_new_failed", #{
reason => Error,
sasl_function => "server_server_new"
}),
@ -86,7 +86,7 @@ auth_begin(SaslConn, ClientToken) ->
sasl_auth:server_done(SaslConn),
{ok, #{}, ServerToken};
Reason ->
?TRACE_AUTHN_PROVIDER("sasl_gssapi_start_failed", #{
?TRACE_AUTHN_PROVIDER("sasl_kerberos_start_failed", #{
reason => Reason,
sasl_function => "server_server_start"
}),
@ -102,7 +102,7 @@ auth_continue(SaslConn, ClientToken) ->
sasl_auth:server_done(SaslConn),
{ok, #{}, ServerToken};
Reason ->
?TRACE_AUTHN_PROVIDER("sasl_gssapi_step_failed", #{
?TRACE_AUTHN_PROVIDER("sasl_kerberos_step_failed", #{
reason => Reason,
sasl_function => "server_server_step"
}),

12
apps/emqx_auth_gssapi/src/emqx_authn_gssapi_schema.erl → apps/emqx_auth_kerberos/src/emqx_authn_kerberos_schema.erl
View File

@ -2,9 +2,9 @@
%% Copyright (c) 2024 EMQ Technologies Co., Ltd. All Rights Reserved.
%%--------------------------------------------------------------------
-module(emqx_authn_gssapi_schema).
-module(emqx_authn_kerberos_schema).
-include("emqx_auth_gssapi.hrl").
-include("emqx_auth_kerberos.hrl").
-include_lib("hocon/include/hoconsc.hrl").
-behaviour(emqx_authn_schema).
@ -20,7 +20,7 @@
namespace() -> "authn".
refs() ->
[?R_REF(gssapi)].
[?R_REF(kerberos)].
select_union_member(#{
<<"mechanism">> := ?AUTHN_MECHANISM_GSSAPI_BIN, <<"backend">> := ?AUTHN_BACKEND_BIN
@ -34,7 +34,7 @@ select_union_member(#{<<"mechanism">> := ?AUTHN_MECHANISM_GSSAPI_BIN}) ->
select_union_member(_) ->
undefined.
fields(gssapi) ->
fields(kerberos) ->
emqx_authn_schema:common_fields() ++
[
{mechanism, emqx_authn_schema:mechanism(?AUTHN_MECHANISM_GSSAPI)},
@ -58,7 +58,7 @@ fields(gssapi) ->
})}
].
desc(gssapi) ->
"Settings for GSSAPI authentication.";
desc(kerberos) ->
"Settings for Kerberos authentication.";
desc(_) ->
undefined.

2
apps/emqx_conf/src/emqx_conf_schema_inject.erl
View File

@ -57,7 +57,7 @@ authn_mods(ee) ->
authn_mods(ce) ++
[
emqx_gcp_device_authn_schema,
emqx_authn_gssapi_schema
emqx_authn_kerberos_schema
].
authz() ->

8
rel/i18n/emqx_authn_gssapi_schema.hocon → rel/i18n/emqx_authn_kerberos_schema.hocon
View File

@ -1,10 +1,10 @@
emqx_authn_gssapi_schema {
emqx_authn_kerberos_schema {
principal {
label: "Kerberos Principal"
desc: """~
SASL GSSAPI authentication Kerberos principal.
For example <code>mqtt/node1.example.com@MY_REALM.EXAMPLE.COM</code>.
Server Kerberos principal.
For example <code>mqtt/emqx-cluster-1.example.com@MY_REALM.EXAMPLE.COM</code>.
NOTE: The realm in use has to be configured in /etc/krb5.conf in EMQX nodes.~"""
}
@ -24,7 +24,7 @@ server_fqdn {
keytab_file {
label: "Keytab File"
desc: """~
SASL GSSAPI authentication Kerberos keytab file path.
Kerberos keytab file path.
NOTE: This file has to be placed in EMQX nodes.~"""
}