fix(authn): use a random group id to void data overlap
This commit is contained in:
JianBo He
parent
62d448fb28
commit
6e03a7c686
|
|
@ -550,11 +550,12 @@ handle_update_authenticator(Chain, AuthenticatorID, Config) ->
|
||||||
#authenticator{provider = Provider, state = ST} = Authenticator ->
|
#authenticator{provider = Provider, state = ST} = Authenticator ->
|
||||||
case AuthenticatorID =:= authenticator_id(Config) of
|
case AuthenticatorID =:= authenticator_id(Config) of
|
||||||
true ->
|
true ->
|
||||||
case Provider:update(Config, ST) of
|
NConfig = insert_user_group(Chain, Config),
|
||||||
|
case Provider:update(NConfig, ST) of
|
||||||
{ok, NewST} ->
|
{ok, NewST} ->
|
||||||
NewAuthenticator = Authenticator#authenticator{
|
NewAuthenticator = Authenticator#authenticator{
|
||||||
state = NewST,
|
state = NewST,
|
||||||
enable = maps:get(enable, Config)
|
enable = maps:get(enable, NConfig)
|
||||||
},
|
},
|
||||||
NewAuthenticators = replace_authenticator(
|
NewAuthenticators = replace_authenticator(
|
||||||
AuthenticatorID,
|
AuthenticatorID,
|
||||||
|
|
@ -603,7 +604,8 @@ handle_create_authenticator(Chain, Config, Providers) ->
|
||||||
true ->
|
true ->
|
||||||
{error, {already_exists, {authenticator, AuthenticatorID}}};
|
{error, {already_exists, {authenticator, AuthenticatorID}}};
|
||||||
false ->
|
false ->
|
||||||
case do_create_authenticator(AuthenticatorID, Config, Providers) of
|
NConfig = insert_user_group(Chain, Config),
|
||||||
|
case do_create_authenticator(AuthenticatorID, NConfig, Providers) of
|
||||||
{ok, Authenticator} ->
|
{ok, Authenticator} ->
|
||||||
NAuthenticators =
|
NAuthenticators =
|
||||||
Authenticators ++
|
Authenticators ++
|
||||||
|
|
@ -861,6 +863,17 @@ authn_type(#{mechanism := Mechanism, backend := Backend}) ->
|
||||||
authn_type(#{mechanism := Mechanism}) ->
|
authn_type(#{mechanism := Mechanism}) ->
|
||||||
Mechanism.
|
Mechanism.
|
||||||
|
|
||||||
|
insert_user_group(
|
||||||
|
Chain,
|
||||||
|
Config = #{
|
||||||
|
mechanism := password_based,
|
||||||
|
backend := built_in_database
|
||||||
|
}
|
||||||
|
) ->
|
||||||
|
Config#{user_group => Chain#chain.name};
|
||||||
|
insert_user_group(_Chain, Config) ->
|
||||||
|
Config.
|
||||||
|
|
||||||
to_list(undefined) -> [];
|
to_list(undefined) -> [];
|
||||||
to_list(M) when M =:= #{} -> [];
|
to_list(M) when M =:= #{} -> [];
|
||||||
to_list(M) when is_map(M) -> [M];
|
to_list(M) when is_map(M) -> [M];
|
||||||
|
|
|
||||||
|
|
@ -128,23 +128,26 @@ user_id_type(_) -> undefined.
|
||||||
refs() ->
|
refs() ->
|
||||||
[hoconsc:ref(?MODULE, ?CONF_NS)].
|
[hoconsc:ref(?MODULE, ?CONF_NS)].
|
||||||
|
|
||||||
|
create(_AuthenticatorID, Config) ->
|
||||||
|
create(Config).
|
||||||
|
|
||||||
create(
|
create(
|
||||||
AuthenticatorID,
|
|
||||||
#{
|
#{
|
||||||
user_id_type := Type,
|
user_id_type := Type,
|
||||||
password_hash_algorithm := Algorithm
|
password_hash_algorithm := Algorithm,
|
||||||
|
user_group := UserGroup
|
||||||
}
|
}
|
||||||
) ->
|
) ->
|
||||||
ok = emqx_authn_password_hashing:init(Algorithm),
|
ok = emqx_authn_password_hashing:init(Algorithm),
|
||||||
State = #{
|
State = #{
|
||||||
user_group => AuthenticatorID,
|
user_group => UserGroup,
|
||||||
user_id_type => Type,
|
user_id_type => Type,
|
||||||
password_hash_algorithm => Algorithm
|
password_hash_algorithm => Algorithm
|
||||||
},
|
},
|
||||||
{ok, State}.
|
{ok, State}.
|
||||||
|
|
||||||
update(Config, #{user_group := ID}) ->
|
update(Config, _State) ->
|
||||||
create(ID, Config).
|
create(Config).
|
||||||
|
|
||||||
authenticate(#{auth_method := _}, _) ->
|
authenticate(#{auth_method := _}, _) ->
|
||||||
ignore;
|
ignore;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue