diff --git a/apps/emqx/src/emqx_authentication_config.erl b/apps/emqx/src/emqx_authentication_config.erl index a2d8cada2..a7fa5673a 100644 --- a/apps/emqx/src/emqx_authentication_config.erl +++ b/apps/emqx/src/emqx_authentication_config.erl @@ -107,29 +107,29 @@ do_pre_config_update({move_authenticator, _ChainName, AuthenticatorID, Position} post_config_update(_, UpdateReq, NewConfig, OldConfig, AppEnvs) -> do_post_config_update(UpdateReq, check_configs(to_list(NewConfig)), OldConfig, AppEnvs). -do_post_config_update({create_authenticator, ChainName, Config}, _NewConfig, _OldConfig, _AppEnvs) -> - NConfig = check_config(Config), +do_post_config_update({create_authenticator, ChainName, Config}, NewConfig, _OldConfig, _AppEnvs) -> + NConfig = get_authenticator_config(authenticator_id(Config), NewConfig), _ = emqx_authentication:create_chain(ChainName), emqx_authentication:create_authenticator(ChainName, NConfig); do_post_config_update({delete_authenticator, ChainName, AuthenticatorID}, _NewConfig, OldConfig, _AppEnvs) -> case emqx_authentication:delete_authenticator(ChainName, AuthenticatorID) of ok -> - [Config] = [Config0 || Config0 <- to_list(OldConfig), AuthenticatorID == authenticator_id(Config0)], + Config = get_authenticator_config(AuthenticatorID, to_list(OldConfig)), CertsDir = certs_dir(ChainName, AuthenticatorID), ok = clear_certs(CertsDir, Config); {error, Reason} -> {error, Reason} end; -do_post_config_update({update_authenticator, ChainName, AuthenticatorID, Config}, _NewConfig, _OldConfig, _AppEnvs) -> - NConfig = check_config(Config), - emqx_authentication:update_authenticator(ChainName, AuthenticatorID, NConfig); +do_post_config_update({update_authenticator, ChainName, AuthenticatorID, Config}, NewConfig, _OldConfig, _AppEnvs) -> + case get_authenticator_config(authenticator_id(Config), NewConfig) of + {error, not_found} -> + {error, {not_found, {authenticator, AuthenticatorID}}}; + NConfig -> + emqx_authentication:update_authenticator(ChainName, AuthenticatorID, NConfig) + end; do_post_config_update({move_authenticator, ChainName, AuthenticatorID, Position}, _NewConfig, _OldConfig, _AppEnvs) -> emqx_authentication:move_authenticator(ChainName, AuthenticatorID, Position). -check_config(Config) -> - [Checked] = check_configs([Config]), - Checked. - check_configs(Configs) -> Providers = emqx_authentication:get_providers(), lists:map(fun(C) -> do_check_conifg(C, Providers) end, Configs). @@ -208,6 +208,12 @@ clear_certs(CertsDir, Config) -> OldSSL = maps:get(<<"ssl">>, Config, undefined), ok = emqx_tls_lib:delete_ssl_files(CertsDir, undefined, OldSSL). +get_authenticator_config(AuthenticatorID, AuthenticatorsConfig) -> + case [C0 || C0 <- AuthenticatorsConfig, AuthenticatorID == authenticator_id(C0)] of + [C | _] -> C; + [] -> {error, not_found} + end. + split_by_id(ID, AuthenticatorsConfig) -> case lists:foldl( fun(C, {P1, P2, F0}) -> diff --git a/apps/emqx_authn/src/emqx_authn_api.erl b/apps/emqx_authn/src/emqx_authn_api.erl index dcd65dd21..558d24d67 100644 --- a/apps/emqx_authn/src/emqx_authn_api.erl +++ b/apps/emqx_authn/src/emqx_authn_api.erl @@ -857,7 +857,7 @@ fill_defaults(Configs) when is_list(Configs) -> fill_defaults(Config) -> emqx_authn:check_config(Config, #{only_fill_defaults => true}). -convert_certs(#{<<"ssl">> := SSLOpts} = Config) -> +convert_certs(#{ssl := SSLOpts} = Config) -> NSSLOpts = lists:foldl(fun(K, Acc) -> case maps:get(K, Acc, undefined) of undefined -> Acc; @@ -865,8 +865,8 @@ convert_certs(#{<<"ssl">> := SSLOpts} = Config) -> {ok, Bin} = file:read_file(Filename), Acc#{K => Bin} end - end, SSLOpts, [<<"certfile">>, <<"keyfile">>, <<"cacertfile">>]), - Config#{<<"ssl">> => NSSLOpts}; + end, SSLOpts, [certfile, keyfile, cacertfile]), + Config#{ssl => NSSLOpts}; convert_certs(Config) -> Config.