yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #6240 from savonarola/reinit-authn-1 

fix(authn): transfer chain tab to emqx_authentication_sup
This commit is contained in:
Ilya Averyanov 2021-11-19 19:57:14 +03:00 committed by GitHub
parent 70ae7c790e c86887491c
commit 8621257809
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 71 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
apps/emqx/src/emqx_authentication.erl
View File

@ -401,9 +401,7 @@ list_users(ChainName, AuthenticatorID, Params) ->
%%-------------------------------------------------------------------- %%--------------------------------------------------------------------
init(_Opts) -> init(_Opts) ->
_ = ets:new(?CHAINS_TAB, [ named_table, set, public ok = create_chain_table(),
, {keypos, #chain.name}
, {read_concurrency, true}]),
ok = emqx_config_handler:add_handler([authentication], ?MODULE), ok = emqx_config_handler:add_handler([authentication], ?MODULE),
ok = emqx_config_handler:add_handler([listeners, '?', '?', authentication], ?MODULE), ok = emqx_config_handler:add_handler([listeners, '?', '?', authentication], ?MODULE),
{ok, #{hooked => false, providers => #{}}}. {ok, #{hooked => false, providers => #{}}}.
@ -578,6 +576,28 @@ code_change(_OldVsn, State, _Extra) ->
reply(Reply, State) -> reply(Reply, State) ->
{reply, Reply, State}. {reply, Reply, State}.
%%--------------------------------------------------------------------
%% Internal functions
%%--------------------------------------------------------------------
create_chain_table() ->
Status = try
_ = ets:new(?CHAINS_TAB, [named_table, set, public,
{keypos, #chain.name},
{read_concurrency, true}]),
created
catch
error:badarg -> already_exists
end,
case Status of
created ->
ets:give_away(?CHAINS_TAB, whereis(emqx_authentication_sup), undefined),
ok;
already_exists ->
ok
end.
global_chain(mqtt) -> global_chain(mqtt) ->
'mqtt:global'; 'mqtt:global';
global_chain('mqtt-sn') -> global_chain('mqtt-sn') ->

16
apps/emqx/test/emqx_authentication_SUITE.erl
View File

@ -258,6 +258,22 @@ t_update_config({'end', Config}) ->
?AUTHN:deregister_providers([?config("auth1"), ?config("auth2")]), ?AUTHN:deregister_providers([?config("auth1"), ?config("auth2")]),
ok. ok.
t_restart({'init', Config}) -> Config;
t_restart(Config) when is_list(Config) ->
?assertEqual({ok, []}, ?AUTHN:list_chain_names()),
?AUTHN:create_chain(test_chain),
?assertEqual({ok, [test_chain]}, ?AUTHN:list_chain_names()),
ok = supervisor:terminate_child(emqx_authentication_sup, ?AUTHN),
{ok, _} = supervisor:restart_child(emqx_authentication_sup, ?AUTHN),
?assertEqual({ok, [test_chain]}, ?AUTHN:list_chain_names());
t_restart({'end', Config}) ->
?AUTHN:delete_chain(test_chain),
ok.
t_convert_certs({_, Config}) -> Config; t_convert_certs({_, Config}) -> Config;
t_convert_certs(Config) when is_list(Config) -> t_convert_certs(Config) when is_list(Config) ->
Global = <<"mqtt:global">>, Global = <<"mqtt:global">>,

40
apps/emqx_authn/src/emqx_authn_app.erl
View File

@ -34,12 +34,11 @@
start(_StartType, _StartArgs) -> start(_StartType, _StartArgs) ->
ok = mria_rlog:wait_for_shards([?AUTH_SHARD], infinity), ok = mria_rlog:wait_for_shards([?AUTH_SHARD], infinity),
{ok, Sup} = emqx_authn_sup:start_link(), {ok, Sup} = emqx_authn_sup:start_link(),
ok = ?AUTHN:register_providers(emqx_authn:providers()),
ok = initialize(), ok = initialize(),
{ok, Sup}. {ok, Sup}.
stop(_State) -> stop(_State) ->
ok = ?AUTHN:deregister_providers(provider_types()), ok = deinitialize(),
ok. ok.
%%------------------------------------------------------------------------------ %%------------------------------------------------------------------------------
@ -47,12 +46,37 @@ stop(_State) ->
%%------------------------------------------------------------------------------ %%------------------------------------------------------------------------------
initialize() -> initialize() ->
RawConfigs = emqx:get_raw_config([authentication], []), ok = ?AUTHN:register_providers(emqx_authn:providers()),
Config = emqx_authn:check_configs(RawConfigs),
?AUTHN:initialize_authentication(?GLOBAL, Config), lists:foreach(
lists:foreach(fun({ListenerID, ListenerConfig}) -> fun({ChainName, RawAuthConfigs}) ->
?AUTHN:initialize_authentication(ListenerID, maps:get(authentication, ListenerConfig, [])) AuthConfig = emqx_authn:check_configs(RawAuthConfigs),
end, emqx_listeners:list()). ?AUTHN:initialize_authentication(
ChainName,
AuthConfig)
end,
chain_configs()).
deinitialize() ->
ok = ?AUTHN:deregister_providers(provider_types()).
chain_configs() ->
[global_chain_config() | listener_chain_configs()].
global_chain_config() ->
{?GLOBAL, emqx:get_raw_config([<<"authentication">>], [])}.
listener_chain_configs() ->
lists:map(
fun({ListenerID, _}) ->
{ListenerID, emqx:get_raw_config(auth_config_path(ListenerID), [])}
end,
emqx_listeners:list()).
auth_config_path(ListenerID) ->
[<<"listeners">>]
++ binary:split(atom_to_binary(ListenerID), <<":">>)
++ [<<"authentication">>].
provider_types() -> provider_types() ->
lists:map(fun({Type, _Module}) -> Type end, emqx_authn:providers()). lists:map(fun({Type, _Module}) -> Type end, emqx_authn:providers()).