fix(authn): handle authn backends own validations

2021-11-24 14:05:46 +03:00 · 2021-11-24 14:05:46 +03:00 · ac3707e4a9
parent 9f04ac5bfd
commit ac3707e4a9
2 changed files with 33 additions and 6 deletions
--- a/apps/emqx_authn/src/emqx_authn_api.erl
+++ b/apps/emqx_authn/src/emqx_authn_api.erl
@ -725,7 +725,9 @@ create_authenticator(ConfKeyPath, ChainName, Config) ->
            raw_config := AuthenticatorsConfig}} ->
            {ok, AuthenticatorConfig} = find_config(ID, AuthenticatorsConfig),
            {200, maps:put(id, ID, convert_certs(fill_defaults(AuthenticatorConfig)))};
-        {error, {_, _, Reason}} ->
+        {error, {_PrePostConfigUpdate, emqx_authentication, Reason}} ->
+            serialize_error(Reason);
+        {error, Reason} ->
            serialize_error(Reason)
    end.

@ -753,7 +755,9 @@ update_authenticator(ConfKeyPath, ChainName, AuthenticatorID, Config) ->
               raw_config := AuthenticatorsConfig}} ->
            {ok, AuthenticatorConfig} = find_config(ID, AuthenticatorsConfig),
            {200, maps:put(id, ID, convert_certs(fill_defaults(AuthenticatorConfig)))};
-        {error, {_, _, Reason}} ->
+        {error, {_PrePostConfigUpdate, emqx_authentication, Reason}} ->
+            serialize_error(Reason);
+        {error, Reason} ->
            serialize_error(Reason)
    end.

@ -761,7 +765,9 @@ delete_authenticator(ConfKeyPath, ChainName, AuthenticatorID) ->
    case update_config(ConfKeyPath, {delete_authenticator, ChainName, AuthenticatorID}) of
        {ok, _} ->
            {204};
-        {error, {_, _, Reason}} ->
+        {error, {_PrePostConfigUpdate, emqx_authentication, Reason}} ->
+            serialize_error(Reason);
+        {error, Reason} ->
            serialize_error(Reason)
    end.

@ -773,7 +779,9 @@ move_authenitcator(ConfKeyPath, ChainName, AuthenticatorID, Position) ->
                   {move_authenticator, ChainName, AuthenticatorID, NPosition}) of
                {ok, _} ->
                    {204};
-                {error, {_, _, Reason}} ->
+                {error, {_PrePostConfigUpdate, emqx_authentication, Reason}} ->
+                    serialize_error(Reason);
+                {error, Reason} ->
                    serialize_error(Reason)
            end;
        {error, Reason} ->
--- a/apps/emqx_authn/test/emqx_authn_api_SUITE.erl
+++ b/apps/emqx_authn/test/emqx_authn_api_SUITE.erl
@ -134,11 +134,23 @@ test_authenticators(PathPrefix) ->
                     uri(PathPrefix ++ ["authentication"]),
                     ValidConfig),

-    InvalidConfig = ValidConfig#{method => <<"delete">>},
+    {ok, 409, _} = request(
+                     post,
+                     uri(PathPrefix ++ ["authentication"]),
+                     ValidConfig),
+
+    InvalidConfig0 = ValidConfig#{method => <<"delete">>},
    {ok, 400, _} = request(
                     post,
                     uri(PathPrefix ++ ["authentication"]),
-                     InvalidConfig),
+                     InvalidConfig0),
+
+    InvalidConfig1 = ValidConfig#{method => <<"get">>,
+                                  headers => #{<<"content-type">> => <<"application/json">>}},
+    {ok, 400, _} = request(
+                     post,
+                     uri(PathPrefix ++ ["authentication"]),
+                     InvalidConfig1),

    ?assertAuthenticatorsMatch(
       [#{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"http">>}],
@ -170,6 +182,13 @@ test_authenticator(PathPrefix) ->
                     uri(PathPrefix ++ ["authentication", "password-based:http"]),
                     InvalidConfig0),

+    InvalidConfig1 = ValidConfig0#{method => <<"get">>,
+                                  headers => #{<<"content-type">> => <<"application/json">>}},
+    {ok, 400, _} = request(
+                     put,
+                     uri(PathPrefix ++ ["authentication", "password-based:http"]),
+                     InvalidConfig1),
+
    ValidConfig1 = ValidConfig0#{pool_size => 9},
    {ok, 200, _} = request(
                     put,