yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

refactor(authn): no need to check config at app boot

This commit is contained in:
Zaiming (Stone) Shi 2023-02-06 18:15:01 +01:00
parent 83e66da2aa
commit dc8f0c5101
4 changed files with 46 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
apps/emqx/src/emqx_hocon.erl
View File

@ -119,8 +119,8 @@ compact_errors(SchemaModule, [Error0 | More], _Stacktrace) when is_map(Error0) -
end,
{error, Error};
compact_errors(SchemaModule, Error, Stacktrace) ->
%% unexpected, we need the stacktrace reported, hence error
%% if this happens i'ts a bug in hocon_tconf
%% unexpected, we need the stacktrace reported
%% if this happens it's a bug in hocon_tconf
{error, #{
schema_module => SchemaModule,
exception => Error,

23
apps/emqx_authn/src/emqx_authn.erl
View File

@ -20,7 +20,6 @@
providers/0,
check_config/1,
check_config/2,
check_configs/1,
%% for telemetry information
get_enabled_authns/0
]).
@ -39,16 +38,6 @@ providers() ->
{{scram, built_in_database}, emqx_enhanced_authn_scram_mnesia}
].
check_configs(CM) when is_map(CM) ->
check_configs([CM]);
check_configs(CL) ->
check_configs(CL, 1).
check_configs([], _Nth) ->
[];
check_configs([Config | Configs], Nth) ->
[check_config(Config, #{id_for_log => Nth}) | check_configs(Configs, Nth + 1)].
check_config(Config) ->
check_config(Config, #{}).
@ -67,14 +56,20 @@ do_check_config(#{<<"mechanism">> := Mec0} = Config, Opts) ->
end,
case lists:keyfind(Key, 1, providers()) of
false ->
throw(#{error => unknown_authn_provider, which => Key});
Reason =
case Key of
{M, B} ->
#{mechanism => M, backend => B};
M ->
#{mechanism => M}
end,
throw(Reason#{error => unknown_authn_provider});
{_, ProviderModule} ->
do_check_config_maybe_throw(ProviderModule, Config, Opts)
end;
do_check_config(Config, Opts) when is_map(Config) ->
do_check_config(Config, _Opts) when is_map(Config) ->
throw(#{
error => invalid_config,
which => maps:get(id_for_log, Opts, unknown),
reason => "mechanism_field_required"
}).

7
apps/emqx_authn/src/emqx_authn_app.erl
View File

@ -55,8 +55,7 @@ stop(_State) ->
initialize() ->
ok = ?AUTHN:register_providers(emqx_authn:providers()),
lists:foreach(
fun({ChainName, RawAuthConfigs}) ->
AuthConfig = emqx_authn:check_configs(RawAuthConfigs),
fun({ChainName, AuthConfig}) ->
?AUTHN:initialize_authentication(
ChainName,
AuthConfig
@ -73,12 +72,12 @@ chain_configs() ->
[global_chain_config() | listener_chain_configs()].
global_chain_config() ->
{?GLOBAL, emqx:get_raw_config([?EMQX_AUTHENTICATION_CONFIG_ROOT_NAME_BINARY], [])}.
{?GLOBAL, emqx:get_config([?EMQX_AUTHENTICATION_CONFIG_ROOT_NAME_BINARY], [])}.
listener_chain_configs() ->
lists:map(
fun({ListenerID, _}) ->
{ListenerID, emqx:get_raw_config(auth_config_path(ListenerID), [])}
{ListenerID, emqx:get_config(auth_config_path(ListenerID), [])}
end,
emqx_listeners:list()
).

32
apps/emqx_authn/test/emqx_authn_SUITE.erl
View File

@ -168,6 +168,38 @@ t_password_undefined(Config) when is_list(Config) ->
end,
ok.
t_union_selector_errors({init, Config}) ->
Config;
t_union_selector_errors({'end', _Config}) ->
ok;
t_union_selector_errors(Config) when is_list(Config) ->
Conf0 = #{
<<"mechanism">> => <<"password_based">>,
<<"backend">> => <<"mysql">>
},
Conf1 = Conf0#{<<"mechanism">> => <<"unknown-atom-xx">>},
?assertThrow(#{error := unknown_mechanism}, emqx_authn:check_config(Conf1)),
Conf2 = Conf0#{<<"backend">> => <<"unknown-atom-xx">>},
?assertThrow(#{error := unknown_backend}, emqx_authn:check_config(Conf2)),
Conf3 = Conf0#{<<"backend">> => <<"unknown">>, <<"mechanism">> => <<"unknown">>},
?assertThrow(
#{
error := unknown_authn_provider,
backend := unknown,
mechanism := unknown
},
emqx_authn:check_config(Conf3)
),
Res = catch (emqx_authn:check_config(#{<<"mechanism">> => <<"unknown">>})),
?assertEqual(
#{
error => unknown_authn_provider,
mechanism => unknown
},
Res
),
ok.
parse(Bytes) ->
{ok, Frame, <<>>, {none, _}} = emqx_frame:parse(Bytes),
Frame.