From 0f733ae0c8ad91771929fb5362738e33ee2e484a Mon Sep 17 00:00:00 2001 From: Ben McClelland Date: Mon, 19 Jun 2023 11:09:43 -0700 Subject: [PATCH] refactor move auth to top level --- {backend/auth => auth}/acl.go | 0 auth/iam.go | 34 +++++++++++++++++++++ backend/auth/iam.go => auth/iam_internal.go | 32 +++++-------------- backend/posix/posix.go | 2 +- cmd/versitygw/main.go | 2 +- s3api/controllers/admin.go | 2 +- s3api/controllers/base.go | 2 +- s3api/controllers/base_test.go | 2 +- s3api/middlewares/authentication.go | 2 +- s3api/router.go | 2 +- s3api/router_test.go | 2 +- s3api/server.go | 2 +- s3api/server_test.go | 2 +- 13 files changed, 52 insertions(+), 34 deletions(-) rename {backend/auth => auth}/acl.go (100%) create mode 100644 auth/iam.go rename backend/auth/iam.go => auth/iam_internal.go (90%) diff --git a/backend/auth/acl.go b/auth/acl.go similarity index 100% rename from backend/auth/acl.go rename to auth/acl.go diff --git a/auth/iam.go b/auth/iam.go new file mode 100644 index 0000000..14da18c --- /dev/null +++ b/auth/iam.go @@ -0,0 +1,34 @@ +// Copyright 2023 Versity Software +// This file is licensed under the Apache License, Version 2.0 +// (the "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +package auth + +import ( + "errors" +) + +// Account is a gateway IAM account +type Account struct { + Secret string `json:"secret"` + Role string `json:"role"` +} + +// IAMService is the interface for all IAM service implementations +type IAMService interface { + CreateAccount(access string, account Account) error + GetUserAccount(access string) (Account, error) + DeleteUserAccount(access string) error +} + +var ErrNoSuchUser = errors.New("user not found") diff --git a/backend/auth/iam.go b/auth/iam_internal.go similarity index 90% rename from backend/auth/iam.go rename to auth/iam_internal.go index 8e7c758..21f2e77 100644 --- a/backend/auth/iam.go +++ b/auth/iam_internal.go @@ -16,16 +16,18 @@ package auth import ( "encoding/json" - "errors" "fmt" "hash/crc32" "sync" ) -// Account is an internal IAM account -type Account struct { - Secret string `json:"secret"` - Role string `json:"role"` +// IAMServiceInternal manages the internal IAM service +type IAMServiceInternal struct { + storer Storer + + mu sync.RWMutex + accts IAMConfig + serial uint32 } // UpdateAcctFunc accepts the current data and returns the new data to be stored @@ -44,22 +46,6 @@ type IAMConfig struct { AccessAccounts map[string]Account `json:"accessAccounts"` } -// IAMService is the interface for all IAM service implementations -type IAMService interface { - CreateAccount(access string, account Account) error - GetUserAccount(access string) (Account, error) - DeleteUserAccount(access string) error -} - -// IAMServiceInternal manages the internal IAM service -type IAMServiceInternal struct { - storer Storer - - mu sync.RWMutex - accts IAMConfig - serial uint32 -} - var _ IAMService = &IAMServiceInternal{} // NewInternal creates a new instance for the Internal IAM service @@ -108,8 +94,6 @@ func (s *IAMServiceInternal) CreateAccount(access string, account Account) error }) } -var ErrNoSuchUser = errors.New("user not found") - // GetUserAccount retrieves account info for the requested user. Returns // ErrNoSuchUser if the account does not exist. func (s *IAMServiceInternal) GetUserAccount(access string) (Account, error) { @@ -125,7 +109,7 @@ func (s *IAMServiceInternal) GetUserAccount(access string) (Account, error) { if serial != s.serial { s.mu.RUnlock() err := s.updateCache() - s.mu.RUnlock() + s.mu.RLock() if err != nil { return Account{}, fmt.Errorf("refresh iam cache: %w", err) } diff --git a/backend/posix/posix.go b/backend/posix/posix.go index 49229ec..1834584 100644 --- a/backend/posix/posix.go +++ b/backend/posix/posix.go @@ -36,8 +36,8 @@ import ( "github.com/aws/aws-sdk-go-v2/service/s3/types" "github.com/google/uuid" "github.com/pkg/xattr" + "github.com/versity/versitygw/auth" "github.com/versity/versitygw/backend" - "github.com/versity/versitygw/backend/auth" "github.com/versity/versitygw/s3err" "github.com/versity/versitygw/s3response" ) diff --git a/cmd/versitygw/main.go b/cmd/versitygw/main.go index 52997c8..dd797a9 100644 --- a/cmd/versitygw/main.go +++ b/cmd/versitygw/main.go @@ -22,8 +22,8 @@ import ( "github.com/gofiber/fiber/v2" "github.com/urfave/cli/v2" + "github.com/versity/versitygw/auth" "github.com/versity/versitygw/backend" - "github.com/versity/versitygw/backend/auth" "github.com/versity/versitygw/s3api" "github.com/versity/versitygw/s3api/middlewares" ) diff --git a/s3api/controllers/admin.go b/s3api/controllers/admin.go index 3a0fdc4..2015ab4 100644 --- a/s3api/controllers/admin.go +++ b/s3api/controllers/admin.go @@ -18,7 +18,7 @@ import ( "fmt" "github.com/gofiber/fiber/v2" - "github.com/versity/versitygw/backend/auth" + "github.com/versity/versitygw/auth" ) type AdminController struct { diff --git a/s3api/controllers/base.go b/s3api/controllers/base.go index 17ee506..b3285ca 100644 --- a/s3api/controllers/base.go +++ b/s3api/controllers/base.go @@ -29,8 +29,8 @@ import ( "github.com/aws/aws-sdk-go-v2/service/s3" "github.com/aws/aws-sdk-go-v2/service/s3/types" "github.com/gofiber/fiber/v2" + "github.com/versity/versitygw/auth" "github.com/versity/versitygw/backend" - "github.com/versity/versitygw/backend/auth" "github.com/versity/versitygw/s3api/utils" "github.com/versity/versitygw/s3err" ) diff --git a/s3api/controllers/base_test.go b/s3api/controllers/base_test.go index d1be9ab..9239bb6 100644 --- a/s3api/controllers/base_test.go +++ b/s3api/controllers/base_test.go @@ -28,8 +28,8 @@ import ( "github.com/aws/aws-sdk-go-v2/service/s3/types" "github.com/gofiber/fiber/v2" "github.com/valyala/fasthttp" + "github.com/versity/versitygw/auth" "github.com/versity/versitygw/backend" - "github.com/versity/versitygw/backend/auth" "github.com/versity/versitygw/s3err" "github.com/versity/versitygw/s3response" ) diff --git a/s3api/middlewares/authentication.go b/s3api/middlewares/authentication.go index a5ab323..5c42be1 100644 --- a/s3api/middlewares/authentication.go +++ b/s3api/middlewares/authentication.go @@ -25,7 +25,7 @@ import ( v4 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/smithy-go/logging" "github.com/gofiber/fiber/v2" - "github.com/versity/versitygw/backend/auth" + "github.com/versity/versitygw/auth" "github.com/versity/versitygw/s3api/controllers" "github.com/versity/versitygw/s3api/utils" "github.com/versity/versitygw/s3err" diff --git a/s3api/router.go b/s3api/router.go index 13d881f..8e753f1 100644 --- a/s3api/router.go +++ b/s3api/router.go @@ -16,8 +16,8 @@ package s3api import ( "github.com/gofiber/fiber/v2" + "github.com/versity/versitygw/auth" "github.com/versity/versitygw/backend" - "github.com/versity/versitygw/backend/auth" "github.com/versity/versitygw/s3api/controllers" ) diff --git a/s3api/router_test.go b/s3api/router_test.go index 663c71f..5d80471 100644 --- a/s3api/router_test.go +++ b/s3api/router_test.go @@ -18,8 +18,8 @@ import ( "testing" "github.com/gofiber/fiber/v2" + "github.com/versity/versitygw/auth" "github.com/versity/versitygw/backend" - "github.com/versity/versitygw/backend/auth" ) func TestS3ApiRouter_Init(t *testing.T) { diff --git a/s3api/server.go b/s3api/server.go index 0988319..b52835e 100644 --- a/s3api/server.go +++ b/s3api/server.go @@ -19,8 +19,8 @@ import ( "github.com/gofiber/fiber/v2" "github.com/gofiber/fiber/v2/middleware/logger" + "github.com/versity/versitygw/auth" "github.com/versity/versitygw/backend" - "github.com/versity/versitygw/backend/auth" "github.com/versity/versitygw/s3api/middlewares" ) diff --git a/s3api/server_test.go b/s3api/server_test.go index 27ce0bc..a5bf975 100644 --- a/s3api/server_test.go +++ b/s3api/server_test.go @@ -19,8 +19,8 @@ import ( "testing" "github.com/gofiber/fiber/v2" + "github.com/versity/versitygw/auth" "github.com/versity/versitygw/backend" - "github.com/versity/versitygw/backend/auth" "github.com/versity/versitygw/s3api/middlewares" )