-
Notifications
You must be signed in to change notification settings - Fork 401
/
Copy pathauth.go
180 lines (159 loc) · 4.93 KB
/
auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
/**
* Tencent is pleased to support the open source community by making Polaris available.
*
* Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
*
* Licensed under the BSD 3-Clause License (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://opensource.org/licenses/BSD-3-Clause
*
* Unless required by applicable law or agreed to in writing, software distributed
* under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the
* specific language governing permissions and limitations under the License.
*/
package auth
import (
"context"
"errors"
"fmt"
"log"
"sync"
"github.com/polarismesh/polaris/cache"
cachetypes "github.com/polarismesh/polaris/cache/api"
"github.com/polarismesh/polaris/store"
)
const (
// DefaultUserMgnPluginName default user server name
DefaultUserMgnPluginName = "defaultUser"
// DefaultPolicyPluginName default strategy server name
DefaultPolicyPluginName = "defaultStrategy"
)
// Config 鉴权能力的相关配置参数
type Config struct {
// Name 原AuthServer名称,已废弃
Name string
// Option 原AuthServer的option,已废弃
// Deprecated
Option map[string]interface{}
// User UserOperator的相关配置
User *UserConfig `yaml:"user"`
// Strategy StrategyOperator的相关配置
Strategy *StrategyConfig `yaml:"strategy"`
// Interceptors .
Interceptors []string `yaml:"-"`
}
func (c *Config) SetDefault() {
if c.User == nil {
c.User = &UserConfig{
Name: DefaultUserMgnPluginName,
Option: map[string]interface{}{},
}
}
if c.Strategy == nil {
c.Strategy = &StrategyConfig{
Name: DefaultPolicyPluginName,
Option: map[string]interface{}{},
}
}
}
// UserConfig UserOperator的相关配置
type UserConfig struct {
// Name UserOperator的名称
Name string `yaml:"name"`
// Option UserOperator的option
Option map[string]interface{} `yaml:"option"`
}
// StrategyConfig StrategyOperator的相关配置
type StrategyConfig struct {
// Name StrategyOperator的名称
Name string `yaml:"name"`
// Option StrategyOperator的option
Option map[string]interface{} `yaml:"option"`
}
var (
// userMgnSlots 保存用户管理manager slot
userMgrSlots = map[string]UserServer{}
// strategyMgnSlots 保存策略管理manager slot
strategyMgrSlots = map[string]StrategyServer{}
once sync.Once
userMgn UserServer
strategyMgn StrategyServer
finishInit bool
)
// RegisterUserServer 注册一个新的 UserServer
func RegisterUserServer(s UserServer) error {
name := s.Name()
if _, ok := userMgrSlots[name]; ok {
return fmt.Errorf("UserServer=[%s] exist", name)
}
userMgrSlots[name] = s
return nil
}
// GetUserServer 获取一个 UserServer
func GetUserServer() (UserServer, error) {
if !finishInit {
return nil, errors.New("UserServer has not done Initialize")
}
return userMgn, nil
}
// RegisterStrategyServer 注册一个新的 StrategyServer
func RegisterStrategyServer(s StrategyServer) error {
name := s.Name()
if _, ok := strategyMgrSlots[name]; ok {
return fmt.Errorf("StrategyServer=[%s] exist", name)
}
strategyMgrSlots[name] = s
return nil
}
// GetStrategyServer 获取一个 StrategyServer
func GetStrategyServer() (StrategyServer, error) {
if !finishInit {
return nil, errors.New("StrategyServer has not done Initialize")
}
return strategyMgn, nil
}
// Initialize 初始化
func Initialize(ctx context.Context, authOpt *Config, storage store.Store, cacheMgn *cache.CacheManager) error {
var err error
once.Do(func() {
userMgn, strategyMgn, err = initialize(ctx, authOpt, storage, cacheMgn)
})
if err != nil {
return err
}
return nil
}
// initialize 包裹了初始化函数,在 Initialize 的时候会在自动调用,全局初始化一次
func initialize(_ context.Context, authOpt *Config, storage store.Store,
cacheMgr cachetypes.CacheManager) (UserServer, StrategyServer, error) {
authOpt.SetDefault()
userMgrName := authOpt.User.Name
if userMgrName == "" {
return nil, nil, errors.New("UserServer Name is empty")
}
policyMgrName := authOpt.Strategy.Name
if policyMgrName == "" {
return nil, nil, errors.New("StrategyServer Name is empty")
}
userMgr, ok := userMgrSlots[userMgrName]
if !ok {
return nil, nil, fmt.Errorf("no such UserServer plugin. name(%s)", userMgrName)
}
policyMgr, ok := strategyMgrSlots[policyMgrName]
if !ok {
return nil, nil, fmt.Errorf("no such StrategyServer plugin. name(%s)", policyMgrName)
}
if err := userMgr.Initialize(authOpt, storage, policyMgr, cacheMgr); err != nil {
log.Printf("UserServer do initialize err: %s", err.Error())
return nil, nil, err
}
if err := policyMgr.Initialize(authOpt, storage, cacheMgr, userMgr); err != nil {
log.Printf("StrategyServer do initialize err: %s", err.Error())
return nil, nil, err
}
finishInit = true
return userMgr, policyMgr, nil
}