Merge pull request #19 from rabbitmq/lrb-rename-uaa_jwt

Rename uaa_jwt app env setting to key_config
2018-08-01 03:12:18 +03:00 · 2018-08-01 03:12:18 +03:00 · dfc9313717
parent 499d20a421 0e19df0ce4
commit dfc9313717
7 changed files with 22 additions and 22 deletions
--- a/deps/rabbitmq_auth_backend_oauth2/README.md
+++ b/deps/rabbitmq_auth_backend_oauth2/README.md
@ -81,7 +81,7 @@ it will translate into the following configuration (in the [advanced RabbitMQ co
  {rabbitmq_auth_backend_oauth2, [
    {resource_server_id, <<"my_rabbit_server">>},
    %% UAA signing key configuration
-    {uaa_jwt, [
+    {key_config, [
      {signing_keys, #{
        <<"a-key-ID">> => {map, #{<<"kty">> => <<"RSA">>,
                                  <<"alg">> => <<"RS256">>,
@ -106,7 +106,7 @@ If you are using a symmetric key, the configuration will look like this:
 [
  {rabbitmq_auth_backend_oauth2, [
    {resource_server_id, <<"my_rabbit_server">>}
-    {uaa_jwt, [
+    {key_config, [
      {signing_keys, #{
        <<"a-key-ID">> => {map, #{<<"kty">> => <<"MAC">>,
                                  <<"alg">> => <<"HS256">>,
--- a/deps/rabbitmq_auth_backend_oauth2/demo/rsa_keys/rabbitmq.config
+++ b/deps/rabbitmq_auth_backend_oauth2/demo/rsa_keys/rabbitmq.config
@ -4,7 +4,7 @@
  ]},
  {rabbitmq_auth_backend_oauth2, [
    {resource_server_id, <<"rabbitmq">>},
-    {uaa_jwt, [
+    {key_config, [
      {default_key, <<"legacy-token-key">>},
      {signing_keys,
        #{<<"legacy-token-key">> => {pem, <<"-----BEGIN PUBLIC KEY-----
--- a/deps/rabbitmq_auth_backend_oauth2/demo/symmetric_keys/rabbitmq.config
+++ b/deps/rabbitmq_auth_backend_oauth2/demo/symmetric_keys/rabbitmq.config
@ -8,7 +8,7 @@
    {rabbitmq_auth_backend_oauth2, [
        {resource_server_id, <<"rabbitmq">>},
        % Set up a legacy signing key
-        {uaa_jwt, [
+        {key_config, [
            {default_key, <<"legacy-token-key">>},
            {signing_keys, #{
                <<"legacy-token-key">> =>
@ -20,6 +20,6 @@
                    } % end map
                } % end signing_keys map
            } % end signing_keys
-        ]} % end uaa_jwt
+        ]} % end key_config
    ]} % end rabbitmq_auth_backend_oauth2
 ].
--- a/deps/rabbitmq_auth_backend_oauth2/src/uaa_jwt.erl
+++ b/deps/rabbitmq_auth_backend_oauth2/src/uaa_jwt.erl
@ -27,21 +27,21 @@ add_signing_key(KeyId, Type, Value) ->
    end.

 remove_signing_key(KeyId) ->
-    UaaEnv = application:get_env(rabbitmq_auth_backend_oauth2, uaa_jwt, []),
+    UaaEnv = application:get_env(rabbitmq_auth_backend_oauth2, key_config, []),
    Keys0 = proplists:get_value(signing_keys, UaaEnv),
    Keys1 = maps:remove(KeyId, Keys0),
    update_uaa_jwt_signing_keys(UaaEnv, Keys1).

 -spec update_uaa_jwt_signing_keys(map()) -> ok.
 update_uaa_jwt_signing_keys(SigningKeys) ->
-    UaaEnv0 = application:get_env(rabbitmq_auth_backend_oauth2, uaa_jwt, []),
+    UaaEnv0 = application:get_env(rabbitmq_auth_backend_oauth2, key_config, []),
    update_uaa_jwt_signing_keys(UaaEnv0, SigningKeys).

 -spec update_uaa_jwt_signing_keys([term()], map()) -> ok.
 update_uaa_jwt_signing_keys(UaaEnv0, SigningKeys) ->
    UaaEnv1 = proplists:delete(signing_keys, UaaEnv0),
    UaaEnv2 = [{signing_keys, SigningKeys} | UaaEnv1],
-    application:set_env(rabbitmq_auth_backend_oauth2, uaa_jwt, UaaEnv2).
+    application:set_env(rabbitmq_auth_backend_oauth2, key_config, UaaEnv2).

 -spec decode_and_verify(binary()) -> {boolean(), map()} | {error, term()}.
 decode_and_verify(Token) ->
@ -91,7 +91,7 @@ verify_signing_key(Type, Value) ->
    end.

 signing_keys() ->
-    UaaEnv = application:get_env(rabbitmq_auth_backend_oauth2, uaa_jwt, []),
+    UaaEnv = application:get_env(rabbitmq_auth_backend_oauth2, key_config, []),
    proplists:get_value(signing_keys, UaaEnv).

 -spec client_id(map()) -> binary() | undefined.
--- a/deps/rabbitmq_auth_backend_oauth2/src/uaa_jwt_jwt.erl
+++ b/deps/rabbitmq_auth_backend_oauth2/src/uaa_jwt_jwt.erl
@ -35,7 +35,7 @@ get_key_id(Token) ->


 get_default_key() ->
-    UaaEnv = application:get_env(rabbitmq_auth_backend_oauth2, uaa_jwt, []),
+    UaaEnv = application:get_env(rabbitmq_auth_backend_oauth2, key_config, []),
    case proplists:get_value(default_key, UaaEnv, undefined) of
        undefined -> {error, no_key};
        Val       -> {ok, Val}
--- a/deps/rabbitmq_auth_backend_oauth2/test/system_SUITE.erl
+++ b/deps/rabbitmq_auth_backend_oauth2/test/system_SUITE.erl
@ -106,9 +106,9 @@ preconfigure_node(Config) ->
    ok = rabbit_ct_broker_helpers:rpc(Config, 0, application, set_env,
                                      [rabbit, auth_backends, [rabbit_auth_backend_oauth2]]),
    Jwk   = ?UTIL_MOD:fixture_jwk(),
-    UaaEnv = [{signing_keys, #{<<"token-key">> => {map, Jwk}}}],
+    KeyConfig = [{signing_keys, #{<<"token-key">> => {map, Jwk}}}],
    ok = rabbit_ct_broker_helpers:rpc(Config, 0, application, set_env,
-                                      [rabbitmq_auth_backend_oauth2, uaa_jwt, UaaEnv]),
+                                      [rabbitmq_auth_backend_oauth2, key_config, KeyConfig]),
    ok = rabbit_ct_broker_helpers:rpc(Config, 0, application, set_env,
                                      [rabbitmq_auth_backend_oauth2, resource_server_id, ?RESOURCE_SERVER_ID]),

--- a/deps/rabbitmq_auth_backend_oauth2/test/unit_SUITE.erl
+++ b/deps/rabbitmq_auth_backend_oauth2/test/unit_SUITE.erl
@ -49,7 +49,7 @@ test_successful_access_with_a_token(_) ->
    %% Check user access granted by token
    Jwk = ?UTIL_MOD:fixture_jwk(),
    UaaEnv = [{signing_keys, #{<<"token-key">> => {map, Jwk}}}],
-    application:set_env(rabbitmq_auth_backend_oauth2, uaa_jwt, UaaEnv),
+    application:set_env(rabbitmq_auth_backend_oauth2, key_config, UaaEnv),
    application:set_env(rabbitmq_auth_backend_oauth2, resource_server_id, <<"rabbitmq">>),
    Username = <<"username">>,
    Token    = ?UTIL_MOD:sign_token_hs(?UTIL_MOD:fixture_token(), Jwk),
@ -91,7 +91,7 @@ test_successful_access_with_a_token(_) ->
 test_successful_access_with_a_token_that_has_tag_scopes(_) ->
    Jwk = ?UTIL_MOD:fixture_jwk(),
    UaaEnv = [{signing_keys, #{<<"token-key">> => {map, Jwk}}}],
-    application:set_env(rabbitmq_auth_backend_oauth2, uaa_jwt, UaaEnv),
+    application:set_env(rabbitmq_auth_backend_oauth2, key_config, UaaEnv),
    application:set_env(rabbitmq_auth_backend_oauth2, resource_server_id, <<"rabbitmq">>),
    Username = <<"username">>,
    Token    = ?UTIL_MOD:sign_token_hs(?UTIL_MOD:fixture_token([<<"rabbitmq.tag:management">>,
@ -107,7 +107,7 @@ test_unsuccessful_access_with_a_bogus_token(_) ->
    Jwk0 = ?UTIL_MOD:fixture_jwk(),
    Jwk  = Jwk0#{<<"k">> => <<"bm90b2tlbmtleQ">>},
    UaaEnv = [{signing_keys, #{<<"token-key">> => {map, Jwk}}}],
-    application:set_env(rabbitmq_auth_backend_oauth2, uaa_jwt, UaaEnv),
+    application:set_env(rabbitmq_auth_backend_oauth2, key_config, UaaEnv),
    
    ?assertMatch({refused, _, _},
                 rabbit_auth_backend_oauth2:user_login_authentication(Username, [{password, <<"not a token">>}])).
@ -119,7 +119,7 @@ test_restricted_vhost_access_with_a_valid_token(_) ->
    Jwk   = ?UTIL_MOD:fixture_jwk(),
    Token = ?UTIL_MOD:sign_token_hs(?UTIL_MOD:fixture_token(), Jwk),
    UaaEnv = [{signing_keys, #{<<"token-key">> => {map, Jwk}}}],
-    application:set_env(rabbitmq_auth_backend_oauth2, uaa_jwt, UaaEnv),
+    application:set_env(rabbitmq_auth_backend_oauth2, key_config, UaaEnv),

    %% this user can authenticate successfully and access certain vhosts
    {ok, #auth_user{username = Username, tags = []} = User} =
@ -135,7 +135,7 @@ test_insufficient_permissions_in_a_valid_token(_) ->
    Jwk   = ?UTIL_MOD:fixture_jwk(),
    Token = ?UTIL_MOD:sign_token_hs(?UTIL_MOD:fixture_token(), Jwk),
    UaaEnv = [{signing_keys, #{<<"token-key">> => {map, Jwk}}}],
-    application:set_env(rabbitmq_auth_backend_oauth2, uaa_jwt, UaaEnv),
+    application:set_env(rabbitmq_auth_backend_oauth2, key_config, UaaEnv),

    {ok, #auth_user{username = Username} = User} =
        rabbit_auth_backend_oauth2:user_login_authentication(Username, [{password, Token}]),
@ -165,7 +165,7 @@ test_token_expiration(_) ->
    Username = <<"username">>,
    Jwk = ?UTIL_MOD:fixture_jwk(),
    UaaEnv = [{signing_keys, #{<<"token-key">> => {map, Jwk}}}],
-    application:set_env(rabbitmq_auth_backend_oauth2, uaa_jwt, UaaEnv),
+    application:set_env(rabbitmq_auth_backend_oauth2, key_config, UaaEnv),
    application:set_env(rabbitmq_auth_backend_oauth2, resource_server_id, <<"rabbitmq">>),
    TokenData = ?UTIL_MOD:expirable_token(),
    Username  = <<"username">>,
@ -251,10 +251,10 @@ test_command_pem_file_no_kid(Config) ->
        #{node => node(), pem_file => PublicKeyFile}),

    %% Set default key
-    {ok, UaaEnv0} = application:get_env(rabbitmq_auth_backend_oauth2, uaa_jwt),
+    {ok, UaaEnv0} = application:get_env(rabbitmq_auth_backend_oauth2, key_config),
    UaaEnv1 = proplists:delete(default_key, UaaEnv0),
    UaaEnv2 = [{default_key, <<"token-key">>} | UaaEnv1],
-    application:set_env(rabbitmq_auth_backend_oauth2, uaa_jwt, UaaEnv2),
+    application:set_env(rabbitmq_auth_backend_oauth2, key_config, UaaEnv2),

    Token = ?UTIL_MOD:sign_token_no_kid(?UTIL_MOD:fixture_token(), Jwk),
    {ok, #auth_user{username = Username} = User} =
@ -296,10 +296,10 @@ test_command_pem_no_kid(Config) ->
        #{node => node(), pem => Pem}),

    %% This is the default key
-    {ok, UaaEnv0} = application:get_env(rabbitmq_auth_backend_oauth2, uaa_jwt),
+    {ok, UaaEnv0} = application:get_env(rabbitmq_auth_backend_oauth2, key_config),
    UaaEnv1 = proplists:delete(default_key, UaaEnv0),
    UaaEnv2 = [{default_key, <<"token-key">>} | UaaEnv1],
-    application:set_env(rabbitmq_auth_backend_oauth2, uaa_jwt, UaaEnv2),
+    application:set_env(rabbitmq_auth_backend_oauth2, key_config, UaaEnv2),

    Token = ?UTIL_MOD:sign_token_no_kid(?UTIL_MOD:fixture_token(), Jwk),
    {ok, #auth_user{username = Username} = User} =