separate reva services

update config add desktop client with all localhost ports split flagsets Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
owncloud · Jan 16, 2020 · 4f18404 · 4f18404
1 parent 6cc46af
commit 4f18404
Show file tree

Hide file tree

Showing 23 changed files with 3,012 additions and 1,045 deletions.
diff --git a/go.mod b/go.mod
@@ -3,28 +3,14 @@ module github.com/owncloud/ocis-reva
 go 1.13
 
 require (
-	github.com/cespare/xxhash/v2 v2.1.1 // indirect
-	github.com/cs3org/go-cs3apis v0.0.0-20191218073906-e3405ff6775e // indirect
-	github.com/cs3org/reva v0.0.2-0.20191217083445-dee8d1c71f95
-	github.com/go-log/log v0.2.0 // indirect
+	github.com/cs3org/reva v0.0.2-0.20200113091553-573316b69083
 	github.com/gofrs/uuid v3.2.0+incompatible
-	github.com/golang/groupcache v0.0.0-20191027212112-611e8accdfc9 // indirect
 	github.com/micro/cli v0.2.0
-	github.com/micro/go-micro v1.18.0 // indirect
 	github.com/oklog/run v1.0.0
-	github.com/owncloud/ocis-pkg v1.2.0
-	github.com/pelletier/go-toml v1.6.0 // indirect
-	github.com/prometheus/client_model v0.0.0-20191202183732-d1d2010b5bee // indirect
-	github.com/prometheus/procfs v0.0.8 // indirect
-	github.com/spf13/cast v1.3.1 // indirect
-	github.com/spf13/jwalterweatherman v1.1.0 // indirect
+	github.com/owncloud/ocis v0.0.0-20200114161645-9dcf700d1662
+	github.com/owncloud/ocis-pkg v1.2.1-0.20191217084055-eab942498596
 	github.com/spf13/viper v1.6.1
-	github.com/uber/jaeger-client-go v2.20.1+incompatible // indirect
-	golang.org/x/crypto v0.0.0-20191227163750-53104e6ec876 // indirect
 	golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553
-	golang.org/x/sys v0.0.0-20200103143344-a1369afcdac7 // indirect
-	google.golang.org/api v0.14.0 // indirect
-	google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb // indirect
-	gopkg.in/ini.v1 v1.51.1 // indirect
-	gopkg.in/yaml.v2 v2.2.7 // indirect
 )
+
+replace github.com/cs3org/reva => ../reva
diff --git a/go.sum b/go.sum
diff --git a/pkg/command/authbasic.go b/pkg/command/authbasic.go
@@ -0,0 +1,187 @@
+package command
+
+import (
+	"context"
+	"os"
+	"os/signal"
+	"path"
+	"time"
+
+	"github.com/cs3org/reva/cmd/revad/runtime"
+	"github.com/gofrs/uuid"
+	"github.com/micro/cli"
+	"github.com/oklog/run"
+	"github.com/owncloud/ocis-reva/pkg/config"
+	"github.com/owncloud/ocis-reva/pkg/flagset"
+	"github.com/owncloud/ocis-reva/pkg/server/debug"
+)
+
+// AuthBasic is the entrypoint for the auth-basic command.
+func AuthBasic(cfg *config.Config) cli.Command {
+	return cli.Command{
+		Name:  "auth-basic",
+		Usage: "Start reva authprovider for basic auth",
+		Flags: flagset.AuthBasicWithConfig(cfg),
+		Action: func(c *cli.Context) error {
+			logger := NewLogger(cfg)
+
+			if cfg.Tracing.Enabled {
+				switch t := cfg.Tracing.Type; t {
+				case "agent":
+					logger.Error().
+						Str("type", t).
+						Msg("Reva only supports the jaeger tracing backend")
+
+				case "jaeger":
+					logger.Info().
+						Str("type", t).
+						Msg("configuring reva to use the jaeger tracing backend")
+
+				case "zipkin":
+					logger.Error().
+						Str("type", t).
+						Msg("Reva only supports the jaeger tracing backend")
+
+				default:
+					logger.Warn().
+						Str("type", t).
+						Msg("Unknown tracing backend")
+				}
+
+			} else {
+				logger.Debug().
+					Msg("Tracing is not enabled")
+			}
+
+			var (
+				gr          = run.Group{}
+				ctx, cancel = context.WithCancel(context.Background())
+				//metrics     = metrics.New()
+			)
+
+			defer cancel()
+
+			{
+
+				uuid := uuid.Must(uuid.NewV4())
+				pidFile := path.Join(os.TempDir(), "revad-"+c.Command.Name+"-"+uuid.String()+".pid")
+
+				rcfg := map[string]interface{}{
+					"core": map[string]interface{}{
+						"max_cpus": cfg.Reva.AuthBasic.MaxCPUs,
+					},
+					"grpc": map[string]interface{}{
+						"network": cfg.Reva.AuthBasic.Network,
+						"address": cfg.Reva.AuthBasic.Addr,
+						// TODO extract interceptor config, which is the same for all grpc services
+						"interceptors": map[string]interface{}{
+							"auth": map[string]interface{}{
+								"token_manager": "jwt",
+								"token_managers": map[string]interface{}{
+									"jwt": map[string]interface{}{
+										"secret": cfg.Reva.JWTSecret,
+									},
+								},
+							},
+						},
+						// TODO build services dynamically
+						"services": map[string]interface{}{
+							"authprovider": map[string]interface{}{
+								"auth_manager": cfg.Reva.Users.Driver,
+								"auth_managers": map[string]interface{}{
+									"json": map[string]interface{}{
+										"users": cfg.Reva.Users.JSON,
+									},
+									"ldap": map[string]interface{}{
+										"hostname":      cfg.Reva.LDAP.Hostname,
+										"port":          cfg.Reva.LDAP.Port,
+										"base_dn":       cfg.Reva.LDAP.BaseDN,
+										"userfilter":    cfg.Reva.LDAP.UserFilter,
+										"groupfilter":   cfg.Reva.LDAP.GroupFilter,
+										"bind_username": cfg.Reva.LDAP.BindDN,
+										"bind_password": cfg.Reva.LDAP.BindPassword,
+										"idp":           cfg.Reva.LDAP.IDP,
+										"schema": map[string]interface{}{
+											"dn":          "dn",
+											"uid":         cfg.Reva.LDAP.Schema.UID,
+											"mail":        cfg.Reva.LDAP.Schema.Mail,
+											"displayName": cfg.Reva.LDAP.Schema.DisplayName,
+											"cn":          cfg.Reva.LDAP.Schema.CN,
+										},
+									},
+								},
+							},
+						},
+					},
+				}
+
+				gr.Add(func() error {
+					runtime.Run(rcfg, pidFile)
+					return nil
+				}, func(_ error) {
+					logger.Info().
+						Str("server", c.Command.Name).
+						Msg("Shutting down server")
+
+					cancel()
+				})
+			}
+
+			{
+				server, err := debug.Server(
+					debug.Name(c.Command.Name+"-debug"),
+					debug.Addr(cfg.Reva.AuthBasic.DebugAddr),
+					debug.Logger(logger),
+					debug.Context(ctx),
+					debug.Config(cfg),
+				)
+
+				if err != nil {
+					logger.Info().
+						Err(err).
+						Str("server", "debug").
+						Msg("Failed to initialize server")
+
+					return err
+				}
+
+				gr.Add(func() error {
+					return server.ListenAndServe()
+				}, func(_ error) {
+					ctx, timeout := context.WithTimeout(ctx, 5*time.Second)
+
+					defer timeout()
+					defer cancel()
+
+					if err := server.Shutdown(ctx); err != nil {
+						logger.Info().
+							Err(err).
+							Str("server", "debug").
+							Msg("Failed to shutdown server")
+					} else {
+						logger.Info().
+							Str("server", "debug").
+							Msg("Shutting down server")
+					}
+				})
+			}
+
+			{
+				stop := make(chan os.Signal, 1)
+
+				gr.Add(func() error {
+					signal.Notify(stop, os.Interrupt)
+
+					<-stop
+
+					return nil
+				}, func(err error) {
+					close(stop)
+					cancel()
+				})
+			}
+
+			return gr.Run()
+		},
+	}
+}
diff --git a/pkg/command/authprovider.go → pkg/command/authbearer.go b/pkg/command/authprovider.go → pkg/command/authbearer.go
@@ -16,12 +16,12 @@ import (
 	"github.com/owncloud/ocis-reva/pkg/server/debug"
 )
 
-// AuthProvider is the entrypoint for the authprovider command.
-func AuthProvider(cfg *config.Config) cli.Command {
+// AuthBearer is the entrypoint for the auth-bearer command.
+func AuthBearer(cfg *config.Config) cli.Command {
 	return cli.Command{
-		Name:  "authprovider",
-		Usage: "Start authprovider server",
-		Flags: flagset.ServerWithConfig(cfg),
+		Name:  "auth-bearer",
+		Usage: "Start reva authprovider for bearer auth",
+		Flags: flagset.AuthBearerWithConfig(cfg),
 		Action: func(c *cli.Context) error {
 			logger := NewLogger(cfg)
 
@@ -61,20 +61,19 @@ func AuthProvider(cfg *config.Config) cli.Command {
 
 			defer cancel()
 
-			// TODO Flags have to be injected all the way down to the go-micro service
 			{
 
 				uuid := uuid.Must(uuid.NewV4())
-				pidFile := path.Join(os.TempDir(), "revad-"+uuid.String()+".pid")
+				pidFile := path.Join(os.TempDir(), "revad-"+c.Command.Name+"-"+uuid.String()+".pid")
 
 				rcfg := map[string]interface{}{
 					"core": map[string]interface{}{
-						"max_cpus": cfg.Reva.MaxCPUs,
+						"max_cpus": cfg.Reva.AuthBearer.MaxCPUs,
 					},
 					"grpc": map[string]interface{}{
-						"network":          cfg.Reva.GRPC.Network,
-						"address":          cfg.Reva.GRPC.Addr,
-						"enabled_services": []string{"authprovider"},
+						"network": cfg.Reva.AuthBearer.Network,
+						"address": cfg.Reva.AuthBearer.Addr,
+						// TODO extract interceptor config, which is the same for all grpc services
 						"interceptors": map[string]interface{}{
 							"auth": map[string]interface{}{
 								"token_manager": "jwt",
@@ -83,34 +82,30 @@ func AuthProvider(cfg *config.Config) cli.Command {
 										"secret": cfg.Reva.JWTSecret,
 									},
 								},
-								"skip_methods": []string{
-									// we need to allow calls that happen during authentication
-									"/cs3.authproviderv0alpha.AuthProviderService/Authenticate",
-									"/cs3.userproviderv0alpha.UserProviderService/GetUser",
-								},
 							},
 						},
+						// TODO build services dynamically
 						"services": map[string]interface{}{
 							"authprovider": map[string]interface{}{
 								"auth_manager": "oidc",
 								"auth_managers": map[string]interface{}{
 									"oidc": map[string]interface{}{
-										"provider": cfg.AuthProvider.Provider,
-										"insecure": cfg.AuthProvider.Insecure,
+										"issuer":   cfg.Reva.OIDC.Issuer,
+										"insecure": cfg.Reva.OIDC.Insecure,
+										"id_claim": cfg.Reva.OIDC.IDClaim,
 									},
 								},
 							},
 						},
 					},
 				}
-				// TODO merge configs for the same address
 
 				gr.Add(func() error {
 					runtime.Run(rcfg, pidFile)
 					return nil
 				}, func(_ error) {
 					logger.Info().
-						Str("server", "authprovider").
+						Str("server", c.Command.Name).
 						Msg("Shutting down server")
 
 					cancel()
@@ -119,6 +114,8 @@ func AuthProvider(cfg *config.Config) cli.Command {
 
 			{
 				server, err := debug.Server(
+					debug.Name(c.Command.Name+"-debug"),
+					debug.Addr(cfg.Reva.AuthBearer.DebugAddr),
 					debug.Logger(logger),
 					debug.Context(ctx),
 					debug.Config(cfg),