You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by sp...@apache.org on 2022/11/23 07:57:28 UTC
[apisix] branch master updated: refactor(consumer): expose create_consume_cache so that we can preprocess the consumer conf (#8379)
This is an automated email from the ASF dual-hosted git repository.
spacewander pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix.git
The following commit(s) were added to refs/heads/master by this push:
new ab4fe8837 refactor(consumer): expose create_consume_cache so that we can preprocess the consumer conf (#8379)
ab4fe8837 is described below
commit ab4fe8837da6aba4aca868291c0ea9f3876fa829
Author: soulbird <zh...@outlook.com>
AuthorDate: Wed Nov 23 15:57:20 2022 +0800
refactor(consumer): expose create_consume_cache so that we can preprocess the consumer conf (#8379)
Co-authored-by: soulbird <zh...@gmail.com>
---
apisix/consumer.lua | 23 +++++++++++++++++++++++
apisix/plugins/basic-auth.lua | 25 ++-----------------------
apisix/plugins/hmac-auth.lua | 25 +------------------------
apisix/plugins/jwt-auth.lua | 29 ++---------------------------
apisix/plugins/key-auth.lua | 27 +--------------------------
apisix/plugins/ldap-auth.lua | 27 +++------------------------
apisix/plugins/wolf-rbac.lua | 28 ++--------------------------
7 files changed, 34 insertions(+), 150 deletions(-)
diff --git a/apisix/consumer.lua b/apisix/consumer.lua
index 2eaf67d4e..27ea42768 100644
--- a/apisix/consumer.lua
+++ b/apisix/consumer.lua
@@ -28,6 +28,9 @@ local _M = {
version = 0.3,
}
+local lrucache = core.lrucache.new({
+ ttl = 300, count = 512
+})
local function plugin_consumer()
local plugins = {}
@@ -94,6 +97,26 @@ function _M.consumers()
end
+local function create_consume_cache(consumers_conf, key_attr)
+ local consumer_names = {}
+
+ for _, consumer in ipairs(consumers_conf.nodes) do
+ core.log.info("consumer node: ", core.json.delay_encode(consumer))
+ consumer_names[consumer.auth_conf[key_attr]] = consumer
+ end
+
+ return consumer_names
+end
+
+
+function _M.consumers_kv(plugin_name, consumer_conf, key_attr)
+ local consumers = lrucache("consumers_key#".. plugin_name, consumer_conf.conf_version,
+ create_consume_cache, consumer_conf, key_attr)
+
+ return consumers
+end
+
+
local function check_consumer(consumer)
return plugin_checker(consumer, core.schema.TYPE_CONSUMER)
end
diff --git a/apisix/plugins/basic-auth.lua b/apisix/plugins/basic-auth.lua
index 32c0e0445..5f984ed66 100644
--- a/apisix/plugins/basic-auth.lua
+++ b/apisix/plugins/basic-auth.lua
@@ -17,15 +17,11 @@
local core = require("apisix.core")
local ngx = ngx
local ngx_re = require("ngx.re")
-local ipairs = ipairs
local consumer = require("apisix.consumer")
local lrucache = core.lrucache.new({
ttl = 300, count = 512
})
-local consumers_lrucache = core.lrucache.new({
- type = "plugin",
-})
local schema = {
type = "object",
@@ -50,6 +46,7 @@ local consumer_schema = {
local plugin_name = "basic-auth"
+
local _M = {
version = 0.1,
priority = 2520,
@@ -122,22 +119,6 @@ local function extract_auth_header(authorization)
end
-local create_consume_cache
-do
- local consumer_names = {}
-
- function create_consume_cache(consumers)
- core.table.clear(consumer_names)
-
- for _, cur_consumer in ipairs(consumers.nodes) do
- core.log.info("consumer node: ",
- core.json.delay_encode(cur_consumer))
- consumer_names[cur_consumer.auth_conf.username] = cur_consumer
- end
-
- return consumer_names
- end
-end
function _M.rewrite(conf, ctx)
core.log.info("plugin access phase, conf: ", core.json.delay_encode(conf))
@@ -161,9 +142,7 @@ function _M.rewrite(conf, ctx)
return 401, { message = "Missing related consumer" }
end
- local consumers = consumers_lrucache("consumers_key",
- consumer_conf.conf_version,
- create_consume_cache, consumer_conf)
+ local consumers = consumer.consumers_kv(plugin_name, consumer_conf, "username")
-- 3. check user exists
local cur_consumer = consumers[username]
diff --git a/apisix/plugins/hmac-auth.lua b/apisix/plugins/hmac-auth.lua
index 5c234937e..c03e5ce82 100644
--- a/apisix/plugins/hmac-auth.lua
+++ b/apisix/plugins/hmac-auth.lua
@@ -39,9 +39,6 @@ local SIGNED_HEADERS_KEY = "X-HMAC-SIGNED-HEADERS"
local plugin_name = "hmac-auth"
local MAX_REQ_BODY = 1024 * 512
-local lrucache = core.lrucache.new({
- type = "plugin",
-})
local schema = {
type = "object",
@@ -139,24 +136,6 @@ local function remove_headers(ctx, ...)
end
-local create_consumer_cache
-do
- local consumer_names = {}
-
- function create_consumer_cache(consumers)
- core.table.clear(consumer_names)
-
- for _, consumer in ipairs(consumers.nodes) do
- core.log.info("consumer node: ", core.json.delay_encode(consumer))
- consumer_names[consumer.auth_conf.access_key] = consumer
- end
-
- return consumer_names
- end
-
-end -- do
-
-
function _M.check_schema(conf, schema_type)
core.log.info("input conf: ", core.json.delay_encode(conf))
@@ -178,9 +157,7 @@ local function get_consumer(access_key)
return nil, "Missing related consumer"
end
- local consumers = lrucache("consumers_key", consumer_conf.conf_version,
- create_consumer_cache, consumer_conf)
-
+ local consumers = consumer.consumers_kv(plugin_name, consumer_conf, "access_key")
local consumer = consumers[access_key]
if not consumer then
return nil, "Invalid access key"
diff --git a/apisix/plugins/jwt-auth.lua b/apisix/plugins/jwt-auth.lua
index a3c366f1f..1215fedb9 100644
--- a/apisix/plugins/jwt-auth.lua
+++ b/apisix/plugins/jwt-auth.lua
@@ -23,7 +23,6 @@ local new_tab = require ("table.new")
local ngx_encode_base64 = ngx.encode_base64
local ngx_decode_base64 = ngx.decode_base64
-local ipairs = ipairs
local ngx = ngx
local ngx_time = ngx.time
local sub_str = string.sub
@@ -34,10 +33,6 @@ local plugin_name = "jwt-auth"
local pcall = pcall
-local lrucache = core.lrucache.new({
- type = "plugin",
-})
-
local schema = {
type = "object",
properties = {
@@ -137,24 +132,6 @@ local _M = {
}
-local create_consume_cache
-do
- local consumer_names = {}
-
- function create_consume_cache(consumers)
- core.table.clear(consumer_names)
-
- for _, consumer in ipairs(consumers.nodes) do
- core.log.info("consumer node: ", core.json.delay_encode(consumer))
- consumer_names[consumer.auth_conf.key] = consumer
- end
-
- return consumer_names
- end
-
-end -- do
-
-
function _M.check_schema(conf, schema_type)
core.log.info("input conf: ", core.json.delay_encode(conf))
@@ -435,8 +412,7 @@ function _M.rewrite(conf, ctx)
return 401, {message = "Missing related consumer"}
end
- local consumers = lrucache("consumers_key", consumer_conf.conf_version,
- create_consume_cache, consumer_conf)
+ local consumers = consumer_mod.consumers_kv(plugin_name, consumer_conf, "key")
local consumer = consumers[user_key]
if not consumer then
@@ -482,8 +458,7 @@ local function gen_token()
return core.response.exit(404)
end
- local consumers = lrucache("consumers_key", consumer_conf.conf_version,
- create_consume_cache, consumer_conf)
+ local consumers = consumer_mod.consumers_kv(plugin_name, consumer_conf, "key")
core.log.info("consumers: ", core.json.delay_encode(consumers))
local consumer = consumers[key]
diff --git a/apisix/plugins/key-auth.lua b/apisix/plugins/key-auth.lua
index 3c0f8a97a..5806025a6 100644
--- a/apisix/plugins/key-auth.lua
+++ b/apisix/plugins/key-auth.lua
@@ -17,13 +17,8 @@
local core = require("apisix.core")
local consumer_mod = require("apisix.consumer")
local plugin_name = "key-auth"
-local ipairs = ipairs
-local lrucache = core.lrucache.new({
- type = "plugin",
-})
-
local schema = {
type = "object",
properties = {
@@ -61,24 +56,6 @@ local _M = {
}
-local create_consume_cache
-do
- local consumer_names = {}
-
- function create_consume_cache(consumers)
- core.table.clear(consumer_names)
-
- for _, consumer in ipairs(consumers.nodes) do
- core.log.info("consumer node: ", core.json.delay_encode(consumer))
- consumer_names[consumer.auth_conf.key] = consumer
- end
-
- return consumer_names
- end
-
-end -- do
-
-
function _M.check_schema(conf, schema_type)
if schema_type == core.schema.TYPE_CONSUMER then
return core.schema.check(consumer_schema, conf)
@@ -107,9 +84,7 @@ function _M.rewrite(conf, ctx)
return 401, {message = "Missing related consumer"}
end
- local consumers = lrucache("consumers_key", consumer_conf.conf_version,
- create_consume_cache, consumer_conf)
-
+ local consumers = consumer_mod.consumers_kv(plugin_name, consumer_conf, "key")
local consumer = consumers[key]
if not consumer then
return 401, {message = "Invalid API key in request"}
diff --git a/apisix/plugins/ldap-auth.lua b/apisix/plugins/ldap-auth.lua
index d155696b6..6486f9a13 100644
--- a/apisix/plugins/ldap-auth.lua
+++ b/apisix/plugins/ldap-auth.lua
@@ -17,14 +17,9 @@
local core = require("apisix.core")
local ngx = ngx
local ngx_re = require("ngx.re")
-local ipairs = ipairs
local consumer_mod = require("apisix.consumer")
local ldap = require("resty.ldap")
-local lrucache = core.lrucache.new({
- ttl = 300, count = 512
-})
-
local schema = {
type = "object",
title = "work with route or service object",
@@ -49,6 +44,7 @@ local consumer_schema = {
local plugin_name = "ldap-auth"
+
local _M = {
version = 0.1,
priority = 2540,
@@ -69,23 +65,6 @@ function _M.check_schema(conf, schema_type)
return ok, err
end
-local create_consumer_cache
-do
- local consumer_names = {}
-
- function create_consumer_cache(consumers)
- core.table.clear(consumer_names)
-
- for _, consumer in ipairs(consumers.nodes) do
- core.log.info("consumer node: ", core.json.delay_encode(consumer))
- consumer_names[consumer.auth_conf.user_dn] = consumer
- end
-
- return consumer_names
- end
-
-end -- do
-
local function extract_auth_header(authorization)
local obj = { username = "", password = "" }
@@ -162,8 +141,8 @@ function _M.rewrite(conf, ctx)
if not consumer_conf then
return 401, { message = "Missing related consumer" }
end
- local consumers = lrucache("consumers_key", consumer_conf.conf_version,
- create_consumer_cache, consumer_conf)
+
+ local consumers = consumer_mod.consumers_kv(plugin_name, consumer_conf, "user_dn")
local consumer = consumers[userdn]
if not consumer then
return 401, {message = "Invalid user authorization"}
diff --git a/apisix/plugins/wolf-rbac.lua b/apisix/plugins/wolf-rbac.lua
index a6be6474c..62cb7b04f 100644
--- a/apisix/plugins/wolf-rbac.lua
+++ b/apisix/plugins/wolf-rbac.lua
@@ -21,7 +21,6 @@ local json = require("apisix.core.json")
local sleep = core.sleep
local ngx_re = require("ngx.re")
local http = require("resty.http")
-local ipairs = ipairs
local ngx = ngx
local rawget = rawget
local rawset = rawset
@@ -34,10 +33,6 @@ local req_get_body_data = ngx.req.get_body_data
local plugin_name = "wolf-rbac"
-local lrucache = core.lrucache.new({
- type = "plugin",
-})
-
local schema = {
type = "object",
properties = {
@@ -65,23 +60,6 @@ local _M = {
}
-local create_consume_cache
-do
- local consumer_names = {}
-
- function create_consume_cache(consumers)
- core.table.clear(consumer_names)
-
- for _, consumer in ipairs(consumers.nodes) do
- core.log.info("consumer node: ", core.json.delay_encode(consumer))
- consumer_names[consumer.auth_conf.appid] = consumer
- end
-
- return consumer_names
- end
-
-end -- do
-
local token_version = 'V1'
local function create_rbac_token(appid, wolf_token)
return token_version .. "#" .. appid .. "#" .. wolf_token
@@ -285,8 +263,7 @@ function _M.rewrite(conf, ctx)
return 401, fail_response("Missing related consumer")
end
- local consumers = lrucache("consumers_key", consumer_conf.conf_version,
- create_consume_cache, consumer_conf)
+ local consumers = consumer.consumers_kv(plugin_name, consumer_conf, "appid")
core.log.info("------ consumers: ", core.json.delay_encode(consumers))
local consumer = consumers[appid]
@@ -353,8 +330,7 @@ local function get_consumer(appid)
core.response.exit(500)
end
- local consumers = lrucache("consumers_key", consumer_conf.conf_version,
- create_consume_cache, consumer_conf)
+ local consumers = consumer.consumers_kv(plugin_name, consumer_conf, "appid")
core.log.info("------ consumers: ", core.json.delay_encode(consumers))
local consumer = consumers[appid]