LDAP/OpenID must be initialized IAM Init() (#15491)

This allows for LDAP/OpenID to be non-blocking, allowing for unreachable Identity targets to be initialized in IAM.
2025-11-07 21:02:58 -05:00 · 2022-08-08 16:16:27 -07:00
parent 8eec49304d
commit 1823ab6808
6 changed files with 117 additions and 91 deletions
--- a/cmd/globals.go
+++ b/cmd/globals.go
@@ -383,18 +383,30 @@ var (
 	// Add new variable global values here.
 )

-var globalAuthZPluginMutex sync.Mutex
+var globalAuthPluginMutex sync.Mutex
+
+func newGlobalAuthNPluginFn() *idplugin.AuthNPlugin {
+	globalAuthPluginMutex.Lock()
+	defer globalAuthPluginMutex.Unlock()
+	return globalAuthNPlugin
+}

 func newGlobalAuthZPluginFn() *polplugin.AuthZPlugin {
-	globalAuthZPluginMutex.Lock()
-	defer globalAuthZPluginMutex.Unlock()
+	globalAuthPluginMutex.Lock()
+	defer globalAuthPluginMutex.Unlock()
 	return globalAuthZPlugin
 }

+func setGlobalAuthNPlugin(authn *idplugin.AuthNPlugin) {
+	globalAuthPluginMutex.Lock()
+	globalAuthNPlugin = authn
+	globalAuthPluginMutex.Unlock()
+}
+
 func setGlobalAuthZPlugin(authz *polplugin.AuthZPlugin) {
-	globalAuthZPluginMutex.Lock()
+	globalAuthPluginMutex.Lock()
 	globalAuthZPlugin = authz
-	globalAuthZPluginMutex.Unlock()
+	globalAuthPluginMutex.Unlock()
 }

 var errSelfTestFailure = errors.New("self test failed. unsafe to start server")