From 78eb3b78bbea2d2d7d03aeb7566831003830b591 Mon Sep 17 00:00:00 2001 From: Harshavardhana Date: Tue, 26 Nov 2019 10:08:25 -0800 Subject: [PATCH] Repurpose Get/SetConfig as import/export support (#8578) --- cmd/admin-handlers-config-kv.go | 40 +++++++++++++++++++++--------- cmd/config/identity/openid/help.go | 6 +++++ cmd/config/identity/openid/jwt.go | 8 +++--- 3 files changed, 38 insertions(+), 16 deletions(-) diff --git a/cmd/admin-handlers-config-kv.go b/cmd/admin-handlers-config-kv.go index 788a594a8..2fa67e2d5 100644 --- a/cmd/admin-handlers-config-kv.go +++ b/cmd/admin-handlers-config-kv.go @@ -185,6 +185,8 @@ func (a adminAPIHandlers) SetConfigKVHandler(w http.ResponseWriter, r *http.Requ if globalConfigEncrypted { saveConfig(context.Background(), objectAPI, backendEncryptedFile, backendEncryptedMigrationComplete) } + + writeSuccessResponseHeadersOnly(w) } // GetConfigKVHandler - GET /minio/admin/v2/get-config-kv?key={key} @@ -422,17 +424,28 @@ func (a adminAPIHandlers) SetConfigHandler(w http.ResponseWriter, r *http.Reques } password := globalActiveCred.SecretKey - configBytes, err := madmin.DecryptData(password, io.LimitReader(r.Body, r.ContentLength)) + kvBytes, err := madmin.DecryptData(password, io.LimitReader(r.Body, r.ContentLength)) if err != nil { logger.LogIf(ctx, err, logger.Application) writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrAdminConfigBadJSON), r.URL) return } - var cfg config.Config - if err = json.Unmarshal(configBytes, &cfg); err != nil { - logger.LogIf(ctx, err) - writeCustomErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrAdminConfigBadJSON), err.Error(), r.URL) + cfg := newServerConfig() + scanner := bufio.NewScanner(bytes.NewReader(kvBytes)) + for scanner.Scan() { + // Skip any empty lines, or comment like characters + if scanner.Text() == "" || strings.HasPrefix(scanner.Text(), config.KvComment) { + continue + } + if err = cfg.SetKVS(scanner.Text(), defaultKVS()); err != nil { + writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL) + return + } + } + + if err = scanner.Err(); err != nil { + writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL) return } @@ -441,17 +454,23 @@ func (a adminAPIHandlers) SetConfigHandler(w http.ResponseWriter, r *http.Reques return } + // Update the actual server config on disk. if err = saveServerConfig(ctx, objectAPI, cfg); err != nil { writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL) return } + // Write to the config input KV to history. + if err = saveServerConfigHistory(ctx, objectAPI, kvBytes); err != nil { + writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL) + return + } + // Make sure to write backend is encrypted if globalConfigEncrypted { saveConfig(context.Background(), objectAPI, backendEncryptedFile, backendEncryptedMigrationComplete) } - // Reply to the client before restarting minio server. writeSuccessResponseHeadersOnly(w) } @@ -471,14 +490,11 @@ func (a adminAPIHandlers) GetConfigHandler(w http.ResponseWriter, r *http.Reques return } - configData, err := json.MarshalIndent(config, "", "\t") - if err != nil { - writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL) - return - } + var buf = &bytes.Buffer{} + buf.WriteString(config.String()) password := globalActiveCred.SecretKey - econfigData, err := madmin.EncryptData(password, configData) + econfigData, err := madmin.EncryptData(password, buf.Bytes()) if err != nil { writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL) return diff --git a/cmd/config/identity/openid/help.go b/cmd/config/identity/openid/help.go index ea40950e0..447ccc226 100644 --- a/cmd/config/identity/openid/help.go +++ b/cmd/config/identity/openid/help.go @@ -26,6 +26,12 @@ var ( Description: `OpenID discovery documented endpoint. eg: "https://accounts.google.com/.well-known/openid-configuration"`, Type: "url", }, + config.HelpKV{ + Key: ClaimPrefix, + Description: `OpenID JWT claim namespace prefix. eg: "customer"`, + Optional: true, + Type: "string", + }, config.HelpKV{ Key: config.Comment, Description: "A comment to describe the OpenID identity setting", diff --git a/cmd/config/identity/openid/jwt.go b/cmd/config/identity/openid/jwt.go index b924a6eef..c11fcdfe2 100644 --- a/cmd/config/identity/openid/jwt.go +++ b/cmd/config/identity/openid/jwt.go @@ -262,10 +262,6 @@ var ( Key: config.State, Value: config.StateOff, }, - config.KV{ - Key: JwksURL, - Value: "", - }, config.KV{ Key: ConfigURL, Value: "", @@ -274,6 +270,10 @@ var ( Key: ClaimPrefix, Value: "", }, + config.KV{ + Key: JwksURL, + Value: "", + }, } )