fix: remove deprecated jwks_url from config KV (#13477)

This commit is contained in:
Harshavardhana 2021-10-20 11:31:09 -07:00 committed by GitHub
parent 1642867136
commit ac36a377b0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 12 additions and 67 deletions

View File

@ -2754,7 +2754,6 @@ func migrateMinioSysConfigToKV(objAPI ObjectLayer) error {
} }
xldap.SetIdentityLDAP(newCfg, cfg.LDAPServerConfig) xldap.SetIdentityLDAP(newCfg, cfg.LDAPServerConfig)
openid.SetIdentityOpenID(newCfg, cfg.OpenID)
opa.SetPolicyOPAConfig(newCfg, cfg.Policy.OPA) opa.SetPolicyOPAConfig(newCfg, cfg.Policy.OPA)
cache.SetCacheConfig(newCfg, cfg.Cache) cache.SetCacheConfig(newCfg, cfg.Cache)
compress.SetCompressionConfig(newCfg, cfg.Compression) compress.SetCompressionConfig(newCfg, cfg.Compression)

View File

@ -2044,7 +2044,9 @@ func (s *xlStorage) RenameData(ctx context.Context, srcVolume, srcPath string, f
} }
s.deleteFile(dstVolumeDir, dstDataPath, false) s.deleteFile(dstVolumeDir, dstDataPath, false)
logger.LogIf(ctx, err) if err != errFileNotFound {
logger.LogIf(ctx, err)
}
return osErrToFileErr(err) return osErrToFileErr(err)
} }
} }
@ -2057,7 +2059,9 @@ func (s *xlStorage) RenameData(ctx context.Context, srcVolume, srcPath string, f
} }
s.deleteFile(dstVolumeDir, dstFilePath, false) s.deleteFile(dstVolumeDir, dstFilePath, false)
logger.LogIf(ctx, err) if err != errFileNotFound {
logger.LogIf(ctx, err)
}
return osErrToFileErr(err) return osErrToFileErr(err)
} }

View File

@ -378,7 +378,6 @@ const (
EnvIdentityOpenIDVendor = "MINIO_IDENTITY_OPENID_VENDOR" EnvIdentityOpenIDVendor = "MINIO_IDENTITY_OPENID_VENDOR"
EnvIdentityOpenIDClientID = "MINIO_IDENTITY_OPENID_CLIENT_ID" EnvIdentityOpenIDClientID = "MINIO_IDENTITY_OPENID_CLIENT_ID"
EnvIdentityOpenIDClientSecret = "MINIO_IDENTITY_OPENID_CLIENT_SECRET" EnvIdentityOpenIDClientSecret = "MINIO_IDENTITY_OPENID_CLIENT_SECRET"
EnvIdentityOpenIDJWKSURL = "MINIO_IDENTITY_OPENID_JWKS_URL"
EnvIdentityOpenIDURL = "MINIO_IDENTITY_OPENID_CONFIG_URL" EnvIdentityOpenIDURL = "MINIO_IDENTITY_OPENID_CONFIG_URL"
EnvIdentityOpenIDClaimName = "MINIO_IDENTITY_OPENID_CLAIM_NAME" EnvIdentityOpenIDClaimName = "MINIO_IDENTITY_OPENID_CLAIM_NAME"
EnvIdentityOpenIDClaimUserInfo = "MINIO_IDENTITY_OPENID_CLAIM_USERINFO" EnvIdentityOpenIDClaimUserInfo = "MINIO_IDENTITY_OPENID_CLAIM_USERINFO"
@ -469,29 +468,23 @@ var (
Key: Scopes, Key: Scopes,
Value: "", Value: "",
}, },
config.KV{
Key: JwksURL,
Value: "",
},
} }
) )
// Enabled returns if jwks is enabled. // Enabled returns if configURL is enabled.
func Enabled(kvs config.KVS) bool { func Enabled(kvs config.KVS) bool {
return kvs.Get(JwksURL) != "" return kvs.Get(ConfigURL) != ""
} }
// LookupConfig lookup jwks from config, override with any ENVs. // LookupConfig lookup jwks from config, override with any ENVs.
func LookupConfig(kvs config.KVS, transport *http.Transport, closeRespFn func(io.ReadCloser)) (c Config, err error) { func LookupConfig(kvs config.KVS, transport *http.Transport, closeRespFn func(io.ReadCloser)) (c Config, err error) {
// remove this since we have removed this already.
kvs.Delete(JwksURL)
if err = config.CheckValidKeys(config.IdentityOpenIDSubSys, kvs, DefaultKVS); err != nil { if err = config.CheckValidKeys(config.IdentityOpenIDSubSys, kvs, DefaultKVS); err != nil {
return c, err return c, err
} }
jwksURL := env.Get(EnvIamJwksURL, "") // Legacy
if jwksURL == "" {
jwksURL = env.Get(EnvIdentityOpenIDJWKSURL, kvs.Get(JwksURL))
}
c = Config{ c = Config{
RWMutex: &sync.RWMutex{}, RWMutex: &sync.RWMutex{},
ClaimName: env.Get(EnvIdentityOpenIDClaimName, kvs.Get(ClaimName)), ClaimName: env.Get(EnvIdentityOpenIDClaimName, kvs.Get(ClaimName)),
@ -538,11 +531,7 @@ func LookupConfig(kvs config.KVS, transport *http.Transport, closeRespFn func(io
c.ClaimName = iampolicy.PolicyName c.ClaimName = iampolicy.PolicyName
} }
if jwksURL == "" { jwksURL := c.DiscoveryDoc.JwksURI
// Fallback to discovery document jwksURL
jwksURL = c.DiscoveryDoc.JwksURI
}
if jwksURL == "" { if jwksURL == "" {
return c, nil return c, nil
} }

View File

@ -1,47 +0,0 @@
// Copyright (c) 2015-2021 MinIO, Inc.
//
// This file is part of MinIO Object Storage stack
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package openid
import "github.com/minio/minio/internal/config"
// Legacy envs
const (
EnvIamJwksURL = "MINIO_IAM_JWKS_URL"
)
// SetIdentityOpenID - One time migration code needed, for migrating from older config to new for OpenIDConfig.
func SetIdentityOpenID(s config.Config, cfg Config) {
if cfg.JWKS.URL == nil || cfg.JWKS.URL.String() == "" {
// No need to save not-enabled settings in new config.
return
}
s[config.IdentityOpenIDSubSys][config.Default] = config.KVS{
config.KV{
Key: JwksURL,
Value: cfg.JWKS.URL.String(),
},
config.KV{
Key: ConfigURL,
Value: "",
},
config.KV{
Key: ClaimPrefix,
Value: "",
},
}
}