[ARVADOS] updated: 1.3.0-1161-ge2c4d0774
Git user
git at public.curoverse.com
Tue Jun 25 15:42:23 UTC 2019
Summary of changes:
lib/controller/federation/conn.go | 8 ++++----
lib/controller/railsproxy/railsproxy.go | 2 +-
lib/controller/router/router.go | 3 +--
lib/controller/rpc/conn.go | 8 ++------
sdk/go/arvados/client.go | 6 +++---
sdk/go/arvados/context.go | 15 +++++++++++----
sdk/go/auth/auth.go | 12 +++++++++++-
sdk/go/auth/handlers.go | 8 +++-----
8 files changed, 36 insertions(+), 26 deletions(-)
via e2c4d0774ffa10694519062001f76e04e6bfd129 (commit)
via a14150968c57cffebb79d6ef85e1944111bc1257 (commit)
from 03977060ba2024b4f3bbc0146726b609f1915caf (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit e2c4d0774ffa10694519062001f76e04e6bfd129
Author: Tom Clegg <tclegg at veritasgenetics.com>
Date: Tue Jun 25 11:41:57 2019 -0400
14287: Support federated requests for /used_by and /provenance.
Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tclegg at veritasgenetics.com>
diff --git a/lib/controller/federation/conn.go b/lib/controller/federation/conn.go
index 2d84db4df..3a8a969b4 100644
--- a/lib/controller/federation/conn.go
+++ b/lib/controller/federation/conn.go
@@ -220,11 +220,11 @@ func (conn *Conn) CollectionList(ctx context.Context, options arvados.ListOption
}
func (conn *Conn) CollectionProvenance(ctx context.Context, options arvados.GetOptions) (map[string]interface{}, error) {
- return conn.local.CollectionProvenance(ctx, options)
+ return conn.chooseBackend(options.UUID).CollectionProvenance(ctx, options)
}
func (conn *Conn) CollectionUsedBy(ctx context.Context, options arvados.GetOptions) (map[string]interface{}, error) {
- return conn.local.CollectionUsedBy(ctx, options)
+ return conn.chooseBackend(options.UUID).CollectionUsedBy(ctx, options)
}
func (conn *Conn) CollectionDelete(ctx context.Context, options arvados.DeleteOptions) (arvados.Collection, error) {
commit a14150968c57cffebb79d6ef85e1944111bc1257
Author: Tom Clegg <tclegg at veritasgenetics.com>
Date: Tue Jun 25 11:39:41 2019 -0400
14287: Clean up context key usage.
Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tclegg at veritasgenetics.com>
diff --git a/lib/controller/federation/conn.go b/lib/controller/federation/conn.go
index 3b6032895..2d84db4df 100644
--- a/lib/controller/federation/conn.go
+++ b/lib/controller/federation/conn.go
@@ -51,7 +51,7 @@ func New(cluster *arvados.Cluster) arvados.API {
func saltedTokenProvider(local backend, remoteID string) rpc.TokenProvider {
return func(ctx context.Context) ([]string, error) {
var tokens []string
- incoming, ok := ctx.Value(auth.ContextKeyCredentials).(*auth.Credentials)
+ incoming, ok := auth.FromContext(ctx)
if !ok {
return nil, errors.New("no token provided")
}
@@ -63,7 +63,7 @@ func saltedTokenProvider(local backend, remoteID string) rpc.TokenProvider {
case auth.ErrSalted:
tokens = append(tokens, token)
case auth.ErrObsoleteToken:
- ctx := context.WithValue(ctx, auth.ContextKeyCredentials, &auth.Credentials{Tokens: []string{token}})
+ ctx := auth.NewContext(ctx, &auth.Credentials{Tokens: []string{token}})
aca, err := local.APIClientAuthorizationCurrent(ctx, arvados.GetOptions{})
if errStatus(err) == http.StatusUnauthorized {
// pass through unmodified
diff --git a/lib/controller/railsproxy/railsproxy.go b/lib/controller/railsproxy/railsproxy.go
index 5070fa396..576e603ee 100644
--- a/lib/controller/railsproxy/railsproxy.go
+++ b/lib/controller/railsproxy/railsproxy.go
@@ -44,7 +44,7 @@ func NewConn(cluster *arvados.Cluster) *rpc.Conn {
}
func provideIncomingToken(ctx context.Context) ([]string, error) {
- incoming, ok := ctx.Value(auth.ContextKeyCredentials).(*auth.Credentials)
+ incoming, ok := auth.FromContext(ctx)
if !ok {
return nil, errors.New("no token provided")
}
diff --git a/lib/controller/router/router.go b/lib/controller/router/router.go
index f846f2dcd..f37c7ea90 100644
--- a/lib/controller/router/router.go
+++ b/lib/controller/router/router.go
@@ -244,8 +244,7 @@ func (rtr *router) addRoute(endpoint arvados.APIEndpoint, defaultOpts func() int
}
}
}
- ctx := req.Context()
- ctx = context.WithValue(ctx, auth.ContextKeyCredentials, creds)
+ ctx := auth.NewContext(req.Context(), creds)
ctx = arvados.ContextWithRequestID(ctx, req.Header.Get("X-Request-Id"))
logger.WithFields(logrus.Fields{
"apiEndpoint": endpoint,
diff --git a/lib/controller/rpc/conn.go b/lib/controller/rpc/conn.go
index b32717f9a..e07eaf40a 100644
--- a/lib/controller/rpc/conn.go
+++ b/lib/controller/rpc/conn.go
@@ -19,10 +19,6 @@ import (
"git.curoverse.com/arvados.git/sdk/go/arvados"
)
-type contextKey string
-
-const ContextKeyCredentials contextKey = "credentials"
-
type TokenProvider func(context.Context) ([]string, error)
type Conn struct {
@@ -72,13 +68,13 @@ func (conn *Conn) requestAndDecode(ctx context.Context, dst interface{}, ep arva
if err != nil {
return err
} else if len(tokens) > 0 {
- ctx = context.WithValue(ctx, "Authorization", "Bearer "+tokens[0])
+ ctx = arvados.ContextWithAuthorization(ctx, "Bearer "+tokens[0])
} else {
// Use a non-empty auth string to ensure we override
// any default token set on aClient -- and to avoid
// having the remote prompt us to send a token by
// responding 401.
- ctx = context.WithValue(ctx, "Authorization", "Bearer -")
+ ctx = arvados.ContextWithAuthorization(ctx, "Bearer -")
}
// Encode opts to JSON and decode from there to a
diff --git a/sdk/go/arvados/client.go b/sdk/go/arvados/client.go
index 102018bb1..a5815987b 100644
--- a/sdk/go/arvados/client.go
+++ b/sdk/go/arvados/client.go
@@ -121,16 +121,16 @@ var reqIDGen = httpserver.IDGenerator{Prefix: "req-"}
// Do adds Authorization and X-Request-Id headers and then calls
// (*http.Client)Do().
func (c *Client) Do(req *http.Request) (*http.Response, error) {
- if auth, _ := req.Context().Value("Authorization").(string); auth != "" {
+ if auth, _ := req.Context().Value(contextKeyAuthorization{}).(string); auth != "" {
req.Header.Add("Authorization", auth)
} else if c.AuthToken != "" {
req.Header.Add("Authorization", "OAuth2 "+c.AuthToken)
}
if req.Header.Get("X-Request-Id") == "" {
- reqid, _ := req.Context().Value(contextKeyRequestID).(string)
+ reqid, _ := req.Context().Value(contextKeyRequestID{}).(string)
if reqid == "" {
- reqid, _ = c.context().Value(contextKeyRequestID).(string)
+ reqid, _ = c.context().Value(contextKeyRequestID{}).(string)
}
if reqid == "" {
reqid = reqIDGen.Next()
diff --git a/sdk/go/arvados/context.go b/sdk/go/arvados/context.go
index 555cfc8e9..6ecf85b4e 100644
--- a/sdk/go/arvados/context.go
+++ b/sdk/go/arvados/context.go
@@ -8,10 +8,17 @@ import (
"context"
)
-type contextKey string
-
-var contextKeyRequestID contextKey = "X-Request-Id"
+type contextKeyRequestID struct{}
+type contextKeyAuthorization struct{}
func ContextWithRequestID(ctx context.Context, reqid string) context.Context {
- return context.WithValue(ctx, contextKeyRequestID, reqid)
+ return context.WithValue(ctx, contextKeyRequestID{}, reqid)
+}
+
+// ContextWithAuthorization returns a child context that (when used
+// with (*Client)RequestAndDecodeContext) sends the given
+// Authorization header value instead of the Client's default
+// AuthToken.
+func ContextWithAuthorization(ctx context.Context, value string) context.Context {
+ return context.WithValue(ctx, contextKeyAuthorization{}, value)
}
diff --git a/sdk/go/auth/auth.go b/sdk/go/auth/auth.go
index de3b1e952..c2f6a0e8f 100644
--- a/sdk/go/auth/auth.go
+++ b/sdk/go/auth/auth.go
@@ -5,6 +5,7 @@
package auth
import (
+ "context"
"encoding/base64"
"net/http"
"net/url"
@@ -19,8 +20,17 @@ func NewCredentials() *Credentials {
return &Credentials{Tokens: []string{}}
}
+func NewContext(ctx context.Context, c *Credentials) context.Context {
+ return context.WithValue(ctx, contextKeyCredentials{}, c)
+}
+
+func FromContext(ctx context.Context) (*Credentials, bool) {
+ c, ok := ctx.Value(contextKeyCredentials{}).(*Credentials)
+ return c, ok
+}
+
func CredentialsFromRequest(r *http.Request) *Credentials {
- if c, ok := r.Context().Value(ContextKeyCredentials).(*Credentials); ok {
+ if c, ok := FromContext(r.Context()); ok {
// preloaded by middleware
return c
}
diff --git a/sdk/go/auth/handlers.go b/sdk/go/auth/handlers.go
index 9fa501ab7..b638f7982 100644
--- a/sdk/go/auth/handlers.go
+++ b/sdk/go/auth/handlers.go
@@ -9,17 +9,15 @@ import (
"net/http"
)
-type contextKey string
-
-var ContextKeyCredentials contextKey = "credentials"
+type contextKeyCredentials struct{}
// LoadToken wraps the next handler, adding credentials to the request
// context so subsequent handlers can access them efficiently via
// CredentialsFromRequest.
func LoadToken(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
- if _, ok := r.Context().Value(ContextKeyCredentials).(*Credentials); !ok {
- r = r.WithContext(context.WithValue(r.Context(), ContextKeyCredentials, CredentialsFromRequest(r)))
+ if _, ok := r.Context().Value(contextKeyCredentials{}).(*Credentials); !ok {
+ r = r.WithContext(context.WithValue(r.Context(), contextKeyCredentials{}, CredentialsFromRequest(r)))
}
next.ServeHTTP(w, r)
})
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list