diff options
author | myrrc <myrrc@yandex-team.ru> | 2022-02-10 16:50:05 +0300 |
---|---|---|
committer | Daniil Cherednik <dcherednik@yandex-team.ru> | 2022-02-10 16:50:05 +0300 |
commit | 7a6e12b038f16b8bc4b7e77c2a2e08aa86ef7dc9 (patch) | |
tree | b495213545637c65e9ecc0b3fdfbfa649a3027fa | |
parent | 694fb2daa19ebb6642b93a8e94bd548b621b76df (diff) | |
download | ydb-7a6e12b038f16b8bc4b7e77c2a2e08aa86ef7dc9.tar.gz |
Restoring authorship annotation for <myrrc@yandex-team.ru>. Commit 1 of 2.
-rw-r--r-- | library/cpp/actors/core/actor.h | 10 | ||||
-rw-r--r-- | library/cpp/actors/core/actorsystem.h | 4 | ||||
-rw-r--r-- | library/cpp/actors/testlib/test_runtime.h | 2 | ||||
-rw-r--r-- | library/cpp/testing/unittest/registar.h | 34 | ||||
-rw-r--r-- | library/cpp/testing/unittest/registar_ut.cpp | 26 | ||||
-rw-r--r-- | ydb/apps/ydbd/main.cpp | 2 | ||||
-rw-r--r-- | ydb/core/base/appdata.h | 12 | ||||
-rw-r--r-- | ydb/core/base/tablet_pipe.h | 2 | ||||
-rw-r--r-- | ydb/core/driver_lib/run/factories.h | 12 | ||||
-rw-r--r-- | ydb/core/driver_lib/run/kikimr_services_initializers.cpp | 4 | ||||
-rw-r--r-- | ydb/core/driver_lib/run/run.cpp | 16 | ||||
-rw-r--r-- | ydb/core/tablet/tablet_pipe_client.cpp | 8 | ||||
-rw-r--r-- | ydb/core/util/make_holder_with_record.h | 20 | ||||
-rw-r--r-- | ydb/core/ymq/actor/auth_factory.cpp | 62 | ||||
-rw-r--r-- | ydb/core/ymq/actor/auth_factory.h | 158 | ||||
-rw-r--r-- | ydb/core/ymq/actor/service.cpp | 6 | ||||
-rw-r--r-- | ydb/core/ymq/actor/ya.make | 2 | ||||
-rw-r--r-- | ydb/core/ymq/http/http.cpp | 42 | ||||
-rw-r--r-- | ydb/public/sdk/cpp/client/ydb_types/credentials/credentials.h | 10 |
19 files changed, 216 insertions, 216 deletions
diff --git a/library/cpp/actors/core/actor.h b/library/cpp/actors/core/actor.h index ed29bd14b9..b0f529bd62 100644 --- a/library/cpp/actors/core/actor.h +++ b/library/cpp/actors/core/actor.h @@ -356,11 +356,11 @@ namespace NActors { return Send(recipient, static_cast<IEventBase*>(ev.Release()), flags, cookie, std::move(traceId)); } - template <class TEvent, class ... TEventArgs> - bool Send(TActorId recipient, TEventArgs&& ... args) const { - return Send(recipient, MakeHolder<TEvent>(std::forward<TEventArgs>(args)...)); - } - + template <class TEvent, class ... TEventArgs> + bool Send(TActorId recipient, TEventArgs&& ... args) const { + return Send(recipient, MakeHolder<TEvent>(std::forward<TEventArgs>(args)...)); + } + void Schedule(TInstant deadline, IEventBase* ev, ISchedulerCookie* cookie = nullptr) const noexcept final; void Schedule(TMonotonic deadline, IEventBase* ev, ISchedulerCookie* cookie = nullptr) const noexcept final; void Schedule(TDuration delta, IEventBase* ev, ISchedulerCookie* cookie = nullptr) const noexcept final; diff --git a/library/cpp/actors/core/actorsystem.h b/library/cpp/actors/core/actorsystem.h index 40499d7586..91d539f3c5 100644 --- a/library/cpp/actors/core/actorsystem.h +++ b/library/cpp/actors/core/actorsystem.h @@ -193,8 +193,8 @@ namespace NActors { TInterconnectSetup Interconnect; - using TLocalServices = TVector<std::pair<TActorId, TActorSetupCmd>>; - TLocalServices LocalServices; + using TLocalServices = TVector<std::pair<TActorId, TActorSetupCmd>>; + TLocalServices LocalServices; ui32 GetExecutorsCount() const { return Executors ? ExecutorsCount : CpuManager.GetExecutorsCount(); diff --git a/library/cpp/actors/testlib/test_runtime.h b/library/cpp/actors/testlib/test_runtime.h index 26e3b45c98..37d7b85626 100644 --- a/library/cpp/actors/testlib/test_runtime.h +++ b/library/cpp/actors/testlib/test_runtime.h @@ -94,7 +94,7 @@ namespace NActors { TVector<TEventMailboxId> NonEmptyMailboxes; TVector<TEventMailboxId> OnlyMailboxes; std::function<bool()> CustomFinalCondition; - bool Quiet = false; + bool Quiet = false; }; struct TScheduledEventQueueItem { diff --git a/library/cpp/testing/unittest/registar.h b/library/cpp/testing/unittest/registar.h index 44517a0092..454e77a980 100644 --- a/library/cpp/testing/unittest/registar.h +++ b/library/cpp/testing/unittest/registar.h @@ -627,23 +627,23 @@ public: \ // Assert that a specific exception is thrown #define UNIT_ASSERT_EXCEPTION(A, E) UNIT_ASSERT_EXCEPTION_C(A, E, "") -#define UNIT_ASSERT_NO_EXCEPTION_RESULT_C(A, C) \ - [&] () mutable -> decltype(A) { \ - static_assert(!std::is_void_v<decltype(A)>); \ - try { return (A); } \ - catch (const ::NUnitTest::TAssertException&) { throw; } \ - catch (...) { \ - UNIT_FAIL_IMPL( \ - "exception-free assertion failed", \ - Sprintf("%s throws %s\nException message: %s", \ - #A, (::TStringBuilder() << C).data(), \ - CurrentExceptionMessage().data())); \ - return decltype(A){}; \ - } \ - }() - -#define UNIT_ASSERT_NO_EXCEPTION_RESULT(A) UNIT_ASSERT_NO_EXCEPTION_RESULT_C(A, "") - +#define UNIT_ASSERT_NO_EXCEPTION_RESULT_C(A, C) \ + [&] () mutable -> decltype(A) { \ + static_assert(!std::is_void_v<decltype(A)>); \ + try { return (A); } \ + catch (const ::NUnitTest::TAssertException&) { throw; } \ + catch (...) { \ + UNIT_FAIL_IMPL( \ + "exception-free assertion failed", \ + Sprintf("%s throws %s\nException message: %s", \ + #A, (::TStringBuilder() << C).data(), \ + CurrentExceptionMessage().data())); \ + return decltype(A){}; \ + } \ + }() + +#define UNIT_ASSERT_NO_EXCEPTION_RESULT(A) UNIT_ASSERT_NO_EXCEPTION_RESULT_C(A, "") + #define UNIT_ASSERT_NO_EXCEPTION_C(A, C) \ do { \ try { \ diff --git a/library/cpp/testing/unittest/registar_ut.cpp b/library/cpp/testing/unittest/registar_ut.cpp index 1f36d53abb..bcab099997 100644 --- a/library/cpp/testing/unittest/registar_ut.cpp +++ b/library/cpp/testing/unittest/registar_ut.cpp @@ -275,22 +275,22 @@ Y_UNIT_TEST_SUITE(TUnitTestMacroTest) { } } - std::string ThrowStr() { - if (ThrowMe) { - throw *this; - } - - return {}; - } - + std::string ThrowStr() { + if (ThrowMe) { + throw *this; + } + + return {}; + } + void AssertNoException() { UNIT_ASSERT_NO_EXCEPTION(Throw()); } - void AssertNoExceptionRet() { - const TString res = UNIT_ASSERT_NO_EXCEPTION_RESULT(ThrowStr()); - } - + void AssertNoExceptionRet() { + const TString res = UNIT_ASSERT_NO_EXCEPTION_RESULT(ThrowStr()); + } + template <class TExpectedException> void AssertException() { UNIT_ASSERT_EXCEPTION(Throw(), TExpectedException); @@ -345,7 +345,7 @@ Y_UNIT_TEST_SUITE(TUnitTestMacroTest) { Y_UNIT_TEST(NoException) { UNIT_ASSERT_TEST_FAILS(TTestException().AssertNoException()); - UNIT_ASSERT_TEST_FAILS(TTestException().AssertNoExceptionRet()); + UNIT_ASSERT_TEST_FAILS(TTestException().AssertNoExceptionRet()); UNIT_ASSERT_NO_EXCEPTION(TTestException("", false).Throw()); } diff --git a/ydb/apps/ydbd/main.cpp b/ydb/apps/ydbd/main.cpp index a938312d66..39de338bfa 100644 --- a/ydb/apps/ydbd/main.cpp +++ b/ydb/apps/ydbd/main.cpp @@ -18,7 +18,7 @@ int main(int argc, char **argv) { factories->YqAuditServiceFactory = NYq::CreateMockYqAuditServiceActor; factories->YdbCredentialProviderFactory = NKikimr::CreateYdbCredentialsProviderFactory; factories->IoContextFactory = std::make_shared<NKikimr::NPDisk::TIoContextFactoryOSS>(); - factories->SqsAuthFactory = std::make_shared<NKikimr::NSQS::TAuthFactory>(); + factories->SqsAuthFactory = std::make_shared<NKikimr::NSQS::TAuthFactory>(); return ParameterizedMain(argc, argv, std::move(factories)); } diff --git a/ydb/core/base/appdata.h b/ydb/core/base/appdata.h index c666f7468c..8f1aa5cf2f 100644 --- a/ydb/core/base/appdata.h +++ b/ydb/core/base/appdata.h @@ -54,7 +54,7 @@ namespace NDataShard { namespace NSQS { class IEventsWriterFactory; - class IAuthFactory; + class IAuthFactory; } namespace NPQ { @@ -78,11 +78,11 @@ struct TAppData { const NDataShard::IExportFactory *DataShardExportFactory = nullptr; const TFormatFactory* FormatFactory = nullptr; const NSQS::IEventsWriterFactory* SqsEventsWriterFactory = nullptr; - - NSQS::IAuthFactory* SqsAuthFactory = nullptr; - - IActor*(*FolderServiceFactory)(const NKikimrProto::NFolderService::TFolderServiceConfig&); - + + NSQS::IAuthFactory* SqsAuthFactory = nullptr; + + IActor*(*FolderServiceFactory)(const NKikimrProto::NFolderService::TFolderServiceConfig&); + const NPQ::IPersQueueMirrorReaderFactory* PersQueueMirrorReaderFactory = nullptr; NYdb::TDriver* YdbDriver = nullptr; const NPDisk::IIoContextFactory* IoContextFactory = nullptr; diff --git a/ydb/core/base/tablet_pipe.h b/ydb/core/base/tablet_pipe.h index a0420b8672..fa5d77ecdc 100644 --- a/ydb/core/base/tablet_pipe.h +++ b/ydb/core/base/tablet_pipe.h @@ -371,7 +371,7 @@ namespace NKikimr { void SendData(const TActorContext& ctx, const TActorId& clientId, IEventBase* payload, ui64 cookie = 0); void SendData(const TActorContext& ctx, const TActorId& clientId, ui32 eventType, TIntrusivePtr<TEventSerializedData> buffer, ui64 cookie = 0); void SendData(TActorId self, TActorId clientId, IEventBase* payload, ui64 cookie = 0); - void SendData(TActorId self, TActorId clientId, THolder<IEventBase>&& payload, ui64 cookie = 0); + void SendData(TActorId self, TActorId clientId, THolder<IEventBase>&& payload, ui64 cookie = 0); void SendDataWithSeqNo(TActorId self, TActorId clientId, IEventBase* payload, ui64 seqNo, ui64 cookie = 0); void SendData(TActorId self, TActorId clientId, ui32 eventType, TIntrusivePtr<TEventSerializedData> buffer, ui64 cookie = 0); diff --git a/ydb/core/driver_lib/run/factories.h b/ydb/core/driver_lib/run/factories.h index 41a45b44e0..78d337dde6 100644 --- a/ydb/core/driver_lib/run/factories.h +++ b/ydb/core/driver_lib/run/factories.h @@ -8,7 +8,7 @@ #include <ydb/core/base/grpc_service_factory.h> #include <ydb/core/ymq/actor/auth_factory.h> - + #include <ydb/library/folder_service/folder_service.h> #include <ydb/library/folder_service/proto/config.pb.h> #include <ydb/library/pdisk_io/aio.h> @@ -41,10 +41,10 @@ struct TModuleFactories { std::shared_ptr<NDataShard::IExportFactory> DataShardExportFactory; // Factory for Simple queue services implementation details std::shared_ptr<NSQS::IEventsWriterFactory> SqsEventsWriterFactory; - - IActor*(*CreateTicketParser)(const NKikimrProto::TAuthConfig&); - IActor*(*FolderServiceFactory)(const NKikimrProto::NFolderService::TFolderServiceConfig&); - + + IActor*(*CreateTicketParser)(const NKikimrProto::TAuthConfig&); + IActor*(*FolderServiceFactory)(const NKikimrProto::NFolderService::TFolderServiceConfig&); + std::function<IActor*(const NYq::NConfig::TAuditConfig& auditConfig)> YqAuditServiceFactory; NKikimr::TYdbCredentialsProviderFactory YdbCredentialProviderFactory; // Factory for grpc services @@ -55,7 +55,7 @@ struct TModuleFactories { std::shared_ptr<NPDisk::IIoContextFactory> IoContextFactory; std::function<NActors::TMon* (NActors::TMon::TConfig)> MonitoringFactory; - std::shared_ptr<NSQS::IAuthFactory> SqsAuthFactory; + std::shared_ptr<NSQS::IAuthFactory> SqsAuthFactory; ~TModuleFactories(); }; diff --git a/ydb/core/driver_lib/run/kikimr_services_initializers.cpp b/ydb/core/driver_lib/run/kikimr_services_initializers.cpp index 819c1478d1..7c72bea51c 100644 --- a/ydb/core/driver_lib/run/kikimr_services_initializers.cpp +++ b/ydb/core/driver_lib/run/kikimr_services_initializers.cpp @@ -2109,8 +2109,8 @@ void TSqsServiceInitializer::InitializeServices(NActors::TActorSystemSetup* setu TActorSetupCmd(actor, TMailboxType::HTSwap, appData->UserPoolId)); } - Factories->SqsAuthFactory->Initialize( - setup->LocalServices, *appData, Config.GetSqsConfig()); + Factories->SqsAuthFactory->Initialize( + setup->LocalServices, *appData, Config.GetSqsConfig()); } } diff --git a/ydb/core/driver_lib/run/run.cpp b/ydb/core/driver_lib/run/run.cpp index a4f74aa4e0..516e409917 100644 --- a/ydb/core/driver_lib/run/run.cpp +++ b/ydb/core/driver_lib/run/run.cpp @@ -855,14 +855,14 @@ void TKikimrRunner::InitializeAppData(const TKikimrRunConfig& runConfig) AppData->PersQueueMirrorReaderFactory = ModuleFactories ? ModuleFactories->PersQueueMirrorReaderFactory.get() : nullptr; AppData->IoContextFactory = ModuleFactories ? ModuleFactories->IoContextFactory.get() : nullptr; - AppData->SqsAuthFactory = ModuleFactories - ? ModuleFactories->SqsAuthFactory.get() - : nullptr; - - AppData->FolderServiceFactory = ModuleFactories - ? ModuleFactories->FolderServiceFactory - : nullptr; - + AppData->SqsAuthFactory = ModuleFactories + ? ModuleFactories->SqsAuthFactory.get() + : nullptr; + + AppData->FolderServiceFactory = ModuleFactories + ? ModuleFactories->FolderServiceFactory + : nullptr; + AppData->Counters = Counters; AppData->Mon = Monitoring.Get(); AppData->BusMonPage = BusMonPage.Get(); diff --git a/ydb/core/tablet/tablet_pipe_client.cpp b/ydb/core/tablet/tablet_pipe_client.cpp index 2fa35af9a0..00b0ad611a 100644 --- a/ydb/core/tablet/tablet_pipe_client.cpp +++ b/ydb/core/tablet/tablet_pipe_client.cpp @@ -694,10 +694,10 @@ namespace NTabletPipe { TActivationContext::Send(ev); } - void SendData(TActorId self, TActorId clientId, THolder<IEventBase>&& payload, ui64 cookie) { - SendData(self, clientId, payload.Release(), cookie); - } - + void SendData(TActorId self, TActorId clientId, THolder<IEventBase>&& payload, ui64 cookie) { + SendData(self, clientId, payload.Release(), cookie); + } + void SendDataWithSeqNo(TActorId self, TActorId clientId, IEventBase *payload, ui64 seqNo, ui64 cookie) { auto event = MakeHolder<TEvTabletPipe::TEvMessage>(self, THolder<IEventBase>(payload)); event->SetSeqNo(seqNo); diff --git a/ydb/core/util/make_holder_with_record.h b/ydb/core/util/make_holder_with_record.h index 82da0e8104..5a9f5b0b65 100644 --- a/ydb/core/util/make_holder_with_record.h +++ b/ydb/core/util/make_holder_with_record.h @@ -1,10 +1,10 @@ -#pragma once -#include <util/generic/ptr.h> - -/// Similar to MakeHolder, but also fills Record field of T with first argument. Useful for events. -template <class T> -[[nodiscard]] THolder<T> MakeHolderWithRecord(auto&& record, auto&& ... args) { - THolder<T> holder = MakeHolder<T>(std::forward<decltype(args)>(args)...); - holder->Record = std::forward<decltype(record)>(record); - return holder; -} +#pragma once +#include <util/generic/ptr.h> + +/// Similar to MakeHolder, but also fills Record field of T with first argument. Useful for events. +template <class T> +[[nodiscard]] THolder<T> MakeHolderWithRecord(auto&& record, auto&& ... args) { + THolder<T> holder = MakeHolder<T>(std::forward<decltype(args)>(args)...); + holder->Record = std::forward<decltype(record)>(record); + return holder; +} diff --git a/ydb/core/ymq/actor/auth_factory.cpp b/ydb/core/ymq/actor/auth_factory.cpp index f9a66cf58d..642f983e60 100644 --- a/ydb/core/ymq/actor/auth_factory.cpp +++ b/ydb/core/ymq/actor/auth_factory.cpp @@ -1,31 +1,31 @@ -#include "auth_factory.h" - -namespace NKikimr::NSQS { - -void TAuthFactory::RegisterAuthActor(TActorSystem& system, TAuthActorData&& data) -{ - IActor* const actor = CreateProxyActionActor( - *data.SQSRequest, - std::move(data.HTTPCallback), - data.EnableQueueLeader); - - system.Register(actor, NActors::TMailboxType::HTSwap, data.ExecutorPoolID); -} - -TAuthFactory::TCredentialsFactoryPtr -TAuthFactory::CreateCredentialsProviderFactory(const NKikimrConfig::TSqsConfig& config) -{ - if (!config.HasAuthConfig()) - return NYdb::CreateInsecureCredentialsProviderFactory(); - - const auto& authCfg = config.GetAuthConfig(); - - Y_VERIFY(authCfg.LocalAuthConfig_case() == TSqsConfig::TYdbAuthConfig::kOauthToken); - - const TString token = TFileInput(authCfg.GetOauthToken().GetTokenFile()).ReadAll(); - - Y_VERIFY(!token.empty()); - - return NYdb::CreateOAuthCredentialsProviderFactory(token); -} -} +#include "auth_factory.h" + +namespace NKikimr::NSQS { + +void TAuthFactory::RegisterAuthActor(TActorSystem& system, TAuthActorData&& data) +{ + IActor* const actor = CreateProxyActionActor( + *data.SQSRequest, + std::move(data.HTTPCallback), + data.EnableQueueLeader); + + system.Register(actor, NActors::TMailboxType::HTSwap, data.ExecutorPoolID); +} + +TAuthFactory::TCredentialsFactoryPtr +TAuthFactory::CreateCredentialsProviderFactory(const NKikimrConfig::TSqsConfig& config) +{ + if (!config.HasAuthConfig()) + return NYdb::CreateInsecureCredentialsProviderFactory(); + + const auto& authCfg = config.GetAuthConfig(); + + Y_VERIFY(authCfg.LocalAuthConfig_case() == TSqsConfig::TYdbAuthConfig::kOauthToken); + + const TString token = TFileInput(authCfg.GetOauthToken().GetTokenFile()).ReadAll(); + + Y_VERIFY(!token.empty()); + + return NYdb::CreateOAuthCredentialsProviderFactory(token); +} +} diff --git a/ydb/core/ymq/actor/auth_factory.h b/ydb/core/ymq/actor/auth_factory.h index 89ddc39471..61118945e4 100644 --- a/ydb/core/ymq/actor/auth_factory.h +++ b/ydb/core/ymq/actor/auth_factory.h @@ -1,85 +1,85 @@ -#pragma once - -#include "actor.h" -#include <library/cpp/actors/core/actorsystem.h> +#pragma once + +#include "actor.h" +#include <library/cpp/actors/core/actorsystem.h> #include <ydb/core/ymq/base/action.h> #include <ydb/core/ymq/base/counters.h> #include <ydb/library/http_proxy/authorization/signature.h> #include <ydb/core/base/appdata.h> #include <ydb/public/sdk/cpp/client/ydb_types/credentials/credentials.h> - -namespace NKikimr::NSQS { - -struct TAuthActorData { - // Used by both private and public API - - THolder<NKikimrClient::TSqsRequest> SQSRequest; - THolder<IReplyCallback> HTTPCallback; - - bool EnableQueueLeader; - - // Used by private API only - - EAction Action; - - ui32 ExecutorPoolID; - TStringBuf CloudID; - TStringBuf ResourceID; - - TCloudAuthCounters * Counters; //nullptr when constructed from public API - - THolder<TAwsRequestSignV4> AWSSignature; - - // Used only by private API for which AWSSignature is empty. - - TStringBuf IAMToken; - TStringBuf FolderID; -}; - -/** - * 1. Initializes and registers authorization proxy actors. - * 2. Creates a credentials provider factory which in turn - * registers a concrete authorization method (oauth/iam) - * depending on input parameters. - * - * Handles both internal (Yandex cloud, kikimr/yndx/sqs) and open + +namespace NKikimr::NSQS { + +struct TAuthActorData { + // Used by both private and public API + + THolder<NKikimrClient::TSqsRequest> SQSRequest; + THolder<IReplyCallback> HTTPCallback; + + bool EnableQueueLeader; + + // Used by private API only + + EAction Action; + + ui32 ExecutorPoolID; + TStringBuf CloudID; + TStringBuf ResourceID; + + TCloudAuthCounters * Counters; //nullptr when constructed from public API + + THolder<TAwsRequestSignV4> AWSSignature; + + // Used only by private API for which AWSSignature is empty. + + TStringBuf IAMToken; + TStringBuf FolderID; +}; + +/** + * 1. Initializes and registers authorization proxy actors. + * 2. Creates a credentials provider factory which in turn + * registers a concrete authorization method (oauth/iam) + * depending on input parameters. + * + * Handles both internal (Yandex cloud, kikimr/yndx/sqs) and open * source (ydb/core/ymq/actor) versions. - * - * @note An ICredentialsProviderFactory abstraction layer is - * unnecessary here as we could register authorization methods directly - * in IAuthFactory method. Unfortunately, ICredentialsProviderFactory - * is part of public API, so removing or changing it would take some time. - * TODO(KIKIMR-13892) - */ -class IAuthFactory { -public: - using TSqsConfig = NKikimrConfig::TSqsConfig; - using TCredentialsFactoryPtr = std::shared_ptr<NYdb::ICredentialsProviderFactory>; - - virtual void Initialize( - NActors::TActorSystemSetup::TLocalServices& services, - const TAppData& appData, - const TSqsConfig& config) = 0; - - virtual void RegisterAuthActor(NActors::TActorSystem& system, TAuthActorData&& data) = 0; - - virtual TCredentialsFactoryPtr CreateCredentialsProviderFactory(const TSqsConfig& config) = 0; - - virtual ~IAuthFactory() = default; -}; - -// Open source implementation. Supports oAuth only. -class TAuthFactory : public IAuthFactory { -public: - inline void Initialize( - NActors::TActorSystemSetup::TLocalServices&, - const TAppData&, - const TSqsConfig& config) final { - Y_VERIFY(!config.GetYandexCloudMode()); - } - - void RegisterAuthActor(NActors::TActorSystem& system, TAuthActorData&& data) final; - - TCredentialsFactoryPtr CreateCredentialsProviderFactory(const TSqsConfig& config) final; -}; -} + * + * @note An ICredentialsProviderFactory abstraction layer is + * unnecessary here as we could register authorization methods directly + * in IAuthFactory method. Unfortunately, ICredentialsProviderFactory + * is part of public API, so removing or changing it would take some time. + * TODO(KIKIMR-13892) + */ +class IAuthFactory { +public: + using TSqsConfig = NKikimrConfig::TSqsConfig; + using TCredentialsFactoryPtr = std::shared_ptr<NYdb::ICredentialsProviderFactory>; + + virtual void Initialize( + NActors::TActorSystemSetup::TLocalServices& services, + const TAppData& appData, + const TSqsConfig& config) = 0; + + virtual void RegisterAuthActor(NActors::TActorSystem& system, TAuthActorData&& data) = 0; + + virtual TCredentialsFactoryPtr CreateCredentialsProviderFactory(const TSqsConfig& config) = 0; + + virtual ~IAuthFactory() = default; +}; + +// Open source implementation. Supports oAuth only. +class TAuthFactory : public IAuthFactory { +public: + inline void Initialize( + NActors::TActorSystemSetup::TLocalServices&, + const TAppData&, + const TSqsConfig& config) final { + Y_VERIFY(!config.GetYandexCloudMode()); + } + + void RegisterAuthActor(NActors::TActorSystem& system, TAuthActorData&& data) final; + + TCredentialsFactoryPtr CreateCredentialsProviderFactory(const TSqsConfig& config) final; +}; +} diff --git a/ydb/core/ymq/actor/service.cpp b/ydb/core/ymq/actor/service.cpp index 34c9a4ae46..182cdc3777 100644 --- a/ydb/core/ymq/actor/service.cpp +++ b/ydb/core/ymq/actor/service.cpp @@ -1,6 +1,6 @@ #include "service.h" -#include "auth_factory.h" +#include "auth_factory.h" #include "cfg.h" #include "executor.h" #include "garbage_collector.h" @@ -328,8 +328,8 @@ void TSqsService::Bootstrap() { driverConfig.SetDatabase(Cfg().GetRoot()); YcSearchEventsConfig.TenantMode = true; } - - auto factory = AppData()->SqsAuthFactory; + + auto factory = AppData()->SqsAuthFactory; Y_VERIFY(factory); driverConfig.SetCredentialsProviderFactory(factory->CreateCredentialsProviderFactory(Cfg())); diff --git a/ydb/core/ymq/actor/ya.make b/ydb/core/ymq/actor/ya.make index 070653bb57..cfd3b58091 100644 --- a/ydb/core/ymq/actor/ya.make +++ b/ydb/core/ymq/actor/ya.make @@ -7,7 +7,7 @@ LIBRARY() SRCS( actor.cpp - auth_factory.cpp + auth_factory.cpp attributes_md5.cpp cfg.cpp change_visibility.cpp diff --git a/ydb/core/ymq/http/http.cpp b/ydb/core/ymq/http/http.cpp index 5d0963bfb2..7841be2577 100644 --- a/ydb/core/ymq/http/http.cpp +++ b/ydb/core/ymq/http/http.cpp @@ -548,29 +548,29 @@ bool THttpRequest::SetupRequest() { RLOG_SQS_BASE_DEBUG(*Parent_->ActorSystem_, "Create proxy action actor for request " << SecureShortUtf8DebugString(*requestHolder)); - const bool enableQueueLeader = Parent_->Config.HasEnableQueueMaster() - ? Parent_->Config.GetEnableQueueMaster() - : Parent_->Config.GetEnableQueueLeader(); + const bool enableQueueLeader = Parent_->Config.HasEnableQueueMaster() + ? Parent_->Config.GetEnableQueueMaster() + : Parent_->Config.GetEnableQueueLeader(); auto httpCallback = MakeHolder<THttpCallback>(this, *requestHolder); - - TAuthActorData data { - .SQSRequest = std::move(requestHolder), - .HTTPCallback = std::move(httpCallback), - .EnableQueueLeader = enableQueueLeader, - .Action = Action_, - .ExecutorPoolID = Parent_->PoolId_, - .CloudID = AccountName_, - .ResourceID = QueueName_, - .Counters = Parent_->CloudAuthCounters_.Get(), - .AWSSignature = std::move(AwsSignature_), - .IAMToken = IamToken_, - .FolderID = FolderId_ - }; - - AppData(Parent_->ActorSystem_)->SqsAuthFactory->RegisterAuthActor( - *Parent_->ActorSystem_, - std::move(data)); + + TAuthActorData data { + .SQSRequest = std::move(requestHolder), + .HTTPCallback = std::move(httpCallback), + .EnableQueueLeader = enableQueueLeader, + .Action = Action_, + .ExecutorPoolID = Parent_->PoolId_, + .CloudID = AccountName_, + .ResourceID = QueueName_, + .Counters = Parent_->CloudAuthCounters_.Get(), + .AWSSignature = std::move(AwsSignature_), + .IAMToken = IamToken_, + .FolderID = FolderId_ + }; + + AppData(Parent_->ActorSystem_)->SqsAuthFactory->RegisterAuthActor( + *Parent_->ActorSystem_, + std::move(data)); return true; } diff --git a/ydb/public/sdk/cpp/client/ydb_types/credentials/credentials.h b/ydb/public/sdk/cpp/client/ydb_types/credentials/credentials.h index 75b86933ce..8952d4f2af 100644 --- a/ydb/public/sdk/cpp/client/ydb_types/credentials/credentials.h +++ b/ydb/public/sdk/cpp/client/ydb_types/credentials/credentials.h @@ -13,13 +13,13 @@ public: virtual bool IsValid() const = 0; }; -using TCredentialsProviderPtr = std::shared_ptr<ICredentialsProvider>; - +using TCredentialsProviderPtr = std::shared_ptr<ICredentialsProvider>; + class ICoreFacility; class ICredentialsProviderFactory { public: virtual ~ICredentialsProviderFactory() = default; - virtual TCredentialsProviderPtr CreateProvider() const = 0; + virtual TCredentialsProviderPtr CreateProvider() const = 0; // !!!Experimental!!! virtual TCredentialsProviderPtr CreateProvider(std::weak_ptr<ICoreFacility> facility) const { Y_UNUSED(facility); @@ -28,8 +28,8 @@ public: virtual TStringType GetClientIdentity() const = 0; }; -using TCredentialsProviderFactoryPtr = std::shared_ptr<ICredentialsProviderFactory>; - +using TCredentialsProviderFactoryPtr = std::shared_ptr<ICredentialsProviderFactory>; + std::shared_ptr<ICredentialsProviderFactory> CreateInsecureCredentialsProviderFactory(); std::shared_ptr<ICredentialsProviderFactory> CreateOAuthCredentialsProviderFactory(const TStringType& token); |