diff options
| -rw-r--r-- | src/rabbit_direct.erl | 53 | ||||
| -rw-r--r-- | test/rabbit_dummy_protocol_connection_info.erl | 28 | ||||
| -rw-r--r-- | test/unit_SUITE.erl | 21 |
3 files changed, 96 insertions, 6 deletions
diff --git a/src/rabbit_direct.erl b/src/rabbit_direct.erl index 19fc828a52..5873d88b5f 100644 --- a/src/rabbit_direct.erl +++ b/src/rabbit_direct.erl @@ -21,6 +21,9 @@ %% Internal -export([list_local/0]). +%% For testing only +-export([extract_extra_auth_props/4]). + -include("rabbit.hrl"). %%---------------------------------------------------------------------------- @@ -65,21 +68,22 @@ list() -> %%---------------------------------------------------------------------------- -auth_fun({none, _}, _VHost) -> +auth_fun({none, _}, _VHost, _ExtraAuthProps) -> fun () -> {ok, rabbit_auth_backend_dummy:user()} end; -auth_fun({Username, none}, _VHost) -> +auth_fun({Username, none}, _VHost, _ExtraAuthProps) -> fun () -> rabbit_access_control:check_user_login(Username, []) end; -auth_fun({Username, Password}, VHost) -> +auth_fun({Username, Password}, VHost, ExtraAuthProps) -> fun () -> rabbit_access_control:check_user_login( Username, - [{password, Password}, {vhost, VHost}]) + [{password, Password}, {vhost, VHost}] ++ ExtraAuthProps) end. connect(Creds, VHost, Protocol, Pid, Infos) -> - AuthFun = auth_fun(Creds, VHost), + ExtraAuthProps = extract_extra_auth_props(Creds, VHost, Pid, Infos), + AuthFun = auth_fun(Creds, VHost, ExtraAuthProps), case rabbit:is_running() of true -> case is_over_connection_limit(VHost, Creds, Pid) of @@ -101,6 +105,45 @@ connect(Creds, VHost, Protocol, Pid, Infos) -> false -> {error, broker_not_found_on_node} end. +extract_extra_auth_props(Creds, VHost, Pid, Infos) -> + case extract_protocol(Infos) of + undefined -> + []; + Protocol -> + maybe_call_connection_info_module(Protocol, Creds, VHost, Pid, Infos) + end. + +extract_protocol(Infos) -> + case proplists:get_value(protocol, Infos, undefined) of + {Protocol, _Version} -> + Protocol; + _ -> + undefined + end. + +maybe_call_connection_info_module(Protocol, Creds, VHost, Pid, Infos) -> + Module = rabbit_data_coercion:to_atom(string:to_lower( + "rabbit_" ++ rabbit_data_coercion:to_list(Protocol) ++ "_connection_info") + ), + case code:get_object_code(Module) of + {_Module, _Binary, _Filename} -> + try + Module:additional_authn_params(Creds, VHost, Pid, Infos) + catch + throw:Reason -> + rabbit_log:warning("Calling ~p failed:~p~n", [Module, Reason]), + []; + error:Reason -> + rabbit_log:warning("Calling ~p failed:~p~n", [Module, Reason]), + [] + end; + error -> + []; + _ -> + [] + end. + + is_over_connection_limit(VHost, {Username, _Password}, Pid) -> PrintedUsername = case Username of none -> ""; diff --git a/test/rabbit_dummy_protocol_connection_info.erl b/test/rabbit_dummy_protocol_connection_info.erl new file mode 100644 index 0000000000..3da963e057 --- /dev/null +++ b/test/rabbit_dummy_protocol_connection_info.erl @@ -0,0 +1,28 @@ +%% The contents of this file are subject to the Mozilla Public License +%% Version 1.1 (the "License"); you may not use this file except in +%% compliance with the License. You may obtain a copy of the License at +%% http://www.mozilla.org/MPL/ +%% +%% Software distributed under the License is distributed on an "AS IS" +%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the +%% License for the specific language governing rights and limitations +%% under the License. +%% +%% The Original Code is RabbitMQ. +%% +%% The Initial Developer of the Original Code is GoPivotal, Inc. +%% Copyright (c) 2017 Pivotal Software, Inc. All rights reserved. +%% + +%% Dummy module to test rabbit_direct:extract_extra_auth_props + +-module(rabbit_dummy_protocol_connection_info). + +%% API +-export([additional_authn_params/4]). + +additional_authn_params(_Creds, _VHost, Pid, _Infos) -> + case Pid of + -1 -> throw(error); + _ -> [{client_id, <<"DummyClientId">>}] + end. diff --git a/test/unit_SUITE.erl b/test/unit_SUITE.erl index 3e92158595..b4813fe801 100644 --- a/test/unit_SUITE.erl +++ b/test/unit_SUITE.erl @@ -49,6 +49,7 @@ groups() -> pmerge, plmerge, priority_queue, + rabbit_direct_extract_extra_auth_props, {resource_monitor, [parallel], [ parse_information_unit ]}, @@ -464,7 +465,25 @@ rabbitmqctl_encode_encrypt_decrypt(Secret) -> ) . - +rabbit_direct_extract_extra_auth_props(_Config) -> + % no protocol to extract + [] = rabbit_direct:extract_extra_auth_props( + {<<"guest">>, <<"guest">>}, <<"/">>, 1, + [{name,<<"127.0.0.1:52366 -> 127.0.0.1:1883">>}]), + % protocol to extract, but no module to call + [] = rabbit_direct:extract_extra_auth_props( + {<<"guest">>, <<"guest">>}, <<"/">>, 1, + [{protocol, {'PROTOCOL_WITHOUT_MODULE', "1.0"}}]), + % see rabbit_dummy_protocol_connection_info module + % protocol to extract, module that returns a client ID + [{client_id, <<"DummyClientId">>}] = rabbit_direct:extract_extra_auth_props( + {<<"guest">>, <<"guest">>}, <<"/">>, 1, + [{protocol, {'DUMMY_PROTOCOL', "1.0"}}]), + % protocol to extract, but error thrown in module + [] = rabbit_direct:extract_extra_auth_props( + {<<"guest">>, <<"guest">>}, <<"/">>, -1, + [{protocol, {'DUMMY_PROTOCOL', "1.0"}}]), + ok. %% ------------------------------------------------------------------- %% pg_local. |