feat: configure http auth plugin (#148)

Fetch API token through environment variable for http auth plugins
VolantMQ · Jan 24, 2020 · 40cfa97 · 40cfa97
1 parent e14fb8a
commit 40cfa97
Show file tree

Hide file tree

Showing 6 changed files with 60 additions and 26 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -66,6 +66,14 @@ RUN \
     && cd plugin \
     && go build $VOLANTMQ_BUILD_FLAGS -buildmode=plugin -ldflags "-X main.version=$(print_version.sh)" -o $VOLANTMQ_WORK_DIR/plugins/persistence_bbolt.so
 
+#build auth plugins
+RUN \
+       GO111MODULE=off go get gitlab.com/VolantMQ/vlplugin/auth/http \
+    && cd $GOPATH/src/gitlab.com/VolantMQ/vlplugin/auth/http \
+    && GO111MODULE=on go mod tidy \
+    && go build $VOLANTMQ_BUILD_FLAGS -buildmode=plugin -ldflags "-X main.version=$(print_version.sh)" -o $VOLANTMQ_WORK_DIR/plugins/auth_http.so
+
+
 FROM alpine
 ENV \
     VOLANTMQ_WORK_DIR=/usr/lib/volantmq

diff --git a/cmd/volantmq/main.go b/cmd/volantmq/main.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"crypto/sha256"
 	"errors"
+	"fmt"
 	"io/ioutil"
 	"net/http"
 	"os"
@@ -300,6 +301,20 @@ func (ctx *appContext) loadAuth(cfg *configuration.Config) (*auth.Manager, error
 			var authPlugins pluginType
 			if authPlugins, ok = ctx.plugins.acquired["auth"]; ok {
 				if pl, kk := authPlugins[backend]; kk {
+					// check if there is environment variable with API token for this particular plugin
+					if backend == "http" {
+						varName := fmt.Sprintf("VOLANTMQ_PLUGIN_AUTH_%s_TOKEN", strings.ToUpper(name))
+						var val string
+						val, ok = os.LookupEnv(varName)
+						if ok {
+							var injCfg map[string]interface{}
+							if injCfg, ok = config.(map[string]interface{}); ok {
+								injCfg["apiToken"] = val
+							} else {
+								logger.Errorf("cannot inject \"apiToken\" field into config of plugins.config.auth[%d]", idx)
+							}
+						}
+					}
 					var plObject interface{}
 					if plObject, err = ctx.configurePlugin(pl, config); err != nil {
 						logger.Fatalf(err.Error())

diff --git a/examples/config.yaml b/examples/config.yaml
@@ -7,11 +7,12 @@ system:
     defaultPort: 8080
 plugins:
   enabled:
-  - debug
-  - health
-  - systree
-  - prometheus
-  - persistence_bbolt
+    - debug
+    - health
+    - systree
+    - prometheus
+    - persistence_bbolt
+    - auth_http
   config:
     monitoring:
       - backend: systree
@@ -45,36 +46,42 @@ plugins:
         config:
           users:
             testuser: "9f735e0df9a1ddc702bf0a1a7b83033f9f7153a00c29de82cedadc9957289b05" # password must be sha-256 hashed
+      - name: http1
+        backend: http
+        config:
+          path:
+            user: http://localhost:6062/user
+            resource: http://localhost:6062/resource
 auth:
   anonymous: true
   order:
     - internal
 mqtt:
   version:
-  - v3.1.1
-  - v5.0
+    - v3.1.1
+    - v5.0
   keepAlive:
     period: 60               # KeepAlive The number of seconds to keep the connection live if there's no data.
-                             # Default is 60 seconds
+    # Default is 60 seconds
     force: false             # Force connection to use server keep alive interval (MQTT 5.0 only)
-                             # Default is false
+    # Default is false
   systree:
     enabled: true            # Either systree available or not
-                             # Default is false
+    # Default is false
     updateInterval: 10       # Systree update interval
-                             # Default is 10 seconds
+    # Default is 10 seconds
   options:
     connectTimeout: 5        # The number of seconds to wait for the CONNECT message before disconnecting.
-                             # If not set then default to 2 seconds.
+    # If not set then default to 2 seconds.
     offlineQoS0: true        # OfflineQoS0 tell server to either persist (true) or ignore (false) QoS 0 messages for non-clean sessions
-                             # If not set than default is false
+    # If not set than default is false
     sessionPreempt: true     # Either allow or deny replacing of existing session if there new client with same clientID
-                             # If not set than default is false
+    # If not set than default is false
     retainAvailable: true    # don't set to use default
     subsOverlap: true        # tells server how to handle overlapping subscriptions from within one client
-                             # if true server will send only one publish with max subscribed QoS even there are n subscriptions
-                             # if false server will send as many publishes as amount of subscriptions matching publish topic exists
-                             # Default is false
+      # if true server will send only one publish with max subscribed QoS even there are n subscriptions
+      # if false server will send as many publishes as amount of subscriptions matching publish topic exists
+    # Default is false
     subsId: true             # don't set to use default
     subsShared: false        # don't set to use default
     subsWildcard: true       # don't set to use default

diff --git a/go.mod b/go.mod
@@ -3,8 +3,7 @@ module github.com/VolantMQ/volantmq
 go 1.13
 
 require (
-	github.com/JoshuaDoes/govvv v0.2.0 // indirect
-	github.com/VolantMQ/vlapi v0.5.3
+	github.com/VolantMQ/vlapi v0.5.4
 	github.com/gobwas/httphead v0.0.0-20180130184737-2c6c146eadee // indirect
 	github.com/gobwas/pool v0.2.0 // indirect
 	github.com/gobwas/ws v1.0.2
@@ -15,5 +14,5 @@ require (
 	gitlab.com/VolantMQ/vlplugin/persistence/mem v0.0.4
 	go.uber.org/zap v1.12.0
 	golang.org/x/crypto v0.0.0-20190927123631-a832865fa7ad // indirect
-	gopkg.in/yaml.v3 v3.0.0-20190905181640-827449938966
+	gopkg.in/yaml.v3 v3.0.0-20200121175148-a6ecf24a6d71
 )
diff --git a/go.sum b/go.sum
@@ -2,13 +2,11 @@ github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/DATA-DOG/go-sqlmock v1.3.0 h1:ljjRxlddjfChBJdFKJs5LuCwCWPLaC1UZLwAo3PBBMk=
 github.com/DATA-DOG/go-sqlmock v1.3.0/go.mod h1:f/Ixk793poVmq4qj/V1dPUg2JEAKC73Q5eFN3EC/SaM=
-github.com/JoshuaDoes/govvv v0.2.0 h1:u+qo017RcuCrr/iySR6TsNH0bhBRyON6M2r0de84qrs=
-github.com/JoshuaDoes/govvv v0.2.0/go.mod h1:tBZgi/9oVjVtuxuI4SAkrS9CjYHM3AQN0xMQToqSZt4=
 github.com/VividCortex/ewma v1.1.1 h1:MnEK4VOv6n0RSY4vtRe3h11qjxL3+t0B8yOL8iMXdcM=
 github.com/VividCortex/ewma v1.1.1/go.mod h1:2Tkkvm3sRDVXaiyucHiACn4cqf7DpdyLvmxzcbUokwA=
 github.com/VolantMQ/vlapi v0.4.5/go.mod h1:zdKe6wsscI+wbH3KcaGaO9Hbkqh8UTzir2Tegho7n/o=
-github.com/VolantMQ/vlapi v0.5.3 h1:4huWeBSCpGqaz7Yg27/W+GANMT4U/II+Aca3pslutZQ=
-github.com/VolantMQ/vlapi v0.5.3/go.mod h1:xIua5iILFp/FUV8RWyhhkKIdzy0xMJtsQfSHDM9Spuw=
+github.com/VolantMQ/vlapi v0.5.4 h1:w1RF8uZsBgJC0NOZF+J82MJG22hV0qIfQ5vhoYAyaz0=
+github.com/VolantMQ/vlapi v0.5.4/go.mod h1:xIua5iILFp/FUV8RWyhhkKIdzy0xMJtsQfSHDM9Spuw=
 github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
@@ -155,7 +153,7 @@ gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
 gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v3 v3.0.0-20190905181640-827449938966 h1:B0J02caTR6tpSJozBJyiAzT6CtBzjclw4pgm9gg8Ys0=
-gopkg.in/yaml.v3 v3.0.0-20190905181640-827449938966/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.0-20200121175148-a6ecf24a6d71 h1:Xe2gvTZUJpsvOWUnvmL/tmhVBZUmHSvLbMjRj6NUUKo=
+gopkg.in/yaml.v3 v3.0.0-20200121175148-a6ecf24a6d71/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 honnef.co/go/tools v0.0.1-2019.2.3 h1:3JgtbtFHMiCmsznwGVTUWbgGov+pVqnlf1dEJTNAXeM=
 honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
diff --git a/local.Dockerfile b/local.Dockerfile
@@ -67,6 +67,13 @@ RUN \
     && cd plugin \
     && go build $VOLANTMQ_BUILD_FLAGS -buildmode=plugin -ldflags "-X main.version=$(print_version.sh)" -o $VOLANTMQ_WORK_DIR/plugins/persistence_bbolt.so
 
+#build auth plugins
+RUN \
+       GO111MODULE=off go get gitlab.com/VolantMQ/vlplugin/auth/http \
+    && cd $GOPATH/src/gitlab.com/VolantMQ/vlplugin/auth/http \
+    && GO111MODULE=on go mod tidy \
+    && go build $VOLANTMQ_BUILD_FLAGS -buildmode=plugin -ldflags "-X main.version=$(print_version.sh)" -o $VOLANTMQ_WORK_DIR/plugins/auth_http.so
+
 FROM alpine
 ENV \
     VOLANTMQ_WORK_DIR=/usr/lib/volantmq