From 0ff5a53b71137e0eadecd849655cbd8b1862bc2b Mon Sep 17 00:00:00 2001 From: Sam Batschelet Date: Sat, 17 Jun 2017 11:37:15 -0400 Subject: [PATCH] Add token based authentication via grpc-gateway with tests. Fixes GH #18 --- lib/Net/Etcd/Auth.pm | 29 +++++++++++++++-------------- lib/Net/Etcd/Auth/Role.pm | 2 +- lib/Net/Etcd/Role/Actions.pm | 11 ++--------- t/auth.t | 26 ++++++++++++++++++++++++++ 4 files changed, 44 insertions(+), 24 deletions(-) diff --git a/lib/Net/Etcd/Auth.pm b/lib/Net/Etcd/Auth.pm index 8b1b9a5..04c2a41 100644 --- a/lib/Net/Etcd/Auth.pm +++ b/lib/Net/Etcd/Auth.pm @@ -9,6 +9,7 @@ use warnings; =cut use Moo; +use JSON; use Carp; use Types::Standard qw(Str Int Bool HashRef ArrayRef); use Net::Etcd::Auth::Role; @@ -70,9 +71,9 @@ has name => ( sub _build_name { my ($self) = @_; - my $user = $self->etcd->name; - return $user if $user; - return; + my $user = $self->etcd->name; + return $user if $user; + return; } =head2 password @@ -87,18 +88,18 @@ has password => ( sub _build_password { my ($self) = @_; - my $pwd = $self->etcd->password; - return $pwd if $pwd; - return; + my $pwd = $self->etcd->password; + return $pwd if $pwd; + return; } =head1 PUBLIC METHODS =head2 authenticate -Enable authentication, this requires name and password. +Returns token with valid authentication. - $etcd->auth({ name => $user, password => $pass })->authenticate; + my $token = $etcd->auth({ name => $user, password => $pass })->authenticate; =cut @@ -107,12 +108,12 @@ sub authenticate { $self->{endpoint} = '/auth/authenticate'; $self->{headers}{'Content-Type'} = 'application/json'; return unless ($self->password && $self->name); -# $self->password; -# $self->name; -#print STDERR Dumper($self); -$self->request; - - return $self; + $self->request; + my $auth = from_json($self->{response}{content}); + if ($auth && defined $auth->{token}) { + return $auth->{token}; + } + return; } =head2 enable diff --git a/lib/Net/Etcd/Auth/Role.pm b/lib/Net/Etcd/Auth/Role.pm index d956343..2b06a3a 100644 --- a/lib/Net/Etcd/Auth/Role.pm +++ b/lib/Net/Etcd/Auth/Role.pm @@ -80,7 +80,7 @@ Delete role sub delete { my ($self) = @_; - confess 'name required for ' . __PACKAGE__ . '->delete' + confess 'role required for ' . __PACKAGE__ . '->delete' unless $self->{role}; $self->{endpoint} = '/auth/role/delete'; $self->request; diff --git a/lib/Net/Etcd/Role/Actions.pm b/lib/Net/Etcd/Role/Actions.pm index 6ca71b6..6378040 100644 --- a/lib/Net/Etcd/Role/Actions.pm +++ b/lib/Net/Etcd/Role/Actions.pm @@ -89,15 +89,9 @@ has headers => ( is => 'lazy' ); sub _build_headers { my ($self) = @_; my $headers; - my $auth = $self->etcd->auth->authenticate; -# print STDERR Dumper($auth->authenticate); - my $auth_token; - $auth_token = $auth->token if $auth; - -print STDERR "Auth token " . $auth_token if $auth_token; - + my $token = $self->etcd->auth->authenticate; $headers->{'Content-Type'} = 'application/json'; - $headers->{'Authorization'} = $auth_token if $auth_token; + $headers->{'Authorization'} = $token if $token; return $headers; } =head2 hold @@ -128,7 +122,6 @@ sub _build_request { my $cv = $self->cv ? $self->cv : AE::cv; $cv->begin; - print STDERR Dumper($self->headers); http_request( 'POST', $self->etcd->api_path . $self->{endpoint}, diff --git a/t/auth.t b/t/auth.t index 553fbef..3e56d29 100644 --- a/t/auth.t +++ b/t/auth.t @@ -77,4 +77,30 @@ lives_ok( "disable auth" ); + +cmp_ok( $role->{response}{success}, '==', 1, "revoke role success" ); + +# cleanup role +lives_ok( sub { $role = $etcd->role( { role => 'root' } )->delete; + }, + "delete role" ); + +#print STDERR Dumper($role); + +cmp_ok( $role->{response}{success}, '==', 1, "delete role success" ); + + +# remove user +lives_ok( + sub { + $user = + $etcd->user( { name => 'root' })->delete; + }, + "delete user" +); + +#print STDERR Dumper($user); + +cmp_ok( $user->{response}{success}, '==', 1, "delete user success" ); + 1;