acls: Show `AuthMethodNamespace` when reading/listing ACL token meta (#10598)

.changelog/10598.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+acls: Show AuthMethodNamespace when reading/listing ACL tokens
+```

agent/structs/acl.go

@@ -572,6 +572,7 @@ type ACLTokenListStub struct {
 	ModifyIndex       uint64
 	Legacy            bool `json:",omitempty"`
 	EnterpriseMeta
+	ACLAuthMethodEnterpriseMeta
 }
 
 type ACLTokenListStubs []*ACLTokenListStub
@@ -594,6 +595,7 @@ func (token *ACLToken) Stub() *ACLTokenListStub {
 		ModifyIndex:                 token.ModifyIndex,
 		Legacy:                      token.Rules != "",
 		EnterpriseMeta:              token.EnterpriseMeta,
+		ACLAuthMethodEnterpriseMeta: token.ACLAuthMethodEnterpriseMeta,
 	}
 }
 

api/acl.go

@@ -52,6 +52,10 @@ type ACLToken struct {
 	// Namespace is the namespace the ACLToken is associated with.
 	// Namespaces are a Consul Enterprise feature.
 	Namespace string `json:",omitempty"`
+
+	// AuthMethodNamespace is the namespace the token's AuthMethod is associated with.
+	// Namespacing is a Consul Enterprise feature.
+	AuthMethodNamespace string `json:",omitempty"`
 }
 
 type ACLTokenListEntry struct {
@@ -74,6 +78,10 @@ type ACLTokenListEntry struct {
 	// Namespace is the namespace the ACLTokenListEntry is associated with.
 	// Namespacing is a Consul Enterprise feature.
 	Namespace string `json:",omitempty"`
+
+	// AuthMethodNamespace is the namespace the token's AuthMethod is associated with.
+	// Namespacing is a Consul Enterprise feature.
+	AuthMethodNamespace string `json:",omitempty"`
 }
 
 // ACLEntry is used to represent a legacy ACL token

command/acl/token/formatter.go

@@ -58,7 +58,7 @@ func (f *prettyFormatter) FormatToken(token *api.ACLToken) (string, error) {
 	buffer.WriteString(fmt.Sprintf("Description:      %s\n", token.Description))
 	buffer.WriteString(fmt.Sprintf("Local:            %t\n", token.Local))
 	if token.AuthMethod != "" {
-		buffer.WriteString(fmt.Sprintf("Auth Method:      %s\n", token.AuthMethod))
+		buffer.WriteString(fmt.Sprintf("Auth Method:      %s (Namespace: %s)\n", token.AuthMethod, token.AuthMethodNamespace))
 	}
 	buffer.WriteString(fmt.Sprintf("Create Time:      %v\n", token.CreateTime))
 	if token.ExpirationTime != nil && !token.ExpirationTime.IsZero() {
@@ -132,7 +132,7 @@ func (f *prettyFormatter) formatTokenListEntry(token *api.ACLTokenListEntry) str
 	buffer.WriteString(fmt.Sprintf("Description:      %s\n", token.Description))
 	buffer.WriteString(fmt.Sprintf("Local:            %t\n", token.Local))
 	if token.AuthMethod != "" {
-		buffer.WriteString(fmt.Sprintf("Auth Method:      %s\n", token.AuthMethod))
+		buffer.WriteString(fmt.Sprintf("Auth Method:      %s (Namespace: %s)\n", token.AuthMethod, token.AuthMethodNamespace))
 	}
 	buffer.WriteString(fmt.Sprintf("Create Time:      %v\n", token.CreateTime))
 	if token.ExpirationTime != nil && !token.ExpirationTime.IsZero() {

command/acl/token/formatter_test.go

@@ -72,6 +72,7 @@ func TestFormatToken(t *testing.T) {
 				Description:         "test token",
 				Local:               false,
 				AuthMethod:          "bar",
+				AuthMethodNamespace: "baz",
 				CreateTime:          time.Date(2020, 5, 22, 18, 52, 31, 0, time.UTC),
 				ExpirationTime:      timeRef(time.Date(2020, 5, 22, 19, 52, 31, 0, time.UTC)),
 				Hash:                []byte{'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h'},
@@ -184,6 +185,7 @@ func TestFormatTokenList(t *testing.T) {
 					Description:         "test token",
 					Local:               false,
 					AuthMethod:          "bar",
+					AuthMethodNamespace: "baz",
 					CreateTime:          time.Date(2020, 5, 22, 18, 52, 31, 0, time.UTC),
 					ExpirationTime:      timeRef(time.Date(2020, 5, 22, 19, 52, 31, 0, time.UTC)),
 					Hash:                []byte{'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h'},

command/acl/token/testdata/FormatToken/complex.json.golden

@@ -43,5 +43,6 @@
     "ExpirationTime": "2020-05-22T19:52:31Z",
     "CreateTime": "2020-05-22T18:52:31Z",
     "Hash": "YWJjZGVmZ2g=",
-    "Namespace": "foo"
+    "Namespace": "foo",
+    "AuthMethodNamespace": "baz"
 }

command/acl/token/testdata/FormatToken/complex.pretty-meta.golden

@@ -3,7 +3,7 @@ SecretID:         869c6e91-4de9-4dab-b56e-87548435f9c6
 Namespace:        foo
 Description:      test token
 Local:            false
-Auth Method:      bar
+Auth Method:      bar (Namespace: baz)
 Create Time:      2020-05-22 18:52:31 +0000 UTC
 Expiration Time:  2020-05-22 19:52:31 +0000 UTC
 Hash:             6162636465666768

command/acl/token/testdata/FormatToken/complex.pretty.golden

@@ -3,7 +3,7 @@ SecretID:         869c6e91-4de9-4dab-b56e-87548435f9c6
 Namespace:        foo
 Description:      test token
 Local:            false
-Auth Method:      bar
+Auth Method:      bar (Namespace: baz)
 Create Time:      2020-05-22 18:52:31 +0000 UTC
 Expiration Time:  2020-05-22 19:52:31 +0000 UTC
 Policies:

command/acl/token/testdata/FormatTokenList/complex.json.golden

@@ -45,6 +45,7 @@
         "CreateTime": "2020-05-22T18:52:31Z",
         "Hash": "YWJjZGVmZ2g=",
         "Legacy": false,
-        "Namespace": "foo"
+        "Namespace": "foo",
+        "AuthMethodNamespace": "baz"
     }
 ]

command/acl/token/testdata/FormatTokenList/complex.pretty-meta.golden

@@ -3,7 +3,7 @@ SecretID:         257ade69-748c-4022-bafd-76d27d9143f8
 Namespace:        foo
 Description:      test token
 Local:            false
-Auth Method:      bar
+Auth Method:      bar (Namespace: baz)
 Create Time:      2020-05-22 18:52:31 +0000 UTC
 Expiration Time:  2020-05-22 19:52:31 +0000 UTC
 Legacy:           false

command/acl/token/testdata/FormatTokenList/complex.pretty.golden

@@ -3,7 +3,7 @@ SecretID:         257ade69-748c-4022-bafd-76d27d9143f8
 Namespace:        foo
 Description:      test token
 Local:            false
-Auth Method:      bar
+Auth Method:      bar (Namespace: baz)
 Create Time:      2020-05-22 18:52:31 +0000 UTC
 Expiration Time:  2020-05-22 19:52:31 +0000 UTC
 Legacy:           false