3ac5a841ec
This is a collection of refactors that make upcoming PRs easier to digest. The main change is the introduction of the authmethod.Identity struct. In the one and only current auth method (type=kubernetes) all of the trusted identity attributes are both selectable and projectable, so they were just passed around as a map[string]string. When namespaces were added, this was slightly changed so that the enterprise metadata can also come back from the login operation, so login now returned two fields. Now with some upcoming auth methods it won't be true that all identity attributes will be both selectable and projectable, so rather than update the login function to return 3 pieces of data it seemed worth it to wrap those fields up and give them a proper name.
39 lines
726 B
Go
39 lines
726 B
Go
// +build !consulent
|
|
|
|
package authmethod
|
|
|
|
import (
|
|
"sync"
|
|
|
|
"github.com/hashicorp/consul/agent/structs"
|
|
)
|
|
|
|
type syncCache struct {
|
|
lock sync.RWMutex
|
|
cache authMethodCache
|
|
}
|
|
|
|
func NewCache() Cache {
|
|
c := &syncCache{}
|
|
c.cache.init()
|
|
return c
|
|
}
|
|
|
|
func (c *syncCache) GetValidator(method *structs.ACLAuthMethod) (uint64, Validator, bool) {
|
|
c.lock.RLock()
|
|
defer c.lock.RUnlock()
|
|
return c.cache.GetValidator(method)
|
|
}
|
|
|
|
func (c *syncCache) PutValidatorIfNewer(method *structs.ACLAuthMethod, validator Validator, idx uint64) Validator {
|
|
c.lock.Lock()
|
|
defer c.lock.Unlock()
|
|
return c.cache.PutValidatorIfNewer(method, validator, idx)
|
|
}
|
|
|
|
func (c *syncCache) Purge() {
|
|
c.lock.Lock()
|
|
defer c.lock.Unlock()
|
|
c.cache.Purge()
|
|
}
|