oss changes (#16407)
This commit is contained in:
parent
5062502756
commit
77ca499c6e
|
@ -1209,7 +1209,7 @@ func (i *IdentityStore) CreateOrFetchEntity(ctx context.Context, alias *logical.
|
|||
// Update MemDB and persist entity object
|
||||
err = i.upsertEntityInTxn(ctx, txn, entity, nil, true)
|
||||
if err != nil {
|
||||
return nil, false, err
|
||||
return entity, entityCreated, err
|
||||
}
|
||||
|
||||
txn.Commit()
|
||||
|
|
|
@ -1454,15 +1454,20 @@ func (c *Core) handleLoginRequest(ctx context.Context, req *logical.Request) (re
|
|||
if err != nil {
|
||||
switch auth.Alias.Local {
|
||||
case true:
|
||||
entity, err = possiblyForwardEntityCreation(ctx, c, err, auth, entity)
|
||||
if err != nil && strings.Contains(err.Error(), errCreateEntityUnimplemented) {
|
||||
// Only create a new entity if the error was a readonly error and the creation flag is true
|
||||
// i.e the entity was in the middle of being created
|
||||
if entityCreated && errors.Is(err, logical.ErrReadOnly) {
|
||||
entity, err = possiblyForwardEntityCreation(ctx, c, err, auth, nil)
|
||||
if err != nil {
|
||||
if strings.Contains(err.Error(), errCreateEntityUnimplemented) {
|
||||
resp.AddWarning("primary cluster doesn't yet issue entities for local auth mounts; falling back to not issuing entities for local auth mounts")
|
||||
goto CREATE_TOKEN
|
||||
} else {
|
||||
return nil, nil, err
|
||||
}
|
||||
// If the entity creation via forwarding was successful, update the bool flag
|
||||
if entity != nil && err == nil {
|
||||
entityCreated = true
|
||||
}
|
||||
}
|
||||
err = updateLocalAlias(ctx, c, auth, entity)
|
||||
default:
|
||||
entity, entityCreated, err = possiblyForwardAliasCreation(ctx, c, err, auth, entity)
|
||||
}
|
||||
|
|
|
@ -60,6 +60,10 @@ func possiblyForwardEntityCreation(ctx context.Context, c *Core, inErr error, au
|
|||
return entity, inErr
|
||||
}
|
||||
|
||||
func updateLocalAlias(ctx context.Context, c *Core, auth *logical.Auth, entity *identity.Entity) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func possiblyForwardSaveCachedAuthResponse(ctx context.Context, c *Core, respAuth *MFACachedAuthResponse) error {
|
||||
err := c.SaveMFAResponseAuth(respAuth)
|
||||
if err != nil {
|
||||
|
|
Loading…
Reference in New Issue