rust/neon
1
0
Fork 0
mirror of https://github.com/neondatabase/neon.git synced 2026-01-15 01:12:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

small tweaks

Browse Source
This commit is contained in:
Conrad Ludgate
2024-09-18 14:37:18 +01:00
parent 8e7d2aab76
commit 4bc2686dee
4 changed files with 23 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
proxy/src/auth/backend.rs
View File

@@ -171,8 +171,6 @@ impl ComputeUserInfo {
}
pub(crate) enum ComputeCredentialKeys {
#[expect(dead_code, reason = "WIP")]
Jwt(String),
#[cfg(any(test, feature = "testing"))]
Password(Vec<u8>),
AuthKeys(AuthKeys),

1
proxy/src/console/provider.rs
View File

@@ -309,7 +309,6 @@ impl NodeInfo {
#[cfg(any(test, feature = "testing"))]
ComputeCredentialKeys::Password(password) => self.config.password(password),
ComputeCredentialKeys::AuthKeys(auth_keys) => self.config.auth_keys(*auth_keys),
ComputeCredentialKeys::Jwt(_) => panic!("unsupported keys"),
ComputeCredentialKeys::None => &mut self.config,
};
}

26
proxy/src/serverless/backend.rs
View File

@@ -112,7 +112,7 @@ impl PoolingBackend {
config: &AuthenticationConfig,
user_info: &ComputeUserInfo,
jwt: String,
) -> Result<ComputeCredentials, AuthError> {
) -> Result<(), AuthError> {
match &self.config.auth_backend {
crate::auth::Backend::Console(console, ()) => {
config
@@ -126,10 +126,8 @@ impl PoolingBackend {
)
.await
.map_err(|e| AuthError::auth_failed(e.to_string()))?;
Ok(ComputeCredentials {
info: user_info.clone(),
keys: crate::auth::backend::ComputeCredentialKeys::Jwt(jwt),
})
Ok(())
}
crate::auth::Backend::Web(_, ()) => Err(AuthError::auth_failed(
"JWT login over web auth proxy is not supported",
@@ -146,11 +144,9 @@ impl PoolingBackend {
)
.await
.map_err(|e| AuthError::auth_failed(e.to_string()))?;
Ok(ComputeCredentials {
info: user_info.clone(),
// todo: rewrite JWT signature with key shared somehow between local proxy and postgres
keys: crate::auth::backend::ComputeCredentialKeys::None,
})
// todo: rewrite JWT signature with key shared somehow between local proxy and postgres
Ok(())
}
}
}
@@ -203,7 +199,6 @@ impl PoolingBackend {
&self,
ctx: &RequestMonitoring,
conn_info: ConnInfo,
keys: ComputeCredentials,
) -> Result<http_conn_pool::Client, HttpConnError> {
info!("pool: looking for an existing connection");
if let Some(client) = self.http_conn_pool.get(ctx, &conn_info) {
@@ -213,7 +208,14 @@ impl PoolingBackend {
let conn_id = uuid::Uuid::new_v4();
tracing::Span::current().record("conn_id", display(conn_id));
info!(%conn_id, "pool: opening a new connection '{conn_info}'");
let backend = self.config.auth_backend.as_ref().map(|()| keys);
let backend = self
.config
.auth_backend
.as_ref()
.map(|()| ComputeCredentials {
info: conn_info.user_info.clone(),
keys: crate::auth::backend::ComputeCredentialKeys::None,
});
crate::proxy::connect_compute::connect_to_compute(
ctx,
&HyperMechanism {

12
proxy/src/serverless/sql_over_http.rs
View File

@@ -39,6 +39,7 @@ use url::Url;
use urlencoding;
use utils::http::error::ApiError;
use crate::auth::backend::ComputeCredentials;
use crate::auth::backend::ComputeUserInfo;
use crate::auth::endpoint_sni;
use crate::auth::ComputeUserInfoParseError;
@@ -610,7 +611,12 @@ async fn handle_db_inner(
&conn_info.user_info,
jwt,
)
.await?
.await?;
ComputeCredentials {
info: conn_info.user_info.clone(),
keys: crate::auth::backend::ComputeCredentialKeys::None,
}
}
};
@@ -701,7 +707,7 @@ async fn handle_auth_broker_inner(
jwt: String,
backend: Arc<PoolingBackend>,
) -> Result<Response<BoxBody<Bytes, hyper1::Error>>, SqlOverHttpError> {
let keys = backend
backend
.authenticate_with_jwt(
ctx,
&config.authentication_config,
@@ -711,7 +717,7 @@ async fn handle_auth_broker_inner(
.await
.map_err(HttpConnError::from)?;
let mut client = backend.connect_to_local_proxy(ctx, conn_info, keys).await?;
let mut client = backend.connect_to_local_proxy(ctx, conn_info).await?;
// always completes instantly in http2 mode
// but good just in case