Skip to content
This repository has been archived by the owner on Oct 9, 2023. It is now read-only.

Inject user identifier to ExecutionSpec #549

Merged
merged 17 commits into from
May 15, 2023
Prev Previous commit
Next Next commit
improve
Signed-off-by: byhsu <byhsu@linkedin.com>
ByronHsu committed May 9, 2023
commit 14d5123cb8fd48677cf4af22019e7aca0dab1c45
15 changes: 9 additions & 6 deletions auth/identity_context.go
Original file line number Diff line number Diff line change
@@ -28,12 +28,15 @@ type IdentityContext struct {
appID string
authenticatedAt time.Time
userInfo *service.UserInfoResponse
// Contains unique identifier for users, which will be passed to SecurityContext
userIdentifier string
// Set to pointer just to keep this struct go-simple to support equal operator
scopes *sets.String
// Raw JWT token from the IDP. Set to a pointer to support the equal operator for this struct.
claims *claimsType
// userIdentifier stores a unique string that can be used to identify the user associated with a given task.
// This identifier is passed down to the ExecutionSpec and can be used for various purposes, such as setting the user identifier on a pod label.
// By default, the user identifier is filled with the value of IdentityContext.userID. However, you can customize your middleware to assign other values if needed.
// Providing a user identifier can be useful for tracking tasks and associating them with specific users, especially in multi-user environments.
userIdentifier string
}

func (c IdentityContext) Audience() string {
@@ -60,10 +63,6 @@ func (c IdentityContext) IsEmpty() bool {
return c == emptyIdentityContext
}

func (c IdentityContext) UserIdentity() string {
return c.userIdentity
}

func (c IdentityContext) Scopes() sets.String {
if c.scopes != nil {
return *c.scopes
@@ -79,6 +78,10 @@ func (c IdentityContext) Claims() map[string]interface{} {
return make(map[string]interface{})
}

func (c IdentityContext) UserIdentifier() string {
return c.userIdentifier
}

func (c IdentityContext) WithContext(ctx context.Context) context.Context {
return context.WithValue(ctx, ContextKeyIdentityContext, c)
}
14 changes: 13 additions & 1 deletion auth/interceptor_test.go
Original file line number Diff line number Diff line change
@@ -61,6 +61,18 @@ func TestBlanketAuthorization(t *testing.T) {
}

func TestGetUserIdentityFromContext(t *testing.T) {
identityContext := IdentityContext{
userID: "yeee",
}

// TODO
ctx := identityContext.WithContext(context.Background())

handler := func(ctx context.Context, req interface{}) (interface{}, error) {
identityContext := IdentityContextFromContext(ctx)
userIdentifier := identityContext.UserIdentifier()
assert.Equal(t, userIdentifier, "yeee")
return nil, nil
}

UserIdentifierInterceptor(ctx, nil, nil, handler)
}
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
@@ -208,4 +208,4 @@ require (
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
)

replace github.com/robfig/cron/v3 => github.com/unionai/cron/v3 v3.0.2-0.20220915080349-5790c370e63a
replace github.com/robfig/cron/v3 => github.com/unionai/cron/v3 v3.0.2-0.20220915080349-5790c370e63a
5 changes: 5 additions & 0 deletions go.sum
Original file line number Diff line number Diff line change
@@ -312,8 +312,13 @@ github.com/fatih/structs v1.0.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga
github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M=
github.com/felixge/httpsnoop v1.0.1 h1:lvB5Jl89CsZtGIWuTcDM1E/vkVs49/Ml7JJe07l8SPQ=
github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
<<<<<<< HEAD
github.com/flyteorg/flyteidl v1.5.0 h1:vdaA5Cg9eqi5NMuASSod/AE7RXlHvzdWjSL9abDyd/M=
github.com/flyteorg/flyteidl v1.5.0/go.mod h1:ckLjB51moX4L0oQml+WTCrPK50zrJf6IZJ6LPC0RB4I=
=======
github.com/flyteorg/flyteidl v1.5.2 h1:DZPzYkTg92qA4e17fd0ZW1M+gh1gJKh/VOK+F4bYgM8=
github.com/flyteorg/flyteidl v1.5.2/go.mod h1:ckLjB51moX4L0oQml+WTCrPK50zrJf6IZJ6LPC0RB4I=
>>>>>>> 5ff9b59... improve
github.com/flyteorg/flyteplugins v1.0.40 h1:RTsYingqmqr13qBbi4CB2ArXDHNHUOkAF+HTLJQiQ/s=
github.com/flyteorg/flyteplugins v1.0.40/go.mod h1:qyUPqVspLcLGJpKxVwHDWf+kBpOGuItOxCaF6zAmDio=
github.com/flyteorg/flytepropeller v1.1.70 h1:/d1qqz13rdVADM85ST70eerAdBstJJz9UUB/mNSZi0w=