Replace dependencies on lib/auth with lib/authclient #41623
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rosstimothy
force-pushed
the
tross/auth_client
branch
from
6f2b00f
to
c71b48b
Compare
rosstimothy
commented
May 15, 2024
There was a problem hiding this comment.
Aliases were left behind here to prevent breaking e and limit further changes to this PR. I'll convert consumers to use the new types in authclient in a follow up.
rosstimothy
added
backport/branch/v14
no-changelog
github-actions
bot
requested review from
fspmarshall,
greedy52,
marcoandredinis,
tigrato and
timothyb89
github-actions
bot
added
application-access
database-access
marcoandredinis
approved these changes
May 16, 2024
public-teleport-github-review-bot
bot
removed request for
timothyb89,
greedy52 and
fspmarshall
rosstimothy
force-pushed
the
tross/auth_client
branch
from
46d6c06
to
fc916a1
Compare
|
/excludeflake * |
1 similar comment
|
/excludeflake * |
rosstimothy
force-pushed
the
tross/auth_client
branch
from
bad8ac3
to
94bf7da
Compare
rosstimothy
force-pushed
the
tross/auth_client
branch
from
94bf7da
to
604969e
Compare
…ertPool to authclient
…event breaking builds
rosstimothy
force-pushed
the
tross/auth_client
branch
from
604969e
to
ae6ade8
Compare
|
@rosstimothy See the table below for backport results.
|
rosstimothy
added a commit
that referenced
this pull request
May 17, 2024
* Remove authclient.Client/ClientI/NewClient aliases in lib/auth * Remove WebSessionReq aliases in lib/auth * Remove GithubAuthResponse aliases in lib/auth * Remove GithubAuthRequest aliases in lib/auth * Remove KubeCSR alias in lib/auth * Remove KubeCSRResponse alias in lib/auth * Remove OIDCAuthResponse alias in lib/auth * Remove OIDCAuthRequest alias in lib/auth * Remove ValidateOIDCAuthCallbackReq alias in lib/auth * Remove OIDCAuthRawResponse alias in lib/auth * Remove CreateUserTokenRequest alias in lib/auth * Remove SAMLAuthResponse alias in lib/auth * Remove SAMLAuthRequest alias in lib/auth * Remove ValidateSAMLResponseReq alias in lib/auth * Remove SAMLAuthRawResponse alias in lib/auth * Remove ValidateTrustedClusterRequest alias in lib/auth * Remove ValidateTrustedClusterRequestRaw alias in lib/auth * Remove ValidateTrustedClusterResponse alias in lib/auth * Remove ValidateTrustedClusterResponseRaw alias in lib/auth * Remove AuthenticateUserRequest alias in lib/auth * Remove ForwardedClientMetadata alias in lib/auth * Remove PassCreds alias in lib/auth * Remove OTPCreds alias in lib/auth * Remove SessionCreds alias in lib/auth * Remove AuthenticateSSHRequest alias in lib/auth * Remove SSHLoginResponse alias in lib/auth * Remove TrustedCerts alias in lib/auth * Remove AuthoritiesToTrustedCerts alias in lib/auth * Move auth.HostFQDN to authclient * Move auth.WithClusterCAs, auth.DefaultClientCertPool and auth.ClientCertPool to authclient * Switch alpn proxy to use authclient.CAGetter instead of auth.ReadProxyAccessPoint * Use a smaller scoped interfaces in lib/proxy/peer to remove lib/auth dependency * Move auth.TryCreateAppSessionForClientCertV15 to authclient * Move auth.ErrNoMFADevices to authclient * Move access point interfaces to authclient. Aliases left behind to prevent breaking builds * remove lib/auth dependency from lib/reversetunnelclient * fix lints * fix license * Bump e ref to include gravitational/teleport.e#4174 * Use authclient.Client in new tctl diag commands * Stop using auth.UserTokenType aliases
rosstimothy
added a commit
that referenced
this pull request
May 17, 2024
* Remove authclient.Client/ClientI/NewClient aliases in lib/auth * Remove WebSessionReq aliases in lib/auth * Remove GithubAuthResponse aliases in lib/auth * Remove GithubAuthRequest aliases in lib/auth * Remove KubeCSR alias in lib/auth * Remove KubeCSRResponse alias in lib/auth * Remove OIDCAuthResponse alias in lib/auth * Remove OIDCAuthRequest alias in lib/auth * Remove ValidateOIDCAuthCallbackReq alias in lib/auth * Remove OIDCAuthRawResponse alias in lib/auth * Remove CreateUserTokenRequest alias in lib/auth * Remove SAMLAuthResponse alias in lib/auth * Remove SAMLAuthRequest alias in lib/auth * Remove ValidateSAMLResponseReq alias in lib/auth * Remove SAMLAuthRawResponse alias in lib/auth * Remove ValidateTrustedClusterRequest alias in lib/auth * Remove ValidateTrustedClusterRequestRaw alias in lib/auth * Remove ValidateTrustedClusterResponse alias in lib/auth * Remove ValidateTrustedClusterResponseRaw alias in lib/auth * Remove AuthenticateUserRequest alias in lib/auth * Remove ForwardedClientMetadata alias in lib/auth * Remove PassCreds alias in lib/auth * Remove OTPCreds alias in lib/auth * Remove SessionCreds alias in lib/auth * Remove AuthenticateSSHRequest alias in lib/auth * Remove SSHLoginResponse alias in lib/auth * Remove TrustedCerts alias in lib/auth * Remove AuthoritiesToTrustedCerts alias in lib/auth * Move auth.HostFQDN to authclient * Move auth.WithClusterCAs, auth.DefaultClientCertPool and auth.ClientCertPool to authclient * Switch alpn proxy to use authclient.CAGetter instead of auth.ReadProxyAccessPoint * Use a smaller scoped interfaces in lib/proxy/peer to remove lib/auth dependency * Move auth.TryCreateAppSessionForClientCertV15 to authclient * Move auth.ErrNoMFADevices to authclient * Move access point interfaces to authclient. Aliases left behind to prevent breaking builds * remove lib/auth dependency from lib/reversetunnelclient * fix lints * fix license * Bump e ref to include gravitational/teleport.e#4174 * Use authclient.Client in new tctl diag commands * Stop using auth.UserTokenType aliases
rosstimothy
added a commit
that referenced
this pull request
May 17, 2024
* Remove authclient.Client/ClientI/NewClient aliases in lib/auth * Remove WebSessionReq aliases in lib/auth * Remove GithubAuthResponse aliases in lib/auth * Remove GithubAuthRequest aliases in lib/auth * Remove KubeCSR alias in lib/auth * Remove KubeCSRResponse alias in lib/auth * Remove OIDCAuthResponse alias in lib/auth * Remove OIDCAuthRequest alias in lib/auth * Remove ValidateOIDCAuthCallbackReq alias in lib/auth * Remove OIDCAuthRawResponse alias in lib/auth * Remove CreateUserTokenRequest alias in lib/auth * Remove SAMLAuthResponse alias in lib/auth * Remove SAMLAuthRequest alias in lib/auth * Remove ValidateSAMLResponseReq alias in lib/auth * Remove SAMLAuthRawResponse alias in lib/auth * Remove ValidateTrustedClusterRequest alias in lib/auth * Remove ValidateTrustedClusterRequestRaw alias in lib/auth * Remove ValidateTrustedClusterResponse alias in lib/auth * Remove ValidateTrustedClusterResponseRaw alias in lib/auth * Remove AuthenticateUserRequest alias in lib/auth * Remove ForwardedClientMetadata alias in lib/auth * Remove PassCreds alias in lib/auth * Remove OTPCreds alias in lib/auth * Remove SessionCreds alias in lib/auth * Remove AuthenticateSSHRequest alias in lib/auth * Remove SSHLoginResponse alias in lib/auth * Remove TrustedCerts alias in lib/auth * Remove AuthoritiesToTrustedCerts alias in lib/auth * Move auth.HostFQDN to authclient * Move auth.WithClusterCAs, auth.DefaultClientCertPool and auth.ClientCertPool to authclient * Switch alpn proxy to use authclient.CAGetter instead of auth.ReadProxyAccessPoint * Use a smaller scoped interfaces in lib/proxy/peer to remove lib/auth dependency * Move auth.TryCreateAppSessionForClientCertV15 to authclient * Move auth.ErrNoMFADevices to authclient * Move access point interfaces to authclient. Aliases left behind to prevent breaking builds * remove lib/auth dependency from lib/reversetunnelclient * fix lints * fix license * Bump e ref to include gravitational/teleport.e#4174 * Use authclient.Client in new tctl diag commands * Stop using auth.UserTokenType aliases
rosstimothy
added a commit
that referenced
this pull request
May 17, 2024
* Remove authclient.Client/ClientI/NewClient aliases in lib/auth * Remove WebSessionReq aliases in lib/auth * Remove GithubAuthResponse aliases in lib/auth * Remove GithubAuthRequest aliases in lib/auth * Remove KubeCSR alias in lib/auth * Remove KubeCSRResponse alias in lib/auth * Remove OIDCAuthResponse alias in lib/auth * Remove OIDCAuthRequest alias in lib/auth * Remove ValidateOIDCAuthCallbackReq alias in lib/auth * Remove OIDCAuthRawResponse alias in lib/auth * Remove CreateUserTokenRequest alias in lib/auth * Remove SAMLAuthResponse alias in lib/auth * Remove SAMLAuthRequest alias in lib/auth * Remove ValidateSAMLResponseReq alias in lib/auth * Remove SAMLAuthRawResponse alias in lib/auth * Remove ValidateTrustedClusterRequest alias in lib/auth * Remove ValidateTrustedClusterRequestRaw alias in lib/auth * Remove ValidateTrustedClusterResponse alias in lib/auth * Remove ValidateTrustedClusterResponseRaw alias in lib/auth * Remove AuthenticateUserRequest alias in lib/auth * Remove ForwardedClientMetadata alias in lib/auth * Remove PassCreds alias in lib/auth * Remove OTPCreds alias in lib/auth * Remove SessionCreds alias in lib/auth * Remove AuthenticateSSHRequest alias in lib/auth * Remove SSHLoginResponse alias in lib/auth * Remove TrustedCerts alias in lib/auth * Remove AuthoritiesToTrustedCerts alias in lib/auth * Move auth.HostFQDN to authclient * Move auth.WithClusterCAs, auth.DefaultClientCertPool and auth.ClientCertPool to authclient * Switch alpn proxy to use authclient.CAGetter instead of auth.ReadProxyAccessPoint * Use a smaller scoped interfaces in lib/proxy/peer to remove lib/auth dependency * Move auth.TryCreateAppSessionForClientCertV15 to authclient * Move auth.ErrNoMFADevices to authclient * Move access point interfaces to authclient. Aliases left behind to prevent breaking builds * remove lib/auth dependency from lib/reversetunnelclient * fix lints * fix license * Bump e ref to include gravitational/teleport.e#4174 * Use authclient.Client in new tctl diag commands * Stop using auth.UserTokenType aliases
github-merge-queue bot
pushed a commit
that referenced
this pull request
May 20, 2024
* Replace dependencies on lib/auth with lib/authclient (#41623) * Remove authclient.Client/ClientI/NewClient aliases in lib/auth * Remove WebSessionReq aliases in lib/auth * Remove GithubAuthResponse aliases in lib/auth * Remove GithubAuthRequest aliases in lib/auth * Remove KubeCSR alias in lib/auth * Remove KubeCSRResponse alias in lib/auth * Remove OIDCAuthResponse alias in lib/auth * Remove OIDCAuthRequest alias in lib/auth * Remove ValidateOIDCAuthCallbackReq alias in lib/auth * Remove OIDCAuthRawResponse alias in lib/auth * Remove CreateUserTokenRequest alias in lib/auth * Remove SAMLAuthResponse alias in lib/auth * Remove SAMLAuthRequest alias in lib/auth * Remove ValidateSAMLResponseReq alias in lib/auth * Remove SAMLAuthRawResponse alias in lib/auth * Remove ValidateTrustedClusterRequest alias in lib/auth * Remove ValidateTrustedClusterRequestRaw alias in lib/auth * Remove ValidateTrustedClusterResponse alias in lib/auth * Remove ValidateTrustedClusterResponseRaw alias in lib/auth * Remove AuthenticateUserRequest alias in lib/auth * Remove ForwardedClientMetadata alias in lib/auth * Remove PassCreds alias in lib/auth * Remove OTPCreds alias in lib/auth * Remove SessionCreds alias in lib/auth * Remove AuthenticateSSHRequest alias in lib/auth * Remove SSHLoginResponse alias in lib/auth * Remove TrustedCerts alias in lib/auth * Remove AuthoritiesToTrustedCerts alias in lib/auth * Move auth.HostFQDN to authclient * Move auth.WithClusterCAs, auth.DefaultClientCertPool and auth.ClientCertPool to authclient * Switch alpn proxy to use authclient.CAGetter instead of auth.ReadProxyAccessPoint * Use a smaller scoped interfaces in lib/proxy/peer to remove lib/auth dependency * Move auth.TryCreateAppSessionForClientCertV15 to authclient * Move auth.ErrNoMFADevices to authclient * Move access point interfaces to authclient. Aliases left behind to prevent breaking builds * remove lib/auth dependency from lib/reversetunnelclient * fix lints * fix license * Bump e ref to include gravitational/teleport.e#4174 * Use authclient.Client in new tctl diag commands * Stop using auth.UserTokenType aliases * Update e to include gravitational/teleport.e#4198 * fix: tests
github-merge-queue bot
pushed a commit
that referenced
this pull request
May 20, 2024
* Replace dependencies on lib/auth with lib/authclient (#41623) * Remove authclient.Client/ClientI/NewClient aliases in lib/auth * Remove WebSessionReq aliases in lib/auth * Remove GithubAuthResponse aliases in lib/auth * Remove GithubAuthRequest aliases in lib/auth * Remove KubeCSR alias in lib/auth * Remove KubeCSRResponse alias in lib/auth * Remove OIDCAuthResponse alias in lib/auth * Remove OIDCAuthRequest alias in lib/auth * Remove ValidateOIDCAuthCallbackReq alias in lib/auth * Remove OIDCAuthRawResponse alias in lib/auth * Remove CreateUserTokenRequest alias in lib/auth * Remove SAMLAuthResponse alias in lib/auth * Remove SAMLAuthRequest alias in lib/auth * Remove ValidateSAMLResponseReq alias in lib/auth * Remove SAMLAuthRawResponse alias in lib/auth * Remove ValidateTrustedClusterRequest alias in lib/auth * Remove ValidateTrustedClusterRequestRaw alias in lib/auth * Remove ValidateTrustedClusterResponse alias in lib/auth * Remove ValidateTrustedClusterResponseRaw alias in lib/auth * Remove AuthenticateUserRequest alias in lib/auth * Remove ForwardedClientMetadata alias in lib/auth * Remove PassCreds alias in lib/auth * Remove OTPCreds alias in lib/auth * Remove SessionCreds alias in lib/auth * Remove AuthenticateSSHRequest alias in lib/auth * Remove SSHLoginResponse alias in lib/auth * Remove TrustedCerts alias in lib/auth * Remove AuthoritiesToTrustedCerts alias in lib/auth * Move auth.HostFQDN to authclient * Move auth.WithClusterCAs, auth.DefaultClientCertPool and auth.ClientCertPool to authclient * Switch alpn proxy to use authclient.CAGetter instead of auth.ReadProxyAccessPoint * Use a smaller scoped interfaces in lib/proxy/peer to remove lib/auth dependency * Move auth.TryCreateAppSessionForClientCertV15 to authclient * Move auth.ErrNoMFADevices to authclient * Move access point interfaces to authclient. Aliases left behind to prevent breaking builds * remove lib/auth dependency from lib/reversetunnelclient * fix lints * fix license * Bump e ref to include gravitational/teleport.e#4174 * Use authclient.Client in new tctl diag commands * Stop using auth.UserTokenType aliases * Update e to include gravitational/teleport.e#4197 * fix: tests
justinas
pushed a commit
that referenced
this pull request
May 20, 2024
* Remove authclient.Client/ClientI/NewClient aliases in lib/auth * Remove WebSessionReq aliases in lib/auth * Remove GithubAuthResponse aliases in lib/auth * Remove GithubAuthRequest aliases in lib/auth * Remove KubeCSR alias in lib/auth * Remove KubeCSRResponse alias in lib/auth * Remove OIDCAuthResponse alias in lib/auth * Remove OIDCAuthRequest alias in lib/auth * Remove ValidateOIDCAuthCallbackReq alias in lib/auth * Remove OIDCAuthRawResponse alias in lib/auth * Remove CreateUserTokenRequest alias in lib/auth * Remove SAMLAuthResponse alias in lib/auth * Remove SAMLAuthRequest alias in lib/auth * Remove ValidateSAMLResponseReq alias in lib/auth * Remove SAMLAuthRawResponse alias in lib/auth * Remove ValidateTrustedClusterRequest alias in lib/auth * Remove ValidateTrustedClusterRequestRaw alias in lib/auth * Remove ValidateTrustedClusterResponse alias in lib/auth * Remove ValidateTrustedClusterResponseRaw alias in lib/auth * Remove AuthenticateUserRequest alias in lib/auth * Remove ForwardedClientMetadata alias in lib/auth * Remove PassCreds alias in lib/auth * Remove OTPCreds alias in lib/auth * Remove SessionCreds alias in lib/auth * Remove AuthenticateSSHRequest alias in lib/auth * Remove SSHLoginResponse alias in lib/auth * Remove TrustedCerts alias in lib/auth * Remove AuthoritiesToTrustedCerts alias in lib/auth * Move auth.HostFQDN to authclient * Move auth.WithClusterCAs, auth.DefaultClientCertPool and auth.ClientCertPool to authclient * Switch alpn proxy to use authclient.CAGetter instead of auth.ReadProxyAccessPoint * Use a smaller scoped interfaces in lib/proxy/peer to remove lib/auth dependency * Move auth.TryCreateAppSessionForClientCertV15 to authclient * Move auth.ErrNoMFADevices to authclient * Move access point interfaces to authclient. Aliases left behind to prevent breaking builds * remove lib/auth dependency from lib/reversetunnelclient * fix lints * fix license * Bump e ref to include gravitational/teleport.e#4174 * Use authclient.Client in new tctl diag commands * Stop using auth.UserTokenType aliases
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Refactors code that was consuming lib/auth to use lib/auth/authclient instead. While this does touch a large number of files each commit is atomic and most commits are simply renaming types to use their equivalent in authclient. In addition to name changes this also moves some additional code from lib/auth to lib/auth/authclient.
Items moved to authclient
Additionally, this also starts the migration of the AccessPoint interfaces defined in lib/auth/api.go into authclient. For the moment only lib/reversetunnelclient has been updated to consume interfaces from the new location. All other consumers will be migrated at a later time to reduce the size of this PR.
Dependency Tree
While this PR doesn't remove lib/auth from client tools dependency trees, it does have a significant reduction in the number of times it shows up in the tree.
master
tross/auth_client
Important
Depends on https://github.com/gravitational/teleport.e/pull/4174 - removal of authclient aliases here will break e builds if this merges first.