-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Replace dependencies on lib/auth with lib/authclient #41623
Conversation
6f2b00f
to
c71b48b
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Aliases were left behind here to prevent breaking e and limit further changes to this PR. I'll convert consumers to use the new types in authclient in a follow up.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
46d6c06
to
fc916a1
Compare
/excludeflake * |
1 similar comment
/excludeflake * |
bad8ac3
to
94bf7da
Compare
94bf7da
to
604969e
Compare
…ertPool to authclient
…event breaking builds
604969e
to
ae6ade8
Compare
@rosstimothy See the table below for backport results.
|
* Remove authclient.Client/ClientI/NewClient aliases in lib/auth * Remove WebSessionReq aliases in lib/auth * Remove GithubAuthResponse aliases in lib/auth * Remove GithubAuthRequest aliases in lib/auth * Remove KubeCSR alias in lib/auth * Remove KubeCSRResponse alias in lib/auth * Remove OIDCAuthResponse alias in lib/auth * Remove OIDCAuthRequest alias in lib/auth * Remove ValidateOIDCAuthCallbackReq alias in lib/auth * Remove OIDCAuthRawResponse alias in lib/auth * Remove CreateUserTokenRequest alias in lib/auth * Remove SAMLAuthResponse alias in lib/auth * Remove SAMLAuthRequest alias in lib/auth * Remove ValidateSAMLResponseReq alias in lib/auth * Remove SAMLAuthRawResponse alias in lib/auth * Remove ValidateTrustedClusterRequest alias in lib/auth * Remove ValidateTrustedClusterRequestRaw alias in lib/auth * Remove ValidateTrustedClusterResponse alias in lib/auth * Remove ValidateTrustedClusterResponseRaw alias in lib/auth * Remove AuthenticateUserRequest alias in lib/auth * Remove ForwardedClientMetadata alias in lib/auth * Remove PassCreds alias in lib/auth * Remove OTPCreds alias in lib/auth * Remove SessionCreds alias in lib/auth * Remove AuthenticateSSHRequest alias in lib/auth * Remove SSHLoginResponse alias in lib/auth * Remove TrustedCerts alias in lib/auth * Remove AuthoritiesToTrustedCerts alias in lib/auth * Move auth.HostFQDN to authclient * Move auth.WithClusterCAs, auth.DefaultClientCertPool and auth.ClientCertPool to authclient * Switch alpn proxy to use authclient.CAGetter instead of auth.ReadProxyAccessPoint * Use a smaller scoped interfaces in lib/proxy/peer to remove lib/auth dependency * Move auth.TryCreateAppSessionForClientCertV15 to authclient * Move auth.ErrNoMFADevices to authclient * Move access point interfaces to authclient. Aliases left behind to prevent breaking builds * remove lib/auth dependency from lib/reversetunnelclient * fix lints * fix license * Bump e ref to include gravitational/teleport.e#4174 * Use authclient.Client in new tctl diag commands * Stop using auth.UserTokenType aliases
* Remove authclient.Client/ClientI/NewClient aliases in lib/auth * Remove WebSessionReq aliases in lib/auth * Remove GithubAuthResponse aliases in lib/auth * Remove GithubAuthRequest aliases in lib/auth * Remove KubeCSR alias in lib/auth * Remove KubeCSRResponse alias in lib/auth * Remove OIDCAuthResponse alias in lib/auth * Remove OIDCAuthRequest alias in lib/auth * Remove ValidateOIDCAuthCallbackReq alias in lib/auth * Remove OIDCAuthRawResponse alias in lib/auth * Remove CreateUserTokenRequest alias in lib/auth * Remove SAMLAuthResponse alias in lib/auth * Remove SAMLAuthRequest alias in lib/auth * Remove ValidateSAMLResponseReq alias in lib/auth * Remove SAMLAuthRawResponse alias in lib/auth * Remove ValidateTrustedClusterRequest alias in lib/auth * Remove ValidateTrustedClusterRequestRaw alias in lib/auth * Remove ValidateTrustedClusterResponse alias in lib/auth * Remove ValidateTrustedClusterResponseRaw alias in lib/auth * Remove AuthenticateUserRequest alias in lib/auth * Remove ForwardedClientMetadata alias in lib/auth * Remove PassCreds alias in lib/auth * Remove OTPCreds alias in lib/auth * Remove SessionCreds alias in lib/auth * Remove AuthenticateSSHRequest alias in lib/auth * Remove SSHLoginResponse alias in lib/auth * Remove TrustedCerts alias in lib/auth * Remove AuthoritiesToTrustedCerts alias in lib/auth * Move auth.HostFQDN to authclient * Move auth.WithClusterCAs, auth.DefaultClientCertPool and auth.ClientCertPool to authclient * Switch alpn proxy to use authclient.CAGetter instead of auth.ReadProxyAccessPoint * Use a smaller scoped interfaces in lib/proxy/peer to remove lib/auth dependency * Move auth.TryCreateAppSessionForClientCertV15 to authclient * Move auth.ErrNoMFADevices to authclient * Move access point interfaces to authclient. Aliases left behind to prevent breaking builds * remove lib/auth dependency from lib/reversetunnelclient * fix lints * fix license * Bump e ref to include gravitational/teleport.e#4174 * Use authclient.Client in new tctl diag commands * Stop using auth.UserTokenType aliases
* Remove authclient.Client/ClientI/NewClient aliases in lib/auth * Remove WebSessionReq aliases in lib/auth * Remove GithubAuthResponse aliases in lib/auth * Remove GithubAuthRequest aliases in lib/auth * Remove KubeCSR alias in lib/auth * Remove KubeCSRResponse alias in lib/auth * Remove OIDCAuthResponse alias in lib/auth * Remove OIDCAuthRequest alias in lib/auth * Remove ValidateOIDCAuthCallbackReq alias in lib/auth * Remove OIDCAuthRawResponse alias in lib/auth * Remove CreateUserTokenRequest alias in lib/auth * Remove SAMLAuthResponse alias in lib/auth * Remove SAMLAuthRequest alias in lib/auth * Remove ValidateSAMLResponseReq alias in lib/auth * Remove SAMLAuthRawResponse alias in lib/auth * Remove ValidateTrustedClusterRequest alias in lib/auth * Remove ValidateTrustedClusterRequestRaw alias in lib/auth * Remove ValidateTrustedClusterResponse alias in lib/auth * Remove ValidateTrustedClusterResponseRaw alias in lib/auth * Remove AuthenticateUserRequest alias in lib/auth * Remove ForwardedClientMetadata alias in lib/auth * Remove PassCreds alias in lib/auth * Remove OTPCreds alias in lib/auth * Remove SessionCreds alias in lib/auth * Remove AuthenticateSSHRequest alias in lib/auth * Remove SSHLoginResponse alias in lib/auth * Remove TrustedCerts alias in lib/auth * Remove AuthoritiesToTrustedCerts alias in lib/auth * Move auth.HostFQDN to authclient * Move auth.WithClusterCAs, auth.DefaultClientCertPool and auth.ClientCertPool to authclient * Switch alpn proxy to use authclient.CAGetter instead of auth.ReadProxyAccessPoint * Use a smaller scoped interfaces in lib/proxy/peer to remove lib/auth dependency * Move auth.TryCreateAppSessionForClientCertV15 to authclient * Move auth.ErrNoMFADevices to authclient * Move access point interfaces to authclient. Aliases left behind to prevent breaking builds * remove lib/auth dependency from lib/reversetunnelclient * fix lints * fix license * Bump e ref to include gravitational/teleport.e#4174 * Use authclient.Client in new tctl diag commands * Stop using auth.UserTokenType aliases
* Remove authclient.Client/ClientI/NewClient aliases in lib/auth * Remove WebSessionReq aliases in lib/auth * Remove GithubAuthResponse aliases in lib/auth * Remove GithubAuthRequest aliases in lib/auth * Remove KubeCSR alias in lib/auth * Remove KubeCSRResponse alias in lib/auth * Remove OIDCAuthResponse alias in lib/auth * Remove OIDCAuthRequest alias in lib/auth * Remove ValidateOIDCAuthCallbackReq alias in lib/auth * Remove OIDCAuthRawResponse alias in lib/auth * Remove CreateUserTokenRequest alias in lib/auth * Remove SAMLAuthResponse alias in lib/auth * Remove SAMLAuthRequest alias in lib/auth * Remove ValidateSAMLResponseReq alias in lib/auth * Remove SAMLAuthRawResponse alias in lib/auth * Remove ValidateTrustedClusterRequest alias in lib/auth * Remove ValidateTrustedClusterRequestRaw alias in lib/auth * Remove ValidateTrustedClusterResponse alias in lib/auth * Remove ValidateTrustedClusterResponseRaw alias in lib/auth * Remove AuthenticateUserRequest alias in lib/auth * Remove ForwardedClientMetadata alias in lib/auth * Remove PassCreds alias in lib/auth * Remove OTPCreds alias in lib/auth * Remove SessionCreds alias in lib/auth * Remove AuthenticateSSHRequest alias in lib/auth * Remove SSHLoginResponse alias in lib/auth * Remove TrustedCerts alias in lib/auth * Remove AuthoritiesToTrustedCerts alias in lib/auth * Move auth.HostFQDN to authclient * Move auth.WithClusterCAs, auth.DefaultClientCertPool and auth.ClientCertPool to authclient * Switch alpn proxy to use authclient.CAGetter instead of auth.ReadProxyAccessPoint * Use a smaller scoped interfaces in lib/proxy/peer to remove lib/auth dependency * Move auth.TryCreateAppSessionForClientCertV15 to authclient * Move auth.ErrNoMFADevices to authclient * Move access point interfaces to authclient. Aliases left behind to prevent breaking builds * remove lib/auth dependency from lib/reversetunnelclient * fix lints * fix license * Bump e ref to include gravitational/teleport.e#4174 * Use authclient.Client in new tctl diag commands * Stop using auth.UserTokenType aliases
* Replace dependencies on lib/auth with lib/authclient (#41623) * Remove authclient.Client/ClientI/NewClient aliases in lib/auth * Remove WebSessionReq aliases in lib/auth * Remove GithubAuthResponse aliases in lib/auth * Remove GithubAuthRequest aliases in lib/auth * Remove KubeCSR alias in lib/auth * Remove KubeCSRResponse alias in lib/auth * Remove OIDCAuthResponse alias in lib/auth * Remove OIDCAuthRequest alias in lib/auth * Remove ValidateOIDCAuthCallbackReq alias in lib/auth * Remove OIDCAuthRawResponse alias in lib/auth * Remove CreateUserTokenRequest alias in lib/auth * Remove SAMLAuthResponse alias in lib/auth * Remove SAMLAuthRequest alias in lib/auth * Remove ValidateSAMLResponseReq alias in lib/auth * Remove SAMLAuthRawResponse alias in lib/auth * Remove ValidateTrustedClusterRequest alias in lib/auth * Remove ValidateTrustedClusterRequestRaw alias in lib/auth * Remove ValidateTrustedClusterResponse alias in lib/auth * Remove ValidateTrustedClusterResponseRaw alias in lib/auth * Remove AuthenticateUserRequest alias in lib/auth * Remove ForwardedClientMetadata alias in lib/auth * Remove PassCreds alias in lib/auth * Remove OTPCreds alias in lib/auth * Remove SessionCreds alias in lib/auth * Remove AuthenticateSSHRequest alias in lib/auth * Remove SSHLoginResponse alias in lib/auth * Remove TrustedCerts alias in lib/auth * Remove AuthoritiesToTrustedCerts alias in lib/auth * Move auth.HostFQDN to authclient * Move auth.WithClusterCAs, auth.DefaultClientCertPool and auth.ClientCertPool to authclient * Switch alpn proxy to use authclient.CAGetter instead of auth.ReadProxyAccessPoint * Use a smaller scoped interfaces in lib/proxy/peer to remove lib/auth dependency * Move auth.TryCreateAppSessionForClientCertV15 to authclient * Move auth.ErrNoMFADevices to authclient * Move access point interfaces to authclient. Aliases left behind to prevent breaking builds * remove lib/auth dependency from lib/reversetunnelclient * fix lints * fix license * Bump e ref to include gravitational/teleport.e#4174 * Use authclient.Client in new tctl diag commands * Stop using auth.UserTokenType aliases * Update e to include gravitational/teleport.e#4198 * fix: tests
* Replace dependencies on lib/auth with lib/authclient (#41623) * Remove authclient.Client/ClientI/NewClient aliases in lib/auth * Remove WebSessionReq aliases in lib/auth * Remove GithubAuthResponse aliases in lib/auth * Remove GithubAuthRequest aliases in lib/auth * Remove KubeCSR alias in lib/auth * Remove KubeCSRResponse alias in lib/auth * Remove OIDCAuthResponse alias in lib/auth * Remove OIDCAuthRequest alias in lib/auth * Remove ValidateOIDCAuthCallbackReq alias in lib/auth * Remove OIDCAuthRawResponse alias in lib/auth * Remove CreateUserTokenRequest alias in lib/auth * Remove SAMLAuthResponse alias in lib/auth * Remove SAMLAuthRequest alias in lib/auth * Remove ValidateSAMLResponseReq alias in lib/auth * Remove SAMLAuthRawResponse alias in lib/auth * Remove ValidateTrustedClusterRequest alias in lib/auth * Remove ValidateTrustedClusterRequestRaw alias in lib/auth * Remove ValidateTrustedClusterResponse alias in lib/auth * Remove ValidateTrustedClusterResponseRaw alias in lib/auth * Remove AuthenticateUserRequest alias in lib/auth * Remove ForwardedClientMetadata alias in lib/auth * Remove PassCreds alias in lib/auth * Remove OTPCreds alias in lib/auth * Remove SessionCreds alias in lib/auth * Remove AuthenticateSSHRequest alias in lib/auth * Remove SSHLoginResponse alias in lib/auth * Remove TrustedCerts alias in lib/auth * Remove AuthoritiesToTrustedCerts alias in lib/auth * Move auth.HostFQDN to authclient * Move auth.WithClusterCAs, auth.DefaultClientCertPool and auth.ClientCertPool to authclient * Switch alpn proxy to use authclient.CAGetter instead of auth.ReadProxyAccessPoint * Use a smaller scoped interfaces in lib/proxy/peer to remove lib/auth dependency * Move auth.TryCreateAppSessionForClientCertV15 to authclient * Move auth.ErrNoMFADevices to authclient * Move access point interfaces to authclient. Aliases left behind to prevent breaking builds * remove lib/auth dependency from lib/reversetunnelclient * fix lints * fix license * Bump e ref to include gravitational/teleport.e#4174 * Use authclient.Client in new tctl diag commands * Stop using auth.UserTokenType aliases * Update e to include gravitational/teleport.e#4197 * fix: tests
* Remove authclient.Client/ClientI/NewClient aliases in lib/auth * Remove WebSessionReq aliases in lib/auth * Remove GithubAuthResponse aliases in lib/auth * Remove GithubAuthRequest aliases in lib/auth * Remove KubeCSR alias in lib/auth * Remove KubeCSRResponse alias in lib/auth * Remove OIDCAuthResponse alias in lib/auth * Remove OIDCAuthRequest alias in lib/auth * Remove ValidateOIDCAuthCallbackReq alias in lib/auth * Remove OIDCAuthRawResponse alias in lib/auth * Remove CreateUserTokenRequest alias in lib/auth * Remove SAMLAuthResponse alias in lib/auth * Remove SAMLAuthRequest alias in lib/auth * Remove ValidateSAMLResponseReq alias in lib/auth * Remove SAMLAuthRawResponse alias in lib/auth * Remove ValidateTrustedClusterRequest alias in lib/auth * Remove ValidateTrustedClusterRequestRaw alias in lib/auth * Remove ValidateTrustedClusterResponse alias in lib/auth * Remove ValidateTrustedClusterResponseRaw alias in lib/auth * Remove AuthenticateUserRequest alias in lib/auth * Remove ForwardedClientMetadata alias in lib/auth * Remove PassCreds alias in lib/auth * Remove OTPCreds alias in lib/auth * Remove SessionCreds alias in lib/auth * Remove AuthenticateSSHRequest alias in lib/auth * Remove SSHLoginResponse alias in lib/auth * Remove TrustedCerts alias in lib/auth * Remove AuthoritiesToTrustedCerts alias in lib/auth * Move auth.HostFQDN to authclient * Move auth.WithClusterCAs, auth.DefaultClientCertPool and auth.ClientCertPool to authclient * Switch alpn proxy to use authclient.CAGetter instead of auth.ReadProxyAccessPoint * Use a smaller scoped interfaces in lib/proxy/peer to remove lib/auth dependency * Move auth.TryCreateAppSessionForClientCertV15 to authclient * Move auth.ErrNoMFADevices to authclient * Move access point interfaces to authclient. Aliases left behind to prevent breaking builds * remove lib/auth dependency from lib/reversetunnelclient * fix lints * fix license * Bump e ref to include gravitational/teleport.e#4174 * Use authclient.Client in new tctl diag commands * Stop using auth.UserTokenType aliases
Refactors code that was consuming lib/auth to use lib/auth/authclient instead. While this does touch a large number of files each commit is atomic and most commits are simply renaming types to use their equivalent in authclient. In addition to name changes this also moves some additional code from lib/auth to lib/auth/authclient.
Items moved to authclient
Additionally, this also starts the migration of the AccessPoint interfaces defined in lib/auth/api.go into authclient. For the moment only lib/reversetunnelclient has been updated to consume interfaces from the new location. All other consumers will be migrated at a later time to reduce the size of this PR.
Dependency Tree
While this PR doesn't remove lib/auth from client tools dependency trees, it does have a significant reduction in the number of times it shows up in the tree.
master
tross/auth_client
Important
Depends on https://github.com/gravitational/teleport.e/pull/4174 - removal of authclient aliases here will break e builds if this merges first.