APIGOV-26709 + APIGOV-26718

Axway · Nov 20, 2023 · 9a6d721 · 9a6d721
1 parent 1187f08
commit 9a6d721
Show file tree

Hide file tree

Showing 4 changed files with 20 additions and 54 deletions.
diff --git a/.gitignore b/.gitignore
@@ -21,11 +21,13 @@ bin/
 .run/
 *.log
 
-/kong_discovery_agent.yml
-/kong_traceability_agent.yml
+**/kong_discovery_agent.yml
+**/kong_traceability_agent.yml
 
 specs/
 
 secret.yaml
 overrides.yaml
 configmap.yaml
+
+**/__debug_bin*
diff --git a/pkg/gateway/client.go b/pkg/gateway/client.go
@@ -22,10 +22,11 @@ import (
 	klib "github.com/kong/go-kong/kong"
 )
 
-const (
-	ardCtx log.ContextField = "accessRequestDefinition"
-	crdCtx log.ContextField = "credentialRequestDefinition"
-)
+var kongToCRDMapper = map[string]string{
+	"basic-auth": provisioning.BasicAuthCRD,
+	"key-auth":   provisioning.APIKeyCRD,
+	"oauth2":     provisioning.OAuthSecretCRD,
+}
 
 func NewClient(agentConfig config.AgentConfig) (*Client, error) {
 	kongGatewayConfig := agentConfig.KongGatewayCfg
@@ -69,44 +70,6 @@ func hasACLEnabledInPlugins(plugins []*klib.Plugin) error {
 	return fmt.Errorf("failed to find acl plugin is enabled and installed")
 }
 
-func (gc *Client) createRequestDefinitions(ctx context.Context) (context.Context, error) {
-	gc.logger.Debug("creating request definitions")
-	ctx = gc.createAccessRequestDefinition(ctx)
-	return gc.createCredentialRequestDefinition(ctx)
-}
-
-func (gc *Client) createAccessRequestDefinition(ctx context.Context) context.Context {
-	return context.WithValue(ctx, ardCtx, true)
-}
-
-func (gc *Client) createCredentialRequestDefinition(ctx context.Context) (context.Context, error) {
-	ctx = context.WithValue(ctx, crdCtx, []string{})
-	allPlugins, err := gc.plugins.ListAll(context.Background())
-	if err != nil {
-		gc.logger.WithError(err).Error("failed list all available plugins")
-		return ctx, err
-	}
-
-	uniqueCrds := map[string]string{}
-	for _, plugin := range allPlugins {
-		if isValidAuthTypeAndEnabled(plugin) {
-			uniqueCrds[*plugin.Name] = *plugin.Name
-		}
-	}
-	kongToCRDMapper := map[string]string{
-		"basic-auth": provisioning.BasicAuthCRD,
-		"key-auth":   provisioning.APIKeyCRD,
-		"oauth2":     provisioning.OAuthSecretCRD,
-	}
-
-	for _, crd := range uniqueCrds {
-		if toAdd, ok := kongToCRDMapper[crd]; ok {
-			ctx = context.WithValue(ctx, crdCtx, append(ctx.Value(crdCtx).([]string), toAdd))
-		}
-	}
-	return ctx, nil
-}
-
 func (gc *Client) DiscoverAPIs() error {
 	gc.logger.Info("execute discovery process")
 
@@ -115,9 +78,6 @@ func (gc *Client) DiscoverAPIs() error {
 
 	plugins := kutil.Plugins{PluginLister: gc.kongClient.GetKongPlugins()}
 	gc.plugins = plugins
-	if ctx, err = gc.createRequestDefinitions(ctx); err != nil {
-		return err
-	}
 
 	services, err := gc.kongClient.ListServices(ctx)
 	if err != nil {
@@ -261,10 +221,13 @@ func (gc *Client) processKongAPI(
 		gc.logger.WithError(err).Error("failed to save api to cache")
 	}
 
-	if ctx.Value(ardCtx) != nil {
-		kongAPI.ard = provisioning.APIKeyARD
+	kongAPI.ard = provisioning.APIKeyARD
+	kongAPI.crds = []string{}
+	for k := range apiPlugins {
+		if crd, ok := kongToCRDMapper[k]; ok {
+			kongAPI.crds = append(kongAPI.crds, crd)
+		}
 	}
-	kongAPI.crds = ctx.Value(crdCtx).([]string)
 
 	agentDetails := map[string]string{
 		common.AttrServiceId: *service.ID,

diff --git a/pkg/kong/plugins.go b/pkg/kong/plugins.go
@@ -62,7 +62,8 @@ func (p *Plugins) GetEffectivePlugins(routeID, serviceID string) (map[string]*kl
 
 	for _, plugin := range plugins {
 		if (plugin.Route != nil && (plugin.Route.ID == nil || *plugin.Route.ID != routeID)) ||
-			(plugin.Service != nil && (plugin.Service.ID == nil || *plugin.Service.ID != serviceID)) {
+			(plugin.Service != nil && (plugin.Service.ID == nil || *plugin.Service.ID != serviceID)) ||
+			!*plugin.Enabled {
 			continue
 		}
 

diff --git a/pkg/subscription/credential/credential.go b/pkg/subscription/credential/credential.go
@@ -61,21 +61,21 @@ func (p credentialProvisioner) Deprovision() provisioning.RequestStatus {
 	case provisioning.APIKeyARD:
 		{
 			if err := p.client.DeleteAuthKey(ctx, consumerID, credentialID); err != nil {
-				return rs.SetMessage("Could not delete auth key credential").Failed()
+				return rs.SetMessage("API Key credential does not exist or it has already been deleted").Success()
 			}
 			return rs.SetMessage("API Key successfully deleted.").Success()
 		}
 	case provisioning.BasicAuthARD:
 		{
 			if err := p.client.DeleteHttpBasic(ctx, consumerID, credentialID); err != nil {
-				return rs.SetMessage("Could not delete basic auth credential").Failed()
+				return rs.SetMessage("Basic auth credential does not exist or it has already been deleted").Success()
 			}
 			return rs.SetMessage("Basic auth credential successfully deleted.").Success()
 		}
 	case provisioning.OAuthSecretCRD:
 		{
 			if err := p.client.DeleteOauth2(ctx, consumerID, credentialID); err != nil {
-				return rs.SetMessage("Could not delete oauth2 credential").Failed()
+				return rs.SetMessage("OAuth2 credential does not exist or it has already been deleted").Success()
 			}
 			return rs.SetMessage("OAuth2 credential successfully deleted.").Success()
 		}