github-mirrors/VictoriaMetrics
1
0
Fork 0
mirror of https://github.com/VictoriaMetrics/VictoriaMetrics.git synced 2025-03-11 15:34:56 +00:00
Code Issues Projects Releases Packages Wiki Activity

lib/auth: add NewTokenPossibleMultitenant() for parsing auth token, which can be multitenant

Browse source 
Disallow parsing multitenant token at auth.NewToken().

Use auth.NewTokenPossibleMultitenant() at vminsert only. All the other callers should call auth.NewToken(),
since they do not support multitenant token.

This is a follow-up for f0c06b428e

Updates https://github.com/VictoriaMetrics/VictoriaMetrics/issues/4910
This commit is contained in:
Aliaksandr Valialkin 2023-08-30 14:08:47 +02:00
parent e97484640a
commit 9603d06057
No known key found for this signature in database
GPG key ID: A72BEC6CD3D0DED1
2 changed files with 1 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/vminsert/main.go
View file

@ -204,7 +204,7 @@ func requestHandler(w http.ResponseWriter, r *http.Request) bool {
// This is not our link.
return false
}
at, err := auth.NewToken(p.AuthToken)
at, err := auth.NewTokenPossibleMultitenant(p.AuthToken)
if err != nil {
httpserver.Errorf(w, r, "auth error: %s", err)
return true

6
app/vmselect/main.go
View file

@ -283,12 +283,6 @@ func requestHandler(w http.ResponseWriter, r *http.Request) bool {
httpserver.Errorf(w, r, "auth error: %s", err)
return true
}
if at == nil {
// the only option for at to be nil is when p.AuthToken == "multitenant"
// vmselect does not have multitenant endpoint, so request must be rejected
httpserver.Errorf(w, r, "auth error: tenantID must be specified explicitly in the request path")
return true
}
switch p.Prefix {
case "select":
return selectHandler(qt, startTime, w, r, p, at)