auth: use NewIncomingContext for "WithRoot"

"WithRoot" is only used within local node, and "AuthInfoFromCtx" expects token from incoming context. Embed token with "NewIncomingContext" so that token can be found in "AuthInfoFromCtx". Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
etcd-io · Dec 15, 2017 · 3f75424 · 3f75424
1 parent 014c375
commit 3f75424
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 1 deletion.
diff --git a/auth/store.go b/auth/store.go
@@ -1090,7 +1090,9 @@ func (as *authStore) WithRoot(ctx context.Context) context.Context {
 		"token": token,
 	}
 	tokenMD := metadata.New(mdMap)
-	return metadata.NewOutgoingContext(ctx, tokenMD)
+
+	// use "mdIncomingKey{}" since it's called from local etcdserver
+	return metadata.NewIncomingContext(ctx, tokenMD)
 }
 
 func (as *authStore) HasRole(user, role string) bool {

diff --git a/auth/store_test.go b/auth/store_test.go
@@ -701,3 +701,34 @@ func TestRolesOrder(t *testing.T) {
 		}
 	}
 }
+
+// TestAuthInfoFromCtxWithRoot ensures "WithRoot" properly embeds token in the context.
+func TestAuthInfoFromCtxWithRoot(t *testing.T) {
+	b, tPath := backend.NewDefaultTmpBackend()
+	defer os.Remove(tPath)
+
+	tp, err := NewTokenProvider("simple", dummyIndexWaiter)
+	if err != nil {
+		t.Fatal(err)
+	}
+	as := NewAuthStore(b, tp)
+	defer as.Close()
+
+	if err = enableAuthAndCreateRoot(as); err != nil {
+		t.Fatal(err)
+	}
+
+	ctx := context.Background()
+	ctx = as.WithRoot(ctx)
+
+	ai, aerr := as.AuthInfoFromCtx(ctx)
+	if aerr != nil {
+		t.Fatal(err)
+	}
+	if ai == nil {
+		t.Fatal("expected non-nil *AuthInfo")
+	}
+	if ai.Username != "root" {
+		t.Fatalf("expected user name 'root', got %+v", ai)
+	}
+}