[extension/oidcauth] move validation logic to the configuration (#30460)

**Description:** Move validation logic from the component creation to config validation.
open-telemetry · Jan 12, 2024 · f333965 · f333965
1 parent ec822df
commit f333965
Show file tree

Hide file tree

Showing 5 changed files with 51 additions and 30 deletions.
diff --git a/.chloggen/move_validation_to_config.yaml b/.chloggen/move_validation_to_config.yaml
@@ -0,0 +1,27 @@
+# Use this changelog template to create an entry for release notes.
+
+# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix'
+change_type: enhancement
+
+# The name of the component, or a single word describing the area of concern, (e.g. filelogreceiver)
+component: oidcauthextension
+
+# A brief description of the change.  Surround your text with quotes ("") if it needs to start with a backtick (`).
+note: Move validation logic outside of the extension creation, to the configuration validation
+
+# Mandatory: One or more tracking issues related to the change. You can use the PR number here if no issue exists.
+issues: [30460]
+
+# (Optional) One or more lines of additional information to render under the primary note.
+# These lines will be padded with 2 spaces and then inserted directly into the document.
+# Use pipe (|) for multiline entries.
+subtext:
+
+# If your change doesn't affect end users or the exported elements of any package,
+# you should instead start your pull request title with [chore] or use the "Skip Changelog" label.
+# Optional: The change log or logs in which this entry should be included.
+# e.g. '[user]' or '[user, api]'
+# Include 'user' if the change is relevant to end users.
+# Include 'api' if there is a change to a library API.
+# Default: '[user]'
+change_logs: []
diff --git a/extension/oidcauthextension/config.go b/extension/oidcauthextension/config.go
@@ -30,3 +30,13 @@ type Config struct {
 	// Optional.
 	GroupsClaim string `mapstructure:"groups_claim"`
 }
+
+func (c *Config) Validate() error {
+	if c.Audience == "" {
+		return errNoAudienceProvided
+	}
+	if c.IssuerURL == "" {
+		return errNoIssuerURL
+	}
+	return nil
+}
diff --git a/extension/oidcauthextension/extension.go b/extension/oidcauthextension/extension.go
@@ -44,14 +44,7 @@ var (
 	errNotAuthenticated                  = errors.New("authentication didn't succeed")
 )
 
-func newExtension(cfg *Config, logger *zap.Logger) (auth.Server, error) {
-	if cfg.Audience == "" {
-		return nil, errNoAudienceProvided
-	}
-	if cfg.IssuerURL == "" {
-		return nil, errNoIssuerURL
-	}
-
+func newExtension(cfg *Config, logger *zap.Logger) auth.Server {
 	if cfg.Attribute == "" {
 		cfg.Attribute = defaultAttribute
 	}
@@ -60,7 +53,7 @@ func newExtension(cfg *Config, logger *zap.Logger) (auth.Server, error) {
 		cfg:    cfg,
 		logger: logger,
 	}
-	return auth.NewServer(auth.WithServerStart(oe.start), auth.WithServerAuthenticate(oe.authenticate)), nil
+	return auth.NewServer(auth.WithServerStart(oe.start), auth.WithServerAuthenticate(oe.authenticate))
 }
 
 func (e *oidcExtension) start(context.Context, component.Host) error {

diff --git a/extension/oidcauthextension/extension_test.go b/extension/oidcauthextension/extension_test.go
@@ -36,8 +36,7 @@ func TestOIDCAuthenticationSucceeded(t *testing.T) {
 		Audience:    "unit-test",
 		GroupsClaim: "memberships",
 	}
-	p, err := newExtension(config, zap.NewNop())
-	require.NoError(t, err)
+	p := newExtension(config, zap.NewNop())
 
 	err = p.Start(context.Background(), componenttest.NewNopHost())
 	require.NoError(t, err)
@@ -195,11 +194,10 @@ func TestOIDCFailedToLoadIssuerCAFromPathInvalidContent(t *testing.T) {
 
 func TestOIDCInvalidAuthHeader(t *testing.T) {
 	// prepare
-	p, err := newExtension(&Config{
+	p := newExtension(&Config{
 		Audience:  "some-audience",
 		IssuerURL: "http://example.com",
 	}, zap.NewNop())
-	require.NoError(t, err)
 
 	// test
 	ctx, err := p.Authenticate(context.Background(), map[string][]string{"authorization": {"some-value"}})
@@ -211,11 +209,10 @@ func TestOIDCInvalidAuthHeader(t *testing.T) {
 
 func TestOIDCNotAuthenticated(t *testing.T) {
 	// prepare
-	p, err := newExtension(&Config{
+	p := newExtension(&Config{
 		Audience:  "some-audience",
 		IssuerURL: "http://example.com",
 	}, zap.NewNop())
-	require.NoError(t, err)
 
 	// test
 	ctx, err := p.Authenticate(context.Background(), make(map[string][]string))
@@ -227,14 +224,13 @@ func TestOIDCNotAuthenticated(t *testing.T) {
 
 func TestProviderNotReacheable(t *testing.T) {
 	// prepare
-	p, err := newExtension(&Config{
+	p := newExtension(&Config{
 		Audience:  "some-audience",
 		IssuerURL: "http://example.com",
 	}, zap.NewNop())
-	require.NoError(t, err)
 
 	// test
-	err = p.Start(context.Background(), componenttest.NewNopHost())
+	err := p.Start(context.Background(), componenttest.NewNopHost())
 
 	// verify
 	assert.Error(t, err)
@@ -247,11 +243,10 @@ func TestFailedToVerifyToken(t *testing.T) {
 	oidcServer.Start()
 	defer oidcServer.Close()
 
-	p, err := newExtension(&Config{
+	p := newExtension(&Config{
 		IssuerURL: oidcServer.URL,
 		Audience:  "unit-test",
 	}, zap.NewNop())
-	require.NoError(t, err)
 
 	err = p.Start(context.Background(), componenttest.NewNopHost())
 	require.NoError(t, err)
@@ -305,8 +300,7 @@ func TestFailedToGetGroupsClaimFromToken(t *testing.T) {
 		},
 	} {
 		t.Run(tt.casename, func(t *testing.T) {
-			p, err := newExtension(tt.config, zap.NewNop())
-			require.NoError(t, err)
+			p := newExtension(tt.config, zap.NewNop())
 
 			err = p.Start(context.Background(), componenttest.NewNopHost())
 			require.NoError(t, err)
@@ -414,10 +408,9 @@ func TestMissingClient(t *testing.T) {
 	}
 
 	// test
-	p, err := newExtension(config, zap.NewNop())
+	err := config.Validate()
 
 	// verify
-	assert.Nil(t, p)
 	assert.Equal(t, errNoAudienceProvided, err)
 }
 
@@ -428,10 +421,9 @@ func TestMissingIssuerURL(t *testing.T) {
 	}
 
 	// test
-	p, err := newExtension(config, zap.NewNop())
+	err := config.Validate()
 
 	// verify
-	assert.Nil(t, p)
 	assert.Equal(t, errNoIssuerURL, err)
 }
 
@@ -441,12 +433,11 @@ func TestShutdown(t *testing.T) {
 		Audience:  "some-audience",
 		IssuerURL: "http://example.com/",
 	}
-	p, err := newExtension(config, zap.NewNop())
-	require.NoError(t, err)
+	p := newExtension(config, zap.NewNop())
 	require.NotNil(t, p)
 
 	// test
-	err = p.Shutdown(context.Background()) // for now, we never fail
+	err := p.Shutdown(context.Background()) // for now, we never fail
 
 	// verify
 	assert.NoError(t, err)

diff --git a/extension/oidcauthextension/factory.go b/extension/oidcauthextension/factory.go
@@ -33,5 +33,5 @@ func createDefaultConfig() component.Config {
 }
 
 func createExtension(_ context.Context, set extension.CreateSettings, cfg component.Config) (extension.Extension, error) {
-	return newExtension(cfg.(*Config), set.Logger)
+	return newExtension(cfg.(*Config), set.Logger), nil
 }