fix(agent): set default token parser and root user checker

- Set default token parser in option.go if not provided- Set default root user checker in option.go if not provided - Remove redundant token parser initialization in authn.go
origadmin · Dec 24, 2024 · 1440014 · 1440014
1 parent 7a32383
commit 1440014
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 5 deletions.
diff --git a/agent/middleware/security/authn.go b/agent/middleware/security/authn.go
@@ -132,11 +132,7 @@ func NewAuthN(cfg *configv1.Security, ss ...OptionSetting) (middleware.Middlewar
 	//	option.TokenParser,
 	//	FromTransportClient(option.HeaderAuthorize, option.Scheme),
 	//	FromTransportServer(option.HeaderAuthorize, option.Scheme))
-	if option.TokenParser == nil {
-		option.TokenParser = aggregateTokenParsers(
-			FromTransportClient(option.HeaderAuthorize, option.Scheme),
-			FromTransportServer(option.HeaderAuthorize, option.Scheme))
-	}
+
 	return func(handler middleware.Handler) middleware.Handler {
 		return func(ctx context.Context, req interface{}) (interface{}, error) {
 			log.Debugf("NewAuthN: handling request: %+v", req)

diff --git a/agent/middleware/security/option.go b/agent/middleware/security/option.go
@@ -76,6 +76,16 @@ func (o *Option) ApplyDefaults() {
 	if o.Scheme == "" {
 		o.Scheme = security.SchemeBearer.String()
 	}
+	if o.TokenParser == nil {
+		o.TokenParser = aggregateTokenParsers(
+			FromTransportClient(o.HeaderAuthorize, o.Scheme),
+			FromTransportServer(o.HeaderAuthorize, o.Scheme))
+	}
+	if o.IsRoot == nil {
+		o.IsRoot = func(ctx context.Context, claims security.Claims) bool {
+			return false
+		}
+	}
 }
 
 // WithConfig applies the configuration to the option.