Support two modes of configuring

MarcialRosales · MarcialRosales · commit 66cb5a0a136e · 2024-10-08T20:38:23.000+02:00
scope_aliases using cuttlefish
diff --git a/deps/rabbitmq_auth_backend_oauth2/priv/schema/rabbitmq_auth_backend_oauth2.schema b/deps/rabbitmq_auth_backend_oauth2/priv/schema/rabbitmq_auth_backend_oauth2.schema
@@ -73,6 +73,11 @@
     list_to_binary(cuttlefish:conf_get("auth_oauth2.additional_scopes_key", Conf))
  end}.
 
+{mapping,
+ "auth_oauth2.scope_aliases.$alias",
+ "rabbitmq_auth_backend_oauth2.scope_aliases",
+ [{datatype, string}]}.
+
 {mapping,
  "auth_oauth2.scope_aliases.$index.alias",
  "rabbitmq_auth_backend_oauth2.scope_aliases",
diff --git a/deps/rabbitmq_auth_backend_oauth2/src/rabbit_oauth2_schema.erl b/deps/rabbitmq_auth_backend_oauth2/src/rabbit_oauth2_schema.erl
@@ -32,12 +32,20 @@ extract_value({_Name,V}) -> V.
 translate_scope_aliases(Conf) ->   
     Settings = cuttlefish_variable:filter_by_prefix(
         ?AUTH_OAUTH2_SCOPE_ALIASES, Conf),
-    extract_scope_aliases_as_a_list_of_alias_scope_props(Settings).
+    maps:merge(extract_scope_alias_as_map(Settings), 
+        extract_scope_aliases_as_list_of_alias_scope_props(Settings)).
     
 convert_space_separated_string_to_list_of_binaries(String) ->
     [ list_to_binary(V) || V <- string:tokens(String, " ")].
 
-extract_scope_aliases_as_a_list_of_alias_scope_props(Settings) ->    
+extract_scope_alias_as_map(Settings) ->
+    maps:from_list([{
+        list_to_binary(Alias), 
+        convert_space_separated_string_to_list_of_binaries(Scope)
+        }
+        || {[?AUTH_OAUTH2, ?SCOPE_ALIASES, Alias], Scope} <- Settings ]).
+
+extract_scope_aliases_as_list_of_alias_scope_props(Settings) ->    
     KeyFun = fun extract_key_as_binary/1,
     ValueFun = fun extract_value/1,
 
diff --git a/deps/rabbitmq_auth_backend_oauth2/test/config_schema_SUITE_data/rabbitmq_auth_backend_oauth2.snippets b/deps/rabbitmq_auth_backend_oauth2/test/config_schema_SUITE_data/rabbitmq_auth_backend_oauth2.snippets
@@ -197,6 +197,25 @@
         ]}
         ],[]
   }, 
+  {scope_aliases_1, 
+      "auth_oauth2.resource_server_id = new_resource_server_id
+       auth_oauth2.scope_aliases.admin = rabbitmq.tag:administrator 
+       auth_oauth2.scope_aliases.developer = rabbitmq.tag:management rabbitmq.read:*/*",
+       [
+        {rabbitmq_auth_backend_oauth2, [
+            {resource_server_id,<<"new_resource_server_id">>},
+            {scope_aliases, #{
+              <<"admin">> => [ 
+                              <<"rabbitmq.tag:administrator">>
+                              ],
+              <<"developer">> => [ 
+                              <<"rabbitmq.tag:management">>,
+                              <<"rabbitmq.read:*/*">>
+                              ]                              
+            }}
+        ]}
+       ], []
+  },
   {scope_aliases_2, 
       "auth_oauth2.resource_server_id = new_resource_server_id
        auth_oauth2.scope_aliases.1.alias = admin
diff --git a/deps/rabbitmq_auth_backend_oauth2/test/rabbit_oauth2_schema_SUITE.erl b/deps/rabbitmq_auth_backend_oauth2/test/rabbit_oauth2_schema_SUITE.erl
@@ -39,8 +39,8 @@ all() ->
         test_resource_servers_attributes,
         test_invalid_oauth_providers_endpoint_params,
         test_without_oauth_providers_with_endpoint_params,
-        test_scope_aliases
-
+        test_scope_aliases_configured_as_list_of_properties,
+        test_scope_aliases_configured_as_map
     ].
 
 
@@ -282,7 +282,7 @@ test_oauth_providers_signing_keys(Conf) ->
       <<"2">> := {pem, <<"I'm not a certificate">>}
     } = SigningKeys.
 
-test_scope_aliases(_) ->
+test_scope_aliases_configured_as_list_of_properties(_) ->
     CuttlefishConf = [
         {["auth_oauth2","scope_aliases","1","alias"],
             "admin"},
@@ -298,6 +298,18 @@ test_scope_aliases(_) ->
         <<"developer">> := [<<"rabbitmq.tag:management">>, <<"rabbitmq.read:*/*">>]                         
     } = translate_scope_aliases(CuttlefishConf).
     
+test_scope_aliases_configured_as_map(_) ->
+    CuttlefishConf = [
+        {["auth_oauth2","scope_aliases","admin"], 
+            "rabbitmq.tag:administrator"},
+        {["auth_oauth2","scope_aliases","developer"], 
+            "rabbitmq.tag:management rabbitmq.read:*/*"}        
+    ],
+    #{
+        <<"admin">> := [<<"rabbitmq.tag:administrator">>],
+        <<"developer">> := [<<"rabbitmq.tag:management">>, <<"rabbitmq.read:*/*">>]                         
+    } = rabbit_oauth2_schema:translate_scope_aliases(CuttlefishConf).
+    
 
 cert_filename(Conf) ->
     string:concat(?config(data_dir, Conf), "certs/cert.pem").
