merge

alshabalin · alshabalin · commit eef634725db9 · 2023-02-15T12:12:28.000+08:00
diff --git a/.gitignore b/.gitignore
@@ -1 +1,4 @@
 .idea
+tmp/
+vendor/
+composer.lock
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,7 +1,15 @@
 # CHANGELOG
 
 
-## 1.4.2 (2022-01-13)
+## 1.4.3 (2023-02-15)
+
+### Features
+
+- anonymous authentication method
+- insecure grpc connection
+
+
+## 1.4.2 (2023-01-13)
 
 ### Bugs
 
diff --git a/README.md b/README.md
@@ -32,6 +32,7 @@ YDB supports the following authentication methods:
 - JWT + private key
 - JWT + JSON file
 - Metadata URL
+- Anonymous
 
 ## OAuth token
 
@@ -160,6 +161,34 @@ $ydb = new Ydb($config);
 
 ```
 
+## Anonymous
+
+```php
+<?php
+
+use YdbPlatform\Ydb\Ydb;
+
+$config = [
+
+    // Database path
+    'database'    => '/local',
+
+    // Database endpoint
+    'endpoint'    => 'localhost:2136',
+
+    // Auto discovery (dedicated server only)
+    'discovery'   => false,
+
+    // IAM config
+    'iam_config'  => [
+        'anonymous' => true,
+        'insecure' => true,
+    ],
+];
+
+$ydb = new Ydb($config);
+
+```
 
 # Usage
 
diff --git a/composer.json b/composer.json
@@ -18,7 +18,7 @@
         "grpc/grpc": "^1.35",
         "lcobucci/jwt": "~4.1.5",
         "phpseclib/phpseclib": "^2.0|^3.0",
-        "psr/log": "~1.0"
+        "psr/log": "^1|^2|^3"
     },
     "autoload": {
         "psr-4": {
diff --git a/src/Iam.php b/src/Iam.php
@@ -10,6 +10,8 @@
 use YdbPlatform\Ydb\Jwt\Signer\Sha256;
 use YdbPlatform\Ydb\Contracts\IamTokenContract;
 
+use function filter_var;
+
 class Iam implements IamTokenContract
 {
     use Traits\LoggerTrait;
@@ -48,7 +50,7 @@ public function __construct(array $config = [], LoggerInterface $logger = null)
     {
         if ($config)
         {
-            $this->config = $config;
+            $this->config = $this->parseConfig($config);
         }
 
         $this->logger = $logger;
@@ -95,7 +97,6 @@ public function newToken()
         else if ($this->config('private_key'))
         {
             $token = $this->getJwtToken();
-
             $request_data = [
                 'jwt' => $token->toString(),
             ];
@@ -159,6 +160,11 @@ public function newToken()
      */
     public function getCredentials()
     {
+        if ($this->config('insecure'))
+        {
+            return ChannelCredentials::createInsecure();
+        }
+
         $root_pem_file = $this->config('root_cert_file');
 
         if ($root_pem_file && is_file($root_pem_file))
@@ -169,28 +175,72 @@ public function getCredentials()
         return ChannelCredentials::createSsl($pem ?? null);
     }
 
+    /**
+     * @param array $config
+     * @return array
+     */
+    protected function parseConfig(array $config)
+    {
+        $parsedConfig = [];
+
+        $stringParams = [
+            'temp_dir',
+            'root_cert_file',
+            'oauth_token',
+            'key_id',
+            'service_account_id',
+            'private_key_file',
+            'service_file',
+        ];
+
+        foreach ($stringParams as $param)
+        {
+            $parsedConfig[$param] = (string)($config[$param] ?? '');
+        }
+
+        $boolParams = [
+            'use_metadata',
+            'anonymous',
+            'insecure',
+        ];
+
+        foreach ($boolParams as $param)
+        {
+            $parsedConfig[$param] = (
+                isset($config[$param])
+                && filter_var($config[$param], \FILTER_VALIDATE_BOOLEAN)
+            );
+        }
+
+        return $parsedConfig;
+    }
+
     /**
      * @return void
      * @throws Exception
      */
     protected function initConfig()
     {
-        if (empty($this->config['temp_dir']))
+        if (!$this->config('temp_dir'))
         {
             $this->config['temp_dir'] = sys_get_temp_dir();
         }
 
-        if (!empty($this->config['use_metadata']))
+        if ($this->config('anonymous'))
+        {
+            $this->logger()->info('YDB: Authentication method: Anonymous');
+        }
+        else if ($this->config('use_metadata'))
         {
             $this->logger()->info('YDB: Authentication method: Metadata URL');
         }
-        else if (!empty($this->config['service_file']))
+        else if ($serviceFile = $this->config('service_file'))
         {
-            if (is_file($this->config['service_file']))
+            if (is_file($serviceFile))
             {
                 $this->logger()->info('YDB: Authentication method: SA JSON file');
 
-                $service = json_decode(file_get_contents($this->config['service_file']));
+                $service = json_decode(file_get_contents($serviceFile));
 
                 if (is_object($service)
                     && isset($service->id)
@@ -203,28 +253,28 @@ protected function initConfig()
                 }
                 else
                 {
-                    throw new Exception('Service file [' . $this->config['service_file'] . '] is broken.');
+                    throw new Exception('Service file [' . $serviceFile . '] is broken.');
                 }
             }
             else
             {
-                throw new Exception('Service file [' . $this->config['service_file'] . '] is missing.');
+                throw new Exception('Service file [' . $serviceFile . '] is missing.');
             }
         }
-        else if (!empty($this->config['private_key_file']))
+        else if ($privateKeyFile = $this->config('private_key_file'))
         {
             $this->logger()->info('YDB: Authentication method: Private key');
 
-            if (is_file($this->config['private_key_file']))
+            if (is_file($privateKeyFile))
             {
-                $this->config['private_key'] = file_get_contents($this->config['private_key_file']);
+                $this->config['private_key'] = file_get_contents($privateKeyFile);
             }
             else
             {
-                throw new Exception('Private key [' . $this->config['private_key_file'] . '] is missing.');
+                throw new Exception('Private key [' . $privateKeyFile . '] is missing.');
             }
         }
-        else if (!empty($this->config['oauth_token']))
+        else if ($this->config('oauth_token'))
         {
             $this->logger()->info('YDB: Authentication method: OAuth token');
         }
diff --git a/src/Ydb.php b/src/Ydb.php
@@ -102,16 +102,19 @@ public function database()
         return $this->database;
     }
 
-    /**
-     * @return array
-     */
-    public function meta()
+    public function meta(): array
     {
-        return [
-            'x-ydb-auth-ticket' => [$this->iam()->token()],
+        $meta = [
             'x-ydb-database' => [$this->database],
             'x-ydb-sdk-build-info' => ['ydb-php-sdk/' . static::VERSION],
         ];
+
+        if (!$this->iam()->config('anonymous'))
+        {
+            $meta['x-ydb-auth-ticket'] = [$this->iam()->token()];
+        }
+
+        return $meta;
     }
 
     /**

-Original file line number
+Diff line change
@@ @@ -1 +1,4 @@ @@
 .idea
 +tmp/
 +vendor/
 +composer.lock
Original file line number	Diff line number	Diff line change
`@@ -10,6 +10,8 @@`
`10`	`10`	`use YdbPlatform\Ydb\Jwt\Signer\Sha256;`
`11`	`11`	`use YdbPlatform\Ydb\Contracts\IamTokenContract;`
`12`	`12`
	`13`	`+use function filter_var;`
	`14`	`+`
`13`	`15`	`class Iam implements IamTokenContract`
`14`	`16`	`{`
`15`	`17`	`use Traits\LoggerTrait;`
`@@ -48,7 +50,7 @@ public function __construct(array $config = [], LoggerInterface $logger = null)`
`48`	`50`	`{`
`49`	`51`	`if ($config)`
`50`	`52`	`{`
`51`		`- $this->config = $config;`
	`53`	`+ $this->config = $this->parseConfig($config);`
`52`	`54`	`}`
`53`	`55`
`54`	`56`	`$this->logger = $logger;`
`@@ -95,7 +97,6 @@ public function newToken()`
`95`	`97`	`else if ($this->config('private_key'))`
`96`	`98`	`{`
`97`	`99`	`$token = $this->getJwtToken();`
`98`		`-`
`99`	`100`	`$request_data = [`
`100`	`101`	`'jwt' => $token->toString(),`
`101`	`102`	`];`
`@@ -159,6 +160,11 @@ public function newToken()`
`159`	`160`	`*/`
`160`	`161`	`public function getCredentials()`
`161`	`162`	`{`
	`163`	`+ if ($this->config('insecure'))`
	`164`	`+ {`
	`165`	`+ return ChannelCredentials::createInsecure();`
	`166`	`+ }`
	`167`	`+`
`162`	`168`	`$root_pem_file = $this->config('root_cert_file');`
`163`	`169`
`164`	`170`	`if ($root_pem_file && is_file($root_pem_file))`
`@@ -169,28 +175,72 @@ public function getCredentials()`
`169`	`175`	`return ChannelCredentials::createSsl($pem ?? null);`
`170`	`176`	`}`
`171`	`177`
	`178`	`+ /**`
	`179`	`+ * @param array $config`
	`180`	`+ * @return array`
	`181`	`+ */`
	`182`	`+ protected function parseConfig(array $config)`
	`183`	`+ {`
	`184`	`+ $parsedConfig = [];`
	`185`	`+`
	`186`	`+ $stringParams = [`
	`187`	`+ 'temp_dir',`
	`188`	`+ 'root_cert_file',`
	`189`	`+ 'oauth_token',`
	`190`	`+ 'key_id',`
	`191`	`+ 'service_account_id',`
	`192`	`+ 'private_key_file',`
	`193`	`+ 'service_file',`
	`194`	`+ ];`
	`195`	`+`
	`196`	`+ foreach ($stringParams as $param)`
	`197`	`+ {`
	`198`	`+ $parsedConfig[$param] = (string)($config[$param] ?? '');`
	`199`	`+ }`
	`200`	`+`
	`201`	`+ $boolParams = [`
	`202`	`+ 'use_metadata',`
	`203`	`+ 'anonymous',`
	`204`	`+ 'insecure',`
	`205`	`+ ];`
	`206`	`+`
	`207`	`+ foreach ($boolParams as $param)`
	`208`	`+ {`
	`209`	`+ $parsedConfig[$param] = (`
	`210`	`+ isset($config[$param])`
	`211`	`+ && filter_var($config[$param], \FILTER_VALIDATE_BOOLEAN)`
	`212`	`+ );`
	`213`	`+ }`
	`214`	`+`
	`215`	`+ return $parsedConfig;`
	`216`	`+ }`
	`217`	`+`
`172`	`218`	`/**`
`173`	`219`	`* @return void`
`174`	`220`	`* @throws Exception`
`175`	`221`	`*/`
`176`	`222`	`protected function initConfig()`
`177`	`223`	`{`
`178`		`- if (empty($this->config['temp_dir']))`
	`224`	`+ if (!$this->config('temp_dir'))`
`179`	`225`	`{`
`180`	`226`	`$this->config['temp_dir'] = sys_get_temp_dir();`
`181`	`227`	`}`
`182`	`228`
`183`		`- if (!empty($this->config['use_metadata']))`
	`229`	`+ if ($this->config('anonymous'))`
	`230`	`+ {`
	`231`	`+ $this->logger()->info('YDB: Authentication method: Anonymous');`
	`232`	`+ }`
	`233`	`+ else if ($this->config('use_metadata'))`
`184`	`234`	`{`
`185`	`235`	`$this->logger()->info('YDB: Authentication method: Metadata URL');`
`186`	`236`	`}`
`187`		`- else if (!empty($this->config['service_file']))`
	`237`	`+ else if ($serviceFile = $this->config('service_file'))`
`188`	`238`	`{`
`189`		`- if (is_file($this->config['service_file']))`
	`239`	`+ if (is_file($serviceFile))`
`190`	`240`	`{`
`191`	`241`	`$this->logger()->info('YDB: Authentication method: SA JSON file');`
`192`	`242`
`193`		`- $service = json_decode(file_get_contents($this->config['service_file']));`
	`243`	`+ $service = json_decode(file_get_contents($serviceFile));`
`194`	`244`
`195`	`245`	`if (is_object($service)`
`196`	`246`	`&& isset($service->id)`
`@@ -203,28 +253,28 @@ protected function initConfig()`
`203`	`253`	`}`
`204`	`254`	`else`
`205`	`255`	`{`
`206`		`- throw new Exception('Service file [' . $this->config['service_file'] . '] is broken.');`
	`256`	`+ throw new Exception('Service file [' . $serviceFile . '] is broken.');`
`207`	`257`	`}`
`208`	`258`	`}`
`209`	`259`	`else`
`210`	`260`	`{`
`211`		`- throw new Exception('Service file [' . $this->config['service_file'] . '] is missing.');`
	`261`	`+ throw new Exception('Service file [' . $serviceFile . '] is missing.');`
`212`	`262`	`}`
`213`	`263`	`}`
`214`		`- else if (!empty($this->config['private_key_file']))`
	`264`	`+ else if ($privateKeyFile = $this->config('private_key_file'))`
`215`	`265`	`{`
`216`	`266`	`$this->logger()->info('YDB: Authentication method: Private key');`
`217`	`267`
`218`		`- if (is_file($this->config['private_key_file']))`
	`268`	`+ if (is_file($privateKeyFile))`
`219`	`269`	`{`
`220`		`- $this->config['private_key'] = file_get_contents($this->config['private_key_file']);`
	`270`	`+ $this->config['private_key'] = file_get_contents($privateKeyFile);`
`221`	`271`	`}`
`222`	`272`	`else`
`223`	`273`	`{`
`224`		`- throw new Exception('Private key [' . $this->config['private_key_file'] . '] is missing.');`
	`274`	`+ throw new Exception('Private key [' . $privateKeyFile . '] is missing.');`
`225`	`275`	`}`
`226`	`276`	`}`
`227`		`- else if (!empty($this->config['oauth_token']))`
	`277`	`+ else if ($this->config('oauth_token'))`
`228`	`278`	`{`
`229`	`279`	`$this->logger()->info('YDB: Authentication method: OAuth token');`
`230`	`280`	`}`