Porting identity store (#3419)

* porting identity to OSS * changes that glue things together * add testing bits * wrapped entity id * fix mount error * some more changes to core * fix storagepacker tests * fix some more tests * fix mount tests * fix http mount tests * audit changes for identity * remove upgrade structs on the oss side * added go-memdb to vendor
2025-11-02 11:38:02 +00:00 · 2017-10-11 10:21:20 -07:00
parent a3bd4530b6
commit 6b9ce0c8c5
54 changed files with 10162 additions and 60 deletions
--- a/logical/request.go
+++ b/logical/request.go
@@ -87,6 +87,10 @@ type Request struct {
 	// aliases, generating different defaults depending on the alias)
 	MountType string `json:"mount_type" structs:"mount_type" mapstructure:"mount_type"`

+	// MountAccessor is provided so that identities returned by the authentication
+	// backends can be tied to the mount it belongs to.
+	MountAccessor string `json:"mount_accessor" structs:"mount_accessor" mapstructure:"mount_accessor"`
+
 	// WrapInfo contains requested response wrapping parameters
 	WrapInfo *RequestWrapInfo `json:"wrap_info" structs:"wrap_info" mapstructure:"wrap_info"`

@@ -94,6 +98,10 @@ type Request struct {
 	// token supplied
 	ClientTokenRemainingUses int `json:"client_token_remaining_uses" structs:"client_token_remaining_uses" mapstructure:"client_token_remaining_uses"`

+	// EntityID is the identity of the caller extracted out of the token used
+	// to make this request
+	EntityID string `json:"entity_id" structs:"entity_id" mapstructure:"entity_id"`
+
 	// For replication, contains the last WAL on the remote side after handling
 	// the request, used for best-effort avoidance of stale read-after-write
 	lastRemoteWAL uint64