From 65228f3188dce3498c154162695805eee32ff17e Mon Sep 17 00:00:00 2001 From: Ralf Haferkamp Date: Tue, 9 Sep 2025 10:30:25 +0200 Subject: [PATCH] Bump reva to latest main to get https://github.com/opencloud-eu/reva/pull/339 --- go.mod | 12 +- go.sum | 24 +- .../cenkalti/backoff/v5/exponential.go | 11 +- .../github.com/cenkalti/backoff/v5/retry.go | 4 +- .../services/userprovider/userprovider.go | 13 +- .../reva/v2/pkg/auth/manager/ldap/ldap.go | 2 +- .../reva/v2/pkg/cbox/user/rest/rest.go | 8 +- .../reva/v2/pkg/group/manager/ldap/ldap.go | 56 ++++- .../reva/v2/pkg/user/manager/demo/demo.go | 6 +- .../reva/v2/pkg/user/manager/json/json.go | 6 +- .../reva/v2/pkg/user/manager/ldap/ldap.go | 48 +++- .../reva/v2/pkg/user/manager/memory/memory.go | 9 +- .../pkg/user/manager/nextcloud/nextcloud.go | 8 +- .../user/manager/owncloudsql/owncloudsql.go | 9 +- .../opencloud-eu/reva/v2/pkg/user/rpc_user.go | 11 +- .../opencloud-eu/reva/v2/pkg/user/user.go | 2 +- .../reva/v2/pkg/utils/ldap/identity.go | 210 ++++++++++++------ .../otel/exporters/otlp/otlptrace/LICENSE | 30 +++ .../otel/exporters/otlp/otlptrace/exporter.go | 2 +- .../internal/tracetransform/attribute.go | 3 +- .../tracetransform/instrumentation.go | 3 +- .../internal/tracetransform/resource.go | 3 +- .../otlptrace/internal/tracetransform/span.go | 6 +- .../otlp/otlptrace/otlptracegrpc/LICENSE | 30 +++ .../otlp/otlptrace/otlptracegrpc/client.go | 6 +- .../otel/exporters/otlp/otlptrace/version.go | 2 +- vendor/modules.txt | 12 +- 27 files changed, 388 insertions(+), 148 deletions(-) diff --git a/go.mod b/go.mod index f8e635ed46..4243f87266 100644 --- a/go.mod +++ b/go.mod @@ -65,7 +65,7 @@ require ( github.com/onsi/gomega v1.38.2 github.com/open-policy-agent/opa v1.6.0 github.com/opencloud-eu/libre-graph-api-go v1.0.8-0.20250724122329-41ba6b191e76 - github.com/opencloud-eu/reva/v2 v2.37.0 + github.com/opencloud-eu/reva/v2 v2.37.1-0.20250909074412-f272eeaa2674 github.com/opensearch-project/opensearch-go/v4 v4.5.0 github.com/orcaman/concurrent-map v1.0.0 github.com/pkg/errors v0.9.1 @@ -99,7 +99,7 @@ require ( go.opentelemetry.io/contrib/zpages v0.62.0 go.opentelemetry.io/otel v1.38.0 go.opentelemetry.io/otel/exporters/jaeger v1.17.0 - go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.37.0 + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.38.0 go.opentelemetry.io/otel/sdk v1.38.0 go.opentelemetry.io/otel/trace v1.38.0 golang.org/x/crypto v0.41.0 @@ -110,7 +110,7 @@ require ( golang.org/x/sync v0.17.0 golang.org/x/term v0.34.0 golang.org/x/text v0.28.0 - google.golang.org/genproto/googleapis/api v0.0.0-20250818200422-3122310a409c + google.golang.org/genproto/googleapis/api v0.0.0-20250825161204-c5933d9347a5 google.golang.org/grpc v1.75.0 google.golang.org/protobuf v1.36.8 gopkg.in/yaml.v2 v2.4.0 @@ -159,7 +159,7 @@ require ( github.com/bluele/gcache v0.0.2 // indirect github.com/bombsimon/logrusr/v3 v3.1.0 // indirect github.com/cenkalti/backoff/v4 v4.3.0 // indirect - github.com/cenkalti/backoff/v5 v5.0.2 // indirect + github.com/cenkalti/backoff/v5 v5.0.3 // indirect github.com/ceph/go-ceph v0.35.0 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/cevaris/ordered_map v0.0.0-20190319150403-3adeae072e73 // indirect @@ -354,9 +354,9 @@ require ( go.etcd.io/etcd/client/v3 v3.6.4 // indirect go.opencensus.io v0.24.0 // indirect go.opentelemetry.io/auto/sdk v1.1.0 // indirect - go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.37.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.38.0 // indirect go.opentelemetry.io/otel/metric v1.38.0 // indirect - go.opentelemetry.io/proto/otlp v1.7.0 // indirect + go.opentelemetry.io/proto/otlp v1.7.1 // indirect go.uber.org/automaxprocs v1.6.0 // indirect go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.27.0 // indirect diff --git a/go.sum b/go.sum index 61b8052359..1b7bcac993 100644 --- a/go.sum +++ b/go.sum @@ -206,8 +206,8 @@ github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QH github.com/cenkalti/backoff/v4 v4.1.0/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8= github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= -github.com/cenkalti/backoff/v5 v5.0.2 h1:rIfFVxEf1QsI7E1ZHfp/B4DF/6QBAUhmgkxc0H7Zss8= -github.com/cenkalti/backoff/v5 v5.0.2/go.mod h1:rkhZdG3JZukswDf7f0cwqPNk4K0sa+F97BxZthm/crw= +github.com/cenkalti/backoff/v5 v5.0.3 h1:ZN+IMa753KfX5hd8vVaMixjnqRZ3y8CuJKRKj1xcsSM= +github.com/cenkalti/backoff/v5 v5.0.3/go.mod h1:rkhZdG3JZukswDf7f0cwqPNk4K0sa+F97BxZthm/crw= github.com/census-instrumentation/opencensus-proto v0.2.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/ceph/go-ceph v0.35.0 h1:wcDUbsjeNJ7OfbWCE7I5prqUL794uXchopw3IvrGQkk= @@ -916,8 +916,8 @@ github.com/opencloud-eu/go-micro-plugins/v4/store/nats-js-kv v0.0.0-202505121527 github.com/opencloud-eu/go-micro-plugins/v4/store/nats-js-kv v0.0.0-20250512152754-23325793059a/go.mod h1:pjcozWijkNPbEtX5SIQaxEW/h8VAVZYTLx+70bmB3LY= github.com/opencloud-eu/libre-graph-api-go v1.0.8-0.20250724122329-41ba6b191e76 h1:vD/EdfDUrv4omSFjrinT8Mvf+8D7f9g4vgQ2oiDrVUI= github.com/opencloud-eu/libre-graph-api-go v1.0.8-0.20250724122329-41ba6b191e76/go.mod h1:pzatilMEHZFT3qV7C/X3MqOa3NlRQuYhlRhZTL+hN6Q= -github.com/opencloud-eu/reva/v2 v2.37.0 h1:PKX425FaLlA7Zd5VG6XbHKdBoapJGFv/vc9+njJr/hs= -github.com/opencloud-eu/reva/v2 v2.37.0/go.mod h1:aNiCrmC5jZJ/Nxqn1UaqyOTez1S7mDLWcpqPbPNYI6A= +github.com/opencloud-eu/reva/v2 v2.37.1-0.20250909074412-f272eeaa2674 h1:35OSsH9o4GAL9LX+BckhYlpp+EqJ0Bz69MXz+5gpaV4= +github.com/opencloud-eu/reva/v2 v2.37.1-0.20250909074412-f272eeaa2674/go.mod h1:eu0fTK68n+drdu7eT0u1QODDH3VHMugAdrS6G5VhMwA= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.1 h1:y0fUlFfIZhPF1W537XOLg0/fcx6zcHCJwooC2xJA040= @@ -1250,10 +1250,10 @@ go.opentelemetry.io/otel v1.38.0 h1:RkfdswUDRimDg0m2Az18RKOsnI8UDzppJAtj01/Ymk8= go.opentelemetry.io/otel v1.38.0/go.mod h1:zcmtmQ1+YmQM9wrNsTGV/q/uyusom3P8RxwExxkZhjM= go.opentelemetry.io/otel/exporters/jaeger v1.17.0 h1:D7UpUy2Xc2wsi1Ras6V40q806WM07rqoCWzXu7Sqy+4= go.opentelemetry.io/otel/exporters/jaeger v1.17.0/go.mod h1:nPCqOnEH9rNLKqH/+rrUjiMzHJdV1BlpKcTwRTyKkKI= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.37.0 h1:Ahq7pZmv87yiyn3jeFz/LekZmPLLdKejuO3NcK9MssM= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.37.0/go.mod h1:MJTqhM0im3mRLw1i8uGHnCvUEeS7VwRyxlLC78PA18M= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.37.0 h1:EtFWSnwW9hGObjkIdmlnWSydO+Qs8OwzfzXLUPg4xOc= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.37.0/go.mod h1:QjUEoiGCPkvFZ/MjK6ZZfNOS6mfVEVKYE99dFhuN2LI= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.38.0 h1:GqRJVj7UmLjCVyVJ3ZFLdPRmhDUp2zFmQe3RHIOsw24= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.38.0/go.mod h1:ri3aaHSmCTVYu2AWv44YMauwAQc0aqI9gHKIcSbI1pU= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.38.0 h1:lwI4Dc5leUqENgGuQImwLo4WnuXFPetmPpkLi2IrX54= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.38.0/go.mod h1:Kz/oCE7z5wuyhPxsXDuaPteSWqjSBD5YaSdbxZYGbGk= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.36.0 h1:nRVXXvf78e00EwY6Wp0YII8ww2JVWshZ20HfTlE11AM= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.36.0/go.mod h1:r49hO7CgrxY9Voaj3Xe8pANWtr0Oq916d0XAmOoCZAQ= go.opentelemetry.io/otel/metric v1.38.0 h1:Kl6lzIYGAh5M159u9NgiRkmoMKjvbsKtYRwgfrA6WpA= @@ -1264,8 +1264,8 @@ go.opentelemetry.io/otel/sdk/metric v1.38.0 h1:aSH66iL0aZqo//xXzQLYozmWrXxyFkBJ6 go.opentelemetry.io/otel/sdk/metric v1.38.0/go.mod h1:dg9PBnW9XdQ1Hd6ZnRz689CbtrUp0wMMs9iPcgT9EZA= go.opentelemetry.io/otel/trace v1.38.0 h1:Fxk5bKrDZJUH+AMyyIXGcFAPah0oRcT+LuNtJrmcNLE= go.opentelemetry.io/otel/trace v1.38.0/go.mod h1:j1P9ivuFsTceSWe1oY+EeW3sc+Pp42sO++GHkg4wwhs= -go.opentelemetry.io/proto/otlp v1.7.0 h1:jX1VolD6nHuFzOYso2E73H85i92Mv8JQYk0K9vz09os= -go.opentelemetry.io/proto/otlp v1.7.0/go.mod h1:fSKjH6YJ7HDlwzltzyMj036AJ3ejJLCgCSHGj4efDDo= +go.opentelemetry.io/proto/otlp v1.7.1 h1:gTOMpGDb0WTBOP8JaO72iL3auEZhVmAQg4ipjOVAtj4= +go.opentelemetry.io/proto/otlp v1.7.1/go.mod h1:b2rVh6rfI/s2pHWNlB7ILJcRALpcNDzKhACevjI+ZnE= go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= @@ -1677,8 +1677,8 @@ google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20250303144028-a0af3efb3deb h1:ITgPrl429bc6+2ZraNSzMDk3I95nmQln2fuPstKwFDE= google.golang.org/genproto v0.0.0-20250303144028-a0af3efb3deb/go.mod h1:sAo5UzpjUwgFBCzupwhcLcxHVDK7vG5IqI30YnwX2eE= -google.golang.org/genproto/googleapis/api v0.0.0-20250818200422-3122310a409c h1:AtEkQdl5b6zsybXcbz00j1LwNodDuH6hVifIaNqk7NQ= -google.golang.org/genproto/googleapis/api v0.0.0-20250818200422-3122310a409c/go.mod h1:ea2MjsO70ssTfCjiwHgI0ZFqcw45Ksuk2ckf9G468GA= +google.golang.org/genproto/googleapis/api v0.0.0-20250825161204-c5933d9347a5 h1:BIRfGDEjiHRrk0QKZe3Xv2ieMhtgRGeLcZQ0mIVn4EY= +google.golang.org/genproto/googleapis/api v0.0.0-20250825161204-c5933d9347a5/go.mod h1:j3QtIyytwqGr1JUDtYXwtMXWPKsEa5LtzIFN1Wn5WvE= google.golang.org/genproto/googleapis/rpc v0.0.0-20250825161204-c5933d9347a5 h1:eaY8u2EuxbRv7c3NiGK0/NedzVsCcV6hDuU5qPX5EGE= google.golang.org/genproto/googleapis/rpc v0.0.0-20250825161204-c5933d9347a5/go.mod h1:M4/wBTSeyLxupu3W3tJtOgB14jILAS/XWPSSa3TAlJc= google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= diff --git a/vendor/github.com/cenkalti/backoff/v5/exponential.go b/vendor/github.com/cenkalti/backoff/v5/exponential.go index c1f3e442d3..79d425e874 100644 --- a/vendor/github.com/cenkalti/backoff/v5/exponential.go +++ b/vendor/github.com/cenkalti/backoff/v5/exponential.go @@ -1,7 +1,7 @@ package backoff import ( - "math/rand" + "math/rand/v2" "time" ) @@ -28,13 +28,7 @@ multiplied by the exponential, that is, between 2 and 6 seconds. Note: MaxInterval caps the RetryInterval and not the randomized interval. -If the time elapsed since an ExponentialBackOff instance is created goes past the -MaxElapsedTime, then the method NextBackOff() starts returning backoff.Stop. - -The elapsed time can be reset by calling Reset(). - -Example: Given the following default arguments, for 10 tries the sequence will be, -and assuming we go over the MaxElapsedTime on the 10th try: +Example: Given the following default arguments, for 9 tries the sequence will be: Request # RetryInterval (seconds) Randomized Interval (seconds) @@ -47,7 +41,6 @@ and assuming we go over the MaxElapsedTime on the 10th try: 7 5.692 [2.846, 8.538] 8 8.538 [4.269, 12.807] 9 12.807 [6.403, 19.210] - 10 19.210 backoff.Stop Note: Implementation is not thread-safe. */ diff --git a/vendor/github.com/cenkalti/backoff/v5/retry.go b/vendor/github.com/cenkalti/backoff/v5/retry.go index e43f47fb8a..32a7f98834 100644 --- a/vendor/github.com/cenkalti/backoff/v5/retry.go +++ b/vendor/github.com/cenkalti/backoff/v5/retry.go @@ -47,7 +47,7 @@ func WithNotify(n Notify) RetryOption { } } -// WithMaxTries limits the number of retry attempts. +// WithMaxTries limits the number of all attempts. func WithMaxTries(n uint) RetryOption { return func(args *retryOptions) { args.MaxTries = n @@ -97,7 +97,7 @@ func Retry[T any](ctx context.Context, operation Operation[T], opts ...RetryOpti // Handle permanent errors without retrying. var permanent *PermanentError if errors.As(err, &permanent) { - return res, err + return res, permanent.Unwrap() } // Stop retrying if context is cancelled. diff --git a/vendor/github.com/opencloud-eu/reva/v2/internal/grpc/services/userprovider/userprovider.go b/vendor/github.com/opencloud-eu/reva/v2/internal/grpc/services/userprovider/userprovider.go index 921ec2145e..3dbe068e86 100644 --- a/vendor/github.com/opencloud-eu/reva/v2/internal/grpc/services/userprovider/userprovider.go +++ b/vendor/github.com/opencloud-eu/reva/v2/internal/grpc/services/userprovider/userprovider.go @@ -136,6 +136,11 @@ func (s *service) GetUser(ctx context.Context, req *userpb.GetUserRequest) (*use return res, nil } + // Only request users from the same tenant as the current user + if currentUser, ok := revactx.ContextGetUser(ctx); ok { + req.UserId.TenantId = currentUser.GetId().GetTenantId() + } + user, err := s.usermgr.GetUser(ctx, req.UserId, req.SkipFetchingUserGroups) if err != nil { res := &userpb.GetUserResponse{} @@ -155,7 +160,11 @@ func (s *service) GetUser(ctx context.Context, req *userpb.GetUserRequest) (*use } func (s *service) GetUserByClaim(ctx context.Context, req *userpb.GetUserByClaimRequest) (*userpb.GetUserByClaimResponse, error) { - user, err := s.usermgr.GetUserByClaim(ctx, req.Claim, req.Value, req.SkipFetchingUserGroups) + tenantID := "" + if currentUser, ok := revactx.ContextGetUser(ctx); ok { + tenantID = currentUser.GetId().GetTenantId() + } + user, err := s.usermgr.GetUserByClaim(ctx, req.Claim, req.Value, tenantID, req.SkipFetchingUserGroups) if err != nil { res := &userpb.GetUserByClaimResponse{} if _, ok := err.(errtypes.NotFound); ok { @@ -176,7 +185,7 @@ func (s *service) GetUserByClaim(ctx context.Context, req *userpb.GetUserByClaim func (s *service) FindUsers(ctx context.Context, req *userpb.FindUsersRequest) (*userpb.FindUsersResponse, error) { currentUser := revactx.ContextMustGetUser(ctx) - users, err := s.usermgr.FindUsers(ctx, req.Filter, currentUser.Id.GetTenantId(), req.SkipFetchingUserGroups) + users, err := s.usermgr.FindUsers(ctx, req.Filter, currentUser.GetId().GetTenantId(), req.SkipFetchingUserGroups) if err != nil { res := &userpb.FindUsersResponse{ Status: status.NewInternal(ctx, "error finding users"), diff --git a/vendor/github.com/opencloud-eu/reva/v2/pkg/auth/manager/ldap/ldap.go b/vendor/github.com/opencloud-eu/reva/v2/pkg/auth/manager/ldap/ldap.go index 3794372a99..e73cdfefe3 100644 --- a/vendor/github.com/opencloud-eu/reva/v2/pkg/auth/manager/ldap/ldap.go +++ b/vendor/github.com/opencloud-eu/reva/v2/pkg/auth/manager/ldap/ldap.go @@ -108,7 +108,7 @@ func (am *mgr) Authenticate(ctx context.Context, clientID, clientSecret string) filter := am.getLoginFilter(clientID) - userEntry, err := am.c.LDAPIdentity.GetLDAPUserByFilter(log, am.ldapClient, filter) + userEntry, err := am.c.LDAPIdentity.GetLDAPUserByFilter(ctx, am.ldapClient, filter) if err != nil { return nil, nil, err diff --git a/vendor/github.com/opencloud-eu/reva/v2/pkg/cbox/user/rest/rest.go b/vendor/github.com/opencloud-eu/reva/v2/pkg/cbox/user/rest/rest.go index 86b300010d..5433433e38 100644 --- a/vendor/github.com/opencloud-eu/reva/v2/pkg/cbox/user/rest/rest.go +++ b/vendor/github.com/opencloud-eu/reva/v2/pkg/cbox/user/rest/rest.go @@ -224,6 +224,9 @@ func (m *manager) parseAndCacheUser(ctx context.Context, userData map[string]int } func (m *manager) GetUser(ctx context.Context, uid *userpb.UserId, skipFetchingGroups bool) (*userpb.User, error) { + if uid.GetTenantId() != "" { + return nil, errtypes.NotSupported("tenant filter not supported in rest user manager") + } u, err := m.fetchCachedUserDetails(uid) if err != nil { return nil, err @@ -240,7 +243,10 @@ func (m *manager) GetUser(ctx context.Context, uid *userpb.UserId, skipFetchingG return u, nil } -func (m *manager) GetUserByClaim(ctx context.Context, claim, value string, skipFetchingGroups bool) (*userpb.User, error) { +func (m *manager) GetUserByClaim(ctx context.Context, claim, value, tenantID string, skipFetchingGroups bool) (*userpb.User, error) { + if tenantID != "" { + return nil, errtypes.NotSupported("tenant filter not supported in rest user manager") + } u, err := m.fetchCachedUserByParam(claim, value) if err != nil { return nil, err diff --git a/vendor/github.com/opencloud-eu/reva/v2/pkg/group/manager/ldap/ldap.go b/vendor/github.com/opencloud-eu/reva/v2/pkg/group/manager/ldap/ldap.go index 2ea58fb8db..517874a49a 100644 --- a/vendor/github.com/opencloud-eu/reva/v2/pkg/group/manager/ldap/ldap.go +++ b/vendor/github.com/opencloud-eu/reva/v2/pkg/group/manager/ldap/ldap.go @@ -35,6 +35,7 @@ import ( "github.com/opencloud-eu/reva/v2/pkg/utils" ldapIdentity "github.com/opencloud-eu/reva/v2/pkg/utils/ldap" "github.com/pkg/errors" + "go.opentelemetry.io/otel/attribute" ) func init() { @@ -54,6 +55,8 @@ type config struct { Nobody int64 `mapstructure:"nobody"` } +const tracerName = "pkg/group/manager/ldap" + func parseConfig(m map[string]interface{}) (*config, error) { c := config{ LDAPIdentity: ldapIdentity.New(), @@ -100,12 +103,20 @@ func (m *manager) Configure(ml map[string]interface{}) error { // GetGroup implements the group.Manager interface. Looks up a group by Id and return the group func (m *manager) GetGroup(ctx context.Context, gid *grouppb.GroupId, skipFetchingMembers bool) (*grouppb.Group, error) { + ctx, span := appctx.GetTracerProvider(ctx).Tracer(tracerName).Start(ctx, "GetGroup") + defer span.End() + + span.SetAttributes( + attribute.Stringer("group_id", gid), + attribute.Bool("skip_fetching_members", skipFetchingMembers), + ) + log := appctx.GetLogger(ctx) if gid.Idp != "" && gid.Idp != m.c.Idp { return nil, errtypes.NotFound("idp mismatch") } - groupEntry, err := m.c.LDAPIdentity.GetLDAPGroupByID(log, m.ldapClient, gid.OpaqueId) + groupEntry, err := m.c.LDAPIdentity.GetLDAPGroupByID(ctx, m.ldapClient, gid.OpaqueId) if err != nil { return nil, err } @@ -121,7 +132,7 @@ func (m *manager) GetGroup(ctx context.Context, gid *grouppb.GroupId, skipFetchi return g, nil } - members, err := m.c.LDAPIdentity.GetLDAPGroupMembers(log, m.ldapClient, groupEntry) + members, err := m.c.LDAPIdentity.GetLDAPGroupMembers(ctx, m.ldapClient, groupEntry) if err != nil { return nil, err } @@ -144,8 +155,17 @@ func (m *manager) GetGroup(ctx context.Context, gid *grouppb.GroupId, skipFetchi // GetGroupByClaim implements the group.Manager interface. Looks up a group by // claim ('group_name', 'group_id', 'display_name') and returns the group. func (m *manager) GetGroupByClaim(ctx context.Context, claim, value string, skipFetchingMembers bool) (*grouppb.Group, error) { + ctx, span := appctx.GetTracerProvider(ctx).Tracer(tracerName).Start(ctx, "GetGroupByClaim") + defer span.End() + + span.SetAttributes( + attribute.String("claim", claim), + attribute.String("value", value), + attribute.Bool("skip_fetching_members", skipFetchingMembers), + ) + log := appctx.GetLogger(ctx) - groupEntry, err := m.c.LDAPIdentity.GetLDAPGroupByAttribute(log, m.ldapClient, claim, value) + groupEntry, err := m.c.LDAPIdentity.GetLDAPGroupByAttribute(ctx, m.ldapClient, claim, value) if err != nil { log.Debug().Err(err).Msg("GetGroupByClaim") return nil, err @@ -162,7 +182,7 @@ func (m *manager) GetGroupByClaim(ctx context.Context, claim, value string, skip return g, nil } - members, err := m.c.LDAPIdentity.GetLDAPGroupMembers(log, m.ldapClient, groupEntry) + members, err := m.c.LDAPIdentity.GetLDAPGroupMembers(ctx, m.ldapClient, groupEntry) if err != nil { return nil, err } @@ -187,8 +207,15 @@ func (m *manager) GetGroupByClaim(ctx context.Context, claim, value string, skip // 'display_name', 'group_id') and returns the groups. FindGroups does NOT expand the // members of the Groups. func (m *manager) FindGroups(ctx context.Context, query string, skipFetchingMembers bool) ([]*grouppb.Group, error) { - log := appctx.GetLogger(ctx) - entries, err := m.c.LDAPIdentity.GetLDAPGroups(log, m.ldapClient, query) + ctx, span := appctx.GetTracerProvider(ctx).Tracer(tracerName).Start(ctx, "FindGroups") + defer span.End() + + span.SetAttributes( + attribute.String("query", query), + attribute.Bool("skip_fetching_members", skipFetchingMembers), + ) + + entries, err := m.c.LDAPIdentity.GetLDAPGroups(ctx, m.ldapClient, query) if err != nil { return nil, err } @@ -210,19 +237,25 @@ func (m *manager) FindGroups(ctx context.Context, query string, skipFetchingMemb // GetMembers implements the group.Manager interface. It returns all the userids of the members // of the group identified by the supplied id. func (m *manager) GetMembers(ctx context.Context, gid *grouppb.GroupId) ([]*userpb.UserId, error) { + ctx, span := appctx.GetTracerProvider(ctx).Tracer(tracerName).Start(ctx, "GetMembers") + defer span.End() + + span.SetAttributes( + attribute.Stringer("group_id", gid), + ) log := appctx.GetLogger(ctx) if gid.Idp != "" && gid.Idp != m.c.Idp { return nil, errtypes.NotFound("idp mismatch") } - groupEntry, err := m.c.LDAPIdentity.GetLDAPGroupByID(log, m.ldapClient, gid.OpaqueId) + groupEntry, err := m.c.LDAPIdentity.GetLDAPGroupByID(ctx, m.ldapClient, gid.OpaqueId) if err != nil { return nil, err } log.Debug().Interface("entry", groupEntry).Msg("entries") - members, err := m.c.LDAPIdentity.GetLDAPGroupMembers(log, m.ldapClient, groupEntry) + members, err := m.c.LDAPIdentity.GetLDAPGroupMembers(ctx, m.ldapClient, groupEntry) if err != nil { return nil, err } @@ -243,6 +276,13 @@ func (m *manager) GetMembers(ctx context.Context, gid *grouppb.GroupId) ([]*user // HasMember implements the group.Member interface. Checks whether the supplied userid is a member // of the supplied groupid. func (m *manager) HasMember(ctx context.Context, gid *grouppb.GroupId, uid *userpb.UserId) (bool, error) { + ctx, span := appctx.GetTracerProvider(ctx).Tracer(tracerName).Start(ctx, "HasMember") + defer span.End() + + span.SetAttributes( + attribute.Stringer("group_id", gid), + attribute.Stringer("user_id", uid), + ) // It might be possible to do a somewhat more clever LDAP search here. (First lookup the user and then // search for (&(objectclass=)(=gid)(member=) // The GetMembers call used below can be quiet ineffecient for large groups diff --git a/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/demo/demo.go b/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/demo/demo.go index a53d892fe9..3333ae5421 100644 --- a/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/demo/demo.go +++ b/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/demo/demo.go @@ -57,7 +57,7 @@ func (m *manager) Configure(ml map[string]interface{}) error { func (m *manager) GetUser(ctx context.Context, uid *userpb.UserId, skipFetchingGroups bool) (*userpb.User, error) { if user, ok := m.catalog[uid.OpaqueId]; ok { - if uid.Idp == "" || user.Id.Idp == uid.Idp { + if user.GetId().GetTenantId() == uid.GetTenantId() && (uid.Idp == "" || user.Id.Idp == uid.Idp) { u := proto.Clone(user).(*userpb.User) if skipFetchingGroups { u.Groups = nil @@ -68,9 +68,9 @@ func (m *manager) GetUser(ctx context.Context, uid *userpb.UserId, skipFetchingG return nil, errtypes.NotFound(uid.OpaqueId) } -func (m *manager) GetUserByClaim(ctx context.Context, claim, value string, skipFetchingGroups bool) (*userpb.User, error) { +func (m *manager) GetUserByClaim(ctx context.Context, claim, value, tenantID string, skipFetchingGroups bool) (*userpb.User, error) { for _, u := range m.catalog { - if userClaim, err := extractClaim(u, claim); err == nil && value == userClaim { + if userClaim, err := extractClaim(u, claim); err == nil && value == userClaim && tenantID == u.Id.TenantId { user := proto.Clone(u).(*userpb.User) if skipFetchingGroups { user.Groups = nil diff --git a/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/json/json.go b/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/json/json.go index 2b467ec38c..389acffef4 100644 --- a/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/json/json.go +++ b/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/json/json.go @@ -97,7 +97,7 @@ func (m *manager) Configure(ml map[string]interface{}) error { func (m *manager) GetUser(ctx context.Context, uid *userpb.UserId, skipFetchingGroups bool) (*userpb.User, error) { for _, u := range m.users { - if (u.Id.GetOpaqueId() == uid.OpaqueId || u.Username == uid.OpaqueId) && (uid.Idp == "" || uid.Idp == u.Id.GetIdp()) { + if (u.Id.GetOpaqueId() == uid.OpaqueId || u.Username == uid.OpaqueId) && (uid.Idp == "" || uid.Idp == u.Id.GetIdp()) && (uid.GetTenantId() == u.Id.GetTenantId()) { user := proto.Clone(u).(*userpb.User) if skipFetchingGroups { user.Groups = nil @@ -108,9 +108,9 @@ func (m *manager) GetUser(ctx context.Context, uid *userpb.UserId, skipFetchingG return nil, errtypes.NotFound(uid.OpaqueId) } -func (m *manager) GetUserByClaim(ctx context.Context, claim, value string, skipFetchingGroups bool) (*userpb.User, error) { +func (m *manager) GetUserByClaim(ctx context.Context, claim, value, tenantID string, skipFetchingGroups bool) (*userpb.User, error) { for _, u := range m.users { - if userClaim, err := extractClaim(u, claim); err == nil && value == userClaim { + if userClaim, err := extractClaim(u, claim); err == nil && value == userClaim && tenantID == u.Id.TenantId { user := proto.Clone(u).(*userpb.User) if skipFetchingGroups { user.Groups = nil diff --git a/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/ldap/ldap.go b/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/ldap/ldap.go index 1cf69509d3..fe978dab16 100644 --- a/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/ldap/ldap.go +++ b/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/ldap/ldap.go @@ -34,12 +34,15 @@ import ( "github.com/opencloud-eu/reva/v2/pkg/utils" ldapIdentity "github.com/opencloud-eu/reva/v2/pkg/utils/ldap" "github.com/pkg/errors" + "go.opentelemetry.io/otel/attribute" ) func init() { registry.Register("ldap", New) } +const tracerName = "pkg/user/manager/ldap" + type manager struct { c *config ldapClient ldap.Client @@ -96,15 +99,22 @@ func (m *manager) Configure(ml map[string]interface{}) error { // GetUser implements the user.Manager interface. Looks up a user by Id and return the user func (m *manager) GetUser(ctx context.Context, uid *userpb.UserId, skipFetchingGroups bool) (*userpb.User, error) { - log := appctx.GetLogger(ctx) + ctx, span := appctx.GetTracerProvider(ctx).Tracer(tracerName).Start(ctx, "GetUser") + defer span.End() + span.SetAttributes( + attribute.Stringer("parameter.userid", uid), + attribute.Bool("parameter.skipFetchingGroups", skipFetchingGroups), + ) + + log := appctx.GetLogger(ctx) log.Debug().Interface("id", uid).Msg("GetUser") // If the Idp value in the uid does not match our config, we can't answer this request if uid.Idp != "" && uid.Idp != m.c.Idp { return nil, errtypes.NotFound("idp mismatch") } - userEntry, err := m.c.LDAPIdentity.GetLDAPUserByID(log, m.ldapClient, uid.OpaqueId) + userEntry, err := m.c.LDAPIdentity.GetLDAPUserByID(ctx, m.ldapClient, uid) if err != nil { return nil, err } @@ -120,7 +130,7 @@ func (m *manager) GetUser(ctx context.Context, uid *userpb.UserId, skipFetchingG return u, nil } - groups, err := m.c.LDAPIdentity.GetLDAPUserGroups(log, m.ldapClient, userEntry) + groups, err := m.c.LDAPIdentity.GetLDAPUserGroups(ctx, m.ldapClient, userEntry) if err != nil { return nil, err } @@ -131,11 +141,18 @@ func (m *manager) GetUser(ctx context.Context, uid *userpb.UserId, skipFetchingG // GetUserByClaim implements the user.Manager interface. Looks up a user by // claim ('mail', 'username', 'userid') and returns the user. -func (m *manager) GetUserByClaim(ctx context.Context, claim, value string, skipFetchingGroups bool) (*userpb.User, error) { +func (m *manager) GetUserByClaim(ctx context.Context, claim, value, tenantID string, skipFetchingGroups bool) (*userpb.User, error) { log := appctx.GetLogger(ctx) + ctx, span := appctx.GetTracerProvider(ctx).Tracer(tracerName).Start(ctx, "GetUserByClaim") + defer span.End() + span.SetAttributes( + attribute.String("parameter.claim", claim), + attribute.String("paramter.value", value), + attribute.Bool("parameter.skipFetchingGroups", skipFetchingGroups), + ) log.Debug().Str("claim", claim).Str("value", value).Msg("GetUserByClaim") - userEntry, err := m.c.LDAPIdentity.GetLDAPUserByAttribute(log, m.ldapClient, claim, value) + userEntry, err := m.c.LDAPIdentity.GetLDAPUserByAttribute(ctx, m.ldapClient, claim, value, tenantID) if err != nil { log.Debug().Err(err).Msg("GetUserByClaim") return nil, err @@ -148,7 +165,7 @@ func (m *manager) GetUserByClaim(ctx context.Context, claim, value string, skipF return nil, err } - if m.c.LDAPIdentity.IsLDAPUserInDisabledGroup(log, m.ldapClient, userEntry) { + if m.c.LDAPIdentity.IsLDAPUserInDisabledGroup(ctx, m.ldapClient, userEntry) { return nil, errtypes.NotFound("user is locally disabled") } @@ -156,7 +173,7 @@ func (m *manager) GetUserByClaim(ctx context.Context, claim, value string, skipF return u, nil } - groups, err := m.c.LDAPIdentity.GetLDAPUserGroups(log, m.ldapClient, userEntry) + groups, err := m.c.LDAPIdentity.GetLDAPUserGroups(ctx, m.ldapClient, userEntry) if err != nil { return nil, err } @@ -169,8 +186,15 @@ func (m *manager) GetUserByClaim(ctx context.Context, claim, value string, skipF // FindUser implements the user.Manager interface. Searches for users using a prefix-substring search on // the user attributes ('mail', 'username', 'displayname', 'userid') and returns the users. func (m *manager) FindUsers(ctx context.Context, query, tenantID string, skipFetchingGroups bool) ([]*userpb.User, error) { - log := appctx.GetLogger(ctx) - entries, err := m.c.LDAPIdentity.GetLDAPUsers(log, m.ldapClient, query, tenantID) + ctx, span := appctx.GetTracerProvider(ctx).Tracer(tracerName).Start(ctx, "FindUsers") + defer span.End() + span.SetAttributes( + attribute.String("parameter.query", query), + attribute.String("parameter.tenantID", tenantID), + attribute.Bool("parameter.skipFetchingGroups", skipFetchingGroups), + ) + + entries, err := m.c.LDAPIdentity.GetLDAPUsers(ctx, m.ldapClient, query, tenantID) if err != nil { return nil, err } @@ -183,7 +207,7 @@ func (m *manager) FindUsers(ctx context.Context, query, tenantID string, skipFet } if !skipFetchingGroups { - groups, err := m.c.LDAPIdentity.GetLDAPUserGroups(log, m.ldapClient, entry) + groups, err := m.c.LDAPIdentity.GetLDAPUserGroups(ctx, m.ldapClient, entry) if err != nil { return nil, err } @@ -204,12 +228,12 @@ func (m *manager) GetUserGroups(ctx context.Context, uid *userpb.UserId) ([]stri log.Debug().Str("useridp", uid.Idp).Str("configured idp", m.c.Idp).Msg("IDP mismatch") return nil, errtypes.NotFound("idp mismatch") } - userEntry, err := m.c.LDAPIdentity.GetLDAPUserByID(log, m.ldapClient, uid.OpaqueId) + userEntry, err := m.c.LDAPIdentity.GetLDAPUserByID(ctx, m.ldapClient, uid) if err != nil { log.Debug().Err(err).Interface("userid", uid).Msg("Failed to lookup user") return []string{}, err } - return m.c.LDAPIdentity.GetLDAPUserGroups(log, m.ldapClient, userEntry) + return m.c.LDAPIdentity.GetLDAPUserGroups(ctx, m.ldapClient, userEntry) } func (m *manager) ldapEntryToUser(entry *ldap.Entry) (*userpb.User, error) { diff --git a/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/memory/memory.go b/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/memory/memory.go index fcdb5a70ce..518b80d6b1 100644 --- a/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/memory/memory.go +++ b/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/memory/memory.go @@ -84,6 +84,9 @@ func (m *manager) Configure(ml map[string]interface{}) error { } func (m *manager) GetUser(ctx context.Context, uid *userpb.UserId, skipFetchingGroups bool) (*userpb.User, error) { + if uid.GetTenantId() != "" { + return nil, errtypes.NotSupported("tenant filter not supported in memory user manager") + } if user, ok := m.catalog[uid.OpaqueId]; ok { if uid.Idp == "" || user.ID.Idp == uid.Idp { u := *user @@ -106,7 +109,11 @@ func (m *manager) GetUser(ctx context.Context, uid *userpb.UserId, skipFetchingG return nil, errtypes.NotFound(uid.OpaqueId) } -func (m *manager) GetUserByClaim(ctx context.Context, claim, value string, skipFetchingGroups bool) (*userpb.User, error) { +func (m *manager) GetUserByClaim(ctx context.Context, claim, value, tenantID string, skipFetchingGroups bool) (*userpb.User, error) { + if tenantID != "" { + return nil, errtypes.NotSupported("tenant filter not supported in memory user manager") + } + for _, u := range m.catalog { if userClaim, err := extractClaim(u, claim); err == nil && value == userClaim { user := &userpb.User{ diff --git a/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/nextcloud/nextcloud.go b/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/nextcloud/nextcloud.go index 5daa94c3f1..051b3de2ea 100644 --- a/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/nextcloud/nextcloud.go +++ b/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/nextcloud/nextcloud.go @@ -151,6 +151,9 @@ func (um *Manager) Configure(ml map[string]interface{}) error { // GetUser method as defined in https://github.com/cs3org/reva/blob/v1.13.0/pkg/user/user.go#L29-L35 func (um *Manager) GetUser(ctx context.Context, uid *userpb.UserId, skipFetchingGroups bool) (*userpb.User, error) { + if uid.GetTenantId() != "" { + return nil, errtypes.NotSupported("tenant filter not supported in nextcloud user manager") + } bodyStr, _ := json.Marshal(uid) _, respBody, err := um.do(ctx, Action{"GetUser", string(bodyStr)}, "unauthenticated") if err != nil { @@ -165,7 +168,10 @@ func (um *Manager) GetUser(ctx context.Context, uid *userpb.UserId, skipFetching } // GetUserByClaim method as defined in https://github.com/cs3org/reva/blob/v1.13.0/pkg/user/user.go#L29-L35 -func (um *Manager) GetUserByClaim(ctx context.Context, claim, value string, skipFetchingGroups bool) (*userpb.User, error) { +func (um *Manager) GetUserByClaim(ctx context.Context, claim, value, tenantID string, skipFetchingGroups bool) (*userpb.User, error) { + if tenantID != "" { + return nil, errtypes.NotSupported("tenant filter not supported in nextcloud user manager") + } type paramsObj struct { Claim string `json:"claim"` Value string `json:"value"` diff --git a/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/owncloudsql/owncloudsql.go b/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/owncloudsql/owncloudsql.go index f1499725c8..c5735b545f 100644 --- a/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/owncloudsql/owncloudsql.go +++ b/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/owncloudsql/owncloudsql.go @@ -103,6 +103,9 @@ func parseConfig(m map[string]interface{}) (*config, error) { } func (m *manager) GetUser(ctx context.Context, uid *userpb.UserId, skipFetchingGroups bool) (*userpb.User, error) { + if uid.GetTenantId() != "" { + return nil, errtypes.NotSupported("tenant filter not supported in opencloudsql user manager") + } // search via the user_id a, err := m.db.GetAccountByClaim(ctx, "userid", uid.OpaqueId) if err == sql.ErrNoRows { @@ -111,7 +114,11 @@ func (m *manager) GetUser(ctx context.Context, uid *userpb.UserId, skipFetchingG return m.convertToCS3User(ctx, a, skipFetchingGroups) } -func (m *manager) GetUserByClaim(ctx context.Context, claim, value string, skipFetchingGroups bool) (*userpb.User, error) { +func (m *manager) GetUserByClaim(ctx context.Context, claim, value, tenantID string, skipFetchingGroups bool) (*userpb.User, error) { + if tenantID != "" { + return nil, errtypes.NotSupported("tenant filter not supported in opencloudsql user manager") + } + a, err := m.db.GetAccountByClaim(ctx, claim, value) if err == sql.ErrNoRows { return nil, errtypes.NotFound(claim + "=" + value) diff --git a/vendor/github.com/opencloud-eu/reva/v2/pkg/user/rpc_user.go b/vendor/github.com/opencloud-eu/reva/v2/pkg/user/rpc_user.go index aa813c6960..583688beb7 100644 --- a/vendor/github.com/opencloud-eu/reva/v2/pkg/user/rpc_user.go +++ b/vendor/github.com/opencloud-eu/reva/v2/pkg/user/rpc_user.go @@ -89,6 +89,9 @@ type GetUserReply struct { // GetUser RPCClient GetUser method func (m *RPCClient) GetUser(ctx context.Context, uid *userpb.UserId, skipFetchingGroups bool) (*userpb.User, error) { + if uid.GetTenantId() != "" { + return nil, errtypes.NotSupported("tenant filter not supported in rpc_user user manager") + } ctxVal := appctx.GetKeyValuesFromCtx(ctx) args := GetUserArg{Ctx: ctxVal, UID: uid, SkipFetchingGroups: skipFetchingGroups} resp := GetUserReply{} @@ -114,7 +117,11 @@ type GetUserByClaimReply struct { } // GetUserByClaim RPCClient GetUserByClaim method -func (m *RPCClient) GetUserByClaim(ctx context.Context, claim, value string, skipFetchingGroups bool) (*userpb.User, error) { +func (m *RPCClient) GetUserByClaim(ctx context.Context, claim, value, tenantID string, skipFetchingGroups bool) (*userpb.User, error) { + if tenantID != "" { + return nil, errtypes.NotSupported("tenant filter not supported in rpc_user user manager") + } + ctxVal := appctx.GetKeyValuesFromCtx(ctx) args := GetUserByClaimArg{Ctx: ctxVal, Claim: claim, Value: value, SkipFetchingGroups: skipFetchingGroups} resp := GetUserByClaimReply{} @@ -200,7 +207,7 @@ func (m *RPCServer) GetUser(args GetUserArg, resp *GetUserReply) error { // GetUserByClaim RPCServer GetUserByClaim method func (m *RPCServer) GetUserByClaim(args GetUserByClaimArg, resp *GetUserByClaimReply) error { ctx := appctx.PutKeyValuesToCtx(args.Ctx) - resp.User, resp.Err = m.Impl.GetUserByClaim(ctx, args.Claim, args.Value, args.SkipFetchingGroups) + resp.User, resp.Err = m.Impl.GetUserByClaim(ctx, args.Claim, args.Value, "", args.SkipFetchingGroups) return nil } diff --git a/vendor/github.com/opencloud-eu/reva/v2/pkg/user/user.go b/vendor/github.com/opencloud-eu/reva/v2/pkg/user/user.go index 4814251c49..f5520027e8 100644 --- a/vendor/github.com/opencloud-eu/reva/v2/pkg/user/user.go +++ b/vendor/github.com/opencloud-eu/reva/v2/pkg/user/user.go @@ -33,7 +33,7 @@ type Manager interface { // and might involve computational overhead. GetUser(ctx context.Context, uid *userpb.UserId, skipFetchingGroups bool) (*userpb.User, error) // GetUserByClaim returns the user identified by a specific value for a given claim. - GetUserByClaim(ctx context.Context, claim, value string, skipFetchingGroups bool) (*userpb.User, error) + GetUserByClaim(ctx context.Context, claim, value, tenantID string, skipFetchingGroups bool) (*userpb.User, error) // GetUserGroups returns the groups a user identified by a uid belongs to. GetUserGroups(ctx context.Context, uid *userpb.UserId) ([]string, error) // FindUsers returns all the user objects which match a query parameter. diff --git a/vendor/github.com/opencloud-eu/reva/v2/pkg/utils/ldap/identity.go b/vendor/github.com/opencloud-eu/reva/v2/pkg/utils/ldap/identity.go index 10dc8c4c0f..697f680087 100644 --- a/vendor/github.com/opencloud-eu/reva/v2/pkg/utils/ldap/identity.go +++ b/vendor/github.com/opencloud-eu/reva/v2/pkg/utils/ldap/identity.go @@ -19,15 +19,20 @@ package ldap import ( + "context" "fmt" "strings" identityUser "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1" "github.com/go-ldap/ldap/v3" "github.com/google/uuid" + "github.com/opencloud-eu/reva/v2/pkg/appctx" "github.com/opencloud-eu/reva/v2/pkg/errtypes" "github.com/pkg/errors" - "github.com/rs/zerolog" + "github.com/rs/zerolog/log" + "go.opentelemetry.io/otel/attribute" + "go.opentelemetry.io/otel/codes" + "go.opentelemetry.io/otel/trace" ) // Identity provides methods to query users and groups from an LDAP server @@ -36,6 +41,8 @@ type Identity struct { Group groupConfig `mapstructure:",squash"` } +const tracerName = "pkg/utils/ldap" + type userConfig struct { BaseDN string `mapstructure:"user_base_dn"` Scope string `mapstructure:"user_search_scope"` @@ -178,45 +185,40 @@ func (i *Identity) Setup() error { // GetLDAPUserByID looks up a user by the supplied Id. Returns the corresponding // ldap.Entry -func (i *Identity) GetLDAPUserByID(log *zerolog.Logger, lc ldap.Client, id string) (*ldap.Entry, error) { +func (i *Identity) GetLDAPUserByID(ctx context.Context, lc ldap.Client, id *identityUser.UserId) (*ldap.Entry, error) { var filter string var err error if filter, err = i.getUserFilter(id); err != nil { return nil, err } - return i.GetLDAPUserByFilter(log, lc, filter) + return i.GetLDAPUserByFilter(ctx, lc, filter) } // GetLDAPUserByAttribute looks up a single user by attribute (can be "mail", // "uid", "gid", "username" or "userid"). Returns the corresponding ldap.Entry -func (i *Identity) GetLDAPUserByAttribute(log *zerolog.Logger, lc ldap.Client, attribute, value string) (*ldap.Entry, error) { +func (i *Identity) GetLDAPUserByAttribute(ctx context.Context, lc ldap.Client, attribute, value, tenantID string) (*ldap.Entry, error) { var filter string var err error - if filter, err = i.getUserAttributeFilter(attribute, value); err != nil { + if filter, err = i.getUserAttributeFilter(attribute, value, tenantID); err != nil { return nil, err } - return i.GetLDAPUserByFilter(log, lc, filter) + return i.GetLDAPUserByFilter(ctx, lc, filter) } // GetLDAPUserByFilter looks up a single user by the supplied LDAP filter // returns the corresponding ldap.Entry -func (i *Identity) GetLDAPUserByFilter(log *zerolog.Logger, lc ldap.Client, filter string) (*ldap.Entry, error) { +func (i *Identity) GetLDAPUserByFilter(ctx context.Context, lc ldap.Client, filter string) (*ldap.Entry, error) { + log := appctx.GetLogger(ctx) + _, span := appctx.GetTracerProvider(ctx).Tracer(tracerName).Start(ctx, "GetLDAPUserByFilter") + defer span.End() searchRequest := ldap.NewSearchRequest( i.User.BaseDN, i.User.scopeVal, ldap.NeverDerefAliases, 1, 0, false, filter, - []string{ - i.User.Schema.DisplayName, - i.User.Schema.ID, - i.User.Schema.TenantID, - i.User.Schema.Mail, - i.User.Schema.Username, - i.User.Schema.UIDNumber, - i.User.Schema.GIDNumber, - i.User.EnabledProperty, - i.User.UserTypeProperty, - }, + i.getUserLDAPAttrTypes(), nil, ) + + setLDAPSearchSpanAttributes(span, searchRequest) log.Debug().Str("backend", "ldap").Str("basedn", i.User.BaseDN).Str("filter", filter).Int("scope", i.User.scopeVal).Msg("LDAP Search") res, err := lc.Search(searchRequest) if err != nil { @@ -227,18 +229,25 @@ func (i *Identity) GetLDAPUserByFilter(log *zerolog.Logger, lc ldap.Client, filt errmsg = fmt.Sprintf("too many results searching for user '%s'", filter) } } + span.SetAttributes(attribute.String("ldap.error", errmsg)) + span.SetStatus(codes.Error, errmsg) return nil, errtypes.NotFound(errmsg) } if len(res.Entries) == 0 { return nil, errtypes.NotFound(filter) } + span.SetStatus(codes.Ok, "") return res.Entries[0], nil } // GetLDAPUserByDN looks up a single user by the supplied LDAP DN // returns the corresponding ldap.Entry -func (i *Identity) GetLDAPUserByDN(log *zerolog.Logger, lc ldap.Client, dn string) (*ldap.Entry, error) { +func (i *Identity) GetLDAPUserByDN(ctx context.Context, lc ldap.Client, dn string) (*ldap.Entry, error) { + log := appctx.GetLogger(ctx) + _, span := appctx.GetTracerProvider(ctx).Tracer(tracerName).Start(ctx, "GetLDAPUserByDN") + defer span.End() + filter := fmt.Sprintf("(objectclass=%s)", i.User.Objectclass) if i.User.Filter != "" { filter = fmt.Sprintf("(&%s%s)", i.User.Filter, filter) @@ -246,23 +255,19 @@ func (i *Identity) GetLDAPUserByDN(log *zerolog.Logger, lc ldap.Client, dn strin searchRequest := ldap.NewSearchRequest( dn, i.User.scopeVal, ldap.NeverDerefAliases, 1, 0, false, filter, - []string{ - i.User.Schema.DisplayName, - i.User.Schema.ID, - i.User.Schema.Mail, - i.User.Schema.Username, - i.User.Schema.UIDNumber, - i.User.Schema.GIDNumber, - i.User.EnabledProperty, - }, + i.getUserLDAPAttrTypes(), nil, ) + setLDAPSearchSpanAttributes(span, searchRequest) log.Debug().Str("backend", "ldap").Str("basedn", dn).Str("filter", filter).Int("scope", i.User.scopeVal).Msg("LDAP Search") res, err := lc.Search(searchRequest) if err != nil { log.Debug().Str("backend", "ldap").Err(err).Str("dn", dn).Msg("Error looking up user by DN") + span.SetAttributes(attribute.String("ldap.error", err.Error())) + span.SetStatus(codes.Error, "") return nil, errtypes.NotFound(dn) } + span.SetStatus(codes.Ok, "") if len(res.Entries) == 0 { return nil, errtypes.NotFound(dn) } @@ -272,36 +277,42 @@ func (i *Identity) GetLDAPUserByDN(log *zerolog.Logger, lc ldap.Client, dn strin // GetLDAPUsers searches for users using a prefix-substring match on the user // attributes. Returns a slice of matching ldap.Entries -func (i *Identity) GetLDAPUsers(log *zerolog.Logger, lc ldap.Client, query, tenantID string) ([]*ldap.Entry, error) { +func (i *Identity) GetLDAPUsers(ctx context.Context, lc ldap.Client, query, tenantID string) ([]*ldap.Entry, error) { + ctx, span := appctx.GetTracerProvider(ctx).Tracer(tracerName).Start(ctx, "GetLDAPUsers") + defer span.End() + log := appctx.GetLogger(ctx) filter := i.getUserFindFilter(query, tenantID) searchRequest := ldap.NewSearchRequest( i.User.BaseDN, i.User.scopeVal, ldap.NeverDerefAliases, 0, 0, false, filter, - []string{ - i.User.Schema.ID, - i.User.Schema.Username, - i.User.Schema.Mail, - i.User.Schema.DisplayName, - i.User.Schema.UIDNumber, - i.User.Schema.GIDNumber, - i.User.EnabledProperty, - i.User.UserTypeProperty, - }, + i.getUserLDAPAttrTypes(), nil, ) - + setLDAPSearchSpanAttributes(span, searchRequest) log.Debug().Str("backend", "ldap").Str("basedn", i.User.BaseDN).Str("filter", filter).Int("scope", i.User.scopeVal).Msg("LDAP Search") sr, err := lc.Search(searchRequest) if err != nil { log.Debug().Str("backend", "ldap").Err(err).Str("filter", filter).Msg("Error searching users") + span.SetAttributes(attribute.String("ldap.error", err.Error())) + span.SetStatus(codes.Error, "") return nil, errtypes.NotFound(query) } + + span.SetAttributes(attribute.Int("ldap.result_count", len(sr.Entries))) + span.SetStatus(codes.Ok, "") + return sr.Entries, nil } // IsLDAPUserInDisabledGroup checkes if the user is in the disabled group. -func (i *Identity) IsLDAPUserInDisabledGroup(log *zerolog.Logger, lc ldap.Client, userEntry *ldap.Entry) bool { +func (i *Identity) IsLDAPUserInDisabledGroup(ctx context.Context, lc ldap.Client, userEntry *ldap.Entry) bool { + _, span := appctx.GetTracerProvider(ctx).Tracer(tracerName).Start(ctx, "IsLDAPUserInDisabledGroup") + defer span.End() + + span.SetAttributes(attribute.String("identity.config.disable_mechanism", i.User.DisableMechanism)) + span.SetStatus(codes.Ok, "") + // Check if we need to do this here because the configuration is local to Identity. if i.User.DisableMechanism != "group" { return false @@ -316,11 +327,15 @@ func (i *Identity) IsLDAPUserInDisabledGroup(log *zerolog.Logger, lc ldap.Client []string{i.Group.Schema.ID}, nil, ) + setLDAPSearchSpanAttributes(span, searchRequest) + log.Debug().Str("backend", "ldap").Str("basedn", i.Group.LocalDisabledDN).Str("filter", filter).Int("scope", i.Group.scopeVal).Msg("LDAP Search") sr, err := lc.Search(searchRequest) if err != nil { log.Error().Str("backend", "ldap").Err(err).Str("filter", filter).Msg("Error looking up error group") // Err on the side of caution. + span.SetAttributes(attribute.String("ldap.error", err.Error())) + span.SetStatus(codes.Error, "") return true } @@ -329,9 +344,14 @@ func (i *Identity) IsLDAPUserInDisabledGroup(log *zerolog.Logger, lc ldap.Client // GetLDAPUserGroups looks up the group member ship of the supplied LDAP user entry. // Returns a slice of strings with groupids -func (i *Identity) GetLDAPUserGroups(log *zerolog.Logger, lc ldap.Client, userEntry *ldap.Entry) ([]string, error) { +func (i *Identity) GetLDAPUserGroups(ctx context.Context, lc ldap.Client, userEntry *ldap.Entry) ([]string, error) { var memberValue string + log := appctx.GetLogger(ctx) + + _, span := appctx.GetTracerProvider(ctx).Tracer(tracerName).Start(ctx, "GetLDAPUserGroups") + defer span.End() + if strings.ToLower(i.Group.Objectclass) == "posixgroup" { // posixGroup usually means that the member attribute just contains the username memberValue = userEntry.GetEqualFoldAttributeValue(i.User.Schema.Username) @@ -350,11 +370,16 @@ func (i *Identity) GetLDAPUserGroups(log *zerolog.Logger, lc ldap.Client, userEn ) log.Debug().Str("backend", "ldap").Str("basedn", i.Group.BaseDN).Str("filter", filter).Int("scope", i.Group.scopeVal).Msg("LDAP Search") + setLDAPSearchSpanAttributes(span, searchRequest) sr, err := lc.Search(searchRequest) if err != nil { log.Debug().Str("backend", "ldap").Err(err).Str("filter", filter).Msg("Error looking up group memberships") + span.SetAttributes(attribute.String("ldap.error", err.Error())) + span.SetStatus(codes.Error, "") return []string{}, err } + span.SetStatus(codes.Ok, "") + span.SetAttributes(attribute.Int("ldap.result_count", len(sr.Entries))) groups := make([]string, 0, len(sr.Entries)) for _, entry := range sr.Entries { @@ -380,29 +405,32 @@ func (i *Identity) GetLDAPUserGroups(log *zerolog.Logger, lc ldap.Client, userEn // GetLDAPGroupByID looks up a group by the supplied Id. Returns the corresponding // ldap.Entry -func (i *Identity) GetLDAPGroupByID(log *zerolog.Logger, lc ldap.Client, id string) (*ldap.Entry, error) { +func (i *Identity) GetLDAPGroupByID(ctx context.Context, lc ldap.Client, id string) (*ldap.Entry, error) { var filter string var err error if filter, err = i.getGroupFilter(id); err != nil { return nil, err } - return i.GetLDAPGroupByFilter(log, lc, filter) + return i.GetLDAPGroupByFilter(ctx, lc, filter) } // GetLDAPGroupByAttribute looks up a single group by attribute (can be "mail", "gid_number", // "display_name", "group_name", "group_id"). Returns the corresponding ldap.Entry -func (i *Identity) GetLDAPGroupByAttribute(log *zerolog.Logger, lc ldap.Client, attribute, value string) (*ldap.Entry, error) { +func (i *Identity) GetLDAPGroupByAttribute(ctx context.Context, lc ldap.Client, attribute, value string) (*ldap.Entry, error) { var filter string var err error if filter, err = i.getGroupAttributeFilter(attribute, value); err != nil { return nil, err } - return i.GetLDAPGroupByFilter(log, lc, filter) + return i.GetLDAPGroupByFilter(ctx, lc, filter) } // GetLDAPGroupByFilter looks up a single group by the supplied LDAP filter // returns the corresponding ldap.Entry -func (i *Identity) GetLDAPGroupByFilter(log *zerolog.Logger, lc ldap.Client, filter string) (*ldap.Entry, error) { +func (i *Identity) GetLDAPGroupByFilter(ctx context.Context, lc ldap.Client, filter string) (*ldap.Entry, error) { + ctx, span := appctx.GetTracerProvider(ctx).Tracer(tracerName).Start(ctx, "GetLDAPGroupByFilter") + defer span.End() + log := appctx.GetLogger(ctx) searchRequest := ldap.NewSearchRequest( i.Group.BaseDN, i.Group.scopeVal, ldap.NeverDerefAliases, 1, 0, false, filter, @@ -416,6 +444,7 @@ func (i *Identity) GetLDAPGroupByFilter(log *zerolog.Logger, lc ldap.Client, fil }, nil, ) + setLDAPSearchSpanAttributes(span, searchRequest) log.Debug().Str("backend", "ldap").Str("basedn", i.Group.BaseDN).Str("filter", filter).Int("scope", i.Group.scopeVal).Msg("LDAP Search") res, err := lc.Search(searchRequest) @@ -427,18 +456,23 @@ func (i *Identity) GetLDAPGroupByFilter(log *zerolog.Logger, lc ldap.Client, fil errmsg = fmt.Sprintf("too many results searching for group '%s'", filter) } } + span.SetAttributes(attribute.String("ldap.error", errmsg)) + span.SetStatus(codes.Error, "") return nil, errtypes.NotFound(errmsg) } if len(res.Entries) == 0 { return nil, errtypes.NotFound(filter) } - + span.SetStatus(codes.Ok, "") return res.Entries[0], nil } // GetLDAPGroups searches for groups using a prefix-substring match on the group // attributes. Returns a slice of matching ldap.Entries -func (i *Identity) GetLDAPGroups(log *zerolog.Logger, lc ldap.Client, query string) ([]*ldap.Entry, error) { +func (i *Identity) GetLDAPGroups(ctx context.Context, lc ldap.Client, query string) ([]*ldap.Entry, error) { + ctx, span := appctx.GetTracerProvider(ctx).Tracer(tracerName).Start(ctx, "GetLDAPGroups") + defer span.End() + log := appctx.GetLogger(ctx) searchRequest := ldap.NewSearchRequest( i.Group.BaseDN, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, @@ -452,18 +486,22 @@ func (i *Identity) GetLDAPGroups(log *zerolog.Logger, lc ldap.Client, query stri }, nil, ) - + setLDAPSearchSpanAttributes(span, searchRequest) sr, err := lc.Search(searchRequest) if err != nil { + span.SetAttributes(attribute.String("ldap.error", err.Error())) + span.SetStatus(codes.Error, "") log.Debug().Str("backend", "ldap").Err(err).Str("query", query).Msg("Error search for groups") return nil, errtypes.NotFound(query) } + span.SetStatus(codes.Ok, "") return sr.Entries, nil } // GetLDAPGroupMembers looks up all members of the supplied LDAP group entry and returns the // corresponding LDAP user entries -func (i *Identity) GetLDAPGroupMembers(log *zerolog.Logger, lc ldap.Client, group *ldap.Entry) ([]*ldap.Entry, error) { +func (i *Identity) GetLDAPGroupMembers(ctx context.Context, lc ldap.Client, group *ldap.Entry) ([]*ldap.Entry, error) { + log := appctx.GetLogger(ctx) members := group.GetEqualFoldAttributeValues(i.Group.Schema.Member) log.Debug().Str("dn", group.DN).Interface("member", members).Msg("Get Group members") memberEntries := make([]*ldap.Entry, 0, len(members)) @@ -471,9 +509,9 @@ func (i *Identity) GetLDAPGroupMembers(log *zerolog.Logger, lc ldap.Client, grou var e *ldap.Entry var err error if strings.ToLower(i.Group.Objectclass) == "posixgroup" { - e, err = i.GetLDAPUserByAttribute(log, lc, "username", member) + e, err = i.GetLDAPUserByAttribute(ctx, lc, "username", member, "") } else { - e, err = i.GetLDAPUserByDN(log, lc, member) + e, err = i.GetLDAPUserByDN(ctx, lc, member) } if err != nil { log.Warn().Err(err).Interface("member", member).Msg("Failed read user entry for member") @@ -493,28 +531,28 @@ func filterEscapeBinaryUUID(value uuid.UUID) string { return filtered } -func (i *Identity) getUserFilter(uid string) (string, error) { +func (i *Identity) getUserFilter(uid *identityUser.UserId) (string, error) { var escapedUUID string if i.User.Schema.IDIsOctetString { - id, err := uuid.Parse(uid) + id, err := uuid.Parse(uid.GetOpaqueId()) if err != nil { err := errors.Wrap(err, fmt.Sprintf("error parsing OpaqueID '%s' as UUID", uid)) return "", err } escapedUUID = filterEscapeBinaryUUID(id) } else { - escapedUUID = ldap.EscapeFilter(uid) + escapedUUID = ldap.EscapeFilter(uid.GetOpaqueId()) } - - return fmt.Sprintf("(&%s(objectclass=%s)(%s=%s))", + return fmt.Sprintf("(&%s(objectclass=%s)%s(%s=%s))", i.User.Filter, i.User.Objectclass, + i.tenantFilter(uid.GetTenantId()), i.User.Schema.ID, escapedUUID, ), nil } -func (i *Identity) getUserAttributeFilter(attribute, value string) (string, error) { +func (i *Identity) getUserAttributeFilter(attribute, value, tenantID string) (string, error) { switch attribute { case "mail": attribute = i.User.Schema.Mail @@ -541,15 +579,22 @@ func (i *Identity) getUserAttributeFilter(attribute, value string) (string, erro } else { value = ldap.EscapeFilter(value) } - return fmt.Sprintf("(&%s(objectclass=%s)(%s=%s)%s)", + return fmt.Sprintf("(&%s(objectclass=%s)(%s=%s)%s%s)", i.User.Filter, i.User.Objectclass, attribute, value, + i.tenantFilter(tenantID), i.disabledFilter(), ), nil } +func (i *Identity) tenantFilter(tenantID string) string { + if tenantID != "" && i.User.Schema.TenantID != "" { + return fmt.Sprintf("(%s=%s)", i.User.Schema.TenantID, ldap.EscapeFilter(tenantID)) + } + return "" +} func (i *Identity) disabledFilter() string { if i.User.DisableMechanism == "attribute" { return fmt.Sprintf("(!(%s=FALSE))", i.User.EnabledProperty) @@ -580,14 +625,10 @@ func (i *Identity) getUserFindFilter(query, tenantID string) string { // substring search for UUID is not possible filter = fmt.Sprintf("(|%s(%s=%s))", filter, i.User.Schema.ID, ldap.EscapeFilter(query)) - if tenantID != "" { - // If a tenant ID is provided, we AND a filter for the tenant ID - filter = fmt.Sprintf("(&%s(%s=%s))", filter, i.User.Schema.TenantID, ldap.EscapeFilter(tenantID)) - } - - return fmt.Sprintf("(&%s(objectclass=%s)%s)", + return fmt.Sprintf("(&%s(objectclass=%s)%s%s)", i.User.Filter, i.User.Objectclass, + i.tenantFilter(tenantID), filter, ) } @@ -727,3 +768,40 @@ func (i *Identity) GetUserType(userEntry *ldap.Entry) identityUser.UserType { return identityUser.UserType_USER_TYPE_PRIMARY } } + +func (i *Identity) getUserLDAPAttrTypes() []string { + // The are the attributes we request unconditionally when looking up users + // as they are needed to populate a user object + attrs := []string{ + i.User.Schema.ID, + i.User.Schema.Username, + i.User.Schema.Mail, + i.User.Schema.DisplayName, + } + + // Only add optional attributes if they are configured + if i.User.Schema.UIDNumber != "" { + attrs = append(attrs, i.User.Schema.UIDNumber) + } + if i.User.Schema.GIDNumber != "" { + attrs = append(attrs, i.User.Schema.GIDNumber) + } + if i.User.Schema.TenantID != "" { + attrs = append(attrs, i.User.Schema.TenantID) + } + if i.User.EnabledProperty != "" { + attrs = append(attrs, i.User.EnabledProperty) + } + if i.User.UserTypeProperty != "" { + attrs = append(attrs, i.User.UserTypeProperty) + } + return attrs +} +func setLDAPSearchSpanAttributes(span trace.Span, request *ldap.SearchRequest) { + span.SetAttributes( + attribute.String("ldap.basedn", request.BaseDN), + attribute.String("ldap.filter", request.Filter), + attribute.Int("ldap.scope", request.Scope), + attribute.Int("ldap.size_limit", request.SizeLimit), + ) +} diff --git a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/LICENSE b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/LICENSE index 261eeb9e9f..f1aee0f110 100644 --- a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/LICENSE +++ b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/LICENSE @@ -199,3 +199,33 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. + +-------------------------------------------------------------------------------- + +Copyright 2009 The Go Authors. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Google LLC nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. \ No newline at end of file diff --git a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/exporter.go b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/exporter.go index 3f0a518ae0..30446bd28b 100644 --- a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/exporter.go +++ b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/exporter.go @@ -94,7 +94,7 @@ func NewUnstarted(client Client) *Exporter { } // MarshalLog is the marshaling function used by the logging system to represent this Exporter. -func (e *Exporter) MarshalLog() interface{} { +func (e *Exporter) MarshalLog() any { return struct { Type string Client Client diff --git a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/tracetransform/attribute.go b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/tracetransform/attribute.go index ca4544f0da..d9bfd6e176 100644 --- a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/tracetransform/attribute.go +++ b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/tracetransform/attribute.go @@ -6,9 +6,10 @@ package tracetransform // import "go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/tracetransform" import ( + commonpb "go.opentelemetry.io/proto/otlp/common/v1" + "go.opentelemetry.io/otel/attribute" "go.opentelemetry.io/otel/sdk/resource" - commonpb "go.opentelemetry.io/proto/otlp/common/v1" ) // KeyValues transforms a slice of attribute KeyValues into OTLP key-values. diff --git a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/tracetransform/instrumentation.go b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/tracetransform/instrumentation.go index 2e7690e43a..43359c8944 100644 --- a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/tracetransform/instrumentation.go +++ b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/tracetransform/instrumentation.go @@ -4,8 +4,9 @@ package tracetransform // import "go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/tracetransform" import ( - "go.opentelemetry.io/otel/sdk/instrumentation" commonpb "go.opentelemetry.io/proto/otlp/common/v1" + + "go.opentelemetry.io/otel/sdk/instrumentation" ) func InstrumentationScope(il instrumentation.Scope) *commonpb.InstrumentationScope { diff --git a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/tracetransform/resource.go b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/tracetransform/resource.go index db7b698a56..526bb5e070 100644 --- a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/tracetransform/resource.go +++ b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/tracetransform/resource.go @@ -4,8 +4,9 @@ package tracetransform // import "go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/tracetransform" import ( - "go.opentelemetry.io/otel/sdk/resource" resourcepb "go.opentelemetry.io/proto/otlp/resource/v1" + + "go.opentelemetry.io/otel/sdk/resource" ) // Resource transforms a Resource into an OTLP Resource. diff --git a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/tracetransform/span.go b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/tracetransform/span.go index bf27ef0220..379bc8170d 100644 --- a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/tracetransform/span.go +++ b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/tracetransform/span.go @@ -6,12 +6,13 @@ package tracetransform // import "go.opentelemetry.io/otel/exporters/otlp/otlptr import ( "math" + tracepb "go.opentelemetry.io/proto/otlp/trace/v1" + "go.opentelemetry.io/otel/attribute" "go.opentelemetry.io/otel/codes" "go.opentelemetry.io/otel/sdk/instrumentation" tracesdk "go.opentelemetry.io/otel/sdk/trace" "go.opentelemetry.io/otel/trace" - tracepb "go.opentelemetry.io/proto/otlp/trace/v1" ) // Spans transforms a slice of OpenTelemetry spans into a slice of OTLP @@ -154,7 +155,6 @@ func links(links []tracesdk.Link) []*tracepb.Span_Link { for _, otLink := range links { // This redefinition is necessary to prevent otLink.*ID[:] copies // being reused -- in short we need a new otLink per iteration. - otLink := otLink tid := otLink.SpanContext.TraceID() sid := otLink.SpanContext.SpanID() @@ -189,7 +189,7 @@ func spanEvents(es []tracesdk.Event) []*tracepb.Span_Event { events := make([]*tracepb.Span_Event, len(es)) // Transform message events - for i := 0; i < len(es); i++ { + for i := range es { events[i] = &tracepb.Span_Event{ Name: es[i].Name, TimeUnixNano: uint64(max(0, es[i].Time.UnixNano())), // nolint:gosec // Overflow checked. diff --git a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/LICENSE b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/LICENSE index 261eeb9e9f..f1aee0f110 100644 --- a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/LICENSE +++ b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/LICENSE @@ -199,3 +199,33 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. + +-------------------------------------------------------------------------------- + +Copyright 2009 The Go Authors. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Google LLC nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. \ No newline at end of file diff --git a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/client.go b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/client.go index 8236c995a9..4b4cc76f4a 100644 --- a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/client.go +++ b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/client.go @@ -9,6 +9,8 @@ import ( "sync" "time" + coltracepb "go.opentelemetry.io/proto/otlp/collector/trace/v1" + tracepb "go.opentelemetry.io/proto/otlp/trace/v1" "google.golang.org/genproto/googleapis/rpc/errdetails" "google.golang.org/grpc" "google.golang.org/grpc/codes" @@ -20,8 +22,6 @@ import ( "go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/internal" "go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/internal/otlpconfig" "go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/internal/retry" - coltracepb "go.opentelemetry.io/proto/otlp/collector/trace/v1" - tracepb "go.opentelemetry.io/proto/otlp/trace/v1" ) type client struct { @@ -289,7 +289,7 @@ func throttleDelay(s *status.Status) (bool, time.Duration) { } // MarshalLog is the marshaling function used by the logging system to represent this Client. -func (c *client) MarshalLog() interface{} { +func (c *client) MarshalLog() any { return struct { Type string Endpoint string diff --git a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/version.go b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/version.go index ed2ddce718..3b79c1a0b5 100644 --- a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/version.go +++ b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/version.go @@ -5,5 +5,5 @@ package otlptrace // import "go.opentelemetry.io/otel/exporters/otlp/otlptrace" // Version is the current release version of the OpenTelemetry OTLP trace exporter in use. func Version() string { - return "1.37.0" + return "1.38.0" } diff --git a/vendor/modules.txt b/vendor/modules.txt index d2d0e842d9..715b10eea5 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -227,7 +227,7 @@ github.com/cenkalti/backoff # github.com/cenkalti/backoff/v4 v4.3.0 ## explicit; go 1.18 github.com/cenkalti/backoff/v4 -# github.com/cenkalti/backoff/v5 v5.0.2 +# github.com/cenkalti/backoff/v5 v5.0.3 ## explicit; go 1.23 github.com/cenkalti/backoff/v5 # github.com/ceph/go-ceph v0.35.0 @@ -1270,7 +1270,7 @@ github.com/open-policy-agent/opa/v1/version # github.com/opencloud-eu/libre-graph-api-go v1.0.8-0.20250724122329-41ba6b191e76 ## explicit; go 1.18 github.com/opencloud-eu/libre-graph-api-go -# github.com/opencloud-eu/reva/v2 v2.37.0 +# github.com/opencloud-eu/reva/v2 v2.37.1-0.20250909074412-f272eeaa2674 ## explicit; go 1.24.1 github.com/opencloud-eu/reva/v2/cmd/revad/internal/grace github.com/opencloud-eu/reva/v2/cmd/revad/runtime @@ -2208,11 +2208,11 @@ go.opentelemetry.io/otel/exporters/jaeger/internal/gen-go/agent go.opentelemetry.io/otel/exporters/jaeger/internal/gen-go/jaeger go.opentelemetry.io/otel/exporters/jaeger/internal/gen-go/zipkincore go.opentelemetry.io/otel/exporters/jaeger/internal/third_party/thrift/lib/go/thrift -# go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.37.0 +# go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.38.0 ## explicit; go 1.23.0 go.opentelemetry.io/otel/exporters/otlp/otlptrace go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/tracetransform -# go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.37.0 +# go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.38.0 ## explicit; go 1.23.0 go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/internal @@ -2239,7 +2239,7 @@ go.opentelemetry.io/otel/trace go.opentelemetry.io/otel/trace/embedded go.opentelemetry.io/otel/trace/internal/telemetry go.opentelemetry.io/otel/trace/noop -# go.opentelemetry.io/proto/otlp v1.7.0 +# go.opentelemetry.io/proto/otlp v1.7.1 ## explicit; go 1.23.0 go.opentelemetry.io/proto/otlp/collector/trace/v1 go.opentelemetry.io/proto/otlp/common/v1 @@ -2434,7 +2434,7 @@ golang.org/x/xerrors/internal # google.golang.org/genproto v0.0.0-20250303144028-a0af3efb3deb ## explicit; go 1.23.0 google.golang.org/genproto/protobuf/field_mask -# google.golang.org/genproto/googleapis/api v0.0.0-20250818200422-3122310a409c +# google.golang.org/genproto/googleapis/api v0.0.0-20250825161204-c5933d9347a5 ## explicit; go 1.23.0 google.golang.org/genproto/googleapis/api google.golang.org/genproto/googleapis/api/annotations