diff --git a/ARCHITECTURE.md b/ARCHITECTURE.md index 8ae4cfc..8f5336f 100644 --- a/ARCHITECTURE.md +++ b/ARCHITECTURE.md @@ -10,6 +10,14 @@ The entry point for the library is `src/lib.rs` as per usual. In these files no particular implementation of a policy reasoner is included, only the mechanisms on which the concept of a policy reasoner can be implemented. +### Interface + +The interface for the different reasoners must be the same. Its command line +arguments are defined in `src/bin/implementation/interface.rs`. It could be that a new +reasoner requires more arguments. You can implement another arguments struct, however +make sure the arguments defined in the common interface are supported as other +components of infrastructure may depend on it. + ### Implementations As of now there are three different implementations of a policy reasoners in diff --git a/src/bin/eflint.rs b/src/bin/eflint.rs index 8d10765..e4d4e2c 100644 --- a/src/bin/eflint.rs +++ b/src/bin/eflint.rs @@ -16,7 +16,6 @@ pub mod implementation; use std::env; use std::fs::File; -use std::net::SocketAddr; use clap::Parser; use error_trace::ErrorTrace as _; @@ -26,6 +25,7 @@ use implementation::eflint::EFlintLeakNoErrors; #[cfg(feature = "leak-public-errors")] use implementation::eflint::EFlintLeakPrefixErrors; use implementation::eflint::EFlintReasonerConnector; +use implementation::interface::Arguments; use log::{error, info}; use policy_reasoner::auth::{JwtConfig, JwtResolver, KidResolver}; use policy_reasoner::logger::FileLogger; @@ -46,43 +46,6 @@ fn get_dauth_resolver() -> JwtResolver { JwtResolver::new(jwt_cfg, kid_resolver).unwrap() } -/***** ARGUMENTS *****/ -/// Defines the arguments for the `policy-reasoner` server. -#[derive(Debug, Parser)] -struct Arguments { - /// Whether to enable full debugging - #[clap(long, global = true, help = "If given, enables more verbose debugging.")] - trace: bool, - - /// The address on which to bind ourselves. - #[clap(short, long, env, default_value = "127.0.0.1:3030", help = "The address on which to bind the server.")] - address: SocketAddr, - - /// Shows the help menu for the state resolver. - #[clap(long, help = "If given, shows the possible arguments to pass to the state resolver plugin in '--state-resolver'.")] - help_state_resolver: bool, - /// Arguments specific to the state resolver. - #[clap( - short, - long, - env, - help = "Arguments to pass to the current state resolver plugin. To find which are possible, see '--help-state-resolver'." - )] - state_resolver: Option, - - /// Shows the help menu for the reasoner connector. - #[clap(long, help = "If given, shows the possible arguments to pass to the reasoner connector plugin in '--reasoner-connector'.")] - help_reasoner_connector: bool, - /// Arguments specific to the state resolver. - #[clap( - short, - long, - env, - help = "Arguments to pass to the current reasoner connector plugin. To find which are possible, see '--help-reasoner-connector'." - )] - reasoner_connector: Option, -} - /***** PLUGINS *****/ /// The plugin used to do the audit logging. type AuditLogPlugin = FileLogger; diff --git a/src/bin/implementation/interface.rs b/src/bin/implementation/interface.rs new file mode 100644 index 0000000..00a988f --- /dev/null +++ b/src/bin/implementation/interface.rs @@ -0,0 +1,42 @@ +use std::net::SocketAddr; + +use clap::Parser; + +/***** ARGUMENTS *****/ +/// Defines the arguments for the `policy-reasoner` server. +#[derive(Debug, Parser)] +pub struct Arguments { + /// Whether to enable full debugging + #[clap(long, global = true, help = "If given, enables more verbose debugging.")] + pub trace: bool, + + /// The address on which to bind ourselves. + #[clap(short, long, env, default_value = "127.0.0.1:3030", help = "The address on which to bind the server.")] + pub address: SocketAddr, + + /// Shows the help menu for the state resolver. + #[clap(long, help = "If given, shows the possible arguments to pass to the state resolver plugin in '--state-resolver'.")] + pub help_state_resolver: bool, + + /// Arguments specific to the state resolver. + #[clap( + short, + long, + env, + help = "Arguments to pass to the current state resolver plugin. To find which are possible, see '--help-state-resolver'." + )] + pub state_resolver: Option, + + /// Shows the help menu for the reasoner connector. + #[clap(long, help = "If given, shows the possible arguments to pass to the reasoner connector plugin in '--reasoner-connector'.")] + pub help_reasoner_connector: bool, + + /// Arguments specific to the state resolver. + #[clap( + short, + long, + env, + help = "Arguments to pass to the current reasoner connector plugin. To find which are possible, see '--help-reasoner-connector'." + )] + pub reasoner_connector: Option, +} diff --git a/src/bin/implementation/mod.rs b/src/bin/implementation/mod.rs index cc12764..e7bc293 100644 --- a/src/bin/implementation/mod.rs +++ b/src/bin/implementation/mod.rs @@ -1,3 +1,4 @@ pub mod eflint; +pub mod interface; pub mod no_op; pub mod posix; diff --git a/src/bin/no_op.rs b/src/bin/no_op.rs index 8533177..7c6c7d3 100644 --- a/src/bin/no_op.rs +++ b/src/bin/no_op.rs @@ -3,13 +3,13 @@ //! policy reasoner. use std::env; use std::fs::File; -use std::net::SocketAddr; pub mod implementation; use clap::Parser; use error_trace::ErrorTrace as _; use humanlog::{DebugMode, HumanLogger}; +use implementation::interface::Arguments; use implementation::no_op::NoOpReasonerConnector; use log::{error, info}; use policy_reasoner::auth::{JwtConfig, JwtResolver, KidResolver}; @@ -33,19 +33,6 @@ fn get_dauth_resolver() -> policy_reasoner::auth::JwtResolver { JwtResolver::new(jwt_cfg, kid_resolver).unwrap() } -/***** ARGUMENTS *****/ -/// Defines the arguments for the `policy-reasoner` server. -#[derive(Debug, Parser, Clone)] -struct Arguments { - /// Whether to enable full debugging - #[clap(long, global = true, help = "If given, enables more verbose debugging.")] - trace: bool, - - /// The address on which to bind ourselves. - #[clap(short, long, env, default_value = "127.0.0.1:3030", help = "The address on which to bind the server.")] - address: SocketAddr, -} - /***** PLUGINS *****/ /// The plugin used to do the audit logging. type AuditLogPlugin = FileLogger; diff --git a/src/bin/posix.rs b/src/bin/posix.rs index 093f163..dbf280a 100644 --- a/src/bin/posix.rs +++ b/src/bin/posix.rs @@ -16,11 +16,11 @@ pub mod implementation; use std::env; use std::fs::File; -use std::net::SocketAddr; use clap::Parser; use error_trace::ErrorTrace as _; use humanlog::{DebugMode, HumanLogger}; +use implementation::interface::Arguments; use implementation::posix; use log::{error, info}; use policy_reasoner::auth::{JwtConfig, JwtResolver, KidResolver}; @@ -44,43 +44,6 @@ fn get_dauth_resolver() -> policy_reasoner::auth::JwtResolver { JwtResolver::new(jwt_cfg, kid_resolver).unwrap() } -/***** ARGUMENTS *****/ -/// Defines the arguments for the `policy-reasoner` server. -#[derive(Debug, Parser, Clone)] -struct Arguments { - /// Whether to enable full debugging - #[clap(long, global = true, help = "If given, enables more verbose debugging.")] - trace: bool, - - /// The address on which to bind ourselves. - #[clap(short, long, env, default_value = "127.0.0.1:3030", help = "The address on which to bind the server.")] - address: SocketAddr, - - /// Shows the help menu for the state resolver. - #[clap(long, help = "If given, shows the possible arguments to pass to the state resolver plugin in '--state-resolver'.")] - help_state_resolver: bool, - /// Arguments specific to the state resolver. - #[clap( - short, - long, - env, - help = "Arguments to pass to the current state resolver plugin. To find which are possible, see '--help-state-resolver'." - )] - state_resolver: Option, - - /// Shows the help menu for the reasoner connector. - #[clap(long, help = "If given, shows the possible arguments to pass to the reasoner connector plugin in '--reasoner-connector'.")] - help_reasoner_connector: bool, - /// Arguments specific to the state resolver. - #[clap( - short, - long, - env, - help = "Arguments to pass to the current reasoner connector plugin. To find which are possible, see '--help-reasoner-connector'." - )] - reasoner_connector: Option, -} - /***** PLUGINS *****/ /// The plugin used to do the audit logging. type AuditLogPlugin = FileLogger;