Update token language to distinguish Accessor and Secret ID usage (#1…

…6044) * remove legacy tokens * remove lingering legacy token references from docs * update language and naming for token secrets and accessor IDs * updates all tokenID references to clarify accessorID * remove token type references and lookup tokens by accessorID index * remove unnecessary constants * replace additional tokenID param names * Add warning info for deprecated -id parameter Co-authored-by: Paul Glass <[email protected]> * Update field comment Co-authored-by: Paul Glass <[email protected]> --------- Co-authored-by: Paul Glass <[email protected]>
hashicorp · Feb 9, 2023 · 67ba6e4 · 67ba6e4
1 parent 239d7eb
commit 67ba6e4
Show file tree

Hide file tree

Showing 13 changed files with 88 additions and 88 deletions.
diff --git a/agent/acl_test.go b/agent/acl_test.go
@@ -37,7 +37,7 @@ type TestACLAgent struct {
 
 // NewTestACLAgent does just enough so that all the code within agent/acl.go can work
 // Basically it needs a local state for some of the vet* functions, a logger and a delegate.
-// The key is that we are the delegate so we can control the ResolveToken responses
+// The key is that we are the delegate so we can control the ResolveTokenSecret responses
 func NewTestACLAgent(t *testing.T, name string, hcl string, resolveAuthz authzResolver, resolveIdent identResolver) *TestACLAgent {
 	t.Helper()
 
@@ -89,17 +89,17 @@ func NewTestACLAgent(t *testing.T, name string, hcl string, resolveAuthz authzRe
 	return a
 }
 
-func (a *TestACLAgent) ResolveToken(secretID string) (acl.Authorizer, error) {
+func (a *TestACLAgent) ResolveTokenSecret(secretID string) (acl.Authorizer, error) {
 	if a.resolveAuthzFn == nil {
-		return nil, fmt.Errorf("ResolveToken call is unexpected - no authz resolver callback set")
+		return nil, fmt.Errorf("ResolveTokenSecret call is unexpected - no authz resolver callback set")
 	}
 
 	_, authz, err := a.resolveAuthzFn(secretID)
 	return authz, err
 }
 
 func (a *TestACLAgent) ResolveTokenAndDefaultMeta(secretID string, entMeta *acl.EnterpriseMeta, authzContext *acl.AuthorizerContext) (resolver.Result, error) {
-	authz, err := a.ResolveToken(secretID)
+	authz, err := a.ResolveTokenSecret(secretID)
 	if err != nil {
 		return resolver.Result{}, err
 	}

diff --git a/agent/consul/acl.go b/agent/consul/acl.go
@@ -1130,7 +1130,7 @@ func filterACL(r *ACLResolver, tokenSecretID string, subj interface{}) error {
 }
 
 type partitionInfoNoop struct{}
-
+git add
 func (p *partitionInfoNoop) ExportsForPartition(partition string) acl.ExportedServices {
 	return acl.ExportedServices{}
 }
diff --git a/agent/consul/acl_endpoint.go b/agent/consul/acl_endpoint.go
@@ -724,7 +724,7 @@ func (a *ACL) TokenBatchRead(args *structs.ACLTokenBatchGetRequest, reply *struc
 		return err
 	}
 
-	authz, err := a.srv.ResolveToken(args.Token)
+	authz, err := a.srv.ResolveTokenSecret(args.Token)
 	if err != nil {
 		return err
 	}
@@ -817,7 +817,7 @@ func (a *ACL) PolicyBatchRead(args *structs.ACLPolicyBatchGetRequest, reply *str
 		return err
 	}
 
-	authz, err := a.srv.ResolveToken(args.Token)
+	authz, err := a.srv.ResolveTokenSecret(args.Token)
 	if err != nil {
 		return err
 	}
@@ -1206,7 +1206,7 @@ func (a *ACL) RoleBatchRead(args *structs.ACLRoleBatchGetRequest, reply *structs
 		return err
 	}
 
-	authz, err := a.srv.ResolveToken(args.Token)
+	authz, err := a.srv.ResolveTokenSecret(args.Token)
 	if err != nil {
 		return err
 	}
@@ -2149,7 +2149,7 @@ func (a *ACL) Authorize(args *structs.RemoteACLAuthorizationRequest, reply *[]st
 		return err
 	}
 
-	authz, err := a.srv.ResolveToken(args.Token)
+	authz, err := a.srv.ResolveTokenSecret(args.Token)
 	if err != nil {
 		return err
 	}