hashicorp · skpratt · Feb 7, 2023 · Feb 7, 2023
@@ -37,7 +37,7 @@ type TestACLAgent struct {
 
 // NewTestACLAgent does just enough so that all the code within agent/acl.go can work
 // Basically it needs a local state for some of the vet* functions, a logger and a delegate.
-// The key is that we are the delegate so we can control the ResolveTokenSecret responses
+// The key is that we are the delegate so we can control the ResolveToken responses
 func NewTestACLAgent(t *testing.T, name string, hcl string, resolveAuthz authzResolver, resolveIdent identResolver) *TestACLAgent {
 	t.Helper()
 
@@ -89,17 +89,17 @@ func NewTestACLAgent(t *testing.T, name string, hcl string, resolveAuthz authzRe
 	return a
 }
 
-func (a *TestACLAgent) ResolveTokenSecret(secretID string) (acl.Authorizer, error) {
+func (a *TestACLAgent) ResolveToken(secretID string) (acl.Authorizer, error) {
 	if a.resolveAuthzFn == nil {
-		return nil, fmt.Errorf("ResolveTokenSecret call is unexpected - no authz resolver callback set")
+		return nil, fmt.Errorf("ResolveToken call is unexpected - no authz resolver callback set")
 	}
 
 	_, authz, err := a.resolveAuthzFn(secretID)
 	return authz, err
 }
 
 func (a *TestACLAgent) ResolveTokenAndDefaultMeta(secretID string, entMeta *acl.EnterpriseMeta, authzContext *acl.AuthorizerContext) (resolver.Result, error) {
-	authz, err := a.ResolveTokenSecret(secretID)
+	authz, err := a.ResolveToken(secretID)
 	if err != nil {
 		return resolver.Result{}, err
 	}

@@ -993,10 +993,10 @@ func (r *ACLResolver) resolveLocallyManagedToken(token string) (structs.ACLIdent
 	return r.resolveLocallyManagedEnterpriseToken(token)
 }
 
-// ResolveTokenSecret to an acl.Authorizer and structs.ACLIdentity. The acl.Authorizer
+// ResolveToken to an acl.Authorizer and structs.ACLIdentity. The acl.Authorizer
 // can be used to check permissions granted to the token using its secret, and the
 // ACLIdentity describes the token and any defaults applied to it.
-func (r *ACLResolver) ResolveTokenSecret(tokenSecretID string) (resolver.Result, error) {
+func (r *ACLResolver) ResolveToken(tokenSecretID string) (resolver.Result, error) {
 	if !r.ACLsEnabled() {
 		return resolver.Result{Authorizer: acl.ManageAll()}, nil
 	}
@@ -1078,7 +1078,7 @@ func (r *ACLResolver) ResolveTokenAndDefaultMeta(
 	entMeta *acl.EnterpriseMeta,
 	authzContext *acl.AuthorizerContext,
 ) (resolver.Result, error) {
-	result, err := r.ResolveTokenSecret(tokenSecretID)
+	result, err := r.ResolveToken(tokenSecretID)
 	if err != nil {
 		return resolver.Result{}, err
 	}
@@ -1121,7 +1121,7 @@ func filterACLWithAuthorizer(logger hclog.Logger, authorizer acl.Authorizer, sub
 // not authorized for read access will be removed from subj.
 func filterACL(r *ACLResolver, tokenSecretID string, subj interface{}) error {
 	// Get the ACL from the token
-	authorizer, err := r.ResolveTokenSecret(tokenSecretID)
+	authorizer, err := r.ResolveToken(tokenSecretID)
 	if err != nil {
 		return err
 	}

@@ -703,7 +703,7 @@ func (a *ACL) TokenBatchRead(args *structs.ACLTokenBatchGetRequest, reply *struc
 		return err
 	}
 
-	authz, err := a.srv.ResolveTokenSecret(args.Token)
+	authz, err := a.srv.ResolveToken(args.Token)
 	if err != nil {
 		return err
 	}
@@ -796,7 +796,7 @@ func (a *ACL) PolicyBatchRead(args *structs.ACLPolicyBatchGetRequest, reply *str
 		return err
 	}
 
-	authz, err := a.srv.ResolveTokenSecret(args.Token)
+	authz, err := a.srv.ResolveToken(args.Token)
 	if err != nil {
 		return err
 	}
@@ -1182,7 +1182,7 @@ func (a *ACL) RoleBatchRead(args *structs.ACLRoleBatchGetRequest, reply *structs
 		return err
 	}
 
-	authz, err := a.srv.ResolveTokenSecret(args.Token)
+	authz, err := a.srv.ResolveToken(args.Token)
 	if err != nil {
 		return err
 	}
@@ -2115,7 +2115,7 @@ func (a *ACL) Authorize(args *structs.RemoteACLAuthorizationRequest, reply *[]st
 		return err
 	}
 
-	authz, err := a.srv.ResolveTokenSecret(args.Token)
+	authz, err := a.srv.ResolveToken(args.Token)
 	if err != nil {
 		return err
 	}