refactoring (aesthetics)

Co-Authored-By: Gabriel MABILLE <gamab@users.noreply.github.com>
2025-02-25 18:55:37 -06:00 · 2024-09-03 16:34:18 +03:00 · 2024-09-03 16:34:18 +03:00 · 125cb3c834
commit 125cb3c834
parent 499a31df53
1 changed files with 30 additions and 46 deletions
--- a/pkg/storage/unified/resource/client_wrapper.go
+++ b/pkg/storage/unified/resource/client_wrapper.go
@ -26,32 +26,27 @@ func NewLocalResourceStoreClient(server ResourceStoreServer) ResourceStoreClient
 	// scenario: local in-proc
 	channel := &inprocgrpc.Channel{}

-	grpcAuthInterceptor := grpcutils.NewInProcGrpcAuthenticator()
+	grpcAuthInt := grpcutils.NewInProcGrpcAuthenticator()
 	channel.RegisterService(
 		grpchan.InterceptServer(
 			&ResourceStore_ServiceDesc,
-			grpcAuth.UnaryServerInterceptor(grpcAuthInterceptor.Authenticate),
-			grpcAuth.StreamServerInterceptor(grpcAuthInterceptor.Authenticate),
+			grpcAuth.UnaryServerInterceptor(grpcAuthInt.Authenticate),
+			grpcAuth.StreamServerInterceptor(grpcAuthInt.Authenticate),
 		),
 		server,
 	)

-	clientInterceptor, _ := authnlib.NewGrpcClientInterceptor(
+	clientInt, _ := authnlib.NewGrpcClientInterceptor(
 		&authnlib.GrpcClientConfig{},
 		authnlib.WithDisableAccessTokenOption(),
 		authnlib.WithIDTokenExtractorOption(idTokenExtractor),
 	)
-	return NewResourceStoreClient(
-		grpchan.InterceptClientConn(
-			channel,
-			clientInterceptor.UnaryClientInterceptor,
-			clientInterceptor.StreamClientInterceptor,
-		))
+	return NewResourceStoreClient(grpchan.InterceptClientConn(channel, clientInt.UnaryClientInterceptor, clientInt.StreamClientInterceptor))
 }

 func NewResourceStoreClientGRPC(conn *grpc.ClientConn) (ResourceStoreClient, error) {
 	// scenario: remote on-prem
-	clientInterceptor, err := authnlib.NewGrpcClientInterceptor(
+	clientInt, err := authnlib.NewGrpcClientInterceptor(
 		&authnlib.GrpcClientConfig{},
 		authnlib.WithDisableAccessTokenOption(),
 		authnlib.WithIDTokenExtractorOption(idTokenExtractor),
@ -61,28 +56,12 @@ func NewResourceStoreClientGRPC(conn *grpc.ClientConn) (ResourceStoreClient, err
 		return nil, err
 	}

-	return NewResourceStoreClient(
-			grpchan.InterceptClientConn(
-				conn,
-				clientInterceptor.UnaryClientInterceptor,
-				clientInterceptor.StreamClientInterceptor,
-			)),
-		nil
+	return NewResourceStoreClient(grpchan.InterceptClientConn(conn, clientInt.UnaryClientInterceptor, clientInt.StreamClientInterceptor)), nil
 }

 func NewResourceStoreClientCloud(conn *grpc.ClientConn, cfg *setting.Cfg) (ResourceStoreClient, error) {
 	// scenario: remote cloud
-	grpcClientCfg := grpcutils.ReadGrpcClientConfig(cfg)
-	grpcClientConfig := authnlib.GrpcClientConfig{
-		TokenClientConfig: &authnlib.TokenExchangeConfig{
-			Token:            grpcClientCfg.Token,
-			TokenExchangeURL: grpcClientCfg.TokenExchangeURL,
-		},
-		TokenRequest: &authnlib.TokenExchangeRequest{
-			Namespace: grpcClientCfg.TokenNamespace,
-			Audiences: []string{resourceStoreAudience},
-		},
-	}
+	grpcClientConfig := clientCfgMapping(grpcutils.ReadGrpcClientConfig(cfg))

 	opts := []authnlib.GrpcClientInterceptorOption{
 		authnlib.WithIDTokenExtractorOption(idTokenExtractor),
@ -90,29 +69,15 @@ func NewResourceStoreClientCloud(conn *grpc.ClientConn, cfg *setting.Cfg) (Resou
 	}

 	if cfg.Env == setting.Dev {
-		client := &http.Client{Transport: &http.Transport{TLSClientConfig: &tls.Config{InsecureSkipVerify: true}}}
-		tokenClient, _ := authnlib.NewTokenExchangeClient(
-			*grpcClientConfig.TokenClientConfig,
-			authnlib.WithHTTPClient(client),
-		)
-		opts = append(opts, authnlib.WithTokenClientOption(tokenClient))
+		opts = allowInsecureTransportOpt(&grpcClientConfig, opts)
 	}

-	clientInterceptor, err := authnlib.NewGrpcClientInterceptor(
-		&grpcClientConfig,
-		opts...,
-	)
+	clientInt, err := authnlib.NewGrpcClientInterceptor(&grpcClientConfig, opts...)
 	if err != nil {
 		return nil, err
 	}

-	return NewResourceStoreClient(
-			grpchan.InterceptClientConn(
-				conn,
-				clientInterceptor.UnaryClientInterceptor,
-				clientInterceptor.StreamClientInterceptor,
-			)),
-		nil
+	return NewResourceStoreClient(grpchan.InterceptClientConn(conn, clientInt.UnaryClientInterceptor, clientInt.StreamClientInterceptor)), nil
 }

 func idTokenExtractor(ctx context.Context) (string, error) {
@ -143,3 +108,22 @@ func stackIdExtractor(stackID string) func(ctx context.Context) (key string, val
 		return authzlib.DefaultStackIDMetadataKey, []string{stackID}, nil
 	}
 }
+
+func allowInsecureTransportOpt(grpcClientConfig *authnlib.GrpcClientConfig, opts []authnlib.GrpcClientInterceptorOption) []authnlib.GrpcClientInterceptorOption {
+	client := &http.Client{Transport: &http.Transport{TLSClientConfig: &tls.Config{InsecureSkipVerify: true}}}
+	tokenClient, _ := authnlib.NewTokenExchangeClient(*grpcClientConfig.TokenClientConfig, authnlib.WithHTTPClient(client))
+	return append(opts, authnlib.WithTokenClientOption(tokenClient))
+}
+
+func clientCfgMapping(clientCfg *grpcutils.GrpcClientConfig) authnlib.GrpcClientConfig {
+	return authnlib.GrpcClientConfig{
+		TokenClientConfig: &authnlib.TokenExchangeConfig{
+			Token:            clientCfg.Token,
+			TokenExchangeURL: clientCfg.TokenExchangeURL,
+		},
+		TokenRequest: &authnlib.TokenExchangeRequest{
+			Namespace: clientCfg.TokenNamespace,
+			Audiences: []string{resourceStoreAudience},
+		},
+	}
+}