[extensionauth] Split by protocol type

mx-psi · mx-psi · commit 5427cb516d1f · 2025-03-06T18:03:28.000+01:00
diff --git a/config/configauth/configauth.go b/config/configauth/configauth.go
@@ -40,12 +40,25 @@ func (a Authentication) GetServerAuthenticator(_ context.Context, extensions map
 	return nil, fmt.Errorf("failed to resolve authenticator %q: %w", a.AuthenticatorID, errAuthenticatorNotFound)
 }
 
-// GetClientAuthenticator attempts to select the appropriate extensionauth.Client from the list of extensions,
+// GetHTTPClientAuthenticator attempts to select the appropriate extensionauth.Client from the list of extensions,
 // based on the component id of the extension. If an authenticator is not found, an error is returned.
 // This should be only used by HTTP clients.
-func (a Authentication) GetClientAuthenticator(_ context.Context, extensions map[component.ID]component.Component) (extensionauth.Client, error) {
+func (a Authentication) GetHTTPClientAuthenticator(_ context.Context, extensions map[component.ID]component.Component) (extensionauth.HTTPClient, error) {
 	if ext, found := extensions[a.AuthenticatorID]; found {
-		if client, ok := ext.(extensionauth.Client); ok {
+		if client, ok := ext.(extensionauth.HTTPClient); ok {
+			return client, nil
+		}
+		return nil, errNotClient
+	}
+	return nil, fmt.Errorf("failed to resolve authenticator %q: %w", a.AuthenticatorID, errAuthenticatorNotFound)
+}
+
+// GetGRPCClientAuthenticator attempts to select the appropriate extensionauth.Client from the list of extensions,
+// based on the component id of the extension. If an authenticator is not found, an error is returned.
+// This should be only used by HTTP clients.
+func (a Authentication) GetGRPCClientAuthenticator(_ context.Context, extensions map[component.ID]component.Component) (extensionauth.GRPCClient, error) {
+	if ext, found := extensions[a.AuthenticatorID]; found {
+		if client, ok := ext.(extensionauth.GRPCClient); ok {
 			return client, nil
 		}
 		return nil, errNotClient
diff --git a/config/configauth/configauth_test.go b/config/configauth/configauth_test.go
@@ -110,7 +110,7 @@ func TestGetClient(t *testing.T) {
 				mockID: tt.authenticator,
 			}
 
-			authenticator, err := cfg.GetClientAuthenticator(context.Background(), ext)
+			authenticator, err := cfg.GetHTTPClientAuthenticator(context.Background(), ext)
 
 			// verify
 			if tt.expected != nil {
@@ -128,7 +128,7 @@ func TestGetClientFails(t *testing.T) {
 	cfg := &Authentication{
 		AuthenticatorID: component.MustNewID("does_not_exist"),
 	}
-	authenticator, err := cfg.GetClientAuthenticator(context.Background(), map[component.ID]component.Component{})
+	authenticator, err := cfg.GetGRPCClientAuthenticator(context.Background(), map[component.ID]component.Component{})
 	require.ErrorIs(t, err, errAuthenticatorNotFound)
 	assert.Nil(t, authenticator)
 }
diff --git a/config/configgrpc/configgrpc.go b/config/configgrpc/configgrpc.go
@@ -322,7 +322,7 @@ func (gcs *ClientConfig) getGrpcDialOptions(
 			return nil, errors.New("no extensions configuration available")
 		}
 
-		grpcAuthenticator, cerr := gcs.Auth.GetClientAuthenticator(ctx, host.GetExtensions())
+		grpcAuthenticator, cerr := gcs.Auth.GetGRPCClientAuthenticator(ctx, host.GetExtensions())
 		if cerr != nil {
 			return nil, cerr
 		}
diff --git a/config/configgrpc/configgrpc_test.go b/config/configgrpc/configgrpc_test.go
@@ -40,7 +40,7 @@ func mustNewServerAuth(t *testing.T, opts ...extensionauth.ServerOption) extensi
 	return srv
 }
 
-func mustNewClientAuth(t *testing.T, opts ...extensionauth.ClientOption) extensionauth.Client {
+func mustNewClientAuth(t *testing.T, opts ...extensionauth.ClientOption) *extensionauth.Client {
 	t.Helper()
 	client, err := extensionauth.NewClient(opts...)
 	require.NoError(t, err)
diff --git a/config/confighttp/confighttp.go b/config/confighttp/confighttp.go
@@ -203,7 +203,7 @@ func (hcs *ClientConfig) ToClient(ctx context.Context, host component.Host, sett
 			return nil, errors.New("extensions configuration not found")
 		}
 
-		httpCustomAuthRoundTripper, aerr := hcs.Auth.GetClientAuthenticator(ctx, ext)
+		httpCustomAuthRoundTripper, aerr := hcs.Auth.GetHTTPClientAuthenticator(ctx, ext)
 		if aerr != nil {
 			return nil, aerr
 		}
diff --git a/extension/extensionauth/client.go b/extension/extensionauth/client.go
@@ -12,27 +12,34 @@ import (
 	"go.opentelemetry.io/collector/extension"
 )
 
-// Client is an Extension that can be used as an authenticator for the configauth.Authentication option.
+// HTTPClient is an Extension that can be used as an HTTP authenticator for the configauth.Authentication option.
 // Authenticators are then included as part of OpenTelemetry Collector builds and can be referenced by their
 // names from the Authentication configuration.
-type Client interface {
+type HTTPClient interface {
 	extension.Extension
 
 	// RoundTripper returns a RoundTripper that can be used to authenticate HTTP requests.
 	RoundTripper(base http.RoundTripper) (http.RoundTripper, error)
+}
+
+// GRPCClient is an Extension that can be used as an HTTP authenticator for the configauth.Authentication option.
+// Authenticators are then included as part of OpenTelemetry Collector builds and can be referenced by their
+// names from the Authentication configuration.
+type GRPCClient interface {
+	extension.Extension
 
 	// PerRPCCredentials returns a PerRPCCredentials that can be used to authenticate gRPC requests.
 	PerRPCCredentials() (credentials.PerRPCCredentials, error)
 }
 
 // ClientOption represents the possible options for NewClient.
 type ClientOption interface {
-	apply(*defaultClient)
+	apply(*Client)
 }
 
-type clientOptionFunc func(*defaultClient)
+type clientOptionFunc func(*Client)
 
-func (of clientOptionFunc) apply(e *defaultClient) {
+func (of clientOptionFunc) apply(e *Client) {
 	of(e)
 }
 
@@ -42,25 +49,29 @@ type ClientRoundTripperFunc func(base http.RoundTripper) (http.RoundTripper, err
 // ClientPerRPCCredentialsFunc specifies the function that returns a PerRPCCredentials that can be used to authenticate gRPC requests.
 type ClientPerRPCCredentialsFunc func() (credentials.PerRPCCredentials, error)
 
-var _ Client = (*defaultClient)(nil)
+var (
+	_ HTTPClient = (*Client)(nil)
+	_ GRPCClient = (*Client)(nil)
+)
 
-type defaultClient struct {
+// Client is an Extension that can be used as an HTTP and gRPC authenticator for the configauth.Authentication option.
+type Client struct {
 	component.StartFunc
 	component.ShutdownFunc
 	clientRoundTripperFunc      ClientRoundTripperFunc
 	clientPerRPCCredentialsFunc ClientPerRPCCredentialsFunc
 }
 
 // PerRPCCredentials implements Client.
-func (d *defaultClient) PerRPCCredentials() (credentials.PerRPCCredentials, error) {
+func (d *Client) PerRPCCredentials() (credentials.PerRPCCredentials, error) {
 	if d.clientPerRPCCredentialsFunc == nil {
 		return nil, nil
 	}
 	return d.clientPerRPCCredentialsFunc()
 }
 
 // RoundTripper implements Client.
-func (d *defaultClient) RoundTripper(base http.RoundTripper) (http.RoundTripper, error) {
+func (d *Client) RoundTripper(base http.RoundTripper) (http.RoundTripper, error) {
 	if d.clientRoundTripperFunc == nil {
 		return base, nil
 	}
@@ -70,38 +81,38 @@ func (d *defaultClient) RoundTripper(base http.RoundTripper) (http.RoundTripper,
 // WithClientStart overrides the default `Start` function for a component.Component.
 // The default always returns nil.
 func WithClientStart(startFunc component.StartFunc) ClientOption {
-	return clientOptionFunc(func(o *defaultClient) {
+	return clientOptionFunc(func(o *Client) {
 		o.StartFunc = startFunc
 	})
 }
 
 // WithClientShutdown overrides the default `Shutdown` function for a component.Component.
 // The default always returns nil.
 func WithClientShutdown(shutdownFunc component.ShutdownFunc) ClientOption {
-	return clientOptionFunc(func(o *defaultClient) {
+	return clientOptionFunc(func(o *Client) {
 		o.ShutdownFunc = shutdownFunc
 	})
 }
 
 // WithClientRoundTripper provides a `RoundTripper` function for this client authenticator.
 // The default round tripper is no-op.
 func WithClientRoundTripper(roundTripperFunc ClientRoundTripperFunc) ClientOption {
-	return clientOptionFunc(func(o *defaultClient) {
+	return clientOptionFunc(func(o *Client) {
 		o.clientRoundTripperFunc = roundTripperFunc
 	})
 }
 
 // WithClientPerRPCCredentials provides a `PerRPCCredentials` function for this client authenticator.
 // There's no default.
 func WithClientPerRPCCredentials(perRPCCredentialsFunc ClientPerRPCCredentialsFunc) ClientOption {
-	return clientOptionFunc(func(o *defaultClient) {
+	return clientOptionFunc(func(o *Client) {
 		o.clientPerRPCCredentialsFunc = perRPCCredentialsFunc
 	})
 }
 
 // NewClient returns a Client configured with the provided options.
-func NewClient(options ...ClientOption) (Client, error) {
-	bc := &defaultClient{}
+func NewClient(options ...ClientOption) (*Client, error) {
+	bc := &Client{}
 
 	for _, op := range options {
 		op.apply(bc)

Original file line number	Diff line number	Diff line change
`@@ -110,7 +110,7 @@ func TestGetClient(t *testing.T) {`
`110`	`110`	`mockID: tt.authenticator,`
`111`	`111`	`}`
`112`	`112`
`113`		`- authenticator, err := cfg.GetClientAuthenticator(context.Background(), ext)`
	`113`	`+ authenticator, err := cfg.GetHTTPClientAuthenticator(context.Background(), ext)`
`114`	`114`
`115`	`115`	`// verify`
`116`	`116`	`if tt.expected != nil {`
`@@ -128,7 +128,7 @@ func TestGetClientFails(t *testing.T) {`
`128`	`128`	`cfg := &Authentication{`
`129`	`129`	`AuthenticatorID: component.MustNewID("does_not_exist"),`
`130`	`130`	`}`
`131`		`- authenticator, err := cfg.GetClientAuthenticator(context.Background(), map[component.ID]component.Component{})`
	`131`	`+ authenticator, err := cfg.GetGRPCClientAuthenticator(context.Background(), map[component.ID]component.Component{})`
`132`	`132`	`require.ErrorIs(t, err, errAuthenticatorNotFound)`
`133`	`133`	`assert.Nil(t, authenticator)`
`134`	`134`	`}`
Original file line number	Diff line number	Diff line change
`@@ -322,7 +322,7 @@ func (gcs *ClientConfig) getGrpcDialOptions(`
`322`	`322`	`return nil, errors.New("no extensions configuration available")`
`323`	`323`	`}`
`324`	`324`
`325`		`- grpcAuthenticator, cerr := gcs.Auth.GetClientAuthenticator(ctx, host.GetExtensions())`
	`325`	`+ grpcAuthenticator, cerr := gcs.Auth.GetGRPCClientAuthenticator(ctx, host.GetExtensions())`
`326`	`326`	`if cerr != nil {`
`327`	`327`	`return nil, cerr`
`328`	`328`	`}`
Original file line number	Diff line number	Diff line change
`@@ -40,7 +40,7 @@ func mustNewServerAuth(t *testing.T, opts ...extensionauth.ServerOption) extensi`
`40`	`40`	`return srv`
`41`	`41`	`}`
`42`	`42`
`43`		`-func mustNewClientAuth(t *testing.T, opts ...extensionauth.ClientOption) extensionauth.Client {`
	`43`	`+func mustNewClientAuth(t testing.T, opts ...extensionauth.ClientOption) extensionauth.Client {`
`44`	`44`	`t.Helper()`
`45`	`45`	`client, err := extensionauth.NewClient(opts...)`
`46`	`46`	`require.NoError(t, err)`
Original file line number	Diff line number	Diff line change
`@@ -203,7 +203,7 @@ func (hcs *ClientConfig) ToClient(ctx context.Context, host component.Host, sett`
`203`	`203`	`return nil, errors.New("extensions configuration not found")`
`204`	`204`	`}`
`205`	`205`
`206`		`- httpCustomAuthRoundTripper, aerr := hcs.Auth.GetClientAuthenticator(ctx, ext)`
	`206`	`+ httpCustomAuthRoundTripper, aerr := hcs.Auth.GetHTTPClientAuthenticator(ctx, ext)`
`207`	`207`	`if aerr != nil {`
`208`	`208`	`return nil, aerr`
`209`	`209`	`}`