Uploaded image for project: 'Couchbase C client library libcouchbase'
  1. Couchbase C client library libcouchbase
  2. CCBC-1216

Add support for user impersonation

    XMLWordPrintable

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 3.2.2
    • library

    Description

      Implement user impersonation as specified. See the parent ticket for more information and reference to the Go SDK which has already been completed.

      From internal discussions, note that we will need to perform the following:

      1. Review the User Impersonation SDK-RFC on this topic to be sure we're being consistent with the RFC and Go implementation.
      2. Refactor the framing extras (flexible extras) logic to support the new user impersonation framing extra.
      3. Also note that any services using HTTP will need to pass the new cb-on-behalf-of header value. See the Go SDK implementation for reference if needed.
      4. We will introduce internal functions (not shown on the public interface) for each of the affected command functions based on a consistent pattern using onbehalfof. For example, for a Query request command, it will be: lcb_cmdquery_onbehalfof(lcb_CMDQUERY *cmd, const char *user, size_t user_len) and for a KV store command it would be lcb_cmdstore_onbehalfof(lcb_CMDSTORE *cmd, const char *user, size_t user_len).

      Attachments

        Issue Links

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            brett19 Brett Lawson created issue -
            brett19 Brett Lawson made changes -
            Field Original Value New Value
            Link This issue blocks CBD-3347 [ CBD-3347 ]
            avsej Sergey Avseyev made changes -
            Status New [ 10003 ] Open [ 1 ]
            avsej Sergey Avseyev made changes -
            Fix Version/s 3.0.2 [ 16717 ]
            brett19 Brett Lawson made changes -
            Story Points 1
            avsej Sergey Avseyev made changes -
            Fix Version/s 3.0.3 [ 16778 ]
            Fix Version/s 3.0.2 [ 16717 ]
            arun.vijayraghavan Arun Vijayraghavan made changes -
            Labels 6.6.0 sdk-3-1
            avsej Sergey Avseyev made changes -
            Fix Version/s 3.0.4 [ 16919 ]
            Fix Version/s 3.0.3 [ 16778 ]
            avsej Sergey Avseyev made changes -
            Fix Version/s 3.0.5 [ 17057 ]
            Fix Version/s 3.0.4 [ 16919 ]
            avsej Sergey Avseyev made changes -
            Fix Version/s 3.0.6 [ 17114 ]
            Fix Version/s 3.0.6 [ 17114 ]
            Fix Version/s 3.0.5 [ 17057 ]
            avsej Sergey Avseyev made changes -
            Component/s tools [ 13412 ]
            avsej Sergey Avseyev made changes -
            Fix Version/s 3.0.7 [ 17120 ]
            Fix Version/s 3.0.6 [ 17114 ]
            arun.vijayraghavan Arun Vijayraghavan made changes -
            Labels 6.6.0 sdk-3-1 sdk-3-2
            arun.vijayraghavan Arun Vijayraghavan made changes -
            Remote Link This issue links to "Page (Couchbase, Inc. Wiki)" [ 20977 ]
            jeelan.poola Jeelan Poola added a comment -

            Sergey Avseyev Would be great to know if there is any ETA on when this will be available in lcb 3.x (used by CB Server 7.0).

            jeelan.poola Jeelan Poola added a comment - Sergey Avseyev Would be great to know if there is any ETA on when this will be available in lcb 3.x (used by CB Server 7.0).
            avsej Sergey Avseyev made changes -
            Fix Version/s 3.0.8 [ 17210 ]
            Fix Version/s 3.0.7 [ 17120 ]
            avsej Sergey Avseyev made changes -
            Component/s library [ 10110 ]
            Component/s tools [ 13412 ]
            avsej Sergey Avseyev made changes -
            Fix Version/s 3.1.0 [ 17008 ]
            Fix Version/s 3.0.8 [ 17210 ]
            arun.vijayraghavan Arun Vijayraghavan made changes -
            Labels sdk-3-2 sdk-cheshirecat
            arun.vijayraghavan Arun Vijayraghavan made changes -
            Remote Link This issue links to "Page (Couchbase, Inc. Wiki)" [ 21817 ]
            arun.vijayraghavan Arun Vijayraghavan made changes -
            Remote Link This issue links to "Page (Couchbase, Inc. Wiki)" [ 20977 ]
            pablo.silberkasten Pablo Silberkasten (Inactive) made changes -
            Sprint SDK22: Ubuntu - User Impers. [ 1518 ]
            pablo.silberkasten Pablo Silberkasten (Inactive) made changes -
            Rank Ranked lower
            ingenthr Matt Ingenthron made changes -
            Sprint SDK22: Ubuntu - User Impers. [ 1518 ]
            ingenthr Matt Ingenthron made changes -
            Rank Ranked higher
            arun.vijayraghavan Arun Vijayraghavan made changes -
            Remote Link This issue links to "Page (Couchbase, Inc. Wiki)" [ 21817 ]
            ingenthr Matt Ingenthron made changes -
            Fix Version/s 3.2.0 [ 17008 ]

            Matt Ingenthron Hoping this is coming much before 3.2.0, hence your change to fixVersion

            jeelan.poola Jeelan Poola added a comment - Matt Ingenthron Hoping this is coming much before 3.2.0, hence your change to fixVersion

            Jeelan Poola, this isn't part of server 7.0 functionality, and will be added to lcb later.  eventing will probably also need to overhaul the way auth credentials are provided too, as the current mechanism effectively does everything as a single cbauth manged set of credentials.  Does eventing currently allow functions to be defined with an on-behalf-of?

            3.2.0 is the lcb release aligned to CheshireCat.

            ingenthr Matt Ingenthron added a comment - Jeelan Poola , this isn't part of server 7.0 functionality, and will be added to lcb later.  eventing will probably also need to overhaul the way auth credentials are provided too, as the current mechanism effectively does everything as a single cbauth manged set of credentials.  Does eventing currently allow functions to be defined with an on-behalf-of? 3.2.0 is the lcb release aligned to CheshireCat.

            Matt Ingenthron Yes, eventing needs significant changes to uptake on-behalf-of. We have designed & planned for the same post 7.0. Eventing tasks will be expedited based on lcb release timelines. DaveF also mentioned, other services like Query also need to uptake this. So, I guess it will be a pan-server effort overall.

            jeelan.poola Jeelan Poola added a comment - Matt Ingenthron Yes, eventing needs significant changes to uptake on-behalf-of. We have designed & planned for the same post 7.0. Eventing tasks will be expedited based on lcb release timelines. DaveF also mentioned, other services like Query also need to uptake this. So, I guess it will be a pan-server effort overall.
            brett19 Brett Lawson made changes -
            Labels sdk-cheshirecat post-7.0
            ray.cardillo Ray Cardillo made changes -
            Description The SDK should implement user impersonation. See the parent ticket for more information. Implement user impersonation as specified. See the parent ticket for more information and reference to the Go SDK which has already been completed.

            From internal discussions, note that we will need to perform the following:
             # Review the [User Impersonation SDK-RFC|https://docs.google.com/document/d/18FTOTIHktHjrntMT2A4qApZco7i5FZwlTEqUcyaquqo/edit#] on this topic to be sure we're being consistent with the Go implementation.
             # Refactor the framing extras (flexible extras) logic to support the new *user impersonation framing extra*.
             # We will introduce internal functions (not shown on the public interface) for each of the affected command functions based on a consistent pattern using *{{onbehalfof}}*. For example, for a Query request command, it will be: *{{lcb_cmdquery_onbehalfof(lcb_CMDQUERY *cmd, const char *user, size_t user_len)}}* and for a KV store command it would be *{{lcb_cmdstore_onbehalfof(lcb_CMDSTORE *cmd, const char *user, size_t user_len)}}*.
            ray.cardillo Ray Cardillo made changes -
            Description Implement user impersonation as specified. See the parent ticket for more information and reference to the Go SDK which has already been completed.

            From internal discussions, note that we will need to perform the following:
             # Review the [User Impersonation SDK-RFC|https://docs.google.com/document/d/18FTOTIHktHjrntMT2A4qApZco7i5FZwlTEqUcyaquqo/edit#] on this topic to be sure we're being consistent with the Go implementation.
             # Refactor the framing extras (flexible extras) logic to support the new *user impersonation framing extra*.
             # We will introduce internal functions (not shown on the public interface) for each of the affected command functions based on a consistent pattern using *{{onbehalfof}}*. For example, for a Query request command, it will be: *{{lcb_cmdquery_onbehalfof(lcb_CMDQUERY *cmd, const char *user, size_t user_len)}}* and for a KV store command it would be *{{lcb_cmdstore_onbehalfof(lcb_CMDSTORE *cmd, const char *user, size_t user_len)}}*.
            Implement user impersonation as specified. See the parent ticket for more information and reference to the Go SDK which has already been completed.

            From internal discussions, note that we will need to perform the following:
             # Review the [User Impersonation SDK-RFC|https://docs.google.com/document/d/18FTOTIHktHjrntMT2A4qApZco7i5FZwlTEqUcyaquqo/edit#] on this topic to be sure we're being consistent with the Go implementation.
             # Refactor the framing extras (flexible extras) logic to support the new *user impersonation framing extra*.
             # Also note that any services using HTTP will need to pass the new *{{on-behalf-of}}* header value.
             # We will introduce internal functions (not shown on the public interface) for each of the affected command functions based on a consistent pattern using *{{onbehalfof}}*. For example, for a Query request command, it will be: *{{lcb_cmdquery_onbehalfof(lcb_CMDQUERY *cmd, const char *user, size_t user_len)}}* and for a KV store command it would be *{{lcb_cmdstore_onbehalfof(lcb_CMDSTORE *cmd, const char *user, size_t user_len)}}*.
            ray.cardillo Ray Cardillo made changes -
            Description Implement user impersonation as specified. See the parent ticket for more information and reference to the Go SDK which has already been completed.

            From internal discussions, note that we will need to perform the following:
             # Review the [User Impersonation SDK-RFC|https://docs.google.com/document/d/18FTOTIHktHjrntMT2A4qApZco7i5FZwlTEqUcyaquqo/edit#] on this topic to be sure we're being consistent with the Go implementation.
             # Refactor the framing extras (flexible extras) logic to support the new *user impersonation framing extra*.
             # Also note that any services using HTTP will need to pass the new *{{on-behalf-of}}* header value.
             # We will introduce internal functions (not shown on the public interface) for each of the affected command functions based on a consistent pattern using *{{onbehalfof}}*. For example, for a Query request command, it will be: *{{lcb_cmdquery_onbehalfof(lcb_CMDQUERY *cmd, const char *user, size_t user_len)}}* and for a KV store command it would be *{{lcb_cmdstore_onbehalfof(lcb_CMDSTORE *cmd, const char *user, size_t user_len)}}*.
            Implement user impersonation as specified. See the parent ticket for more information and reference to the Go SDK which has already been completed.

            From internal discussions, note that we will need to perform the following:
             # Review the [User Impersonation SDK-RFC|https://docs.google.com/document/d/18FTOTIHktHjrntMT2A4qApZco7i5FZwlTEqUcyaquqo/edit#] on this topic to be sure we're being consistent with the Go implementation.
             # Refactor the framing extras (flexible extras) logic to support the new *user impersonation framing extra*.
             # Also note that any services using HTTP will need to pass the new *{{on-behalf-of}}* header value. See the Go SDK implementation for reference if needed.
             # We will introduce internal functions (not shown on the public interface) for each of the affected command functions based on a consistent pattern using *{{onbehalfof}}*. For example, for a Query request command, it will be: *{{lcb_cmdquery_onbehalfof(lcb_CMDQUERY *cmd, const char *user, size_t user_len)}}* and for a KV store command it would be *{{lcb_cmdstore_onbehalfof(lcb_CMDSTORE *cmd, const char *user, size_t user_len)}}*.
            ray.cardillo Ray Cardillo made changes -
            Description Implement user impersonation as specified. See the parent ticket for more information and reference to the Go SDK which has already been completed.

            From internal discussions, note that we will need to perform the following:
             # Review the [User Impersonation SDK-RFC|https://docs.google.com/document/d/18FTOTIHktHjrntMT2A4qApZco7i5FZwlTEqUcyaquqo/edit#] on this topic to be sure we're being consistent with the Go implementation.
             # Refactor the framing extras (flexible extras) logic to support the new *user impersonation framing extra*.
             # Also note that any services using HTTP will need to pass the new *{{on-behalf-of}}* header value. See the Go SDK implementation for reference if needed.
             # We will introduce internal functions (not shown on the public interface) for each of the affected command functions based on a consistent pattern using *{{onbehalfof}}*. For example, for a Query request command, it will be: *{{lcb_cmdquery_onbehalfof(lcb_CMDQUERY *cmd, const char *user, size_t user_len)}}* and for a KV store command it would be *{{lcb_cmdstore_onbehalfof(lcb_CMDSTORE *cmd, const char *user, size_t user_len)}}*.
            Implement user impersonation as specified. See the parent ticket for more information and reference to the Go SDK which has already been completed.

            From internal discussions, note that we will need to perform the following:
             # Review the [User Impersonation SDK-RFC|https://docs.google.com/document/d/18FTOTIHktHjrntMT2A4qApZco7i5FZwlTEqUcyaquqo/edit#] on this topic to be sure we're being consistent with the Go implementation.
             # Refactor the framing extras (flexible extras) logic to support the new *user impersonation framing extra*.
             # Also note that any services using HTTP will need to pass the new *{{cb-on-behalf-of}}* header value. See the Go SDK implementation for reference if needed.
             # We will introduce internal functions (not shown on the public interface) for each of the affected command functions based on a consistent pattern using *{{onbehalfof}}*. For example, for a Query request command, it will be: *{{lcb_cmdquery_onbehalfof(lcb_CMDQUERY *cmd, const char *user, size_t user_len)}}* and for a KV store command it would be *{{lcb_cmdstore_onbehalfof(lcb_CMDSTORE *cmd, const char *user, size_t user_len)}}*.
            ray.cardillo Ray Cardillo made changes -
            Description Implement user impersonation as specified. See the parent ticket for more information and reference to the Go SDK which has already been completed.

            From internal discussions, note that we will need to perform the following:
             # Review the [User Impersonation SDK-RFC|https://docs.google.com/document/d/18FTOTIHktHjrntMT2A4qApZco7i5FZwlTEqUcyaquqo/edit#] on this topic to be sure we're being consistent with the Go implementation.
             # Refactor the framing extras (flexible extras) logic to support the new *user impersonation framing extra*.
             # Also note that any services using HTTP will need to pass the new *{{cb-on-behalf-of}}* header value. See the Go SDK implementation for reference if needed.
             # We will introduce internal functions (not shown on the public interface) for each of the affected command functions based on a consistent pattern using *{{onbehalfof}}*. For example, for a Query request command, it will be: *{{lcb_cmdquery_onbehalfof(lcb_CMDQUERY *cmd, const char *user, size_t user_len)}}* and for a KV store command it would be *{{lcb_cmdstore_onbehalfof(lcb_CMDSTORE *cmd, const char *user, size_t user_len)}}*.
            Implement user impersonation as specified. See the parent ticket for more information and reference to the Go SDK which has already been completed.

            From internal discussions, note that we will need to perform the following:
             # Review the [User Impersonation SDK-RFC|https://docs.google.com/document/d/18FTOTIHktHjrntMT2A4qApZco7i5FZwlTEqUcyaquqo/edit#] on this topic to be sure we're being consistent with the RFC and Go implementation.
             # Refactor the framing extras (flexible extras) logic to support the new *user impersonation framing extra*.
             # Also note that any services using HTTP will need to pass the new *{{cb-on-behalf-of}}* header value. See the Go SDK implementation for reference if needed.
             # We will introduce internal functions (not shown on the public interface) for each of the affected command functions based on a consistent pattern using *{{onbehalfof}}*. For example, for a Query request command, it will be: *{{lcb_cmdquery_onbehalfof(lcb_CMDQUERY *cmd, const char *user, size_t user_len)}}* and for a KV store command it would be *{{lcb_cmdstore_onbehalfof(lcb_CMDSTORE *cmd, const char *user, size_t user_len)}}*.
            ray.cardillo Ray Cardillo made changes -
            Labels post-7.0 neo post-7.0
            ray.cardillo Ray Cardillo made changes -
            Sprint SDK34: CB++, OBO [ 1717 ]
            ray.cardillo Ray Cardillo made changes -
            Rank Ranked higher
            avsej Sergey Avseyev made changes -
            Fix Version/s 3.2.2 [ 17647 ]
            ray.cardillo Ray Cardillo made changes -
            Epic Link CBD-3347 [ 125151 ]
            arun.vijayraghavan Arun Vijayraghavan made changes -
            Labels neo post-7.0 sdkapi-3.3
            arun.vijayraghavan Arun Vijayraghavan made changes -
            Remote Link This issue links to "Page (Couchbase, Inc. Wiki)" [ 23007 ]
            avsej Sergey Avseyev made changes -
            Status Open [ 1 ] In Progress [ 3 ]
            ray.cardillo Ray Cardillo made changes -
            Link This issue relates to MB-47817 [ MB-47817 ]
            ray.cardillo Ray Cardillo added a comment -

            Adding reference link to MB-47817 because that update and testing must be done before using anything that comes from this ticket.

            ray.cardillo Ray Cardillo added a comment - Adding reference link to MB-47817 because that update and testing must be done before using anything that comes from this ticket.

            Update: It was found that the feature is not properly described for HTTP services. The value should be base64-encoded along with the domain.
            https://github.com/couchbase/cbauth/blob/7b0c203a21afbd59127e8722950a7145ef18fd2a/utils.go#L59

            It poses the question whether the domain should be received from the application? The SDK does not have this information, so we cannot hard-code some value. So the API for HTTP services would look like

            LIBCOUCHBASE_API lcb_STATUS lcb_cmdquery_on_behalf_of(lcb_CMDQUERY *cmd, const char *user, size_t user_len, const char *domain, size_t domain_len);
            

            instead of

            LIBCOUCHBASE_API lcb_STATUS lcb_cmdquery_on_behalf_of(lcb_CMDQUERY *cmd, const char *user, size_t user_len);
            

            KV spec describes that external users should have prefix ^. Should it go as seconrd argument (domain)?

            https://github.com/couchbase/kv_engine/blob/master/docs/BinaryProtocol.md#id4---impersonate-user

            Request the server to execute the command as the provided user username (must be present) to identify users defined outside Couchbase (ldap) the username must be prefixed with ^ (ex: ^trond). Local users do not need a prefix.

            Can we define some enumeration with only two values Local and External, and instead of accepting string domain for HTTP services, translate enum value into some static string?

            Ankit Prabhu said he will clarify these questions soon. Until then the change will be in review state.

            avsej Sergey Avseyev added a comment - Update: It was found that the feature is not properly described for HTTP services. The value should be base64-encoded along with the domain. https://github.com/couchbase/cbauth/blob/7b0c203a21afbd59127e8722950a7145ef18fd2a/utils.go#L59 It poses the question whether the domain should be received from the application? The SDK does not have this information, so we cannot hard-code some value. So the API for HTTP services would look like LIBCOUCHBASE_API lcb_STATUS lcb_cmdquery_on_behalf_of(lcb_CMDQUERY *cmd, const char *user, size_t user_len, const char *domain, size_t domain_len); instead of LIBCOUCHBASE_API lcb_STATUS lcb_cmdquery_on_behalf_of(lcb_CMDQUERY *cmd, const char *user, size_t user_len); KV spec describes that external users should have prefix ^ . Should it go as seconrd argument (domain)? https://github.com/couchbase/kv_engine/blob/master/docs/BinaryProtocol.md#id4---impersonate-user Request the server to execute the command as the provided user username (must be present) to identify users defined outside Couchbase (ldap) the username must be prefixed with ^ (ex: ^trond). Local users do not need a prefix. Can we define some enumeration with only two values Local and External, and instead of accepting string domain for HTTP services, translate enum value into some static string? Ankit Prabhu said he will clarify these questions soon. Until then the change will be in review state.
            jeelan.poola Jeelan Poola added a comment - - edited Cc Kamini Jagtiani Meni Hillel Steve Watanabe Dave Rigby Daniel Owen for inputs.
            ray.cardillo Ray Cardillo made changes -
            Sprint SDK34: CB++, OBO, Connect Prep [ 1717 ] SDK34: CB++, OBO, Connect Prep, SDK36: Connect Prep/Recording [ 1717, 1718 ]
            ray.cardillo Ray Cardillo made changes -
            Rank Ranked higher

            Can we define some enumeration with only two values Local and External, and instead of accepting string domain for HTTP services, translate enum value into some static string?
            Ankit Prabhu said he will clarify these questions soon. Until then the change will be in review state.

             Hareen Kancharla, Artem Stemkovski Could you please confirm which format to use for "cb-on-behalf-of" http header?

            ankit.prabhu Ankit Prabhu added a comment - Can we define some enumeration with only two values Local and External, and instead of accepting string domain for HTTP services, translate enum value into some static string? Ankit Prabhu said he will clarify these questions soon. Until then the change will be in review state.   Hareen Kancharla , Artem Stemkovski Could you please confirm which format to use for "cb-on-behalf-of" http header?

            Jeelan Poola - After discussion with the team today, I think what we've provided currently is sufficient, and I just want to confirm you agree. Since it's an internal feature, we're just treating the value as an opaque string, and any special formatting of the string would be done by the caller (including Base64 if needed for Query). This is true for KV as well as Query, and since this can be set specifically for each command/operation, that strategy should be easy to navigate depending on context of use, and then you have the passthrough you need for this without anything getting in the way in between.

            If that all sounds like what you expect, can you just confirm, so we know we're all set on this?

            ray.cardillo Ray Cardillo added a comment - Jeelan Poola  - After discussion with the team today, I think what we've provided currently is sufficient, and I just want to confirm you agree. Since it's an internal feature, we're just treating the value as an opaque string, and any special formatting of the string would be done by the caller (including Base64 if needed for Query). This is true for KV as well as Query, and since this can be set specifically for each command/operation, that strategy should be easy to navigate depending on context of use, and then you have the passthrough you need for this without anything getting in the way in between. If that all sounds like what you expect, can you just confirm, so we know we're all set on this?

            Ray Cardillo, Ankit Prabhu, Jeelan Poola, Brett Lawson, I've updated the patch for assumption that SDK does not do any encoding, and only puts given string where it should be in HTTP or MCBP packet.

            avsej Sergey Avseyev added a comment - Ray Cardillo , Ankit Prabhu , Jeelan Poola , Brett Lawson , I've updated the patch for assumption that SDK does not do any encoding, and only puts given string where it should be in HTTP or MCBP packet.
            jeelan.poola Jeelan Poola added a comment -

            Thank you Ray CardilloSergey Avseyev!

            Artem StemkovskiHareen Kancharla Could you please confirm encoding format for 'cb-in-behalf-of' user and domain in http headers? Looking at the code, it appears, they should be base64 encoded. So we are going ahead with the same. Eventing will do the necessary encoding. Thank you!

            jeelan.poola Jeelan Poola added a comment - Thank you Ray Cardillo Sergey Avseyev ! Artem Stemkovski Hareen Kancharla Could you please confirm encoding format for 'cb-in-behalf-of' user and domain in http headers? Looking at the code, it appears, they should be base64 encoded. So we are going ahead with the same. Eventing will do the necessary encoding. Thank you!
            avsej Sergey Avseyev made changes -
            Resolution Fixed [ 1 ]
            Status In Progress [ 3 ] Resolved [ 5 ]

            Build couchbase-server-7.1.0-1450 contains libcouchbase commit ecbde08 with commit message:
            CCBC-1216: implement user impersonation API

            build-team Couchbase Build Team added a comment - Build couchbase-server-7.1.0-1450 contains libcouchbase commit ecbde08 with commit message: CCBC-1216 : implement user impersonation API

            People

              avsej Sergey Avseyev
              brett19 Brett Lawson
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes

                  PagerDuty