Skip to content

Commit 4fd6437

Browse files
lixmallixmal
committed
Move client-imported GPL code to separate package
1 parent c20202a commit 4fd6437

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

51 files changed

+378
-354
lines changed

.github/workflows/check-license-dependencies.yml

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -15,27 +15,28 @@ jobs:
1515
- name: Check for problematic license dependencies
1616
run: |
1717
echo "Checking for dependencies on management/, signal/, and relay/ packages..."
18+
echo ""
1819
1920
# Find all directories except the problematic ones and system dirs
2021
FOUND_ISSUES=0
21-
find . -maxdepth 1 -type d -not -name "." -not -name "management" -not -name "signal" -not -name "relay" -not -name ".git*" | sort | while read dir; do
22+
while IFS= read -r dir; do
2223
echo "=== Checking $dir ==="
2324
# Search for problematic imports, excluding test files
24-
RESULTS=$(grep -r "github.com/netbirdio/netbird/\(management\|signal\|relay\)" "$dir" --include="*.go" | grep -v "_test.go" | grep -v "test_" | grep -v "/test/" || true)
25-
if [ ! -z "$RESULTS" ]; then
25+
RESULTS=$(grep -r "github.com/netbirdio/netbird/\(management\|signal\|relay\)" "$dir" --include="*.go" 2>/dev/null | grep -v "_test.go" | grep -v "test_" | grep -v "/test/" || true)
26+
if [ -n "$RESULTS" ]; then
2627
echo "❌ Found problematic dependencies:"
2728
echo "$RESULTS"
2829
FOUND_ISSUES=1
2930
else
3031
echo "✓ No problematic dependencies found"
3132
fi
32-
done
33+
done < <(find . -maxdepth 1 -type d -not -name "." -not -name "management" -not -name "signal" -not -name "relay" -not -name ".git*" | sort)
34+
35+
echo ""
3336
if [ $FOUND_ISSUES -eq 1 ]; then
34-
echo ""
3537
echo "❌ Found dependencies on management/, signal/, or relay/ packages"
36-
echo "These packages will change license and should not be imported by client or shared code"
38+
echo "These packages are licensed under AGPLv3 and must not be imported by BSD-licensed code"
3739
exit 1
3840
else
39-
echo ""
4041
echo "✅ All license dependencies are clean"
4142
fi

client/ssh/proxy/proxy_test.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ import (
2929
nbssh "github.com/netbirdio/netbird/client/ssh"
3030
"github.com/netbirdio/netbird/client/ssh/server"
3131
"github.com/netbirdio/netbird/client/ssh/testutil"
32-
nbjwt "github.com/netbirdio/netbird/management/server/auth/jwt"
32+
nbjwt "github.com/netbirdio/netbird/shared/auth/jwt"
3333
)
3434

3535
func TestMain(m *testing.M) {

client/ssh/server/jwt_test.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ import (
2626
"github.com/netbirdio/netbird/client/ssh/client"
2727
"github.com/netbirdio/netbird/client/ssh/detection"
2828
"github.com/netbirdio/netbird/client/ssh/testutil"
29-
nbjwt "github.com/netbirdio/netbird/management/server/auth/jwt"
29+
nbjwt "github.com/netbirdio/netbird/shared/auth/jwt"
3030
)
3131

3232
func TestJWTEnforcement(t *testing.T) {

client/ssh/server/server.go

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -20,8 +20,8 @@ import (
2020

2121
"github.com/netbirdio/netbird/client/iface/wgaddr"
2222
"github.com/netbirdio/netbird/client/ssh/detection"
23-
"github.com/netbirdio/netbird/management/server/auth/jwt"
24-
nbcontext "github.com/netbirdio/netbird/management/server/context"
23+
"github.com/netbirdio/netbird/shared/auth"
24+
"github.com/netbirdio/netbird/shared/auth/jwt"
2525
"github.com/netbirdio/netbird/version"
2626
)
2727

@@ -341,7 +341,7 @@ func (s *Server) checkTokenAge(token *gojwt.Token, jwtConfig *JWTConfig) error {
341341
return nil
342342
}
343343

344-
func (s *Server) extractAndValidateUser(token *gojwt.Token) (*nbcontext.UserAuth, error) {
344+
func (s *Server) extractAndValidateUser(token *gojwt.Token) (*auth.UserAuth, error) {
345345
s.mu.RLock()
346346
jwtExtractor := s.jwtExtractor
347347
s.mu.RUnlock()
@@ -364,7 +364,7 @@ func (s *Server) extractAndValidateUser(token *gojwt.Token) (*nbcontext.UserAuth
364364
return &userAuth, nil
365365
}
366366

367-
func (s *Server) hasSSHAccess(userAuth *nbcontext.UserAuth) bool {
367+
func (s *Server) hasSSHAccess(userAuth *auth.UserAuth) bool {
368368
return userAuth.UserId != ""
369369
}
370370

management/server/account.go

Lines changed: 10 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ import (
44
"context"
55
"errors"
66
"fmt"
7+
"github.com/netbirdio/netbird/shared/auth"
78
"math/rand"
89
"net"
910
"net/netip"
@@ -1046,7 +1047,7 @@ func (am *DefaultAccountManager) removeUserFromCache(ctx context.Context, accoun
10461047
}
10471048

10481049
// updateAccountDomainAttributesIfNotUpToDate updates the account domain attributes if they are not up to date and then, saves the account changes
1049-
func (am *DefaultAccountManager) updateAccountDomainAttributesIfNotUpToDate(ctx context.Context, accountID string, userAuth nbcontext.UserAuth,
1050+
func (am *DefaultAccountManager) updateAccountDomainAttributesIfNotUpToDate(ctx context.Context, accountID string, userAuth auth.UserAuth,
10501051
primaryDomain bool,
10511052
) error {
10521053
if userAuth.Domain == "" {
@@ -1095,7 +1096,7 @@ func (am *DefaultAccountManager) handleExistingUserAccount(
10951096
ctx context.Context,
10961097
userAccountID string,
10971098
domainAccountID string,
1098-
userAuth nbcontext.UserAuth,
1099+
userAuth auth.UserAuth,
10991100
) error {
11001101
primaryDomain := domainAccountID == "" || userAccountID == domainAccountID
11011102
err := am.updateAccountDomainAttributesIfNotUpToDate(ctx, userAccountID, userAuth, primaryDomain)
@@ -1114,7 +1115,7 @@ func (am *DefaultAccountManager) handleExistingUserAccount(
11141115

11151116
// addNewPrivateAccount validates if there is an existing primary account for the domain, if so it adds the new user to that account,
11161117
// otherwise it will create a new account and make it primary account for the domain.
1117-
func (am *DefaultAccountManager) addNewPrivateAccount(ctx context.Context, domainAccountID string, userAuth nbcontext.UserAuth) (string, error) {
1118+
func (am *DefaultAccountManager) addNewPrivateAccount(ctx context.Context, domainAccountID string, userAuth auth.UserAuth) (string, error) {
11181119
if userAuth.UserId == "" {
11191120
return "", fmt.Errorf("user ID is empty")
11201121
}
@@ -1145,7 +1146,7 @@ func (am *DefaultAccountManager) addNewPrivateAccount(ctx context.Context, domai
11451146
return newAccount.Id, nil
11461147
}
11471148

1148-
func (am *DefaultAccountManager) addNewUserToDomainAccount(ctx context.Context, domainAccountID string, userAuth nbcontext.UserAuth) (string, error) {
1149+
func (am *DefaultAccountManager) addNewUserToDomainAccount(ctx context.Context, domainAccountID string, userAuth auth.UserAuth) (string, error) {
11491150
newUser := types.NewRegularUser(userAuth.UserId)
11501151
newUser.AccountID = domainAccountID
11511152

@@ -1309,7 +1310,7 @@ func (am *DefaultAccountManager) UpdateAccountOnboarding(ctx context.Context, ac
13091310
return newOnboarding, nil
13101311
}
13111312

1312-
func (am *DefaultAccountManager) GetAccountIDFromUserAuth(ctx context.Context, userAuth nbcontext.UserAuth) (string, string, error) {
1313+
func (am *DefaultAccountManager) GetAccountIDFromUserAuth(ctx context.Context, userAuth auth.UserAuth) (string, string, error) {
13131314
if userAuth.UserId == "" {
13141315
return "", "", errors.New(emptyUserID)
13151316
}
@@ -1353,7 +1354,7 @@ func (am *DefaultAccountManager) GetAccountIDFromUserAuth(ctx context.Context, u
13531354
// syncJWTGroups processes the JWT groups for a user, updates the account based on the groups,
13541355
// and propagates changes to peers if group propagation is enabled.
13551356
// requires userAuth to have been ValidateAndParseToken and EnsureUserAccessByJWTGroups by the AuthManager
1356-
func (am *DefaultAccountManager) SyncUserJWTGroups(ctx context.Context, userAuth nbcontext.UserAuth) error {
1357+
func (am *DefaultAccountManager) SyncUserJWTGroups(ctx context.Context, userAuth auth.UserAuth) error {
13571358
if userAuth.IsChild || userAuth.IsPAT {
13581359
return nil
13591360
}
@@ -1511,7 +1512,7 @@ func (am *DefaultAccountManager) SyncUserJWTGroups(ctx context.Context, userAuth
15111512
// Existing user + Existing account + Existing domain reclassified Domain as private -> Nothing changes (index domain)
15121513
//
15131514
// UserAuth IsChild -> checks that account exists
1514-
func (am *DefaultAccountManager) getAccountIDWithAuthorizationClaims(ctx context.Context, userAuth nbcontext.UserAuth) (string, error) {
1515+
func (am *DefaultAccountManager) getAccountIDWithAuthorizationClaims(ctx context.Context, userAuth auth.UserAuth) (string, error) {
15151516
log.WithContext(ctx).Tracef("getting account with authorization claims. User ID: \"%s\", Account ID: \"%s\", Domain: \"%s\", Domain Category: \"%s\"",
15161517
userAuth.UserId, userAuth.AccountId, userAuth.Domain, userAuth.DomainCategory)
15171518

@@ -1590,7 +1591,7 @@ func (am *DefaultAccountManager) getPrivateDomainWithGlobalLock(ctx context.Cont
15901591
return domainAccountID, cancel, nil
15911592
}
15921593

1593-
func (am *DefaultAccountManager) handlePrivateAccountWithIDFromClaim(ctx context.Context, userAuth nbcontext.UserAuth) (string, error) {
1594+
func (am *DefaultAccountManager) handlePrivateAccountWithIDFromClaim(ctx context.Context, userAuth auth.UserAuth) (string, error) {
15941595
userAccountID, err := am.Store.GetAccountIDByUserID(ctx, store.LockingStrengthNone, userAuth.UserId)
15951596
if err != nil {
15961597
log.WithContext(ctx).Errorf("error getting account ID by user ID: %v", err)
@@ -1638,7 +1639,7 @@ func handleNotFound(err error) error {
16381639
return nil
16391640
}
16401641

1641-
func domainIsUpToDate(domain string, domainCategory string, userAuth nbcontext.UserAuth) bool {
1642+
func domainIsUpToDate(domain string, domainCategory string, userAuth auth.UserAuth) bool {
16421643
return domainCategory == types.PrivateCategory || userAuth.DomainCategory != types.PrivateCategory || domain != userAuth.Domain
16431644
}
16441645

management/server/account/manager.go

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -2,14 +2,14 @@ package account
22

33
import (
44
"context"
5+
"github.com/netbirdio/netbird/shared/auth"
56
"net"
67
"net/netip"
78
"time"
89

910
nbdns "github.com/netbirdio/netbird/dns"
1011
"github.com/netbirdio/netbird/management/server/activity"
1112
nbcache "github.com/netbirdio/netbird/management/server/cache"
12-
nbcontext "github.com/netbirdio/netbird/management/server/context"
1313
"github.com/netbirdio/netbird/management/server/idp"
1414
nbpeer "github.com/netbirdio/netbird/management/server/peer"
1515
"github.com/netbirdio/netbird/management/server/peers/ephemeral"
@@ -45,10 +45,10 @@ type Manager interface {
4545
GetAccountOnboarding(ctx context.Context, accountID string, userID string) (*types.AccountOnboarding, error)
4646
AccountExists(ctx context.Context, accountID string) (bool, error)
4747
GetAccountIDByUserID(ctx context.Context, userID, domain string) (string, error)
48-
GetAccountIDFromUserAuth(ctx context.Context, userAuth nbcontext.UserAuth) (string, string, error)
48+
GetAccountIDFromUserAuth(ctx context.Context, userAuth auth.UserAuth) (string, string, error)
4949
DeleteAccount(ctx context.Context, accountID, userID string) error
5050
GetUserByID(ctx context.Context, id string) (*types.User, error)
51-
GetUserFromUserAuth(ctx context.Context, userAuth nbcontext.UserAuth) (*types.User, error)
51+
GetUserFromUserAuth(ctx context.Context, userAuth auth.UserAuth) (*types.User, error)
5252
ListUsers(ctx context.Context, accountID string) ([]*types.User, error)
5353
GetPeers(ctx context.Context, accountID, userID, nameFilter, ipFilter string) ([]*nbpeer.Peer, error)
5454
MarkPeerConnected(ctx context.Context, peerKey string, connected bool, realIP net.IP, accountID string) error
@@ -120,12 +120,12 @@ type Manager interface {
120120
UpdateAccountPeers(ctx context.Context, accountID string)
121121
BufferUpdateAccountPeers(ctx context.Context, accountID string)
122122
BuildUserInfosForAccount(ctx context.Context, accountID, initiatorUserID string, accountUsers []*types.User) (map[string]*types.UserInfo, error)
123-
SyncUserJWTGroups(ctx context.Context, userAuth nbcontext.UserAuth) error
123+
SyncUserJWTGroups(ctx context.Context, userAuth auth.UserAuth) error
124124
GetStore() store.Store
125125
GetOrCreateAccountByPrivateDomain(ctx context.Context, initiatorId, domain string) (*types.Account, bool, error)
126126
UpdateToPrimaryAccount(ctx context.Context, accountId string) error
127127
GetOwnerInfo(ctx context.Context, accountId string) (*types.UserInfo, error)
128-
GetCurrentUserInfo(ctx context.Context, userAuth nbcontext.UserAuth) (*users.UserInfoWithPermissions, error)
128+
GetCurrentUserInfo(ctx context.Context, userAuth auth.UserAuth) (*users.UserInfoWithPermissions, error)
129129
SetEphemeralManager(em ephemeral.Manager)
130130
AllowSync(string, uint64) bool
131131
}

0 commit comments

Comments
 (0)