add e2e tests for v1 config (#3608)

pkg/auth/auth.go

@@ -31,9 +31,9 @@ type Setter interface {
 func NewAuthSetter(cfg v1.AuthClientConfig) (authProvider Setter) {
 	switch cfg.Method {
 	case consts.TokenAuthMethod:
-		authProvider = NewTokenAuth(cfg.AdditionalAuthScopes, cfg.Token)
+		authProvider = NewTokenAuth(cfg.AdditionalScopes, cfg.Token)
 	case consts.OidcAuthMethod:
-		authProvider = NewOidcAuthSetter(cfg.AdditionalAuthScopes, cfg.OIDC)
+		authProvider = NewOidcAuthSetter(cfg.AdditionalScopes, cfg.OIDC)
 	default:
 		panic(fmt.Sprintf("wrong method: '%s'", cfg.Method))
 	}
@@ -49,9 +49,9 @@ type Verifier interface {
 func NewAuthVerifier(cfg v1.AuthServerConfig) (authVerifier Verifier) {
 	switch cfg.Method {
 	case consts.TokenAuthMethod:
-		authVerifier = NewTokenAuth(cfg.AdditionalAuthScopes, cfg.Token)
+		authVerifier = NewTokenAuth(cfg.AdditionalScopes, cfg.Token)
 	case consts.OidcAuthMethod:
-		authVerifier = NewOidcAuthVerifier(cfg.AdditionalAuthScopes, cfg.OIDC)
+		authVerifier = NewOidcAuthVerifier(cfg.AdditionalScopes, cfg.OIDC)
 	}
 	return authVerifier
 }

pkg/config/legacy/conversion.go

@@ -29,10 +29,10 @@ func Convert_ClientCommonConf_To_v1(conf *ClientCommonConf) *v1.ClientCommonConf
 	out.Auth.Method = conf.ClientConfig.AuthenticationMethod
 	out.Auth.Token = conf.ClientConfig.Token
 	if conf.ClientConfig.AuthenticateHeartBeats {
-		out.Auth.AdditionalAuthScopes = append(out.Auth.AdditionalAuthScopes, v1.AuthScopeHeartBeats)
+		out.Auth.AdditionalScopes = append(out.Auth.AdditionalScopes, v1.AuthScopeHeartBeats)
 	}
 	if conf.ClientConfig.AuthenticateNewWorkConns {
-		out.Auth.AdditionalAuthScopes = append(out.Auth.AdditionalAuthScopes, v1.AuthScopeNewWorkConns)
+		out.Auth.AdditionalScopes = append(out.Auth.AdditionalScopes, v1.AuthScopeNewWorkConns)
 	}
 	out.Auth.OIDC.ClientID = conf.ClientConfig.OidcClientID
 	out.Auth.OIDC.ClientSecret = conf.ClientConfig.OidcClientSecret
@@ -89,10 +89,10 @@ func Convert_ServerCommonConf_To_v1(conf *ServerCommonConf) *v1.ServerConfig {
 	out.Auth.Method = conf.ServerConfig.AuthenticationMethod
 	out.Auth.Token = conf.ServerConfig.Token
 	if conf.ServerConfig.AuthenticateHeartBeats {
-		out.Auth.AdditionalAuthScopes = append(out.Auth.AdditionalAuthScopes, v1.AuthScopeHeartBeats)
+		out.Auth.AdditionalScopes = append(out.Auth.AdditionalScopes, v1.AuthScopeHeartBeats)
 	}
 	if conf.ServerConfig.AuthenticateNewWorkConns {
-		out.Auth.AdditionalAuthScopes = append(out.Auth.AdditionalAuthScopes, v1.AuthScopeNewWorkConns)
+		out.Auth.AdditionalScopes = append(out.Auth.AdditionalScopes, v1.AuthScopeNewWorkConns)
 	}
 	out.Auth.OIDC.Audience = conf.ServerConfig.OidcAudience
 	out.Auth.OIDC.Issuer = conf.ServerConfig.OidcIssuer
@@ -146,12 +146,12 @@ func Convert_ServerCommonConf_To_v1(conf *ServerCommonConf) *v1.ServerConfig {
 	out.Transport.MaxPoolCount = conf.MaxPoolCount
 	out.Transport.HeartbeatTimeout = conf.HeartbeatTimeout
 
-	out.MaxPortsPerClient = conf.MaxPortsPerClient
+	out.Transport.TLS.Force = conf.TLSOnly
+	out.Transport.TLS.CertFile = conf.TLSCertFile
+	out.Transport.TLS.KeyFile = conf.TLSKeyFile
+	out.Transport.TLS.TrustedCaFile = conf.TLSTrustedCaFile
 
-	out.TLS.Force = conf.TLSOnly
-	out.TLS.CertFile = conf.TLSCertFile
-	out.TLS.KeyFile = conf.TLSKeyFile
-	out.TLS.TrustedCaFile = conf.TLSTrustedCaFile
+	out.MaxPortsPerClient = conf.MaxPortsPerClient
 
 	for _, v := range conf.HTTPPlugins {
 		out.HTTPPlugins = append(out.HTTPPlugins, v1.HTTPPluginOptions{

pkg/config/load.go

@@ -23,7 +23,7 @@ import (
 	"path/filepath"
 	"strings"
 
-	"github.com/BurntSushi/toml"
+	toml "github.com/pelletier/go-toml/v2"
 	"github.com/samber/lo"
 	"gopkg.in/ini.v1"
 	"k8s.io/apimachinery/pkg/util/sets"
@@ -119,7 +119,6 @@ func LoadConfigure(b []byte, c any) error {
 			return err
 		}
 	}
-
 	decoder := yaml.NewYAMLOrJSONDecoder(bytes.NewBuffer(b), 4096)
 	return decoder.Decode(c)
 }

pkg/config/v1/client.go

@@ -168,7 +168,7 @@ type AuthClientConfig struct {
 	Method string `json:"method,omitempty"`
 	// Specify whether to include auth info in additional scope.
 	// Current supported scopes are: "HeartBeats", "NewWorkConns".
-	AdditionalAuthScopes []AuthScope `json:"additionalAuthScopes,omitempty"`
+	AdditionalScopes []AuthScope `json:"additionalScopes,omitempty"`
 	// Token specifies the authorization token used to create keys to be sent
 	// to the server. The server must have a matching token for authorization
 	// to succeed.  By default, this value is "".

pkg/config/v1/plugin.go

@@ -46,10 +46,11 @@ func (c *TypedClientPluginOptions) UnmarshalJSON(b []byte) error {
 	if !ok {
 		return fmt.Errorf("unknown plugin type: %s", typeStruct.Type)
 	}
-	if err := json.Unmarshal(b, v); err != nil {
+	options := reflect.New(v).Interface().(ClientPluginOptions)
+	if err := json.Unmarshal(b, options); err != nil {
 		return err
 	}
-	c.ClientPluginOptions = v
+	c.ClientPluginOptions = options
 	return nil
 }
 

pkg/config/v1/server.go

@@ -76,8 +76,6 @@ type ServerConfig struct {
 
 	Transport ServerTransportConfig `json:"transport,omitempty"`
 
-	TLS TLSServerConfig `json:"tls,omitempty"`
-
 	// DetailedErrorsToClient defines whether to send the specific error (with
 	// debug info) to frpc. By default, this value is true.
 	DetailedErrorsToClient *bool `json:"detailedErrorsToClient,omitempty"`
@@ -109,9 +107,6 @@ func (c *ServerConfig) Complete() {
 	if c.ProxyBindAddr == "" {
 		c.ProxyBindAddr = c.BindAddr
 	}
-	if c.TLS.TrustedCaFile != "" {
-		c.TLS.Force = true
-	}
 
 	if c.WebServer.Port > 0 {
 		c.WebServer.Addr = util.EmptyOr(c.WebServer.Addr, "0.0.0.0")
@@ -125,10 +120,10 @@ func (c *ServerConfig) Complete() {
 }
 
 type AuthServerConfig struct {
-	Method               string               `json:"method,omitempty"`
-	AdditionalAuthScopes []AuthScope          `json:"additionalAuthScopes,omitempty"`
-	Token                string               `json:"token,omitempty"`
-	OIDC                 AuthOIDCServerConfig `json:"oidc,omitempty"`
+	Method           string               `json:"method,omitempty"`
+	AdditionalScopes []AuthScope          `json:"additionalScopes,omitempty"`
+	Token            string               `json:"token,omitempty"`
+	OIDC             AuthOIDCServerConfig `json:"oidc,omitempty"`
 }
 
 func (c *AuthServerConfig) Complete() {
@@ -171,6 +166,8 @@ type ServerTransportConfig struct {
 	HeartbeatTimeout int64 `json:"heartbeatTimeout,omitempty"`
 	// QUIC options.
 	QUIC QUICOptions `json:"quic,omitempty"`
+	// TLS specifies TLS settings for the connection from the client.
+	TLS TLSServerConfig `json:"tls,omitempty"`
 }
 
 func (c *ServerTransportConfig) Complete() {
@@ -180,6 +177,9 @@ func (c *ServerTransportConfig) Complete() {
 	c.MaxPoolCount = util.EmptyOr(c.MaxPoolCount, 5)
 	c.HeartbeatTimeout = util.EmptyOr(c.HeartbeatTimeout, 90)
 	c.QUIC.Complete()
+	if c.TLS.TrustedCaFile != "" {
+		c.TLS.Force = true
+	}
 }
 
 type TLSServerConfig struct {

pkg/config/v1/validation/client.go

@@ -71,7 +71,7 @@ func ValidateAllClientConfig(c *v1.ClientCommonConfig, pxyCfgs []v1.ProxyConfigu
 		warning, err := ValidateClientCommonConfig(c)
 		warnings = AppendError(warnings, warning)
 		if err != nil {
-			return err, warnings
+			return warnings, err
 		}
 	}
 

pkg/config/v1/visitor.go

@@ -35,7 +35,7 @@ type VisitorBaseConfig struct {
 	Name      string           `json:"name"`
 	Type      string           `json:"type"`
 	Transport VisitorTransport `json:"transport,omitempty"`
-	SecretKey string           `json:"sk,omitempty"`
+	SecretKey string           `json:"secretKey,omitempty"`
 	// if the server user is not set, it defaults to the current user
 	ServerUser string `json:"serverUser,omitempty"`
 	ServerName string `json:"serverName,omitempty"`

pkg/plugin/client/plugin.go

@@ -32,6 +32,9 @@ var creators = make(map[string]CreatorFn)
 type CreatorFn func(options v1.ClientPluginOptions) (Plugin, error)
 
 func Register(name string, fn CreatorFn) {
+	if _, exist := creators[name]; exist {
+		panic(fmt.Sprintf("plugin [%s] is already registered", name))
+	}
 	creators[name] = fn
 }