[FAB-10568] Identity Config refactoring

- decoupled endpoint config from identity config
- identity config should unmarshal its own entities, no need to rely on endpoint config
dictionary based search
- preloading CA configs
- return (entity, bool) for search functions
- return entity only for preloaded entitities

TODO: Client & CertificateAuthorities to be removed from NetworkConfig

Change-Id: Ia53ea227a2bfcdbbf9dec241e7038e3b31f14fca
Signed-off-by: Sudesh Shetty <sudesh.shetty@securekey.com>

Author: sudeshrshetty

pkg/client/msp/client.go

@@ -80,11 +80,7 @@ func New(clientProvider context.ClientProvider, opts ...ClientOption) (*Client,
 	}
 
 	if msp.orgName == "" {
-		clientConfig, err := ctx.IdentityConfig().Client()
-		if err != nil {
-			return nil, errors.WithMessage(err, "failed to create Client")
-		}
-		msp.orgName = clientConfig.Organization
+		msp.orgName = ctx.IdentityConfig().Client().Organization
 	}
 	if msp.orgName == "" {
 		return nil, errors.New("organization is not provided")

pkg/common/providers/fab/network.go

@@ -14,14 +14,16 @@ import (
 
 // NetworkConfig provides a static definition of a Hyperledger Fabric network
 type NetworkConfig struct {
-	Name                   string
-	Description            string
-	Version                string
-	Client                 msp.ClientConfig
-	Channels               map[string]ChannelNetworkConfig
-	Organizations          map[string]OrganizationConfig
-	Orderers               map[string]OrdererConfig
-	Peers                  map[string]PeerConfig
+	Name        string
+	Description string
+	Version     string
+	//TODO to be removed, no apparent reason to expose it in network config
+	Client        msp.ClientConfig
+	Channels      map[string]ChannelNetworkConfig
+	Organizations map[string]OrganizationConfig
+	Orderers      map[string]OrdererConfig
+	Peers         map[string]PeerConfig
+	//TODO to be removed, no apparent reason to expose it in network config
 	CertificateAuthorities map[string]msp.CAConfig
 }
 

pkg/common/providers/msp/provider.go

@@ -25,11 +25,11 @@ type IdentityManagerProvider interface {
 
 //IdentityConfig contains identity configurations
 type IdentityConfig interface {
-	Client() (*ClientConfig, error)
-	CAConfig(org string) (*CAConfig, error)
-	CAServerCerts(org string) ([][]byte, error)
-	CAClientKey(org string) ([]byte, error)
-	CAClientCert(org string) ([]byte, error)
+	Client() *ClientConfig
+	CAConfig(org string) (*CAConfig, bool)
+	CAServerCerts(org string) ([][]byte, bool)
+	CAClientKey(org string) ([]byte, bool)
+	CAClientCert(org string) ([]byte, bool)
 	CAKeyStorePath() string
 	CredentialStorePath() string
 }

pkg/common/providers/test/mockmsp/mockmsp.gen.go

@@ -435,6 +435,7 @@ func (c *EndpointConfig) loadNetworkConfiguration() error {
 	networkConfig.Description = c.backend.GetString("description")
 	networkConfig.Version = c.backend.GetString("version")
 
+	//TODO: to be removed from NetworkConfig, to be used only in identity Config
 	err := c.backend.UnmarshalKey("client", &networkConfig.Client)
 	logger.Debugf("Client is: %+v", networkConfig.Client)
 	if err != nil {
@@ -465,6 +466,7 @@ func (c *EndpointConfig) loadNetworkConfiguration() error {
 		return errors.WithMessage(err, "failed to parse 'peers' config item to networkConfig.Peers type")
 	}
 
+	//TODO: to be removed from NetworkConfig, to be used only in identity Config
 	err = c.backend.UnmarshalKey("certificateAuthorities", &networkConfig.CertificateAuthorities)
 	logger.Debugf("certificateAuthorities are: %+v", networkConfig.CertificateAuthorities)
 	if err != nil {

pkg/fab/endpointconfig.go

@@ -1249,6 +1249,38 @@ func TestEndpointConfigWithMultipleBackends(t *testing.T) {
 
 }
 
+func TestCAConfig(t *testing.T) {
+	//Test config
+	backend, err := config.FromFile(configTestFilePath)()
+	if err != nil {
+		t.Fatal("Failed to get config backend")
+	}
+
+	endpointConfig, err := ConfigFromBackend(backend...)
+	if err != nil {
+		t.Fatal("Failed to get identity config")
+	}
+
+	//Test Crypto config path
+
+	val, ok := backend[0].Lookup("client.cryptoconfig.path")
+	if !ok || val == nil {
+		t.Fatal("expected valid value")
+	}
+
+	assert.True(t, pathvar.Subst(val.(string)) == endpointConfig.CryptoConfigPath(), "Incorrect crypto config path", t)
+
+	//Testing MSPID
+	mspID, ok := comm.MSPID(endpointConfig, org1)
+	assert.True(t, ok, "Get MSP ID failed")
+	assert.True(t, mspID == "Org1MSP", "Get MSP ID failed")
+
+	// testing empty OrgMSP
+	_, ok = comm.MSPID(endpointConfig, "dummyorg1")
+	assert.False(t, ok, "Get MSP ID did not fail for dummyorg1")
+
+}
+
 func TestNetworkPeers(t *testing.T) {
 
 	endpointConfig, err := ConfigFromBackend(configBackend)

pkg/fab/endpointconfig_test.go

@@ -62,7 +62,7 @@ func NewMockIdentityConfigCustomized(tlsEnabled, mutualTLSEnabled, errorCase boo
 }
 
 // Client ...
-func (c *MockConfig) Client() (*msp.ClientConfig, error) {
+func (c *MockConfig) Client() *msp.ClientConfig {
 	clientConfig := msp.ClientConfig{}
 
 	clientConfig.CredentialStore = msp.CredentialStoreType{
@@ -86,31 +86,31 @@ func (c *MockConfig) Client() (*msp.ClientConfig, error) {
 		clientConfig.TLSCerts = mutualTLSCerts
 	}
 
-	return &clientConfig, nil
+	return &clientConfig
 }
 
 // CAConfig not implemented
-func (c *MockConfig) CAConfig(org string) (*msp.CAConfig, error) {
+func (c *MockConfig) CAConfig(org string) (*msp.CAConfig, bool) {
 	caConfig := msp.CAConfig{
 		CAName: "org1",
 	}
 
-	return &caConfig, nil
+	return &caConfig, true
 }
 
 //CAServerCerts Read configuration option for the server certificates for given org
-func (c *MockConfig) CAServerCerts(org string) ([][]byte, error) {
-	return nil, nil
+func (c *MockConfig) CAServerCerts(org string) ([][]byte, bool) {
+	return nil, false
 }
 
 //CAClientKey Read configuration option for the fabric CA client key for given org
-func (c *MockConfig) CAClientKey(org string) ([]byte, error) {
-	return nil, nil
+func (c *MockConfig) CAClientKey(org string) ([]byte, bool) {
+	return nil, false
 }
 
 //CAClientCert Read configuration option for the fabric CA client cert for given org
-func (c *MockConfig) CAClientCert(org string) ([]byte, error) {
-	return nil, nil
+func (c *MockConfig) CAClientCert(org string) ([]byte, bool) {
+	return nil, false
 }
 
 //Timeout not implemented

pkg/fab/mocks/mockconfig.go

@@ -48,14 +48,9 @@ func WithOrg(org string) ContextOption {
 // don't include neither username nor identity
 var ErrAnonymousIdentity = errors.New("missing credentials")
 
-func (sdk *FabricSDK) newIdentity(options ...ContextOption) (msp.SigningIdentity, error) { //nolint
-	clientConfig, err := sdk.provider.IdentityConfig().Client()
-	if err != nil {
-		return nil, errors.WithMessage(err, "retrieving client configuration failed")
-	}
-
+func (sdk *FabricSDK) newIdentity(options ...ContextOption) (msp.SigningIdentity, error) {
 	opts := identityOptions{
-		orgName: clientConfig.Organization,
+		orgName: sdk.provider.IdentityConfig().Client().Organization,
 	}
 
 	for _, option := range options {

pkg/fabsdk/context.go

@@ -392,7 +392,7 @@ func (sdk *FabricSDK) loadConfigs(configProvider core.ConfigProvider) (*configs,
 	}
 
 	// load identity config
-	c.identityConfig, err = sdk.loadIdentityConfig(c.endpointConfig, configBackend...)
+	c.identityConfig, err = sdk.loadIdentityConfig(configBackend...)
 	if err != nil {
 		return nil, errors.WithMessage(err, "unalbe to load identity config")
 	}
@@ -448,11 +448,11 @@ func (sdk *FabricSDK) loadCryptoConfig(configBackend ...core.ConfigBackend) (cor
 	return cryptoConfigOpt, nil
 }
 
-func (sdk *FabricSDK) loadIdentityConfig(endpointConfig fab.EndpointConfig, configBackend ...core.ConfigBackend) (msp.IdentityConfig, error) {
+func (sdk *FabricSDK) loadIdentityConfig(configBackend ...core.ConfigBackend) (msp.IdentityConfig, error) {
 	identityConfigOpt, ok := sdk.opts.IdentityConfig.(*mspImpl.IdentityConfigOptions)
 
 	if sdk.opts.IdentityConfig == nil || (ok && !mspImpl.IsIdentityConfigFullyOverridden(identityConfigOpt)) {
-		defIdentityConfig, err := mspImpl.ConfigFromEndpointConfig(endpointConfig, configBackend...)
+		defIdentityConfig, err := mspImpl.ConfigFromBackend(configBackend...)
 		if err != nil {
 			return nil, errors.WithMessage(err, "failed to initialize identity config from config backend")
 		}

pkg/fabsdk/fabsdk.go

@@ -138,10 +138,7 @@ func checkClientOrg(configBackend core.ConfigBackend, t *testing.T, orgName stri
 	if err != nil {
 		t.Fatalf("Error getting identity config : %s", err)
 	}
-	client, err := identityConfig.Client()
-	if err != nil {
-		t.Fatalf("Error getting client from config: %s", err)
-	}
+	client := identityConfig.Client()
 	if client.Organization != orgName {
 		t.Fatalf("Unexpected org in config: %s", client.Organization)
 	}