feat: add middleware components to cli too

Signed-off-by: Samantha Coyle <[email protected]>

.build-tools/cmd/cmd-check-component-registrations.go

@@ -55,8 +55,7 @@ This is a required step before an official Dapr release.`,
 		checkLockComponents()
 		checkCryptographyComponents()
 		checkNameResolutionComponents()
-
-		// TODO: name resolution, middleware
+		checkMiddlewareComponents()
 
 		fmt.Println("\nCheck completed!")
 	},
@@ -125,8 +124,16 @@ func checkCryptographyComponents() {
 
 func checkNameResolutionComponents() {
 	fmt.Println("\nChecking name resolution components...")
-	ignoreDaprComponents := []string{}
-	checkComponents("nameresolution", ignoreDaprComponents, []string{})
+	checkComponents("nameresolution", []string{}, []string{})
+}
+
+func checkMiddlewareComponents() {
+	fmt.Println("\nChecking middleware components...")
+	// uppercase is a component only in runtime which doesn't make sense give the nameresolution components have no real metadata of their own for the most part;
+	// however, it's definition is only in runtime and not in contrib so we must ignore it.
+	ignoreDaprComponents := []string{"uppercase"}
+	ignoreContribComponents := []string{}
+	checkComponents("middleware", ignoreDaprComponents, ignoreContribComponents)
 }
 
 // Note: because this cli cmd changes to the working directory to the root of the repo so pathing is relative to that.
@@ -190,49 +197,58 @@ func checkComponents(componentType string, ignoreDaprComponents []string, ignore
 	reportResults(missingRegistrations, missingBuildTags, missingMetadata, componentType)
 }
 
+func getRegistryPath(componentType string) string {
+	if componentType == "middleware" {
+		return fmt.Sprintf("../dapr/pkg/components/%s/http/registry.go", componentType)
+	}
+	return fmt.Sprintf("../dapr/pkg/components/%s/registry.go", componentType)
+}
+
 func checkRegistry(componentType string) error {
+	registryPath := getRegistryPath(componentType)
+
 	// Check for default registry singleton
-	registryCmd := exec.Command("grep", "-r", `var DefaultRegistry \*Registry = NewRegistry\(\)`, fmt.Sprintf("../dapr/pkg/components/%s/registry.go", componentType))
+	registryCmd := exec.Command("grep", "-r", `var DefaultRegistry \*Registry = NewRegistry\(\)`, registryPath)
 	_, err := registryCmd.Output()
 	if err != nil {
 		return fmt.Errorf("could not find default registry: %v", err)
 	}
 
 	// Check for RegisterComponent()
 	if componentType != "bindings" {
-		registerComponentCmd := exec.Command("grep", "-r", `Registry) RegisterComponent(componentFactory`, fmt.Sprintf("../dapr/pkg/components/%s/registry.go", componentType))
-		_, err = registerComponentCmd.Output()
+		registerComponentCmd := exec.Command("grep", "-r", `Registry) RegisterComponent(componentFactory`, registryPath)
+		_, err := registerComponentCmd.Output()
 		if err != nil {
 			return fmt.Errorf("could not find RegisterComponent method: %v", err)
 		}
 
 		// Check for Create()
-		createCmd := exec.Command("grep", "-r", `Registry) Create(name, version, logName string)`, fmt.Sprintf("../dapr/pkg/components/%s/registry.go", componentType))
+		createCmd := exec.Command("grep", "-r", `Registry) Create(name, version`, registryPath)
 		_, err = createCmd.Output()
 		if err != nil {
 			return fmt.Errorf("could not find Create method: %v", err)
 		}
 	} else {
-		registerInputBindingCmd := exec.Command("grep", "-r", `Registry) RegisterInputBinding(componentFactory func(logger.Logger)`, fmt.Sprintf("../dapr/pkg/components/%s/registry.go", componentType))
-		_, err = registerInputBindingCmd.Output()
+		registerInputBindingCmd := exec.Command("grep", "-r", `Registry) RegisterInputBinding(componentFactory func(logger.Logger)`, registryPath)
+		_, err := registerInputBindingCmd.Output()
 		if err != nil {
 			return fmt.Errorf("could not find registerInputBindingCmd method: %v", err)
 		}
 
-		registerOutputBindingCmd := exec.Command("grep", "-r", `Registry) RegisterOutputBinding(componentFactory func(logger.Logger)`, fmt.Sprintf("../dapr/pkg/components/%s/registry.go", componentType))
+		registerOutputBindingCmd := exec.Command("grep", "-r", `Registry) RegisterOutputBinding(componentFactory func(logger.Logger)`, registryPath)
 		_, err = registerOutputBindingCmd.Output()
 		if err != nil {
 			return fmt.Errorf("could not find registerOutputBindingCmd method: %v", err)
 		}
 
 		// Check for Creates
-		createInputBindingCmd := exec.Command("grep", "-r", `Registry) CreateInputBinding(name, version, logName string)`, fmt.Sprintf("../dapr/pkg/components/%s/registry.go", componentType))
+		createInputBindingCmd := exec.Command("grep", "-r", `Registry) CreateInputBinding(name, version, logName string)`, registryPath)
 		_, err = createInputBindingCmd.Output()
 		if err != nil {
 			return fmt.Errorf("could not find CreateInputBinding method: %v", err)
 		}
 
-		createOutputBindingCmd := exec.Command("grep", "-r", `Registry) CreateOutputBinding(name, version, logName string)`, fmt.Sprintf("../dapr/pkg/components/%s/registry.go", componentType))
+		createOutputBindingCmd := exec.Command("grep", "-r", `Registry) CreateOutputBinding(name, version, logName string)`, registryPath)
 		_, err = createOutputBindingCmd.Output()
 		if err != nil {
 			return fmt.Errorf("could not find CreateInputBinding method: %v", err)
@@ -256,6 +272,8 @@ func findComponentsInBothRepos(componentType string, ignoreContribComponents []s
 		excludeFiles = []string{"--exclude=client.go"}
 	case "cryptography":
 		excludeFiles = []string{"--exclude=key.go", "--exclude=pubkey_cache.go"}
+	case "middleware":
+		excludeFiles = []string{"--exclude=mock*"}
 	default:
 		excludeFiles = []string{}
 	}
@@ -274,7 +292,13 @@ func findComponentsInBothRepos(componentType string, ignoreContribComponents []s
 	// Find all registered components in dapr/dapr
 	var registeredOutput []byte
 	if componentType != "bindings" {
-		registeredCmd := exec.Command("sh", "-c", fmt.Sprintf(`grep -r "RegisterComponent" ../dapr/cmd/daprd/components/%s_*.go`, componentType))
+		var searchPattern string
+		if componentType == "middleware" {
+			searchPattern = "../dapr/cmd/daprd/components/middleware_http_*.go"
+		} else {
+			searchPattern = fmt.Sprintf("../dapr/cmd/daprd/components/%s_*.go", componentType)
+		}
+		registeredCmd := exec.Command("sh", "-c", fmt.Sprintf(`grep -r "RegisterComponent" %s`, searchPattern))
 		registeredOutput, err = registeredCmd.Output()
 		if err != nil {
 			return nil, nil, fmt.Errorf("could not find all registered components in dapr/dapr: %v", err)
@@ -376,7 +400,9 @@ func normalizeComponentName(contrib string) string {
 	}
 
 	parts := strings.Split(contrib, ".")
-	vendorPrefixes := []string{"hashicorp", "aws", "azure", "gcp", "alicloud", "oci", "cloudflare", "ibm", "tencentcloud", "huaweicloud", "twilio"}
+	// Note: I am putting http as a vendor prefix, but that should be removed and all http middleware components should be http.blah bc
+	// in future we could add grpc middleware components.
+	vendorPrefixes := []string{"hashicorp", "aws", "azure", "gcp", "alicloud", "oci", "cloudflare", "ibm", "tencentcloud", "huaweicloud", "twilio", "http"}
 	versionSuffixes := []string{"v1", "v2", "internal"}
 
 	// Handle 2-part names (vendor.component)
@@ -447,6 +473,12 @@ func checkMetadataFile(contrib, componentType string) error {
 }
 
 func getMetadataFilePath(contrib, componentType string) string {
+	// Special handling for HTTP middleware components
+	// The metadata files are located at middleware/http/componentname/metadata.yaml
+	if componentType == "middleware" {
+		return fmt.Sprintf("%s/http/%s/metadata.yaml", componentType, contrib)
+	}
+
 	if strings.Contains(contrib, ".") {
 		// For nested components like "aws.bedrock", split and join with "/"
 		parts := strings.Split(contrib, ".")
@@ -531,6 +563,13 @@ func extractComponentNameFromPath(filePath, componentType string) string {
 		// For nested components: aws/bedrock/bedrock.go -> aws.bedrock
 		// Take all parts except the last (which is the filename)
 		dirParts := parts[:len(parts)-1]
+
+		// Special handling for HTTP middleware components
+		// middleware/http/componentname/ -> componentname (not http.componentname)
+		if componentType == "middleware" && len(dirParts) >= 2 && dirParts[0] == "http" {
+			return strings.Join(dirParts[1:], ".")
+		}
+
 		return strings.Join(dirParts, ".")
 	} else if len(parts) == 1 {
 		// For simple components: echo/echo.go -> echo
@@ -565,6 +604,13 @@ func getRegistrationFileName(contrib, componentType string) string {
 	}
 
 	fileName := strings.ReplaceAll(contrib, ".", "_")
+
+	// Special handling for HTTP middleware components
+	// The registration files are named middleware_http_componentname.go
+	if componentType == "middleware" {
+		return fmt.Sprintf("../dapr/cmd/daprd/components/%s_http_%s.go", componentType, fileName)
+	}
+
 	return fmt.Sprintf("../dapr/cmd/daprd/components/%s_%s.go", componentType, fileName)
 }
 
@@ -589,6 +635,11 @@ func parseRegisteredComponents(output string, componentType string) []string {
 
 	// Process each file's content
 	for filePath := range fileGroups {
+		// skip the uppercase component as it has a ton of magic strings that we must ignore.
+		// all other components only have the component registration string in this file so it is an outlier.
+		if strings.Contains(filePath, "uppercase") {
+			continue
+		}
 
 		// Read the entire file content
 		cmd := exec.Command("cat", filePath)

middleware/http/bearer/metadata.yaml

@@ -0,0 +1,29 @@
+# yaml-language-server: $schema=../../../component-metadata-schema.json
+schemaVersion: v1
+type: middleware
+name: bearer
+version: v1
+status: stable
+title: "Bearer Token Authentication"
+description: |
+  The Bearer middleware provides JWT token authentication for HTTP requests.
+  It validates Bearer tokens in the Authorization header and can extract claims for downstream processing.
+urls:
+  - title: Reference
+    url: https://docs.dapr.io/reference/components-reference/supported-middleware/middleware-bearer/
+metadata:
+  - name: jwksURL
+    type: string
+    required: true
+    description: "The URL of the JSON Web Key Set (JWKS) endpoint"
+    example: "https://accounts.google.com/.well-known/jwks.json"
+  - name: issuer
+    type: string
+    required: true
+    description: "The expected issuer of the JWT tokens"
+    example: "https://accounts.google.com"
+  - name: audience
+    type: string
+    required: true
+    description: "The expected audience of the JWT tokens"
+    example: "my-app"

middleware/http/oauth2/metadata.yaml

@@ -0,0 +1,66 @@
+# yaml-language-server: $schema=../../../component-metadata-schema.json
+schemaVersion: v1
+type: middleware
+name: oauth2
+version: v1
+status: alpha
+title: "OAuth2 Authentication"
+description: |
+  The OAuth2 middleware provides OAuth2 authentication for HTTP requests.
+  It handles OAuth2 flows and token validation for securing API endpoints.
+urls:
+  - title: Reference
+    url: https://docs.dapr.io/reference/components-reference/supported-middleware/middleware-oauth2/
+authenticationProfiles:
+  - title: "OAuth2 Authentication"
+    description: "Configure OAuth2 authentication with any OAuth2 provider"
+    metadata:
+      - name: clientID
+        type: string
+        required: true
+        description: "The OAuth2 client ID from your OAuth2 provider"
+        example: "your-client-id"
+      - name: clientSecret
+        type: string
+        required: true
+        description: "The OAuth2 client secret from your OAuth2 provider"
+        sensitive: true
+        example: "your-client-secret"
+      - name: authURL
+        type: string
+        required: true
+        description: "The OAuth2 authorization URL from your provider"
+        example: "https://accounts.google.com/o/oauth2/v2/auth"
+      - name: tokenURL
+        type: string
+        required: true
+        description: "The OAuth2 token URL from your provider"
+        example: "https://oauth2.googleapis.com/token"
+      - name: scopes
+        type: string
+        required: false
+        description: "OAuth2 scopes to request from your provider"
+        example: "openid profile email"
+metadata:
+  - name: redirectURL
+    type: string
+    required: false
+    description: "The OAuth2 redirect URL for your application"
+    example: "http://localhost:8080/callback"
+  - name: authHeaderName
+    type: string
+    required: false
+    description: "The name of the authorization header to use"
+    example: "Authorization"
+    default: "Authorization"
+  - name: forceHTTPS
+    type: string
+    required: false
+    description: "Whether to force HTTPS for the redirect URL"
+    example: "true"
+    default: "false"
+  - name: pathFilter
+    type: string
+    required: false
+    description: "Regular expression to filter which paths require authentication"
+    example: "^/api/.*"

middleware/http/oauth2clientcredentials/metadata.yaml

@@ -0,0 +1,64 @@
+# yaml-language-server: $schema=../../../component-metadata-schema.json
+schemaVersion: v1
+type: middleware
+name: oauth2clientcredentials
+version: v1
+status: alpha
+title: "OAuth2 Client Credentials"
+description: |
+  The OAuth2 Client Credentials middleware provides OAuth2 client credentials flow authentication.
+  It handles machine-to-machine authentication using client credentials.
+urls:
+  - title: Reference
+    url: https://docs.dapr.io/reference/components-reference/supported-middleware/oauth2clientcredentials/
+authenticationProfiles:
+  - title: "OAuth2 Client Credentials"
+    description: "Configure OAuth2 client credentials authentication with any OAuth2 provider"
+    metadata:
+      - name: clientID
+        type: string
+        required: true
+        description: "The client ID of your application that is created as part of a credential hosted by a OAuth-enabled platform"
+        example: "your-client-id"
+      - name: clientSecret
+        type: string
+        required: true
+        description: "The client secret of your application that is created as part of a credential hosted by a OAuth-enabled platform"
+        sensitive: true
+        example: "your-client-secret"
+      - name: scopes
+        type: string
+        required: false
+        description: "A list of space-delimited, case-sensitive strings of scopes which are typically used for authorization in the application"
+        example: "https://www.googleapis.com/auth/userinfo.email"
+      - name: tokenURL
+        type: string
+        required: true
+        description: "The endpoint is used by the client to obtain an access token by presenting its authorization grant or refresh token"
+        example: "https://accounts.google.com/o/oauth2/token"
+metadata:
+  - name: pathFilter
+    type: string
+    required: false
+    description: "Regular expression to filter which paths require authentication"
+    example: "^/api/.*"
+  - name: headerName
+    type: string
+    required: true
+    description: "The authorization header name to forward to your application"
+    example: "authorization"
+  - name: endpointParamsQuery
+    type: string
+    required: false
+    description: "Specifies additional parameters for requests to the token endpoint"
+    example: "param1=value1&param2=value2"
+  - name: authStyle
+    type: integer
+    required: false
+    description: "Optionally specifies how the endpoint wants the client ID & client secret sent. 0: Auto-detect (tries both ways and caches the successful way), 1: Sends client_id and client_secret in POST body as application/x-www-form-urlencoded parameters, 2: Sends client_id and client_secret using HTTP Basic Authorization"
+    example: 0
+    default: 0
+    allowedValues:
+      - 0
+      - 1
+      - 2