Skip to content

Commit

Permalink
NOISSUE - Remove domain from token (absmach#2468)
Browse files Browse the repository at this point in the history 
Signed-off-by: nyagamunene <[email protected]>
  • Loading branch information
@nyagamunene
nyagamunene authored Oct 25, 2024
1 parent ca8ed3b commit f88e11b
Show file tree
Hide file tree
Showing 76 changed files with 1,619 additions and 1,831 deletions.
8 changes: 8 additions & 0 deletions api/openapi/invitations.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,8 @@ paths:
description: Failed due to malformed JSON.
"401":
description: Missing or invalid access token provided.
"403":
description: Unauthorized access to the domain ID.
"404":
description: A non-existent entity request.
"409":
Expand Down Expand Up @@ -86,6 +88,8 @@ paths:
description: |
Missing or invalid access token provided.
This endpoint is available only for administrators.
"403":
description: Unauthorized access to the domain ID.
"404":
description: A non-existent entity request.
"422":
Expand Down Expand Up @@ -165,6 +169,8 @@ paths:
description: Failed due to malformed query parameters.
"401":
description: Missing or invalid access token provided.
"403":
description: Unauthorized access to the domain ID.
"404":
description: A non-existent entity request.
"415":
Expand All @@ -191,6 +197,8 @@ paths:
description: Invitation deleted.
"400":
description: Failed due to malformed JSON.
"403":
description: Unauthorized access to the domain ID.
"404":
description: Failed due to non existing user.
"401":
Expand Down
38 changes: 7 additions & 31 deletions auth.pb.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 1 addition & 3 deletions auth.proto
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,13 +53,11 @@ message AuthNRes {

message IssueReq {
string user_id = 1;
optional string domain_id = 2;
uint32 type = 3;
uint32 type = 2;
}

message RefreshReq {
string refresh_token = 1;
optional string domain_id = 2;
}

message AuthZReq {
Expand Down
14 changes: 6 additions & 8 deletions auth/api/grpc/token/client.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,9 +53,8 @@ func (client tokenGrpcClient) Issue(ctx context.Context, req *magistrala.IssueRe
defer cancel()

res, err := client.issue(ctx, issueReq{
userID: req.GetUserId(),
domainID: req.GetDomainId(),
keyType: auth.KeyType(req.GetType()),
userID: req.GetUserId(),
keyType: auth.KeyType(req.GetType()),
})
if err != nil {
return &magistrala.Token{}, grpcapi.DecodeError(err)
Expand All @@ -66,9 +65,8 @@ func (client tokenGrpcClient) Issue(ctx context.Context, req *magistrala.IssueRe
func encodeIssueRequest(_ context.Context, grpcReq interface{}) (interface{}, error) {
req := grpcReq.(issueReq)
return &magistrala.IssueReq{
UserId: req.userID,
DomainId: &req.domainID,
Type: uint32(req.keyType),
UserId: req.userID,
Type: uint32(req.keyType),
}, nil
}

Expand All @@ -80,7 +78,7 @@ func (client tokenGrpcClient) Refresh(ctx context.Context, req *magistrala.Refre
ctx, cancel := context.WithTimeout(ctx, client.timeout)
defer cancel()

res, err := client.refresh(ctx, refreshReq{refreshToken: req.GetRefreshToken(), domainID: req.GetDomainId()})
res, err := client.refresh(ctx, refreshReq{refreshToken: req.GetRefreshToken()})
if err != nil {
return &magistrala.Token{}, grpcapi.DecodeError(err)
}
Expand All @@ -89,7 +87,7 @@ func (client tokenGrpcClient) Refresh(ctx context.Context, req *magistrala.Refre

func encodeRefreshRequest(_ context.Context, grpcReq interface{}) (interface{}, error) {
req := grpcReq.(refreshReq)
return &magistrala.RefreshReq{RefreshToken: req.refreshToken, DomainId: &req.domainID}, nil
return &magistrala.RefreshReq{RefreshToken: req.refreshToken}, nil
}

func decodeRefreshResponse(_ context.Context, grpcRes interface{}) (interface{}, error) {
Expand Down
7 changes: 3 additions & 4 deletions auth/api/grpc/token/endpoint.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,9 +18,8 @@ func issueEndpoint(svc auth.Service) endpoint.Endpoint {
}

key := auth.Key{
Type: req.keyType,
User: req.userID,
Domain: req.domainID,
Type: req.keyType,
User: req.userID,
}
tkn, err := svc.Issue(ctx, "", key)
if err != nil {
Expand All @@ -42,7 +41,7 @@ func refreshEndpoint(svc auth.Service) endpoint.Endpoint {
return issueRes{}, err
}

key := auth.Key{Domain: req.domainID, Type: auth.RefreshKey}
key := auth.Key{Type: auth.RefreshKey}
tkn, err := svc.Issue(ctx, req.refreshToken, key)
if err != nil {
return issueRes{}, err
Expand Down
47 changes: 20 additions & 27 deletions auth/api/grpc/token/endpoint_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,6 @@ const (

var (
validID = testsutil.GenerateUUID(&testing.T{})
domainID = testsutil.GenerateUUID(&testing.T{})
authAddr = fmt.Sprintf("localhost:%d", port)
)

Expand All @@ -70,27 +69,24 @@ func TestIssue(t *testing.T) {
cases := []struct {
desc string
userId string
domainID string
kind auth.KeyType
issueResponse auth.Token
err error
}{
{
desc: "issue for user with valid token",
userId: validID,
domainID: domainID,
kind: auth.AccessKey,
desc: "issue for user with valid token",
userId: validID,
kind: auth.AccessKey,
issueResponse: auth.Token{
AccessToken: validToken,
RefreshToken: validToken,
},
err: nil,
},
{
desc: "issue recovery key",
userId: validID,
domainID: domainID,
kind: auth.RecoveryKey,
desc: "issue recovery key",
userId: validID,
kind: auth.RecoveryKey,
issueResponse: auth.Token{
AccessToken: validToken,
RefreshToken: validToken,
Expand All @@ -100,34 +96,33 @@ func TestIssue(t *testing.T) {
{
desc: "issue API key unauthenticated",
userId: validID,
domainID: domainID,
kind: auth.APIKey,
issueResponse: auth.Token{},
err: svcerr.ErrAuthentication,
},
{
desc: "issue for invalid key type",
userId: validID,
domainID: domainID,
kind: 32,
issueResponse: auth.Token{},
err: errors.ErrMalformedEntity,
},
{
desc: "issue for user that does notexist",
userId: "",
domainID: "",
kind: auth.APIKey,
issueResponse: auth.Token{},
err: svcerr.ErrAuthentication,
},
}

for _, tc := range cases {
svcCall := svc.On("Issue", mock.Anything, mock.Anything, mock.Anything, mock.Anything).Return(tc.issueResponse, tc.err)
_, err := grpcClient.Issue(context.Background(), &magistrala.IssueReq{UserId: tc.userId, DomainId: &tc.domainID, Type: uint32(tc.kind)})
assert.True(t, errors.Contains(err, tc.err), fmt.Sprintf("%s: expected %s got %s\n", tc.desc, tc.err, err))
svcCall.Unset()
t.Run(tc.desc, func(t *testing.T) {
svcCall := svc.On("Issue", mock.Anything, mock.Anything, mock.Anything, mock.Anything).Return(tc.issueResponse, tc.err)
_, err := grpcClient.Issue(context.Background(), &magistrala.IssueReq{UserId: tc.userId, Type: uint32(tc.kind)})
assert.True(t, errors.Contains(err, tc.err), fmt.Sprintf("%s: expected %s got %s\n", tc.desc, tc.err, err))
svcCall.Unset()
})
}
}

Expand All @@ -139,14 +134,12 @@ func TestRefresh(t *testing.T) {
cases := []struct {
desc string
token string
domainID string
issueResponse auth.Token
err error
}{
{
desc: "refresh token with valid token",
token: validToken,
domainID: domainID,
desc: "refresh token with valid token",
token: validToken,
issueResponse: auth.Token{
AccessToken: validToken,
RefreshToken: validToken,
Expand All @@ -156,23 +149,23 @@ func TestRefresh(t *testing.T) {
{
desc: "refresh token with invalid token",
token: inValidToken,
domainID: domainID,
issueResponse: auth.Token{},
err: svcerr.ErrAuthentication,
},
{
desc: "refresh token with empty token",
token: "",
domainID: domainID,
issueResponse: auth.Token{},
err: apiutil.ErrMissingSecret,
},
}

for _, tc := range cases {
svcCall := svc.On("Issue", mock.Anything, mock.Anything, mock.Anything, mock.Anything).Return(tc.issueResponse, tc.err)
_, err := grpcClient.Refresh(context.Background(), &magistrala.RefreshReq{DomainId: &tc.domainID, RefreshToken: tc.token})
assert.True(t, errors.Contains(err, tc.err), fmt.Sprintf("%s: expected %s got %s\n", tc.desc, tc.err, err))
svcCall.Unset()
t.Run(tc.desc, func(t *testing.T) {
svcCall := svc.On("Issue", mock.Anything, mock.Anything, mock.Anything, mock.Anything).Return(tc.issueResponse, tc.err)
_, err := grpcClient.Refresh(context.Background(), &magistrala.RefreshReq{RefreshToken: tc.token})
assert.True(t, errors.Contains(err, tc.err), fmt.Sprintf("%s: expected %s got %s\n", tc.desc, tc.err, err))
svcCall.Unset()
})
}
}
6 changes: 2 additions & 4 deletions auth/api/grpc/token/requests.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,8 @@ import (
)

type issueReq struct {
userID string
domainID string // optional
keyType auth.KeyType
userID string
keyType auth.KeyType
}

func (req issueReq) validate() error {
Expand All @@ -27,7 +26,6 @@ func (req issueReq) validate() error {

type refreshReq struct {
refreshToken string
domainID string // optional
}

func (req refreshReq) validate() error {
Expand Down
7 changes: 3 additions & 4 deletions auth/api/grpc/token/server.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,15 +55,14 @@ func (s *tokenGrpcServer) Refresh(ctx context.Context, req *magistrala.RefreshRe
func decodeIssueRequest(_ context.Context, grpcReq interface{}) (interface{}, error) {
req := grpcReq.(*magistrala.IssueReq)
return issueReq{
userID: req.GetUserId(),
domainID: req.GetDomainId(),
keyType: auth.KeyType(req.GetType()),
userID: req.GetUserId(),
keyType: auth.KeyType(req.GetType()),
}, nil
}

func decodeRefreshRequest(_ context.Context, grpcReq interface{}) (interface{}, error) {
req := grpcReq.(*magistrala.RefreshReq)
return refreshReq{refreshToken: req.GetRefreshToken(), domainID: req.GetDomainId()}, nil
return refreshReq{refreshToken: req.GetRefreshToken()}, nil
}

func encodeIssueResponse(_ context.Context, grpcRes interface{}) (interface{}, error) {
Expand Down
Loading

0 comments on commit f88e11b

Please sign in to comment.