[CLOUDTRUST-2295] Bridge endpoint to self-ask for an email validation

[CLOUDTRUST-2296] Bridge endpoint to self-ask for a phone number validation
[CLOUDTRUST-2299] Send email when user updates his email/phone. Unvalidate his account validation

Gopkg.toml

@@ -27,11 +27,11 @@
 
 [[constraint]]
   name = "github.com/cloudtrust/common-service"
-  branch = "master"
+  version = "v1.2.5"
 
 [[constraint]]
   name = "github.com/cloudtrust/keycloak-client"
-  branch = "dev"
+  branch = "jira-2296"
 
 [[constraint]]
   name = "github.com/go-kit/kit"

api/account/swagger-api_account.yaml

@@ -160,7 +160,22 @@ paths:
       responses:
         200:
           description: Successful operation.
-
+  /account/send-verify-email:
+    put:
+      tags:
+      - Account
+      summary: Request an email verification
+      responses:
+        200:
+          description: successful operation
+  /account/send-verify-phone-number:
+    put:
+      tags:
+      - Account
+      summary: Request a phone number verification
+      responses:
+        200:
+          description: successful operation
 components:
   schemas:
     UpdatePassword:

cmd/keycloakb/keycloak_bridge.go

@@ -617,6 +617,8 @@ func main() {
 			UpdateLabelCredential:     prepareEndpoint(account.MakeUpdateLabelCredentialEndpoint(accountComponent), "update_label_credential", influxMetrics, accountLogger, tracer, rateLimit["account"]),
 			MoveCredential:            prepareEndpoint(account.MakeMoveCredentialEndpoint(accountComponent), "move_credential", influxMetrics, accountLogger, tracer, rateLimit["account"]),
 			GetConfiguration:          prepareEndpoint(account.MakeGetConfigurationEndpoint(accountComponent), "get_configuration", influxMetrics, accountLogger, tracer, rateLimit["account"]),
+			SendVerifyEmail:           prepareEndpoint(account.MakeSendVerifyEmailEndpoint(accountComponent), "send_verify_email", influxMetrics, accountLogger, tracer, rateLimit["account"]),
+			SendVerifyPhoneNumber:     prepareEndpoint(account.MakeSendVerifyPhoneNumberEndpoint(accountComponent), "send_verify_phone_number", influxMetrics, accountLogger, tracer, rateLimit["account"]),
 		}
 	}
 
@@ -934,6 +936,8 @@ func main() {
 		var updateAccountHandler = configureAccountHandler(keycloakb.ComponentName, ComponentID, idGenerator, keycloakClient, audienceRequired, tracer, logger)(accountEndpoints.UpdateAccount)
 		var deleteAccountHandler = configureAccountHandler(keycloakb.ComponentName, ComponentID, idGenerator, keycloakClient, audienceRequired, tracer, logger)(accountEndpoints.DeleteAccount)
 		var getConfigurationHandler = configureAccountHandler(keycloakb.ComponentName, ComponentID, idGenerator, keycloakClient, audienceRequired, tracer, logger)(accountEndpoints.GetConfiguration)
+		var sendVerifyEmailHandler = configureAccountHandler(keycloakb.ComponentName, ComponentID, idGenerator, keycloakClient, audienceRequired, tracer, logger)(accountEndpoints.SendVerifyEmail)
+		var sendVerifyPhoneNumberHandler = configureAccountHandler(keycloakb.ComponentName, ComponentID, idGenerator, keycloakClient, audienceRequired, tracer, logger)(accountEndpoints.SendVerifyPhoneNumber)
 
 		route.Path("/account").Methods("GET").Handler(getAccountHandler)
 		route.Path("/account").Methods("POST").Handler(updateAccountHandler)
@@ -948,6 +952,9 @@ func main() {
 		route.Path("/account/credentials/{credentialID}").Methods("PUT").Handler(updateLabelCredentialHandler)
 		route.Path("/account/credentials/{credentialID}/after/{previousCredentialID}").Methods("POST").Handler(moveCredentialHandler)
 
+		route.Path("/account/send-verify-email").Methods("PUT").Handler(sendVerifyEmailHandler)
+		route.Path("/account/send-verify-phone-number").Methods("PUT").Handler(sendVerifyPhoneNumberHandler)
+
 		var handler http.Handler = route
 
 		if accessLogsEnabled {

pkg/account/authorization.go

@@ -184,6 +184,16 @@ func (c *authorizationComponentMW) GetConfiguration(ctx context.Context, realmID
 	return c.next.GetConfiguration(ctx, realmIDOverride)
 }
 
+func (c *authorizationComponentMW) SendVerifyEmail(ctx context.Context) error {
+	// No restriction for this call
+	return c.next.SendVerifyEmail(ctx)
+}
+
+func (c *authorizationComponentMW) SendVerifyPhoneNumber(ctx context.Context) error {
+	// No restriction for this call
+	return c.next.SendVerifyPhoneNumber(ctx)
+}
+
 func isEnabled(booleanPtr *bool) bool {
 	return booleanPtr != nil && *booleanPtr
 }

pkg/account/authorization_test.go

@@ -21,7 +21,7 @@ func TestNoRestrictions(t *testing.T) {
 
 	var mockLogger = log.NewNopLogger()
 	var mockConfigurationDBModule = mock.NewConfigurationDBModule(mockCtrl)
-	var mockAccountComponent = mock.NewAccountComponent(mockCtrl)
+	var mockAccountComponent = mock.NewComponent(mockCtrl)
 
 	var accessToken = "TOKEN=="
 	var realmName = "master"
@@ -36,29 +36,53 @@ func TestNoRestrictions(t *testing.T) {
 		var ctx = context.WithValue(context.Background(), cs.CtContextAccessToken, accessToken)
 		ctx = context.WithValue(ctx, cs.CtContextRealm, realmName)
 
-		mockAccountComponent.EXPECT().GetCredentials(ctx).Return([]api.CredentialRepresentation{}, nil).Times(1)
-		_, err = authorizationMW.GetCredentials(ctx)
-		assert.Nil(t, err)
-
-		mockAccountComponent.EXPECT().GetCredentialRegistrators(ctx).Return([]string{}, nil).Times(1)
-		_, err = authorizationMW.GetCredentialRegistrators(ctx)
-		assert.Nil(t, err)
-
-		mockAccountComponent.EXPECT().UpdateLabelCredential(ctx, credentialID, "newLabel").Return(nil).Times(1)
-		err = authorizationMW.UpdateLabelCredential(ctx, credentialID, "newLabel")
-		assert.Nil(t, err)
-
-		mockAccountComponent.EXPECT().MoveCredential(ctx, credentialID, credentialID).Return(nil).Times(1)
-		err = authorizationMW.MoveCredential(ctx, credentialID, credentialID)
-		assert.Nil(t, err)
-
-		mockAccountComponent.EXPECT().GetAccount(ctx).Return(api.AccountRepresentation{}, nil).Times(1)
-		_, err = authorizationMW.GetAccount(ctx)
-		assert.Nil(t, err)
-
-		mockAccountComponent.EXPECT().GetConfiguration(ctx, "").Return(api.Configuration{}, nil).Times(1)
-		_, err = authorizationMW.GetConfiguration(ctx, "")
-		assert.Nil(t, err)
+		t.Run("GetCredentials", func(t *testing.T) {
+			mockAccountComponent.EXPECT().GetCredentials(ctx).Return([]api.CredentialRepresentation{}, nil).Times(1)
+			_, err = authorizationMW.GetCredentials(ctx)
+			assert.Nil(t, err)
+		})
+
+		t.Run("GetCredentialRegistrators", func(t *testing.T) {
+			mockAccountComponent.EXPECT().GetCredentialRegistrators(ctx).Return([]string{}, nil).Times(1)
+			_, err = authorizationMW.GetCredentialRegistrators(ctx)
+			assert.Nil(t, err)
+		})
+
+		t.Run("UpdateLabelCredential", func(t *testing.T) {
+			mockAccountComponent.EXPECT().UpdateLabelCredential(ctx, credentialID, "newLabel").Return(nil).Times(1)
+			err = authorizationMW.UpdateLabelCredential(ctx, credentialID, "newLabel")
+			assert.Nil(t, err)
+		})
+
+		t.Run("MoveCredential", func(t *testing.T) {
+			mockAccountComponent.EXPECT().MoveCredential(ctx, credentialID, credentialID).Return(nil).Times(1)
+			err = authorizationMW.MoveCredential(ctx, credentialID, credentialID)
+			assert.Nil(t, err)
+		})
+
+		t.Run("GetAccount", func(t *testing.T) {
+			mockAccountComponent.EXPECT().GetAccount(ctx).Return(api.AccountRepresentation{}, nil).Times(1)
+			_, err = authorizationMW.GetAccount(ctx)
+			assert.Nil(t, err)
+		})
+
+		t.Run("GetConfiguration", func(t *testing.T) {
+			mockAccountComponent.EXPECT().GetConfiguration(ctx, "").Return(api.Configuration{}, nil).Times(1)
+			_, err = authorizationMW.GetConfiguration(ctx, "")
+			assert.Nil(t, err)
+		})
+
+		t.Run("SendVerifyEmail", func(t *testing.T) {
+			mockAccountComponent.EXPECT().SendVerifyEmail(ctx).Return(nil).Times(1)
+			err = authorizationMW.SendVerifyEmail(ctx)
+			assert.Nil(t, err)
+		})
+
+		t.Run("SendVerifyPhoneNumber", func(t *testing.T) {
+			mockAccountComponent.EXPECT().SendVerifyPhoneNumber(ctx).Return(nil).Times(1)
+			err = authorizationMW.SendVerifyPhoneNumber(ctx)
+			assert.Nil(t, err)
+		})
 	}
 }
 
@@ -68,7 +92,7 @@ func TestDeny(t *testing.T) {
 
 	var mockLogger = log.NewNopLogger()
 	var mockConfigurationDBModule = mock.NewConfigurationDBModule(mockCtrl)
-	var mockAccountComponent = mock.NewAccountComponent(mockCtrl)
+	var mockAccountComponent = mock.NewComponent(mockCtrl)
 
 	var accessToken = "TOKEN=="
 	var realmName = "master"
@@ -116,7 +140,7 @@ func TestAllowed(t *testing.T) {
 
 	var mockLogger = log.NewNopLogger()
 	var mockConfigurationDBModule = mock.NewConfigurationDBModule(mockCtrl)
-	var mockAccountComponent = mock.NewAccountComponent(mockCtrl)
+	var mockAccountComponent = mock.NewComponent(mockCtrl)
 
 	var accessToken = "TOKEN=="
 	var realmName = "master"
@@ -169,7 +193,7 @@ func TestError(t *testing.T) {
 
 	var mockLogger = log.NewNopLogger()
 	var mockConfigurationDBModule = mock.NewConfigurationDBModule(mockCtrl)
-	var mockAccountComponent = mock.NewAccountComponent(mockCtrl)
+	var mockAccountComponent = mock.NewComponent(mockCtrl)
 
 	var accessToken = "TOKEN=="
 	var realmName = "master"