Skip to content

Commit

Permalink
rebase
Browse files Browse the repository at this point in the history
  • Loading branch information
harture committed Feb 10, 2020
1 parent 1aea98c commit b4dd361
Show file tree
Hide file tree
Showing 23 changed files with 180 additions and 246 deletions.
54 changes: 20 additions & 34 deletions Gopkg.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions Gopkg.toml
Original file line number Diff line number Diff line change
Expand Up @@ -27,11 +27,11 @@

[[constraint]]
name = "github.com/cloudtrust/common-service"
version = "v1.2.4"
branch = "CLOUDTRUST-2109_2_authorizationManagement"

[[constraint]]
name = "github.com/cloudtrust/keycloak-client"
version = "v1.2.7"
branch = "CLOUDTRUST-2109_2_branch"

[[constraint]]
name = "github.com/go-kit/kit"
Expand Down
8 changes: 4 additions & 4 deletions api/event/fb/AdminEvent.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

20 changes: 10 additions & 10 deletions api/management/api.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ import (
"regexp"
"strconv"

"github.com/cloudtrust/keycloak-bridge/internal/dto"
"github.com/cloudtrust/common-service/configuration"
internal "github.com/cloudtrust/keycloak-bridge/internal/messages"
kc "github.com/cloudtrust/keycloak-client"
)
Expand Down Expand Up @@ -277,7 +277,7 @@ func ConvertToKCGroup(group GroupRepresentation) kc.GroupRepresentation {
}

// ConvertToAPIAuthorizations creates a API authorization representation from an array of DB Authorization
func ConvertToAPIAuthorizations(authorizations []dto.Authorization) AuthorizationsRepresentation {
func ConvertToAPIAuthorizations(authorizations []configuration.Authorization) AuthorizationsRepresentation {
var matrix = make(map[string]map[string]map[string]struct{})

for _, authz := range authorizations {
Expand Down Expand Up @@ -309,8 +309,8 @@ func ConvertToAPIAuthorizations(authorizations []dto.Authorization) Authorizatio
}

// ConvertToDBAuthorizations creates an array of DB Authorization from an API AuthorizationsRepresentation
func ConvertToDBAuthorizations(realmID, groupID string, apiAuthorizations AuthorizationsRepresentation) []dto.Authorization {
var authorizations = []dto.Authorization{}
func ConvertToDBAuthorizations(realmID, groupName string, apiAuthorizations AuthorizationsRepresentation) []configuration.Authorization {
var authorizations = []configuration.Authorization{}

if apiAuthorizations.Matrix == nil {
return authorizations
Expand All @@ -319,9 +319,9 @@ func ConvertToDBAuthorizations(realmID, groupID string, apiAuthorizations Author
for action, u := range *apiAuthorizations.Matrix {
if len(u) == 0 {
var act = string(action)
authorizations = append(authorizations, dto.Authorization{
authorizations = append(authorizations, configuration.Authorization{
RealmID: &realmID,
GroupName: &groupID,
GroupName: &groupName,
Action: &act,
})
continue
Expand All @@ -331,9 +331,9 @@ func ConvertToDBAuthorizations(realmID, groupID string, apiAuthorizations Author
if len(v) == 0 {
var act = string(action)
var targetRealm = string(targetRealmID)
authorizations = append(authorizations, dto.Authorization{
authorizations = append(authorizations, configuration.Authorization{
RealmID: &realmID,
GroupName: &groupID,
GroupName: &groupName,
Action: &act,
TargetRealmID: &targetRealm,
})
Expand All @@ -344,9 +344,9 @@ func ConvertToDBAuthorizations(realmID, groupID string, apiAuthorizations Author
var act = string(action)
var targetRealm = string(targetRealmID)
var targetGroup = string(targetGroupName)
authorizations = append(authorizations, dto.Authorization{
authorizations = append(authorizations, configuration.Authorization{
RealmID: &realmID,
GroupName: &groupID,
GroupName: &groupName,
Action: &act,
TargetRealmID: &targetRealm,
TargetGroupName: &targetGroup,
Expand Down
10 changes: 5 additions & 5 deletions api/management/api_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ import (
"strings"
"testing"

"github.com/cloudtrust/keycloak-bridge/internal/dto"
"github.com/cloudtrust/common-service/configuration"
kc "github.com/cloudtrust/keycloak-client"
"github.com/stretchr/testify/assert"
)
Expand Down Expand Up @@ -211,22 +211,22 @@ func TestConvertToAPIAuthorizations(t *testing.T) {
var action2 = "action2"
var any = "*"

var authorizations = []dto.Authorization{}
var authorizations = []configuration.Authorization{}

var authz1 = dto.Authorization{
var authz1 = configuration.Authorization{
RealmID: &master,
GroupName: &groupName2,
Action: &action2,
}

var authz2 = dto.Authorization{
var authz2 = configuration.Authorization{
RealmID: &master,
GroupName: &groupName2,
Action: &action2,
TargetRealmID: &any,
}

var authz3 = dto.Authorization{
var authz3 = configuration.Authorization{
RealmID: &master,
GroupName: &groupName1,
Action: &action,
Expand Down
38 changes: 20 additions & 18 deletions cmd/keycloakb/keycloak_bridge.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ import (
"syscall"
"time"

"github.com/cloudtrust/common-service/configuration"
"github.com/cloudtrust/common-service/database/sqltypes"
"github.com/cloudtrust/common-service/healthcheck"

Expand Down Expand Up @@ -101,9 +102,6 @@ func main() {
// Configurations.
var c = config(ctx, log.With(logger, "unit", "config"))
var (
// Component
authorizationConfigFile = c.GetString("authorization-file")

// Publishing
httpAddrInternal = c.GetString("internal-http-host-port")
httpAddrManagement = c.GetString("management-http-host-port")
Expand Down Expand Up @@ -262,18 +260,6 @@ func main() {
keycloakPublicURL = urls[0]
}

// Authorization Manager
var authorizationManager security.AuthorizationManager
{
var err error
authorizationManager, err = security.NewAuthorizationManagerFromFile(commonKcAdaptor, logger, authorizationConfigFile)

if err != nil {
logger.Error(ctx, "msg", "could not load authorizations", "error", err)
return
}
}

var sentryClient tracking.SentryTracking
{
var logger = log.With(logger, "unit", "sentry")
Expand Down Expand Up @@ -382,6 +368,25 @@ func main() {
healthChecker.AddDatabase("Users R/W", usersRwDBConn, healthCheckCacheDuration)
healthChecker.AddHTTPEndpoint("Keycloak", keycloakConfig.AddrAPI, httpTimeout, 200, healthCheckCacheDuration)

// Authorization Manager
var authorizationManager security.AuthorizationManager
{
var authorizationLogger = log.With(logger, "svc", "authorization")

var configurationReaderDBModule *configuration.ConfigurationReaderDBModule
{
configurationReaderDBModule = configuration.NewConfigurationReaderDBModule(configurationRoDBConn, authorizationLogger)
}

var err error
authorizationManager, err = security.NewAuthorizationManager(configurationReaderDBModule, commonKcAdaptor, authorizationLogger)

if err != nil {
logger.Error(ctx, "msg", "could not load authorizations", "error", err)
return
}
}

// Event service.
var eventEndpoints = event.Endpoints{}
{
Expand Down Expand Up @@ -1010,7 +1015,6 @@ func config(ctx context.Context, logger log.Logger) *viper.Viper {

// Component default.
v.SetDefault("config-file", "./configs/keycloak_bridge.yml")
v.SetDefault("authorization-file", "./configs/authorization.json")

// Log level
v.SetDefault("log-level", "info")
Expand Down Expand Up @@ -1132,9 +1136,7 @@ func config(ctx context.Context, logger log.Logger) *viper.Viper {

// First level of override.
pflag.String("config-file", v.GetString("config-file"), "The configuration file path can be relative or absolute.")
pflag.String("authorization-file", v.GetString("authorization-file"), "The authorization file path can be relative or absolute.")
v.BindPFlag("config-file", pflag.Lookup("config-file"))
v.BindPFlag("authorization-file", pflag.Lookup("authorization-file"))
pflag.Parse()

// Bind ENV variables
Expand Down
10 changes: 0 additions & 10 deletions internal/dto/authorization.go

This file was deleted.

Loading

0 comments on commit b4dd361

Please sign in to comment.