Skip to content

Commit

Permalink
Remove config for invite_link (#3905)
Browse files Browse the repository at this point in the history 
* Removed config for invite_link

The link template is still defined in a constant but not
exposed in the config, as it depends on Mentix and should not be
changed.

* Updated autogenerated docs

* Rephrasing

* Removed template and simplified logic for invite URLs

* Move config check where it is parsed

* Further simplifications

* Updated fixtures for integration tests

* Updated changelog and example
  • Loading branch information
@glpatcern
glpatcern committed Jun 8, 2023
1 parent 7ede02c commit d7692be
Show file tree
Hide file tree
Showing 10 changed files with 65 additions and 92 deletions.
8 changes: 8 additions & 0 deletions changelog/unreleased/def-invite-link.md
View file
@@ -0,0 +1,8 @@
Enhancement: Remove redundant config for invite_link_template

This is to drop invite_link_template from the OCM-related config.
Now the provider_domain and mesh_directory_url config options
are both mandatory in the sciencemesh http service, and the link
is directly built out of the context.

https://github.com/cs3org/reva/pull/3905
18 changes: 9 additions & 9 deletions docs/content/en/docs/config/packages/cbox/group/rest/_index.md
View file
Expand Up @@ -9,71 +9,71 @@ description: >
# _struct: config_

{{% dir name="redis_address" type="string" default="localhost:6379" %}}
The address at which the redis server is running [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/cbox/group/rest/rest.go#L56)
The address at which the redis server is running [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/cbox/group/rest/rest.go#L55)
{{< highlight toml >}}
[cbox.group.rest]
redis_address = "localhost:6379"
{{< /highlight >}}
{{% /dir %}}

{{% dir name="group_members_cache_expiration" type="int" default=5 %}}
The time in minutes for which the members of a group would be cached [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/cbox/group/rest/rest.go#L62)
The time in minutes for which the members of a group would be cached [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/cbox/group/rest/rest.go#L61)
{{< highlight toml >}}
[cbox.group.rest]
group_members_cache_expiration = 5
{{< /highlight >}}
{{% /dir %}}

{{% dir name="id_provider" type="string" default="http://cernbox.cern.ch" %}}
The OIDC Provider [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/cbox/group/rest/rest.go#L64)
The OIDC Provider [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/cbox/group/rest/rest.go#L63)
{{< highlight toml >}}
[cbox.group.rest]
id_provider = "http://cernbox.cern.ch"
{{< /highlight >}}
{{% /dir %}}

{{% dir name="api_base_url" type="string" default="https://authorization-service-api-dev.web.cern.ch" %}}
Base API Endpoint [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/cbox/group/rest/rest.go#L66)
Base API Endpoint [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/cbox/group/rest/rest.go#L65)
{{< highlight toml >}}
[cbox.group.rest]
api_base_url = "https://authorization-service-api-dev.web.cern.ch"
{{< /highlight >}}
{{% /dir %}}

{{% dir name="client_id" type="string" default="-" %}}
Client ID needed to authenticate [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/cbox/group/rest/rest.go#L68)
Client ID needed to authenticate [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/cbox/group/rest/rest.go#L67)
{{< highlight toml >}}
[cbox.group.rest]
client_id = "-"
{{< /highlight >}}
{{% /dir %}}

{{% dir name="client_secret" type="string" default="-" %}}
Client Secret [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/cbox/group/rest/rest.go#L70)
Client Secret [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/cbox/group/rest/rest.go#L69)
{{< highlight toml >}}
[cbox.group.rest]
client_secret = "-"
{{< /highlight >}}
{{% /dir %}}

{{% dir name="oidc_token_endpoint" type="string" default="https://keycloak-dev.cern.ch/auth/realms/cern/api-access/token" %}}
Endpoint to generate token to access the API [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/cbox/group/rest/rest.go#L73)
Endpoint to generate token to access the API [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/cbox/group/rest/rest.go#L72)
{{< highlight toml >}}
[cbox.group.rest]
oidc_token_endpoint = "https://keycloak-dev.cern.ch/auth/realms/cern/api-access/token"
{{< /highlight >}}
{{% /dir %}}

{{% dir name="target_api" type="string" default="authorization-service-api" %}}
The target application for which token needs to be generated [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/cbox/group/rest/rest.go#L75)
The target application for which token needs to be generated [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/cbox/group/rest/rest.go#L74)
{{< highlight toml >}}
[cbox.group.rest]
target_api = "authorization-service-api"
{{< /highlight >}}
{{% /dir %}}

{{% dir name="group_fetch_interval" type="int" default=3600 %}}
The time in seconds between bulk fetch of groups [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/cbox/group/rest/rest.go#L77)
The time in seconds between bulk fetch of groups [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/cbox/group/rest/rest.go#L76)
{{< highlight toml >}}
[cbox.group.rest]
group_fetch_interval = 3600
Expand Down
13 changes: 13 additions & 0 deletions examples/storage-references/gateway.toml
View file
Expand Up @@ -48,3 +48,16 @@ mime_types = [
[http.services.ocdav]
[http.services.ocs]
[http.services.appprovider]

[http.services.sciencemesh]
mesh_directory_url = 'https://sciencemesh.cesnet.cz/iop/meshdir'
provider_domain = 'your-domain.org'
body_template_path = '/etc/revad/sciencemesh_email_body'
ocm_mount_point = '/sciencemesh'

[http.services.sciencemesh.smtp_credentials]
disable_auth = true
sender_mail = "sciencemesh@your-domain.org"
smtp_server = "your-smtp-server.your-domain.org"
smtp_port = 25

16 changes: 0 additions & 16 deletions internal/http/services/sciencemesh/email.go
View file
Expand Up @@ -117,19 +117,3 @@ func (h *tokenHandler) initSubjectTemplate(subjTempl string) error {
h.tplSubj = tpl
return nil
}

func (h *tokenHandler) initInviteLinkTemplate(inviteTempl string) error {
var t string
if inviteTempl == "" {
t = defaultInviteLink
} else {
t = inviteTempl
}

tpl, err := template.New("tpl_invite").Parse(t)
if err != nil {
return err
}
h.tplInviteLink = tpl
return nil
}
24 changes: 15 additions & 9 deletions internal/http/services/sciencemesh/sciencemesh.go
View file
Expand Up @@ -19,6 +19,7 @@
package sciencemesh

import (
"errors"
"net/http"

"github.com/cs3org/reva/pkg/appctx"
Expand All @@ -42,6 +43,12 @@ func New(m map[string]interface{}, log *zerolog.Logger) (global.Service, error)
}

conf.init()
if conf.ProviderDomain == "" {
return nil, errors.New("sciencemesh: provider_domain is missing from configuration")
}
if conf.MeshDirectoryURL == "" {
return nil, errors.New("sciencemesh: mesh_directory_url is missing from configuration")
}

r := chi.NewRouter()
s := &svc{
Expand All @@ -62,15 +69,14 @@ func (s *svc) Close() error {
}

type config struct {
Prefix string `mapstructure:"prefix"`
SMTPCredentials *smtpclient.SMTPCredentials `mapstructure:"smtp_credentials"`
GatewaySvc string `mapstructure:"gatewaysvc"`
MeshDirectoryURL string `mapstructure:"mesh_directory_url"`
ProviderDomain string `mapstructure:"provider_domain"`
SubjectTemplate string `mapstructure:"subject_template"`
BodyTemplatePath string `mapstructure:"body_template_path"`
OCMMountPoint string `mapstructure:"ocm_mount_point"`
InviteLinkTemplate string `mapstructure:"invite_link_template"`
Prefix string `mapstructure:"prefix"`
SMTPCredentials *smtpclient.SMTPCredentials `mapstructure:"smtp_credentials"`
GatewaySvc string `mapstructure:"gatewaysvc"`
MeshDirectoryURL string `mapstructure:"mesh_directory_url"`
ProviderDomain string `mapstructure:"provider_domain"`
SubjectTemplate string `mapstructure:"subject_template"`
BodyTemplatePath string `mapstructure:"body_template_path"`
OCMMountPoint string `mapstructure:"ocm_mount_point"`
}

func (c *config) init() {
Expand Down
66 changes: 10 additions & 56 deletions internal/http/services/sciencemesh/token.go
View file
Expand Up @@ -24,10 +24,8 @@ import (
"html/template"
"mime"
"net/http"
"strings"

gateway "github.com/cs3org/go-cs3apis/cs3/gateway/v1beta1"
userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
invitepb "github.com/cs3org/go-cs3apis/cs3/ocm/invite/v1beta1"
ocmprovider "github.com/cs3org/go-cs3apis/cs3/ocm/provider/v1beta1"
rpc "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1"
Expand All @@ -38,16 +36,13 @@ import (
"github.com/cs3org/reva/pkg/smtpclient"
)

const defaultInviteLink = "{{.MeshDirectoryURL}}?token={{.Token}}&providerDomain={{.User.Id.Idp}}"

type tokenHandler struct {
gatewayClient gateway.GatewayAPIClient
smtpCredentials *smtpclient.SMTPCredentials
meshDirectoryURL string

tplSubj *template.Template
tplBody *template.Template
tplInviteLink *template.Template
providerDomain string
tplSubj *template.Template
tplBody *template.Template
}

func (h *tokenHandler) init(c *config) error {
Expand All @@ -62,6 +57,7 @@ func (h *tokenHandler) init(c *config) error {
}

h.meshDirectoryURL = c.MeshDirectoryURL
h.providerDomain = c.ProviderDomain

if err := h.initSubjectTemplate(c.SubjectTemplate); err != nil {
return err
Expand All @@ -71,7 +67,7 @@ func (h *tokenHandler) init(c *config) error {
return err
}

return h.initInviteLinkTemplate(c.InviteLinkTemplate)
return nil
}

type token struct {
Expand All @@ -81,12 +77,6 @@ type token struct {
InviteLink string `json:"invite_link"`
}

type inviteLinkParams struct {
User *userpb.User
Token string
MeshDirectoryURL string
}

// Generate generates an invitation token and if a recipient is specified,
// will send an email containing the link the user will use to accept the
// invitation.
Expand Down Expand Up @@ -116,12 +106,7 @@ func (h *tokenHandler) Generate(w http.ResponseWriter, r *http.Request) {
}
}

tknRes, err := h.prepareGenerateTokenResponse(user, token.InviteToken)
if err != nil {
reqres.WriteError(w, r, reqres.APIErrorServerError, "error generating response", err)
return
}

tknRes := h.prepareGenerateTokenResponse(token.InviteToken)
if err := json.NewEncoder(w).Encode(tknRes); err != nil {
reqres.WriteError(w, r, reqres.APIErrorServerError, "error marshalling token data", err)
return
Expand All @@ -131,34 +116,17 @@ func (h *tokenHandler) Generate(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
}

func (h *tokenHandler) generateInviteLink(user *userpb.User, token *invitepb.InviteToken) (string, error) {
var inviteLink strings.Builder
if err := h.tplInviteLink.Execute(&inviteLink, inviteLinkParams{
User: user,
Token: token.Token,
MeshDirectoryURL: h.meshDirectoryURL,
}); err != nil {
return "", err
}

return inviteLink.String(), nil
}

func (h *tokenHandler) prepareGenerateTokenResponse(user *userpb.User, tkn *invitepb.InviteToken) (*token, error) {
inviteLink, err := h.generateInviteLink(user, tkn)
if err != nil {
return nil, err
}
func (h *tokenHandler) prepareGenerateTokenResponse(tkn *invitepb.InviteToken) *token {
res := &token{
Token: tkn.Token,
Description: tkn.Description,
InviteLink: inviteLink,
InviteLink: h.meshDirectoryURL + "?token=" + tkn.Token + "&providerDomain=" + h.providerDomain,
}
if tkn.Expiration != nil {
res.Expiration = tkn.Expiration.Seconds
}

return res, nil
return res
}

type acceptInviteRequest struct {
Expand Down Expand Up @@ -278,22 +246,8 @@ func (h *tokenHandler) ListInvite(w http.ResponseWriter, r *http.Request) {
}

tokens := make([]*token, 0, len(res.InviteTokens))
user := ctxpkg.ContextMustGetUser(ctx)
for _, tkn := range res.InviteTokens {
inviteURL, err := h.generateInviteLink(user, tkn)
if err != nil {
reqres.WriteError(w, r, reqres.APIErrorServerError, "error generating invite URL from OCM token", err)
return
}
t := &token{
Token: tkn.Token,
Description: tkn.Description,
InviteLink: inviteURL,
}
if tkn.Expiration != nil {
t.Expiration = tkn.Expiration.Seconds
}
tokens = append(tokens, t)
tokens = append(tokens, h.prepareGenerateTokenResponse(tkn))
}

if err := json.NewEncoder(w).Encode(tokens); err != nil {
Expand Down
4 changes: 3 additions & 1 deletion tests/integration/grpc/fixtures/ocm-server-cernbox-http.toml
View file
Expand Up @@ -10,11 +10,13 @@ address = "{{grpc_address}}"
[http.services.ocmd]

[http.services.sciencemesh]
provider_domain = "{{cernboxhttp_address}}"
mesh_directory_url = "http://meshdir"

[http.middlewares.cors]

[http.middlewares.providerauthorizer]
driver = "json"

[http.middlewares.providerauthorizer.drivers.json]
providers = "fixtures/ocm-providers.demo.json"
providers = "fixtures/ocm-providers.demo.json"
4 changes: 3 additions & 1 deletion tests/integration/grpc/fixtures/ocm-server-cesnet-http.toml
View file
Expand Up @@ -10,11 +10,13 @@ address = "{{grpc_address}}"
[http.services.ocmd]

[http.services.sciencemesh]
provider_domain = "{{cesnethttp_address}}"
mesh_directory_url = "http://meshdir"

[http.middlewares.cors]

[http.middlewares.providerauthorizer]
driver = "json"

[http.middlewares.providerauthorizer.drivers.json]
providers = "fixtures/ocm-providers.demo.json"
providers = "fixtures/ocm-providers.demo.json"
2 changes: 2 additions & 0 deletions tests/integration/grpc/fixtures/ocm-share/ocm-server-cernbox-http.toml
View file
Expand Up @@ -10,6 +10,8 @@ address = "{{grpc_address}}"
[http.services.ocmd]

[http.services.sciencemesh]
provider_domain = "{{cernboxhttp_address}}"
mesh_directory_url = "http://meshdir"

[http.middlewares.cors]

Expand Down
2 changes: 2 additions & 0 deletions tests/integration/grpc/fixtures/ocm-share/ocm-server-cesnet-http.toml
View file
Expand Up @@ -10,6 +10,8 @@ address = "{{grpc_address}}"
[http.services.ocmd]

[http.services.sciencemesh]
provider_domain = "{{cesnethttp_address}}"
mesh_directory_url = "http://meshdir"

[http.middlewares.cors]

Expand Down

0 comments on commit d7692be

Please sign in to comment.