Authz support (#69)

* Added authz support for mgmt * Updade version
descope · Oct 11, 2023 · cb8249d · cb8249d
1 parent 4b923af
commit cb8249d
Show file tree

Hide file tree

Showing 24 changed files with 1,268 additions and 3 deletions.
diff --git a/examples/management-cli/pom.xml b/examples/management-cli/pom.xml
@@ -19,7 +19,7 @@
         <dependency>
             <groupId>com.descope</groupId>
             <artifactId>java-sdk</artifactId>
-            <version>1.0.7</version>
+            <version>1.0.8</version>
         </dependency>
         <dependency>
             <groupId>info.picocli</groupId>

diff --git a/pom.xml b/pom.xml
@@ -4,7 +4,7 @@
     <groupId>com.descope</groupId>
     <artifactId>java-sdk</artifactId>
     <modelVersion>4.0.0</modelVersion>
-    <version>1.0.7</version>
+    <version>1.0.8</version>
     <name>${project.groupId}:${project.artifactId}</name>
     <description>Java library used to integrate with Descope.</description>
     <url>https://github.com/descope/descope-java</url>
@@ -153,6 +153,11 @@
             <groupId>com.fasterxml.jackson.core</groupId>
             <version>2.15.2</version>
         </dependency>
+        <dependency>
+            <groupId>com.fasterxml.jackson.dataformat</groupId>
+            <artifactId>jackson-dataformat-yaml</artifactId>
+            <version>2.15.2</version>
+        </dependency>
     </dependencies>
     <build>
         <finalName>${project.groupId}.${project.artifactId}-${project.version}</finalName>

diff --git a/src/main/java/com/descope/enums/NodeExpressionType.java b/src/main/java/com/descope/enums/NodeExpressionType.java
@@ -0,0 +1,19 @@
+package com.descope.enums;
+
+import com.fasterxml.jackson.annotation.JsonValue;
+import lombok.Getter;
+
+public enum NodeExpressionType {
+  SELF("self"),
+  TARGET_SET("targetSet"),
+  RELATION_LEFT("relationLeft"),
+  RELATION_RIGHT("relationRight");
+
+  @Getter
+  @JsonValue
+  private final String value;
+
+  NodeExpressionType(String value) {
+    this.value = value;
+  }
+}
diff --git a/src/main/java/com/descope/enums/NodeType.java b/src/main/java/com/descope/enums/NodeType.java
@@ -0,0 +1,19 @@
+package com.descope.enums;
+
+import com.fasterxml.jackson.annotation.JsonValue;
+import lombok.Getter;
+
+public enum NodeType {
+  CHILD("child"),
+  UNION("union"),
+  INTERSECT("intersect"),
+  SUB("sub");
+
+  @Getter
+  @JsonValue
+  private final String value;
+
+  NodeType(String value) {
+    this.value = value;
+  }
+}
diff --git a/src/main/java/com/descope/literals/Routes.java b/src/main/java/com/descope/literals/Routes.java
@@ -140,5 +140,22 @@ public static class ManagementEndPoints {
 
     // Audit
     public static final String MANAGEMENT_AUDIT_SEARCH_LINK = "/v1/mgmt/audit/search";
+
+    // Authz
+    public static final String MANAGEMENT_AUTHZ_SCHEMA_SAVE = "/v1/mgmt/authz/schema/save";
+    public static final String MANAGEMENT_AUTHZ_SCHEMA_DELETE = "/v1/mgmt/authz/schema/delete";
+    public static final String MANAGEMENT_AUTHZ_SCHEMA_LOAD = "/v1/mgmt/authz/schema/load";
+    public static final String MANAGEMENT_AUTHZ_NS_SAVE = "/v1/mgmt/authz/ns/save";
+    public static final String MANAGEMENT_AUTHZ_NS_DELETE = "/v1/mgmt/authz/ns/delete";
+    public static final String MANAGEMENT_AUTHZ_RD_SAVE = "/v1/mgmt/authz/rd/save";
+    public static final String MANAGEMENT_AUTHZ_RD_DELETE = "/v1/mgmt/authz/rd/delete";
+    public static final String MANAGEMENT_AUTHZ_RE_CREATE = "/v1/mgmt/authz/re/create";
+    public static final String MANAGEMENT_AUTHZ_RE_DELETE = "/v1/mgmt/authz/re/delete";
+    public static final String MANAGEMENT_AUTHZ_RE_DELETE_RESOURCES = "/v1/mgmt/authz/re/deleteresources";
+    public static final String MANAGEMENT_AUTHZ_RE_HAS_RELATIONS = "/v1/mgmt/authz/re/has";
+    public static final String MANAGEMENT_AUTHZ_RE_WHO = "/v1/mgmt/authz/re/who";
+    public static final String MANAGEMENT_AUTHZ_RE_RESOURCE = "/v1/mgmt/authz/re/resource";
+    public static final String MANAGEMENT_AUTHZ_RE_TARGETS = "/v1/mgmt/authz/re/targets";
+    public static final String MANAGEMENT_AUTHZ_RE_TARGET_ALL = "/v1/mgmt/authz/re/targetall";
   }
 }
diff --git a/src/main/java/com/descope/model/authz/HasRelationsResponse.java b/src/main/java/com/descope/model/authz/HasRelationsResponse.java
@@ -0,0 +1,15 @@
+package com.descope.model.authz;
+
+import java.util.List;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class HasRelationsResponse {
+  List<RelationQuery> relationQueries;
+}
diff --git a/src/main/java/com/descope/model/authz/LoadSchemaResponse.java b/src/main/java/com/descope/model/authz/LoadSchemaResponse.java
@@ -0,0 +1,14 @@
+package com.descope.model.authz;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class LoadSchemaResponse {
+  Schema schema;
+}
diff --git a/src/main/java/com/descope/model/authz/Namespace.java b/src/main/java/com/descope/model/authz/Namespace.java
@@ -0,0 +1,19 @@
+package com.descope.model.authz;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonInclude.Include;
+import java.util.List;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+@JsonInclude(Include.NON_NULL)
+public class Namespace {
+  String name;
+  List<RelationDefinition> relationDefinitions;
+}
diff --git a/src/main/java/com/descope/model/authz/Node.java b/src/main/java/com/descope/model/authz/Node.java
@@ -0,0 +1,24 @@
+package com.descope.model.authz;
+
+import com.descope.enums.NodeType;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonInclude.Include;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import java.util.List;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+@SuppressWarnings("checkstyle:MemberName")
+@JsonInclude(Include.NON_NULL)
+public class Node {
+  @JsonProperty("nType")
+  NodeType nType;
+  List<Node> children;
+  NodeExpression expression;
+}
diff --git a/src/main/java/com/descope/model/authz/NodeExpression.java b/src/main/java/com/descope/model/authz/NodeExpression.java
@@ -0,0 +1,22 @@
+package com.descope.model.authz;
+
+import com.descope.enums.NodeExpressionType;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonInclude.Include;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+@JsonInclude(Include.NON_NULL)
+public class NodeExpression {
+  NodeExpressionType neType;
+  String relationDefinition;
+  String relationDefinitionNamespace;
+  String targetRelationDefinition;
+  String targetRelationDefinitionNamespace;
+}
diff --git a/src/main/java/com/descope/model/authz/Relation.java b/src/main/java/com/descope/model/authz/Relation.java
@@ -0,0 +1,24 @@
+package com.descope.model.authz;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonInclude.Include;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+@JsonInclude(Include.NON_NULL)
+public class Relation {
+  String resource;
+  String relationDefinition;
+  String namespace;
+  String target;
+  String targetSetResource;
+  String targetSetRelationDefinition;
+  String targetSetRelationDefinitionNamespace;
+  UserQuery query;
+}
diff --git a/src/main/java/com/descope/model/authz/RelationDefinition.java b/src/main/java/com/descope/model/authz/RelationDefinition.java
@@ -0,0 +1,18 @@
+package com.descope.model.authz;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonInclude.Include;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+@JsonInclude(Include.NON_NULL)
+public class RelationDefinition {
+  String name;
+  Node complexDefinition;
+}
diff --git a/src/main/java/com/descope/model/authz/RelationQuery.java b/src/main/java/com/descope/model/authz/RelationQuery.java
@@ -0,0 +1,21 @@
+package com.descope.model.authz;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonInclude.Include;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+@JsonInclude(Include.NON_NULL)
+public class RelationQuery {
+  String resource;
+  String relationDefinition;
+  String namespace;
+  String target;
+  boolean hasRelation;
+}
diff --git a/src/main/java/com/descope/model/authz/RelationsResponse.java b/src/main/java/com/descope/model/authz/RelationsResponse.java
@@ -0,0 +1,15 @@
+package com.descope.model.authz;
+
+import java.util.List;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class RelationsResponse {
+  List<Relation> relations;
+}
diff --git a/src/main/java/com/descope/model/authz/Schema.java b/src/main/java/com/descope/model/authz/Schema.java
@@ -0,0 +1,19 @@
+package com.descope.model.authz;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonInclude.Include;
+import java.util.List;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+@JsonInclude(Include.NON_NULL)
+public class Schema {
+  String name;
+  List<Namespace> namespaces;
+}
diff --git a/src/main/java/com/descope/model/authz/UserQuery.java b/src/main/java/com/descope/model/authz/UserQuery.java
@@ -0,0 +1,26 @@
+package com.descope.model.authz;
+
+import com.descope.enums.UserStatus;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonInclude.Include;
+import java.util.List;
+import java.util.Map;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+@JsonInclude(Include.NON_NULL)
+public class UserQuery {
+  List<String> tenants;
+  List<String> roles;
+  String text;
+  List<UserStatus> statuses;
+  boolean ssoOnly;
+  boolean withTestUser;
+  Map<String, Object> customAttributes;
+}
diff --git a/src/main/java/com/descope/model/authz/WhoCanAccessResponse.java b/src/main/java/com/descope/model/authz/WhoCanAccessResponse.java
@@ -0,0 +1,15 @@
+package com.descope.model.authz;
+
+import java.util.List;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class WhoCanAccessResponse {
+  List<String> targets;
+}
diff --git a/src/main/java/com/descope/model/mgmt/ManagementServices.java b/src/main/java/com/descope/model/mgmt/ManagementServices.java
@@ -2,6 +2,7 @@
 
 import com.descope.sdk.mgmt.AccessKeyService;
 import com.descope.sdk.mgmt.AuditService;
+import com.descope.sdk.mgmt.AuthzService;
 import com.descope.sdk.mgmt.FlowService;
 import com.descope.sdk.mgmt.GroupService;
 import com.descope.sdk.mgmt.JwtService;
@@ -26,4 +27,5 @@ public class ManagementServices {
   FlowService flowService;
   GroupService groupService;
   AuditService auditService;
+  AuthzService authzService;
 }