Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Expose GetPassword via the GRPC API #1271

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Expose GetPassword via the GRPC API #1271

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
187 changes: 135 additions & 52 deletions api/api.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

23 changes: 18 additions & 5 deletions api/api.proto
View file
Open in desktop
Expand Up @@ -22,7 +22,7 @@ message CreateClientReq {
// CreateClientResp returns the response from creating a client.
message CreateClientResp {
bool already_exists = 1;
Client client = 2;
Client client = 2;
}

// DeleteClientReq is a request to delete a client.
Expand All @@ -31,7 +31,7 @@ message DeleteClientReq {
string id = 1;
}

// DeleteClientResp determines if the client is deleted successfully.
// DeleteClientResp determines if the client is deleted successfully.
message DeleteClientResp {
bool not_found = 1;
}
Expand Down Expand Up @@ -66,7 +66,7 @@ message UpdatePasswordReq {
string new_username = 3;
}

// UpdatePasswordResp returns the response from modifying an existing password.
// UpdatePasswordResp returns the response from modifying an existing password.
message UpdatePasswordResp {
bool not_found = 1;
}
Expand All @@ -76,7 +76,7 @@ message DeletePasswordReq {
string email = 1;
}

// DeletePasswordResp returns the response from deleting a password.
// DeletePasswordResp returns the response from deleting a password.
message DeletePasswordResp {
bool not_found = 1;
}
Expand Down Expand Up @@ -128,12 +128,23 @@ message RevokeRefreshReq {
string client_id = 2;
}

// RevokeRefreshResp determines if the refresh token is revoked successfully.
// RevokeRefreshResp determines if the refresh token is revoked successfully.
message RevokeRefreshResp {
// Set to true is refresh token was not found and token could not be revoked.
bool not_found = 1;
}

// GetPasswordReq is a request get a specific password by email.
message GetPasswordReq {
string email = 1;
}

// GetPasswordResp a specific password by email.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is really oddly named. Can we either rename it "GetUserResp" and "GetUserReq"? Or can we strongly clarify that the password isn't returned?

message GetPasswordResp {
Password password = 1;
bool not_found = 2;
}

// Dex represents the dex gRPC service.
service Dex {
// CreateClient creates a client.
Expand All @@ -156,4 +167,6 @@ service Dex {
//
// Note that each user-client pair can have only one refresh token at a time.
rpc RevokeRefresh(RevokeRefreshReq) returns (RevokeRefreshResp) {};
// GetPassword returns the password entry for a specific email.
rpc GetPassword(GetPasswordReq) returns (GetPasswordResp) {};
}
1 change: 1 addition & 0 deletions examples/grpc-client/README.md
View file
Open in desktop
Expand Up @@ -48,6 +48,7 @@ Finally run the Dex client providing the CA certificate, client certificate and
Running the gRPC client will cause the following API calls to be made to the server
1. CreatePassword
2. ListPasswords
3. GetPassword
3. DeletePassword
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[nit] I know it doesn't matter for presentation, but it's nicer to read this in raw form if the numbers are actually consecutive -- can you make DeletePassword a 4.?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was trying to maintain the style, but I'm just gonna make them all 1.


## Cleaning up
Expand Down
16 changes: 15 additions & 1 deletion examples/grpc-client/client.go
View file
Open in desktop
Expand Up @@ -75,11 +75,25 @@ func createPassword(cli api.DexClient) error {
log.Printf("%+v", pass)
}

deleteReq := &api.DeletePasswordReq{
// Get specific password created.
getRep := &api.GetPasswordReq{
Email: p.Email,
}
getResp, err := cli.GetPassword(context.TODO(), getRep)
if err != nil || getResp.NotFound {
if getResp.NotFound {
return fmt.Errorf("Password %s not found", getRep.Email)
}
return fmt.Errorf("failed to get password: %v", err)
}
log.Print("Got Created Password:\n")
log.Printf("%+v", getResp.Password)

// Delete password with email = test@example.com.
deleteReq := &api.DeletePasswordReq{
Email: p.Email,
}

if resp, err := cli.DeletePassword(context.TODO(), deleteReq); err != nil || resp.NotFound {
if resp.NotFound {
return fmt.Errorf("Password %s not found", deleteReq.Email)
Expand Down
27 changes: 27 additions & 0 deletions server/api.go
View file
Open in desktop
Expand Up @@ -223,6 +223,33 @@ func (d dexAPI) ListPasswords(ctx context.Context, req *api.ListPasswordReq) (*a

}

func (d dexAPI) GetPassword(ctx context.Context, req *api.GetPasswordReq) (*api.GetPasswordResp, error) {
if req.Email == "" {
return nil, errors.New("no email supplied")
}

password, err := d.s.GetPassword(req.Email)
if err != nil {
if err == storage.ErrNotFound {
return &api.GetPasswordResp{
NotFound: true,
}, nil
}
d.logger.Errorf("api: there was an error retrieving the password: %v", err)
return nil, fmt.Errorf("get password: %v", err)
}

return &api.GetPasswordResp{
NotFound: false,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[nit] this line is superfluous, but being explicit is OK 👍

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep was trying to be explicit.

Password: &api.Password{
Email: password.Email,
Username: password.Username,
UserId: password.UserID,
},
}, nil

}

func (d dexAPI) ListRefresh(ctx context.Context, req *api.ListRefreshReq) (*api.ListRefreshResp, error) {
id := new(internal.IDTokenSubject)
if err := internal.Unmarshal(req.UserId, id); err != nil {
Expand Down