Add: KeycloakRepository; Add KeycloakJWTReceiverCached

Author: greenMika

client/keycloakJWTClient.go

@@ -0,0 +1,72 @@
+package client
+
+import (
+	"github.com/Nerzal/gocloak/v12"
+	"github.com/golang-jwt/jwt/v4"
+	"github.com/rs/zerolog/log"
+)
+
+type ITokenReceiver interface {
+	GetClientAccessToken(clientName, clientSecret string) (string, error)
+	getClientToken(clientName, clientSecret string) (*gocloak.JWT, error)
+}
+
+type KeycloakJWTReceiverCachedInMemory struct {
+	keycloakRepository IKeycloakRepository
+	cachedToken        *gocloak.JWT
+}
+
+var _ ITokenReceiver = &KeycloakJWTReceiverCachedInMemory{}
+
+func NewKeycloakJWTReceiverCachedInMemory(keycloakRepository IKeycloakRepository) *KeycloakJWTReceiverCachedInMemory {
+	return &KeycloakJWTReceiverCachedInMemory{
+		keycloakRepository: keycloakRepository,
+	}
+}
+
+func isTokenValid(token *gocloak.JWT) bool {
+	if token == nil {
+		return false
+	}
+
+	parser := jwt.NewParser()
+	claims := &jwt.MapClaims{}
+
+	_, _, err := parser.ParseUnverified(token.AccessToken, claims)
+	if err != nil {
+		log.Error().Msgf("couldn't parse JWT access token: %v", err)
+		return false
+	}
+
+	err = claims.Valid()
+	if err != nil {
+		log.Debug().Msgf("Token is invalid: %v", err)
+		return false
+	}
+
+	return true
+}
+
+func (k *KeycloakJWTReceiverCachedInMemory) getClientToken(clientName, clientSecret string) (*gocloak.JWT, error) {
+	if k.cachedToken == nil || !isTokenValid(k.cachedToken) {
+		token, err := k.keycloakRepository.getClientToken(clientName, clientSecret)
+		if err != nil {
+			return nil, err
+		}
+		k.cachedToken = token
+		log.Debug().Msgf("updated token: %s", token.AccessToken)
+	} else {
+		log.Debug().Msgf("Using cached token: %s", k.cachedToken.AccessToken)
+	}
+
+	return k.cachedToken, nil
+}
+
+func (k *KeycloakJWTReceiverCachedInMemory) GetClientAccessToken(clientName, clientSecret string) (string, error) {
+	token, err := k.getClientToken(clientName, clientSecret)
+	if err != nil {
+		return "", err
+	}
+
+	return token.AccessToken, nil
+}

client/keycloakJWTReceiverCachedInMemory.go

@@ -8,21 +8,16 @@ import (
 	"github.com/stretchr/testify/mock"
 )
 
-type MockTokenReceiver struct {
+type MockKeycloakRepository struct {
 	mock.Mock
 }
 
-func (m *MockTokenReceiver) GetAccessToken() (string, error) {
-	args := m.Called()
-	return args.String(0), args.Error(1)
-}
-
-func (m *MockTokenReceiver) getToken() (*gocloak.JWT, error) {
+func (m *MockKeycloakRepository) getClientToken(clientName, clientSecret string) (*gocloak.JWT, error) {
 	args := m.Called()
 	return args.Get(0).(*gocloak.JWT), args.Error(1)
 }
 
-func TestKeycloakJWTCacheInMemory_GetToken(t *testing.T) {
+func TestKeycloakJWTCacheInMemory_GetClientToken(t *testing.T) {
 
 	tests := []struct {
 		name             string
@@ -78,14 +73,14 @@ func TestKeycloakJWTCacheInMemory_GetToken(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 
-			mockTokenReceiver := new(MockTokenReceiver)
-			cache := NewKeycloakJWTCacheInMemory(mockTokenReceiver)
+			mockTokenReceiver := new(MockKeycloakRepository)
+			cache := NewKeycloakJWTReceiverCachedInMemory(mockTokenReceiver)
 
 			cache.cachedToken = tt.cachedToken
 
-			mockTokenReceiver.On("getToken").Return(tt.mockToken, tt.mockError)
+			mockTokenReceiver.On("getClientToken").Return(tt.mockToken, tt.mockError)
 
-			token, err := cache.getToken()
+			token, err := cache.getClientToken("testClient", "testSecret")
 
 			if tt.expectedError != nil {
 				assert.ErrorIs(t, err, tt.expectedError)
@@ -95,26 +90,26 @@ func TestKeycloakJWTCacheInMemory_GetToken(t *testing.T) {
 
 			assert.Equal(t, tt.expectedToken, token)
 			if tt.shouldFetchToken {
-				mockTokenReceiver.AssertCalled(t, "getToken")
+				mockTokenReceiver.AssertCalled(t, "getClientToken")
 			}
 		})
 	}
 }
 
-func TestKeycloakJWTCacheInMemory_GetAccessToken(t *testing.T) {
-	mockTokenReceiver := new(MockTokenReceiver)
+func TestKeycloakJWTCacheInMemory_GetClientAccessToken(t *testing.T) {
+	mockKeycloakRepository := new(MockKeycloakRepository)
 	mockToken := &gocloak.JWT{
 		AccessToken: "test_token",
 		ExpiresIn:   3600,
 	}
 
-	mockTokenReceiver.On("getToken").Return(mockToken, nil)
+	mockKeycloakRepository.On("getClientToken").Return(mockToken, nil)
 
-	cache := NewKeycloakJWTCacheInMemory(mockTokenReceiver)
+	cache := NewKeycloakJWTReceiverCachedInMemory(mockKeycloakRepository)
 
-	accessToken, err := cache.GetAccessToken()
+	accessToken, err := cache.GetClientAccessToken("testClient", "testSecret")
 
 	assert.NoError(t, err)
 	assert.Equal(t, "test_token", accessToken)
-	mockTokenReceiver.AssertCalled(t, "getToken")
+	mockKeycloakRepository.AssertCalled(t, "getClientToken")
 }

client/keycloakJWTClient_test.go renamed to client/keycloakJWTReceiverCachedInMemory_test.go

@@ -6,21 +6,24 @@ import (
 )
 
 type IKeycloakRepository interface {
-	GetClientAccessToken(clientName, clientSecret, realm string) (*gocloak.JWT, error)
+	getClientToken(clientName, clientSecret string) (*gocloak.JWT, error)
+	// Append keycloak functions here
 }
 
 type KeycloakRepository struct {
 	client *gocloak.GoCloak
+	realm  string
 }
 
 var _ IKeycloakRepository = &KeycloakRepository{}
 
-func NewKeycloakRepository(basePath string) *KeycloakRepository {
+func NewKeycloakRepository(basePath, realm string) *KeycloakRepository {
 	return &KeycloakRepository{
 		client: gocloak.NewClient(basePath),
+		realm:  realm,
 	}
 }
 
-func (r *KeycloakRepository) GetClientAccessToken(clientName, clientSecret, realm string) (*gocloak.JWT, error) {
-	return r.client.LoginClient(context.Background(), clientName, clientSecret, realm)
+func (r *KeycloakRepository) getClientToken(clientName, clientSecret string) (*gocloak.JWT, error) {
+	return r.client.LoginClient(context.Background(), clientName, clientSecret, r.realm)
 }