Skip to content

Commit

Permalink
Add context object details to Extra map in tenant mapping handler (#475)
Browse files Browse the repository at this point in the history 
* Add context object details to Extra map in tenant mapping handler
  • Loading branch information
@crabtree
crabtree committed Nov 19, 2019
1 parent 1dd6aea commit 9e2e22a
Show file tree
Hide file tree
Showing 14 changed files with 283 additions and 171 deletions.
2 changes: 1 addition & 1 deletion chart/compass/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ global:
version: "PR-391"
director:
dir:
version: "PR-472"
version: "PR-475"
gateway:
dir: pr/
version: "PR-357"
Expand Down
16 changes: 16 additions & 0 deletions components/director/internal/model/system_auth.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,22 @@ func (sa SystemAuth) GetReferenceObjectType() (SystemAuthReferenceObjectType, er
return "", errors.New("unknown reference object type")
}

func (sa SystemAuth) GetReferenceObjectID() (string, error) {
if sa.AppID != nil {
return *sa.AppID, nil
}

if sa.RuntimeID != nil {
return *sa.RuntimeID, nil
}

if sa.IntegrationSystemID != nil {
return *sa.IntegrationSystemID, nil
}

return "", errors.New("unknown reference object ID")
}

const IntegrationSystemTenant = "00000000-00000000-00000000-00000000"

type SystemAuthReferenceObjectType string
Expand Down
46 changes: 46 additions & 0 deletions components/director/internal/model/system_auth_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,3 +53,49 @@ func TestSystemAuthGetReferenceObjectType(t *testing.T) {
require.EqualError(t, err, "unknown reference object type")
})
}

func TestSystemAuthGetReferenceObjectID(t *testing.T) {
t.Run("GetReferenceObjectID returns AppID for SystemAuth referenced by the Application", func(t *testing.T) {
appID := uuid.New()
sysAuth := SystemAuth{
AppID: str.Ptr(appID.String()),
}

refObjID, err := sysAuth.GetReferenceObjectID()

require.NoError(t, err)
require.Equal(t, appID.String(), refObjID)
})

t.Run("GetReferenceObjectID returns RuntimeID for SystemAuth referenced by the Runtime", func(t *testing.T) {
runtimeID := uuid.New()
sysAuth := SystemAuth{
RuntimeID: str.Ptr(runtimeID.String()),
}

refObjID, err := sysAuth.GetReferenceObjectID()

require.NoError(t, err)
require.Equal(t, runtimeID.String(), refObjID)
})

t.Run("GetReferenceObjectID returns IntegrationSystemID and IntegrationSystemReference for SystemAuth referenced by the Integration System", func(t *testing.T) {
intSysID := uuid.New()
sysAuth := SystemAuth{
IntegrationSystemID: str.Ptr(intSysID.String()),
}

refObjID, err := sysAuth.GetReferenceObjectID()

require.NoError(t, err)
require.Equal(t, intSysID.String(), refObjID)
})

t.Run("GetReferenceObjectID returns error when called on SystemAuth with all reference properties set to nil", func(t *testing.T) {
sysAuth := SystemAuth{}

_, err := sysAuth.GetReferenceObjectID()

require.EqualError(t, err, "unknown reference object ID")
})
}
33 changes: 33 additions & 0 deletions ...nents/director/internal/tenantmapping/automock/object_context_for_system_auth_provider.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

32 changes: 32 additions & 0 deletions components/director/internal/tenantmapping/automock/object_context_for_user_provider.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

40 changes: 0 additions & 40 deletions ...ts/director/internal/tenantmapping/automock/tenant_and_scopes_for_system_auth_provider.go
View file

This file was deleted.

39 changes: 0 additions & 39 deletions components/director/internal/tenantmapping/automock/tenant_and_scopes_for_user_provider.go
View file

This file was deleted.

40 changes: 21 additions & 19 deletions components/director/internal/tenantmapping/handler.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,28 +21,28 @@ type ReqDataParser interface {
Parse(req *http.Request) (ReqData, error)
}

//go:generate mockery -name=TenantAndScopesForUserProvider -output=automock -outpkg=automock -case=underscore
type TenantAndScopesForUserProvider interface {
GetTenantAndScopes(reqData ReqData, authID string) (string, string, error)
//go:generate mockery -name=ObjectContextForUserProvider -output=automock -outpkg=automock -case=underscore
type ObjectContextForUserProvider interface {
GetObjectContext(reqData ReqData, authID string) (ObjectContext, error)
}

//go:generate mockery -name=TenantAndScopesForSystemAuthProvider -output=automock -outpkg=automock -case=underscore
type TenantAndScopesForSystemAuthProvider interface {
GetTenantAndScopes(ctx context.Context, reqData ReqData, authID string, authFlow AuthFlow) (string, string, error)
//go:generate mockery -name=ObjectContextForSystemAuthProvider -output=automock -outpkg=automock -case=underscore
type ObjectContextForSystemAuthProvider interface {
GetObjectContext(ctx context.Context, reqData ReqData, authID string, authFlow AuthFlow) (ObjectContext, error)
}

type Handler struct {
reqDataParser ReqDataParser
transact persistence.Transactioner
mapperForUser TenantAndScopesForUserProvider
mapperForSystemAuth TenantAndScopesForSystemAuthProvider
mapperForUser ObjectContextForUserProvider
mapperForSystemAuth ObjectContextForSystemAuthProvider
}

func NewHandler(
reqDataParser ReqDataParser,
transact persistence.Transactioner,
mapperForUser TenantAndScopesForUserProvider,
mapperForSystemAuth TenantAndScopesForSystemAuthProvider) *Handler {
mapperForUser ObjectContextForUserProvider,
mapperForSystemAuth ObjectContextForSystemAuthProvider) *Handler {
return &Handler{
reqDataParser: reqDataParser,
transact: transact,
Expand Down Expand Up @@ -72,14 +72,16 @@ func (h *Handler) ServeHTTP(writer http.ResponseWriter, req *http.Request) {

ctx := persistence.SaveToContext(req.Context(), tx)

tenantID, scopes, err := h.lookupForTenantAndScopes(ctx, reqData)
objCtx, err := h.getObjectContext(ctx, reqData)
if err != nil {
respondWithError(writer, http.StatusInternalServerError, err, "while looking for tenant and scopes data")
respondWithError(writer, http.StatusInternalServerError, err, "while getting object context")
return
}

reqData.Body.Extra["tenant"] = tenantID
reqData.Body.Extra["scope"] = scopes
reqData.Body.Extra["tenant"] = objCtx.TenantID
reqData.Body.Extra["scope"] = objCtx.Scopes
reqData.Body.Extra["objectID"] = objCtx.ObjectID
reqData.Body.Extra["objectType"] = objCtx.ObjectType

writer.Header().Set("Content-Type", "application/json")
err = json.NewEncoder(writer).Encode(reqData.Body)
Expand All @@ -89,20 +91,20 @@ func (h *Handler) ServeHTTP(writer http.ResponseWriter, req *http.Request) {
}
}

func (h *Handler) lookupForTenantAndScopes(ctx context.Context, reqData ReqData) (string, string, error) {
func (h *Handler) getObjectContext(ctx context.Context, reqData ReqData) (ObjectContext, error) {
authID, authFlow, err := reqData.GetAuthID()
if err != nil {
return "", "", errors.Wrap(err, "while determining the auth ID from the request")
return ObjectContext{}, errors.Wrap(err, "while determining the auth ID from the request")
}

switch authFlow {
case JWTAuthFlow:
return h.mapperForUser.GetTenantAndScopes(reqData, authID)
return h.mapperForUser.GetObjectContext(reqData, authID)
case OAuth2Flow, CertificateFlow:
return h.mapperForSystemAuth.GetTenantAndScopes(ctx, reqData, authID, authFlow)
return h.mapperForSystemAuth.GetObjectContext(ctx, reqData, authID, authFlow)
}

return "", "", fmt.Errorf("unknown authentication flow (%s)", authFlow)
return ObjectContext{}, fmt.Errorf("unknown authentication flow (%s)", authFlow)
}

func respondWithError(writer http.ResponseWriter, httpErrorCode int, err error, wrapperStr string) {
Expand Down
Loading

0 comments on commit 9e2e22a

Please sign in to comment.