Merge pull request #1336 from openintegrationhub/fix-authclient-dao

Fix authclient dao
openintegrationhub · Oct 20, 2021 · 158c7e9 · 158c7e9
2 parents cc3aa88 + 26a8ea6
commit 158c7e9
Show file tree

Hide file tree

Showing 8 changed files with 227 additions and 26 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/services/secret-service/package.json b/services/secret-service/package.json
@@ -1,6 +1,6 @@
 {
   "name": "secret-service",
-  "version": "2.7.1",
+  "version": "2.8.0",
   "description": "Service to manage Keys/Tokens of external services",
   "main": "index.js",
   "author": "Basaas GmbH",

diff --git a/services/secret-service/src/dao/auth-client.js b/services/secret-service/src/dao/auth-client.js
@@ -2,10 +2,9 @@ const Logger = require('@basaas/node-logger');
 const { Event, EventBusManager, events } = require('@openintegrationhub/event-bus');
 const AuthClient = require('../model/AuthClient');
 
-const conf = require('./../conf');
+const conf = require('../conf');
 
 const log = Logger.getLogger(`${conf.log.namespace}/authClientDao`);
-const auditLog = Logger.getAuditLogger(`${conf.log.namespace}/authClientDao`);
 
 module.exports = {
 
@@ -40,13 +39,10 @@ module.exports = {
         return await AuthClient.full.findOne(query).lean();
     },
 
-    async update({ id, data, partialUpdate = false }) {
-        const updateOperation = partialUpdate ? { $set: data } : data;
-
-
-        const result = await AuthClient.full.findOneAndUpdate({
+    async update({ id, data }) {
+        const result = await AuthClient[data.type].findOneAndUpdate({
             _id: id,
-        }, updateOperation, {
+        }, data, {
             new: true,
         }).lean();
 
@@ -109,14 +105,4 @@ module.exports = {
             }
         }
     },
-
-    // async delete({ id }) {
-    //     await AuthClient.full.deleteOne({ _id: id });
-    //     log.info('deleted.client', { id });
-    // },
-
-    // async deleteAll(query) {
-    //     await AuthClient.full.deleteMany(query);
-    //     auditLog.info('authClient.deleteAll', { data: { ...query } });
-    // },
 };
diff --git a/services/secret-service/src/dao/auth-client.spec.js b/services/secret-service/src/dao/auth-client.spec.js
@@ -0,0 +1,66 @@
+const {
+    OA2_AUTHORIZATION_CODE,
+} = require('../constant').AUTH_TYPE;
+const AuthClientDAO = require('./auth-client');
+const Server = require('../server');
+const conf = require('../conf');
+
+let port;
+let server;
+let authClient;
+
+describe('AuthClientDAO', () => {
+    beforeAll(async () => {
+        conf.crypto.isDisabled = false;
+        port = 5115;
+        server = new Server({
+            mongoDbConnection: global.__MONGO_URI__.replace('changeme', 'auth-client-dao'),
+            port,
+        });
+        await server.start();
+    });
+
+    afterAll(async () => {
+        await server.stop();
+    });
+
+    test('create auth client', async () => {
+        const data = {
+            type: OA2_AUTHORIZATION_CODE,
+            name: 'oAuth2',
+            clientId: 'string',
+            clientSecret: 'string',
+            redirectUri: '/dev/null',
+            endpoints: {
+                auth: 'http://',
+                token: 'http://',
+                userinfo: 'http://',
+            },
+            mappings: {
+                externalId: {
+                    source: 'id_token',
+                    key: 'sub',
+                },
+            },
+        };
+
+        authClient = await AuthClientDAO.create(data);
+
+        expect(authClient.type).toEqual(OA2_AUTHORIZATION_CODE);
+    });
+
+    test('update auth client', async () => {
+        const update = {
+            name: 'foobar',
+            type: OA2_AUTHORIZATION_CODE,
+            clientId: 'string2',
+            clientSecret: 'string2',
+        };
+
+        authClient = await AuthClientDAO.update({ id: authClient._id, data: update });
+
+        expect(authClient.clientId).toEqual('string2');
+        expect(authClient.clientSecret).toEqual('string2');
+        expect(authClient.name).toEqual('foobar');
+    });
+});
diff --git a/services/secret-service/src/dao/secret.js b/services/secret-service/src/dao/secret.js
@@ -1,5 +1,6 @@
 const Logger = require('@basaas/node-logger');
 const moment = require('moment');
+const mongoose = require('mongoose');
 const pull = require('lodash/pull');
 const { Event, EventBusManager, events } = require('@openintegrationhub/event-bus');
 const crypto = require('../util/crypto');
@@ -236,12 +237,15 @@ module.exports = {
         id,
         authClientId,
     ) {
+        if (typeof authClientId === 'string') {
+            authClientId = mongoose.Types.ObjectId(authClientId);
+        }
+
         return await Secret.full.find({
             'value.authClientId': authClientId,
             'owners.id': id,
         },
-        'name type value.authClientId value.scope value.expires value.externalId owners currentError',
-        );
+        'name type value.authClientId value.scope value.expires value.externalId owners currentError');
     },
 
     async findByExternalId(externalId, authClientId) {

diff --git a/services/secret-service/src/dao/secret.spec.js b/services/secret-service/src/dao/secret.spec.js
@@ -3,10 +3,15 @@ const { ENCRYPT, DECRYPT } = require('../constant').CRYPTO.METHODS;
 const {
     SIMPLE, OA2_AUTHORIZATION_CODE, MIXED, SESSION_AUTH,
 } = require('../constant').AUTH_TYPE;
+
+const {
+    ENTITY_TYPE,
+} = require('../constant');
 const AuthClientDAO = require('./auth-client');
 const SecretDAO = require('./secret');
 const Server = require('../server');
 const conf = require('../conf');
+const tokens = require('../test/tokens');
 
 let port;
 let server;
@@ -461,4 +466,69 @@ describe('SecretDAO', () => {
             }, key),
         ).resolves.not.toThrow();
     });
+
+    test('findByAuthClientId with ownerId', async () => {
+        const key = 'sshhhh';
+        const accessToken = 'my access_token';
+        const refreshToken = 'my refresh_token';
+        const secretData = {
+            name: 'secret',
+            type: OA2_AUTHORIZATION_CODE,
+            owners: [
+                {
+                    id: tokens.userToken1.value.sub,
+                    type: ENTITY_TYPE.USER,
+                },
+                {
+                    id: tokens.userToken1.value.tenant,
+                    type: ENTITY_TYPE.TENANT,
+                },
+            ],
+            value: {
+                authClientId: authClient._id,
+                accessToken,
+                refreshToken,
+                scope: 'asd',
+                externalId: 'asd',
+                expires: '2019-01-28T14:01:21.808Z',
+            },
+        };
+
+        await SecretDAO.create({
+            ...secretData,
+            name: 'secret1',
+        }, key);
+
+        await SecretDAO.create({
+            ...secretData,
+            name: 'secret2',
+        }, key);
+
+        await SecretDAO.create({
+            ...secretData,
+            name: 'secret3',
+            owners: [
+                {
+                    id: tokens.userToken2.value.sub,
+                    type: ENTITY_TYPE.USER,
+                },
+                {
+                    id: tokens.userToken2.value.tenant,
+                    type: ENTITY_TYPE.TENANT,
+                },
+            ],
+        }, key);
+
+        let secrets = await SecretDAO.findByAuthClient(tokens.userToken1.value.sub, authClient._id);
+        expect(secrets.length).toEqual(2);
+
+        secrets = await SecretDAO.findByAuthClient(tokens.userToken1.value.tenant, authClient._id);
+        expect(secrets.length).toEqual(2);
+
+        secrets = await SecretDAO.findByAuthClient(tokens.userToken2.value.sub, authClient._id);
+        expect(secrets.length).toEqual(1);
+
+        secrets = await SecretDAO.findByAuthClient(tokens.userToken2.value.tenant, authClient._id);
+        expect(secrets.length).toEqual(1);
+    });
 });
diff --git a/services/secret-service/src/route/auth-clients/index.js b/services/secret-service/src/route/auth-clients/index.js
@@ -191,11 +191,10 @@ class AuthClientRouter {
         });
 
         this.router.get('/:id/secrets', /* userIsOwnerOfAuthClient, */ async (req, res, next) => {
-            const authClient = await AuthClientDAO.findOne({ _id: req.params.id });
             try {
-                const secrets = findByAuthClient(
+                const secrets = await findByAuthClient(
                     req.user.sub,
-                    authClient._id,
+                    req.params.id,
                 );
                 res.send({
                     data: secrets,

diff --git a/services/secret-service/src/route/auth-clients/index.spec.js b/services/secret-service/src/route/auth-clients/index.spec.js
@@ -5,6 +5,10 @@ const conf = require('../../conf');
 const { ENTITY_TYPE } = require('../../constant');
 const Server = require('../../server');
 const token = require('../../test/tokens');
+const AuthClientDAO = require('../../dao/auth-client');
+const SecretDAO = require('../../dao/secret');
+const tokens = require('../../test/tokens');
+
 const {
     OA1_TWO_LEGGED, OA2_AUTHORIZATION_CODE, SESSION_AUTH,
 } = require('../../constant').AUTH_TYPE;
@@ -337,4 +341,76 @@ describe('auth-clients', () => {
 
         expect(meta.total).toBe(0);
     });
+
+    test('Get all secrets by auth client', async () => {
+        const key = 'sshhhh';
+        const accessToken = 'my access_token';
+        const refreshToken = 'my refresh_token';
+
+        const data = {
+            type: OA2_AUTHORIZATION_CODE,
+            name: 'oAuth2',
+            clientId: 'string',
+            clientSecret: 'string',
+            redirectUri: '/dev/null',
+            endpoints: {
+                auth: 'http://',
+                token: 'http://',
+                userinfo: 'http://',
+            },
+            mappings: {
+                externalId: {
+                    source: 'id_token',
+                    key: 'sub',
+                },
+            },
+        };
+
+        const authClient = await AuthClientDAO.create(data);
+
+        const secretData = {
+            name: 'secret',
+            type: OA2_AUTHORIZATION_CODE,
+            owners: [
+                {
+                    id: tokens.userToken1.value.sub,
+                    type: ENTITY_TYPE.USER,
+                },
+                {
+                    id: tokens.userToken1.value.tenant,
+                    type: ENTITY_TYPE.TENANT,
+                },
+            ],
+            value: {
+                authClientId: authClient._id,
+                accessToken,
+                refreshToken,
+                scope: 'asd',
+                externalId: 'asd',
+                expires: '2019-01-28T14:01:21.808Z',
+            },
+        };
+
+        await SecretDAO.create({
+            ...secretData,
+            name: 'secret1',
+        }, key);
+
+        await SecretDAO.create({
+            ...secretData,
+            name: 'secret2',
+        }, key);
+
+        let secrets = (await request.get(`/auth-clients/${authClient._id}/secrets`)
+            .set(...global.userAuth1)
+            .expect(200)).body.data;
+
+        expect(secrets.length).toEqual(2);
+
+        secrets = (await request.get(`/auth-clients/${authClient._id}/secrets`)
+            .set(...global.userAuth2)
+            .expect(200)).body.data;
+
+        expect(secrets.length).toEqual(0);
+    });
 });