Skip to content

feat: use validate-token endpoint in MustServer #449

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
plyr4 merged 18 commits into from
Mar 28, 2023
Merged

feat: use validate-token endpoint in MustServer #449

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
02fed7f
feat: use validate-token endpoint in MustServer
plyr4 Mar 17, 2023
1ba4511
fix: better error and removed ok check
plyr4 Mar 17, 2023
ee4dc7d
fix: better error and removed ok check
plyr4 Mar 17, 2023
e811529
chore: bump types
plyr4 Mar 23, 2023
25c2395
feat: use refresh auth endpoint
plyr4 Mar 23, 2023
7b4c5cc
Merge branch 'main' into feat/worker-auth
plyr4 Mar 24, 2023
1495e44
chore: remove user middleware in favor of MustServer token validation
plyr4 Mar 24, 2023
9a765f1
Merge branch 'feat/worker-auth' of github.com:go-vela/worker into fea…
plyr4 Mar 24, 2023
c6fa06f
chore: remove worker.RefreshAuth in favor of separate branch
plyr4 Mar 24, 2023
686e8a7
chore: bump server
plyr4 Mar 27, 2023
9576d68
chore: bump sdk-go
plyr4 Mar 27, 2023
98ac9aa
chore: bump server
plyr4 Mar 27, 2023
fab0b73
wip: perm_test.go
plyr4 Mar 27, 2023
37e055b
feat: MustServer tests
plyr4 Mar 27, 2023
150efa5
chore: tweak comments and return code for invalid parsing
plyr4 Mar 27, 2023
6e2e2e5
chore: remove secret from middleware
plyr4 Mar 27, 2023
ee39c05
fix: remove c.Error
plyr4 Mar 28, 2023
2cb0af6
fix: remove exist check from MustGet
plyr4 Mar 28, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
chore: remove user middleware in favor of MustServer token validation
  • Loading branch information
@plyr4
plyr4 committed Mar 24, 2023
commit 1495e44938f81138f13f44a94ade8b19509870c4
8 changes: 4 additions & 4 deletions router/middleware/perm/perm.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,12 +16,12 @@ import (
"github.com/sirupsen/logrus"
)

// MustServer ensures the user is the vela server.
// MustServer ensures the caller is the vela server.
func MustServer() gin.HandlerFunc {
return func(c *gin.Context) {
tkn, err := token.Retrieve(c.Request)
if err != nil {
msg := fmt.Sprintf("error parsing token")
msg := fmt.Sprintf("error parsing token: %s", err)

err := c.Error(fmt.Errorf(msg))
if err != nil {
Expand All @@ -35,7 +35,7 @@ func MustServer() gin.HandlerFunc {

addr, ok := c.MustGet("server-address").(string)
if !ok {
msg := fmt.Sprintf("error retrieving server address")
msg := "error retrieving server address"

err := c.Error(fmt.Errorf(msg))
if err != nil {
Expand All @@ -49,7 +49,7 @@ func MustServer() gin.HandlerFunc {

vela, err := vela.NewClient(addr, "", nil)
if err != nil {
msg := fmt.Sprintf("error creating vela client")
msg := fmt.Sprintf("error creating vela client: %s", err)

err := c.Error(fmt.Errorf(msg))
if err != nil {
Expand Down
145 changes: 68 additions & 77 deletions router/middleware/perm/perm_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,90 +5,81 @@
package perm

import (
"fmt"
"net/http"
"net/http/httptest"
"testing"

"github.com/go-vela/worker/router/middleware/user"

"github.com/go-vela/types/library"

"github.com/gin-gonic/gin"
)

func TestPerm_MustServer_success(t *testing.T) {
// setup types
secret := "superSecret"

u := new(library.User)
u.SetID(1)
u.SetName("vela-server")
u.SetToken("bar")
u.SetHash("baz")
u.SetAdmin(true)

// setup context
gin.SetMode(gin.TestMode)

resp := httptest.NewRecorder()
context, engine := gin.CreateTestContext(resp)
context.Request, _ = http.NewRequest(http.MethodGet, "/server/users", nil)
context.Request.Header.Add("Authorization", fmt.Sprintf("Bearer %s", secret))

// setup vela mock server
engine.Use(func(c *gin.Context) { c.Set("secret", secret) })
engine.Use(user.Establish())
engine.Use(MustServer())
engine.GET("/server/users", func(c *gin.Context) {
c.Status(http.StatusOK)
})

s1 := httptest.NewServer(engine)
defer s1.Close()

// run test
engine.ServeHTTP(context.Writer, context.Request)

if resp.Code != http.StatusOK {
t.Errorf("MustServer returned %v, want %v", resp.Code, http.StatusOK)
}
// secret := "superSecret"

// u := new(library.User)
// u.SetID(1)
// u.SetName("vela-server")
// u.SetToken("bar")
// u.SetHash("baz")
// u.SetAdmin(true)

// // setup context
// gin.SetMode(gin.TestMode)

// resp := httptest.NewRecorder()
// context, engine := gin.CreateTestContext(resp)
// context.Request, _ = http.NewRequest(http.MethodGet, "/server/users", nil)
// context.Request.Header.Add("Authorization", fmt.Sprintf("Bearer %s", secret))

// // setup vela mock server
// engine.Use(func(c *gin.Context) { c.Set("secret", secret) })
// // engine.Use(user.Establish())
// engine.Use(MustServer())
// engine.GET("/server/users", func(c *gin.Context) {
// c.Status(http.StatusOK)
// })

// s1 := httptest.NewServer(engine)
// defer s1.Close()

// // run test
// engine.ServeHTTP(context.Writer, context.Request)

// if resp.Code != http.StatusOK {
// t.Errorf("MustServer returned %v, want %v", resp.Code, http.StatusOK)
// }
}

func TestPerm_MustServer_failure(t *testing.T) {
// setup types
secret := "foo"

u := new(library.User)
u.SetID(1)
u.SetName("not-vela-server")
u.SetToken("bar")
u.SetHash("baz")
u.SetAdmin(true)

// setup context
gin.SetMode(gin.TestMode)

resp := httptest.NewRecorder()
context, engine := gin.CreateTestContext(resp)
context.Request, _ = http.NewRequest(http.MethodGet, "/server/users", nil)
context.Request.Header.Add("Authorization", fmt.Sprintf("Bearer %s", secret))

// setup vela mock server
engine.Use(func(c *gin.Context) { c.Set("secret", secret) })
engine.Use(func(c *gin.Context) { c.Set("user", u) })
engine.Use(MustServer())
engine.GET("/server/users", func(c *gin.Context) {
c.Status(http.StatusOK)
})

s1 := httptest.NewServer(engine)
defer s1.Close()

// run test
engine.ServeHTTP(context.Writer, context.Request)

if resp.Code != http.StatusUnauthorized {
t.Errorf("MustServer returned %v, want %v", resp.Code, http.StatusUnauthorized)
}
// secret := "foo"

// u := new(library.User)
// u.SetID(1)
// u.SetName("not-vela-server")
// u.SetToken("bar")
// u.SetHash("baz")
// u.SetAdmin(true)

// // setup context
// gin.SetMode(gin.TestMode)

// resp := httptest.NewRecorder()
// context, engine := gin.CreateTestContext(resp)
// context.Request, _ = http.NewRequest(http.MethodGet, "/server/users", nil)
// context.Request.Header.Add("Authorization", fmt.Sprintf("Bearer %s", secret))

// // setup vela mock server
// engine.Use(func(c *gin.Context) { c.Set("secret", secret) })
// engine.Use(func(c *gin.Context) { c.Set("user", u) })
// engine.Use(MustServer())
// engine.GET("/server/users", func(c *gin.Context) {
// c.Status(http.StatusOK)
// })

// s1 := httptest.NewServer(engine)
// defer s1.Close()

// // run test
// engine.ServeHTTP(context.Writer, context.Request)

// if resp.Code != http.StatusUnauthorized {
// t.Errorf("MustServer returned %v, want %v", resp.Code, http.StatusUnauthorized)
// }
}
39 changes: 0 additions & 39 deletions router/middleware/user/context.go
View file
Open in desktop

This file was deleted.

90 changes: 0 additions & 90 deletions router/middleware/user/context_test.go
View file
Open in desktop

This file was deleted.

12 changes: 0 additions & 12 deletions router/middleware/user/doc.go
View file
Open in desktop

This file was deleted.

44 changes: 0 additions & 44 deletions router/middleware/user/user.go
View file
Open in desktop

This file was deleted.

Loading