Merge branch 'master' into proto-files

# Conflicts:
#	go.mod
#	go.sum
#	pkg/admin/admin.go
#	pkg/admin/api/config.go
#	pkg/auth/api/config.go
#	pkg/auth/auth.go
#	pkg/management/api/config.go
#	pkg/management/management.go
This commit is contained in:
Fabiennne 2020-03-30 17:43:59 +02:00
commit 85aa907d12
43 changed files with 771 additions and 315 deletions

View File

@ -1,9 +1,12 @@
![ZITADEL](./raw/img/zitadel-logo-oneline-lightdesign@2x.png)
# Zitadel # Zitadel
[![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg)](https://github.com/semantic-release/semantic-release) [![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg)](https://github.com/semantic-release/semantic-release)
![Release Badge](https://github.com/caos/zitadel/workflows/Test,%20Build,%20Release/badge.svg) ![Release Badge](https://github.com/caos/zitadel/workflows/Test,%20Build,%20Release/badge.svg)
[![GitHub license](https://img.shields.io/github/license/caos/zitadel)](https://github.com/caos/zitadel/blob/master/LICENSE) [![GitHub license](https://img.shields.io/github/license/caos/zitadel)](https://github.com/caos/zitadel/blob/master/LICENSE)
[![GitHub release](https://img.shields.io/github/release/caos/zitadel)](https://gitHub.com/caos/zitadel/releases/) [![GitHub release](https://img.shields.io/github/release/caos/zitadel)](https://gitHub.com/caos/zitadel/releases/)
[![Go Report Card](https://goreportcard.com/badge/github.com/caos/zitadel)](https://goreportcard.com/report/github.com/caos/zitadel)
> This project is in alpha state. The API will continue breaking until version 1.0.0 is released > This project is in alpha state. The API will continue breaking until version 1.0.0 is released

View File

@ -8,6 +8,7 @@ import (
authz "github.com/caos/zitadel/internal/api/auth" authz "github.com/caos/zitadel/internal/api/auth"
"github.com/caos/zitadel/internal/config" "github.com/caos/zitadel/internal/config"
tracing "github.com/caos/zitadel/internal/tracing/config"
"github.com/caos/zitadel/pkg/admin" "github.com/caos/zitadel/pkg/admin"
"github.com/caos/zitadel/pkg/auth" "github.com/caos/zitadel/pkg/auth"
"github.com/caos/zitadel/pkg/console" "github.com/caos/zitadel/pkg/console"
@ -16,15 +17,15 @@ import (
) )
type Config struct { type Config struct {
Mgmt *management.Config Mgmt management.Config
Auth *auth.Config Auth auth.Config
Login *login.Config Login login.Config
Admin *admin.Config Admin admin.Config
Console *console.Config Console console.Config
//Log //TODO: add Log logging.Config
//Tracing tracing.TracingConfig //TODO: add Tracing tracing.TracingConfig
AuthZ *authz.Config AuthZ authz.Config
} }
func main() { func main() {

View File

@ -7,35 +7,36 @@ Tracing:
Log: Log:
Level: debug Level: debug
Formatter: text Formatter:
Format: text
Mgmt: Mgmt:
API: API:
GRPC: GRPC:
ServerPort: 60020 ServerPort: 50010
GatewayPort: 60021 GatewayPort: 50011
CustomHeaders: CustomHeaders:
- x-caos- - x-caos-
Auth: Auth:
API: API:
GRPC: GRPC:
ServerPort: 60050 ServerPort: 50020
GatewayPort: 60051 GatewayPort: 50021
CustomHeaders: CustomHeaders:
- x-caos- - x-caos-
Login: Login:
# will get port range 5003x
Admin: Admin:
API: API:
GRPC: GRPC:
ServerPort: 60090 ServerPort: 50040
GatewayPort: 60091 GatewayPort: 50041
CustomHeaders: CustomHeaders:
- x-caos- - x-caos-
Console: Console:
Port: '9090' Port: 50050
StaticDir: '/app/console/dist' StaticDir: /app/console/dist

7
go.mod
View File

@ -10,8 +10,7 @@ require (
github.com/Masterminds/semver v1.5.0 // indirect github.com/Masterminds/semver v1.5.0 // indirect
github.com/Masterminds/sprig v2.22.0+incompatible github.com/Masterminds/sprig v2.22.0+incompatible
github.com/aws/aws-sdk-go v1.29.16 // indirect github.com/aws/aws-sdk-go v1.29.16 // indirect
github.com/caos/logging v0.0.0-20191210002624-b3260f690a6a github.com/caos/logging v0.0.1
github.com/envoyproxy/protoc-gen-validate v0.1.0
github.com/ghodss/yaml v1.0.0 github.com/ghodss/yaml v1.0.0
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b
github.com/golang/mock v1.4.3 github.com/golang/mock v1.4.3
@ -31,11 +30,11 @@ require (
go.opencensus.io v0.22.3 go.opencensus.io v0.22.3
golang.org/x/crypto v0.0.0-20200320181102-891825fb96df golang.org/x/crypto v0.0.0-20200320181102-891825fb96df
golang.org/x/net v0.0.0-20200320220750-118fecf932d8 // indirect golang.org/x/net v0.0.0-20200320220750-118fecf932d8 // indirect
golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd // indirect golang.org/x/sys v0.0.0-20200327173247-9dae0f8f5775 // indirect
golang.org/x/text v0.3.2 golang.org/x/text v0.3.2
golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56 golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56
google.golang.org/api v0.20.0 // indirect google.golang.org/api v0.20.0 // indirect
google.golang.org/genproto v0.0.0-20200319113533-08878b785e9c google.golang.org/genproto v0.0.0-20200319113533-08878b785e9c // indirect
google.golang.org/grpc v1.28.0 google.golang.org/grpc v1.28.0
gopkg.in/yaml.v2 v2.2.8 // indirect gopkg.in/yaml.v2 v2.2.8 // indirect
) )

11
go.sum
View File

@ -32,8 +32,8 @@ github.com/antihax/optional v0.0.0-20180407024304-ca021399b1a6/go.mod h1:V8iCPQY
github.com/aws/aws-sdk-go v1.23.20/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= github.com/aws/aws-sdk-go v1.23.20/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
github.com/aws/aws-sdk-go v1.29.16 h1:Gbtod7Y4W/Ai7wPtesdvgGVTkFN8JxAaGouRLlcQfQs= github.com/aws/aws-sdk-go v1.29.16 h1:Gbtod7Y4W/Ai7wPtesdvgGVTkFN8JxAaGouRLlcQfQs=
github.com/aws/aws-sdk-go v1.29.16/go.mod h1:1KvfttTE3SPKMpo8g2c6jL3ZKfXtFvKscTgahTma5Xg= github.com/aws/aws-sdk-go v1.29.16/go.mod h1:1KvfttTE3SPKMpo8g2c6jL3ZKfXtFvKscTgahTma5Xg=
github.com/caos/logging v0.0.0-20191210002624-b3260f690a6a h1:HOU/3xL/afsZ+2aCstfJlrzRkwYMTFR1TIEgps5ny8s= github.com/caos/logging v0.0.1 h1:YSGtO2/+5OWdwilBCou50akoDHAT/OhkbrolkVlR6U0=
github.com/caos/logging v0.0.0-20191210002624-b3260f690a6a/go.mod h1:9LKiDE2ChuGv6CHYif/kiugrfEXu9AwDiFWSreX7Wp0= github.com/caos/logging v0.0.1/go.mod h1:9LKiDE2ChuGv6CHYif/kiugrfEXu9AwDiFWSreX7Wp0=
github.com/census-instrumentation/opencensus-proto v0.2.1 h1:glEXhBS5PSLLv4IXzLA5yPRVX4bilULVyxxbrfOtDAk= github.com/census-instrumentation/opencensus-proto v0.2.1 h1:glEXhBS5PSLLv4IXzLA5yPRVX4bilULVyxxbrfOtDAk=
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
@ -47,7 +47,6 @@ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs
github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
github.com/envoyproxy/protoc-gen-validate v0.1.0 h1:EQciDnbrYxy13PgWoY8AqoxGiPrpgBZ1R8UNe3ddc+A=
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk=
github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
@ -237,10 +236,8 @@ golang.org/x/sys v0.0.0-20191206220618-eeba5f6aabab h1:FvshnhkKW+LO3HWHodML8kuVX
golang.org/x/sys v0.0.0-20191206220618-eeba5f6aabab/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191206220618-eeba5f6aabab/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200321134203-328b4cd54aae h1:3tcmuaB7wwSZtelmiv479UjUB+vviwABz7a133ZwOKQ= golang.org/x/sys v0.0.0-20200327173247-9dae0f8f5775 h1:TC0v2RSO1u2kn1ZugjrFXkRZAEaqMN/RW+OTZkBzmLE=
golang.org/x/sys v0.0.0-20200321134203-328b4cd54aae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200327173247-9dae0f8f5775/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd h1:xhmwyvizuTgC2qz7ZlMluP20uW+C3Rm0FD/WLDX8884=
golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=

View File

@ -210,7 +210,6 @@ func Test_GetFieldFromReq(t *testing.T) {
} }
func Test_HasGlobalPermission(t *testing.T) { func Test_HasGlobalPermission(t *testing.T) {
type args struct { type args struct {
perms []string perms []string
} }
@ -245,7 +244,6 @@ func Test_HasGlobalPermission(t *testing.T) {
} }
func Test_GetPermissionCtxIDs(t *testing.T) { func Test_GetPermissionCtxIDs(t *testing.T) {
type args struct { type args struct {
perms []string perms []string
} }
@ -272,7 +270,7 @@ func Test_GetPermissionCtxIDs(t *testing.T) {
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
result := GetPermissionCtxIDs(tt.args.perms) result := GetPermissionCtxIDs(tt.args.perms)
if !EqualStringArray(result, tt.result) { if !equalStringArray(result, tt.result) {
t.Errorf("got wrong result, expecting: %v, actual: %v ", tt.result, result) t.Errorf("got wrong result, expecting: %v, actual: %v ", tt.result, result)
} }
}) })

View File

@ -2,13 +2,16 @@ package auth
import ( import (
"context" "context"
"time"
"github.com/caos/logging" "github.com/caos/logging"
) )
type CtxKeyPermissions struct{} type key int
type CtxKeyData struct{}
var (
permissionsKey key
dataKey key
)
type CtxData struct { type CtxData struct {
UserID string UserID string
@ -43,24 +46,15 @@ func VerifyTokenAndWriteCtxData(ctx context.Context, token, orgID string, t Toke
projectID, err := t.GetProjectIDByClientID(ctx, clientID) projectID, err := t.GetProjectIDByClientID(ctx, clientID)
logging.LogWithFields("AUTH-GfAoV", "clientID", clientID).OnError(err).Warn("could not read projectid by clientid") logging.LogWithFields("AUTH-GfAoV", "clientID", clientID).OnError(err).Warn("could not read projectid by clientid")
return context.WithValue(ctx, CtxKeyData{}, &CtxData{UserID: userID, OrgID: orgID, ProjectID: projectID, AgentID: agentID}), nil return context.WithValue(ctx, dataKey, CtxData{UserID: userID, OrgID: orgID, ProjectID: projectID, AgentID: agentID}), nil
} }
func GetCtxData(ctx context.Context) CtxData { func GetCtxData(ctx context.Context) CtxData {
if data := ctx.Value(CtxKeyData{}); data != nil { ctxData, _ := ctx.Value(dataKey).(CtxData)
ctxData, ok := data.(*CtxData) return ctxData
if ok {
return *ctxData
}
time.Now()
}
return CtxData{}
} }
func GetPermissionsFromCtx(ctx context.Context) []string { func GetPermissionsFromCtx(ctx context.Context) []string {
if data := ctx.Value(CtxKeyPermissions{}); data != nil { ctxPermission, _ := ctx.Value(permissionsKey).([]string)
ctxPermission, _ := data.([]string) return ctxPermission
return ctxPermission
}
return nil
} }

View File

@ -16,7 +16,7 @@ func getUserMethodPermissions(ctx context.Context, t TokenVerifier, requiredPerm
return nil, nil, err return nil, nil, err
} }
permissions := mapGrantsToPermissions(requiredPerm, grants, authConfig) permissions := mapGrantsToPermissions(requiredPerm, grants, authConfig)
return context.WithValue(ctx, CtxKeyPermissions{}, permissions), permissions, nil return context.WithValue(ctx, permissionsKey, permissions), permissions, nil
} }
func mapGrantsToPermissions(requiredPerm string, grants []*Grant, authConfig *Config) []string { func mapGrantsToPermissions(requiredPerm string, grants []*Grant, authConfig *Config) []string {

View File

@ -8,7 +8,7 @@ import (
) )
func getTestCtx(userID, orgID string) context.Context { func getTestCtx(userID, orgID string) context.Context {
return context.WithValue(context.Background(), CtxKeyData{}, &CtxData{UserID: userID, OrgID: orgID}) return context.WithValue(context.Background(), dataKey, CtxData{UserID: userID, OrgID: orgID})
} }
type testVerifier struct { type testVerifier struct {
@ -27,7 +27,7 @@ func (v *testVerifier) GetProjectIDByClientID(ctx context.Context, clientID stri
return "", nil return "", nil
} }
func EqualStringArray(a, b []string) bool { func equalStringArray(a, b []string) bool {
if len(a) != len(b) { if len(a) != len(b) {
return false return false
} }
@ -74,10 +74,8 @@ func Test_GetUserMethodPermissions(t *testing.T) {
}, },
}, },
wantErr: true, wantErr: true,
errFunc: func(err error) bool { errFunc: caos_errs.IsUnauthenticated,
return caos_errs.IsUnauthenticated(err) result: []string{"project.read"},
},
result: []string{"project.read"},
}, },
{ {
name: "No Grants", name: "No Grants",
@ -135,7 +133,7 @@ func Test_GetUserMethodPermissions(t *testing.T) {
t.Errorf("got wrong err: %v ", err) t.Errorf("got wrong err: %v ", err)
} }
if !tt.wantErr && !EqualStringArray(perms, tt.result) { if !tt.wantErr && !equalStringArray(perms, tt.result) {
t.Errorf("got wrong result, expecting: %v, actual: %v ", tt.result, perms) t.Errorf("got wrong result, expecting: %v, actual: %v ", tt.result, perms)
} }
}) })
@ -241,7 +239,7 @@ func Test_MapGrantsToPermissions(t *testing.T) {
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
result := mapGrantsToPermissions(tt.args.requiredPerm, tt.args.grants, tt.args.authConfig) result := mapGrantsToPermissions(tt.args.requiredPerm, tt.args.grants, tt.args.authConfig)
if !EqualStringArray(result, tt.result) { if !equalStringArray(result, tt.result) {
t.Errorf("got wrong result, expecting: %v, actual: %v ", tt.result, result) t.Errorf("got wrong result, expecting: %v, actual: %v ", tt.result, result)
} }
}) })
@ -348,7 +346,7 @@ func Test_MapRoleToPerm(t *testing.T) {
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
result := mapRoleToPerm(tt.args.requiredPerm, tt.args.actualRole, tt.args.authConfig, tt.args.resolvedPermissions) result := mapRoleToPerm(tt.args.requiredPerm, tt.args.actualRole, tt.args.authConfig, tt.args.resolvedPermissions)
if !EqualStringArray(result, tt.result) { if !equalStringArray(result, tt.result) {
t.Errorf("got wrong result, expecting: %v, actual: %v ", tt.result, result) t.Errorf("got wrong result, expecting: %v, actual: %v ", tt.result, result)
} }
}) })
@ -393,7 +391,6 @@ func Test_AddRoleContextIDToPerm(t *testing.T) {
} }
func Test_ExistisPerm(t *testing.T) { func Test_ExistisPerm(t *testing.T) {
type args struct { type args struct {
existing []string existing []string
perm string perm string

View File

@ -11,14 +11,14 @@ func CaosToGRPCError(err error) error {
if err == nil { if err == nil {
return nil return nil
} }
code, msg, ok := extract(err) code, msg, ok := Extract(err)
if !ok { if !ok {
return status.Convert(err).Err() return status.Convert(err).Err()
} }
return status.Error(code, msg) return status.Error(code, msg)
} }
func extract(err error) (c codes.Code, msg string, ok bool) { func Extract(err error) (c codes.Code, msg string, ok bool) {
switch caosErr := err.(type) { switch caosErr := err.(type) {
case *caos_errs.AlreadyExistsError: case *caos_errs.AlreadyExistsError:
return codes.AlreadyExists, caosErr.GetMessage(), true return codes.AlreadyExists, caosErr.GetMessage(), true

View File

@ -6,14 +6,14 @@ type Config struct {
CustomHeaders []string CustomHeaders []string
} }
func (c *Config) ToServerConfig() *ServerConfig { func (c Config) ToServerConfig() ServerConfig {
return &ServerConfig{ return ServerConfig{
Port: c.ServerPort, Port: c.ServerPort,
} }
} }
func (c *Config) ToGatewayConfig() *GatewayConfig { func (c Config) ToGatewayConfig() GatewayConfig {
return &GatewayConfig{ return GatewayConfig{
Port: c.GatewayPort, Port: c.GatewayPort,
GRPCEndpoint: c.ServerPort, GRPCEndpoint: c.ServerPort,
CustomHeaders: c.CustomHeaders, CustomHeaders: c.CustomHeaders,

View File

@ -98,12 +98,12 @@ func (t *Translator) localizer(langs ...string) *i18n.Localizer {
func (t *Translator) langsFromRequest(r *http.Request) []string { func (t *Translator) langsFromRequest(r *http.Request) []string {
langs := make([]string, 0) langs := make([]string, 0)
if r != nil { if r == nil {
lang, err := t.cookieHandler.GetCookieValue(r, t.cookieName) return langs
if err == nil {
langs = append(langs, lang)
}
langs = append(langs, r.Header.Get(api.AcceptLanguage))
} }
return langs lang, err := t.cookieHandler.GetCookieValue(r, t.cookieName)
if err == nil {
langs = append(langs, lang)
}
return append(langs, r.Header.Get(api.AcceptLanguage))
} }

View File

@ -31,9 +31,8 @@ func NewRenderer(templatesDir string, tmplMapping map[string]string, funcs map[s
func (r *Renderer) RenderTemplate(w http.ResponseWriter, req *http.Request, tmpl *template.Template, data interface{}, reqFuncs map[string]interface{}) { func (r *Renderer) RenderTemplate(w http.ResponseWriter, req *http.Request, tmpl *template.Template, data interface{}, reqFuncs map[string]interface{}) {
reqFuncs = r.registerTranslateFn(req, reqFuncs) reqFuncs = r.registerTranslateFn(req, reqFuncs)
if err := tmpl.Funcs(reqFuncs).Execute(w, data); err != nil { err := tmpl.Funcs(reqFuncs).Execute(w, data)
logging.Log("HTML-lF8F6w").WithError(err).WithField("template", tmpl.Name).Error("error rendering template") logging.LogWithFields("HTML-lF8F6w", "template", tmpl.Name).OnError(err).Error("error rendering template")
}
} }
func (r *Renderer) Localize(id string, args map[string]interface{}) string { func (r *Renderer) Localize(id string, args map[string]interface{}) string {

View File

@ -85,10 +85,7 @@ func (c *CookieHandler) GetEncryptedCookieValue(r *http.Request, name string, va
if c.securecookie == nil { if c.securecookie == nil {
return errors.ThrowInternal(nil, "HTTP-X6XpnL", "securecookie not configured") return errors.ThrowInternal(nil, "HTTP-X6XpnL", "securecookie not configured")
} }
if err := c.securecookie.Decode(name, cookie.Value, value); err != nil { return c.securecookie.Decode(name, cookie.Value, value)
return err
}
return nil
} }
func (c *CookieHandler) SetCookie(w http.ResponseWriter, name string, value string) { func (c *CookieHandler) SetCookie(w http.ResponseWriter, name string, value string) {

View File

@ -18,7 +18,6 @@ var (
api.AcceptLanguage, api.AcceptLanguage,
api.Authorization, api.Authorization,
api.ZitadelOrgID, api.ZitadelOrgID,
"x-grpc-web", //TODO: needed
}, },
AllowedMethods: []string{ AllowedMethods: []string{
http.MethodOptions, http.MethodOptions,

View File

@ -1,7 +1,14 @@
package config package config
import "strings" import (
"flag"
"strings"
)
var _ flag.Value = (*ArrayFlags)(nil)
//ArrayFlags implements the flag/Value interface
//allowing to set multiple string flags with the same name
type ArrayFlags []string type ArrayFlags []string
func (i *ArrayFlags) String() string { func (i *ArrayFlags) String() string {

View File

@ -17,6 +17,11 @@ type validatable struct {
Test bool Test bool
} }
type multiple struct {
Test bool
MoreData string
}
func (v *validatable) Validate() error { func (v *validatable) Validate() error {
if v.Test { if v.Test {
return nil return nil
@ -33,22 +38,25 @@ func TestRead(t *testing.T) {
name string name string
args args args args
wantErr bool wantErr bool
want interface{}
}{ }{
{ {
"not supoorted config file error", "not supoorted config file error",
args{ args{
configFiles: []string{"notsupported.unknown"}, configFiles: []string{"notsupported.unknown"},
obj: nil, obj: &test{},
}, },
true, true,
&test{},
}, },
{ {
"non existing config file error", "non existing config file error",
args{ args{
configFiles: []string{"nonexisting.yaml"}, configFiles: []string{"nonexisting.yaml"},
obj: nil, obj: &test{},
}, },
true, true,
&test{},
}, },
{ {
"non parsable config file error", "non parsable config file error",
@ -57,6 +65,7 @@ func TestRead(t *testing.T) {
obj: &test{}, obj: &test{},
}, },
true, true,
&test{},
}, },
{ {
"invalid parsable config file error", "invalid parsable config file error",
@ -65,6 +74,16 @@ func TestRead(t *testing.T) {
obj: &validatable{}, obj: &validatable{},
}, },
true, true,
&validatable{},
},
{
"multiple files, one non parsable error ",
args{
configFiles: []string{"./testdata/non_parsable.json", "./testdata/more_data.yaml"},
obj: &multiple{},
},
true,
&multiple{},
}, },
{ {
"parsable config file ok", "parsable config file ok",
@ -73,6 +92,16 @@ func TestRead(t *testing.T) {
obj: &test{}, obj: &test{},
}, },
false, false,
&test{Test: true},
},
{
"multiple parsable config files ok",
args{
configFiles: []string{"./testdata/valid.json", "./testdata/more_data.yaml"},
obj: &multiple{},
},
false,
&multiple{Test: true, MoreData: "data"},
}, },
{ {
"valid parsable config file ok", "valid parsable config file ok",
@ -81,6 +110,7 @@ func TestRead(t *testing.T) {
obj: &validatable{}, obj: &validatable{},
}, },
false, false,
&validatable{Test: true},
}, },
} }
for _, tt := range tests { for _, tt := range tests {
@ -88,6 +118,9 @@ func TestRead(t *testing.T) {
if err := Read(tt.args.obj, tt.args.configFiles...); (err != nil) != tt.wantErr { if err := Read(tt.args.obj, tt.args.configFiles...); (err != nil) != tt.wantErr {
t.Errorf("Read() error = %v, wantErr %v", err, tt.wantErr) t.Errorf("Read() error = %v, wantErr %v", err, tt.wantErr)
} }
if !reflect.DeepEqual(tt.args.obj, tt.want) {
t.Errorf("Read() got = %v, want = %v", tt.args.obj, tt.want)
}
}) })
} }
} }

View File

@ -0,0 +1 @@
MoreData: data

View File

@ -10,7 +10,7 @@ import (
"github.com/caos/zitadel/internal/errors" "github.com/caos/zitadel/internal/errors"
) )
var _ EncryptionAlg = (*AESCrypto)(nil) var _ EncryptionAlgorithm = (*AESCrypto)(nil)
type AESCrypto struct { type AESCrypto struct {
keys map[string]string keys map[string]string

View File

@ -6,6 +6,7 @@ import (
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
) )
//TODO: refactor test style
func TestDecrypt_OK(t *testing.T) { func TestDecrypt_OK(t *testing.T) {
encryptedpw, err := EncryptAESString("ThisIsMySecretPw", "passphrasewhichneedstobe32bytes!") encryptedpw, err := EncryptAESString("ThisIsMySecretPw", "passphrasewhichneedstobe32bytes!")
assert.NoError(t, err) assert.NoError(t, err)

View File

@ -4,7 +4,7 @@ import (
"golang.org/x/crypto/bcrypt" "golang.org/x/crypto/bcrypt"
) )
var _ HashAlg = (*BCrypt)(nil) var _ HashAlgorithm = (*BCrypt)(nil)
type BCrypt struct { type BCrypt struct {
cost int cost int

View File

@ -24,7 +24,7 @@ type Generator interface {
type EncryptionGenerator struct { type EncryptionGenerator struct {
length uint length uint
expiry time.Duration expiry time.Duration
alg EncryptionAlg alg EncryptionAlgorithm
runes []rune runes []rune
} }
@ -44,7 +44,7 @@ func (g *EncryptionGenerator) Runes() []rune {
return g.runes return g.runes
} }
func NewEncryptionGenerator(length uint, expiry time.Duration, alg EncryptionAlg, runes []rune) *EncryptionGenerator { func NewEncryptionGenerator(length uint, expiry time.Duration, alg EncryptionAlgorithm, runes []rune) *EncryptionGenerator {
return &EncryptionGenerator{ return &EncryptionGenerator{
length: length, length: length,
expiry: expiry, expiry: expiry,
@ -56,7 +56,7 @@ func NewEncryptionGenerator(length uint, expiry time.Duration, alg EncryptionAlg
type HashGenerator struct { type HashGenerator struct {
length uint length uint
expiry time.Duration expiry time.Duration
alg HashAlg alg HashAlgorithm
runes []rune runes []rune
} }
@ -76,7 +76,7 @@ func (g *HashGenerator) Runes() []rune {
return g.runes return g.runes
} }
func NewHashGenerator(length uint, expiry time.Duration, alg HashAlg, runes []rune) *HashGenerator { func NewHashGenerator(length uint, expiry time.Duration, alg HashAlgorithm, runes []rune) *HashGenerator {
return &HashGenerator{ return &HashGenerator{
length: length, length: length,
expiry: expiry, expiry: expiry,
@ -106,9 +106,9 @@ func VerifyCode(creationDate time.Time, expiry time.Duration, cryptoCode *Crypto
return errors.ThrowPreconditionFailed(nil, "CODE-QvUQ4P", "verification code is expired") return errors.ThrowPreconditionFailed(nil, "CODE-QvUQ4P", "verification code is expired")
} }
switch alg := g.Alg().(type) { switch alg := g.Alg().(type) {
case EncryptionAlg: case EncryptionAlgorithm:
return verifyEncryptedCode(cryptoCode, verificationCode, alg) return verifyEncryptedCode(cryptoCode, verificationCode, alg)
case HashAlg: case HashAlgorithm:
return verifyHashedCode(cryptoCode, verificationCode, alg) return verifyHashedCode(cryptoCode, verificationCode, alg)
} }
return errors.ThrowInvalidArgument(nil, "CODE-fW2gNa", "generator alg is not supported") return errors.ThrowInvalidArgument(nil, "CODE-fW2gNa", "generator alg is not supported")
@ -136,7 +136,10 @@ func generateRandomString(length uint, chars []rune) (string, error) {
return "", nil return "", nil
} }
func verifyEncryptedCode(cryptoCode *CryptoValue, verificationCode string, alg EncryptionAlg) error { func verifyEncryptedCode(cryptoCode *CryptoValue, verificationCode string, alg EncryptionAlgorithm) error {
if cryptoCode == nil {
return errors.ThrowInvalidArgument(nil, "CRYPT-aqrFV", "cryptoCode must not be nil")
}
code, err := DecryptString(cryptoCode, alg) code, err := DecryptString(cryptoCode, alg)
if err != nil { if err != nil {
return err return err
@ -148,6 +151,9 @@ func verifyEncryptedCode(cryptoCode *CryptoValue, verificationCode string, alg E
return nil return nil
} }
func verifyHashedCode(cryptoCode *CryptoValue, verificationCode string, alg HashAlg) error { func verifyHashedCode(cryptoCode *CryptoValue, verificationCode string, alg HashAlgorithm) error {
if cryptoCode == nil {
return errors.ThrowInvalidArgument(nil, "CRYPT-2q3r", "cryptoCode must not be nil")
}
return CompareHash(cryptoCode, []byte(verificationCode), alg) return CompareHash(cryptoCode, []byte(verificationCode), alg)
} }

View File

@ -0,0 +1,90 @@
// Code generated by MockGen. DO NOT EDIT.
// Source: code.go
// Package crypto is a generated GoMock package.
package crypto
import (
gomock "github.com/golang/mock/gomock"
reflect "reflect"
time "time"
)
// MockGenerator is a mock of Generator interface
type MockGenerator struct {
ctrl *gomock.Controller
recorder *MockGeneratorMockRecorder
}
// MockGeneratorMockRecorder is the mock recorder for MockGenerator
type MockGeneratorMockRecorder struct {
mock *MockGenerator
}
// NewMockGenerator creates a new mock instance
func NewMockGenerator(ctrl *gomock.Controller) *MockGenerator {
mock := &MockGenerator{ctrl: ctrl}
mock.recorder = &MockGeneratorMockRecorder{mock}
return mock
}
// EXPECT returns an object that allows the caller to indicate expected use
func (m *MockGenerator) EXPECT() *MockGeneratorMockRecorder {
return m.recorder
}
// Length mocks base method
func (m *MockGenerator) Length() uint {
m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "Length")
ret0, _ := ret[0].(uint)
return ret0
}
// Length indicates an expected call of Length
func (mr *MockGeneratorMockRecorder) Length() *gomock.Call {
mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Length", reflect.TypeOf((*MockGenerator)(nil).Length))
}
// Expiry mocks base method
func (m *MockGenerator) Expiry() time.Duration {
m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "Expiry")
ret0, _ := ret[0].(time.Duration)
return ret0
}
// Expiry indicates an expected call of Expiry
func (mr *MockGeneratorMockRecorder) Expiry() *gomock.Call {
mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Expiry", reflect.TypeOf((*MockGenerator)(nil).Expiry))
}
// Alg mocks base method
func (m *MockGenerator) Alg() Crypto {
m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "Alg")
ret0, _ := ret[0].(Crypto)
return ret0
}
// Alg indicates an expected call of Alg
func (mr *MockGeneratorMockRecorder) Alg() *gomock.Call {
mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Alg", reflect.TypeOf((*MockGenerator)(nil).Alg))
}
// Runes mocks base method
func (m *MockGenerator) Runes() []rune {
m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "Runes")
ret0, _ := ret[0].([]rune)
return ret0
}
// Runes indicates an expected call of Runes
func (mr *MockGeneratorMockRecorder) Runes() *gomock.Call {
mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Runes", reflect.TypeOf((*MockGenerator)(nil).Runes))
}

View File

@ -5,11 +5,12 @@ import (
"time" "time"
"github.com/golang/mock/gomock" "github.com/golang/mock/gomock"
"github.com/stretchr/testify/assert"
"github.com/caos/zitadel/internal/errors"
) )
func Test_Encrypted_OK(t *testing.T) { func createMockEncryptionAlg(t *testing.T) EncryptionAlgorithm {
mCrypto := NewMockEncryptionAlg(gomock.NewController(t)) mCrypto := NewMockEncryptionAlgorithm(gomock.NewController(t))
mCrypto.EXPECT().Algorithm().AnyTimes().Return("enc") mCrypto.EXPECT().Algorithm().AnyTimes().Return("enc")
mCrypto.EXPECT().EncryptionKeyID().AnyTimes().Return("id") mCrypto.EXPECT().EncryptionKeyID().AnyTimes().Return("id")
mCrypto.EXPECT().DecryptionKeyIDs().AnyTimes().Return([]string{"id"}) mCrypto.EXPECT().DecryptionKeyIDs().AnyTimes().Return([]string{"id"})
@ -19,74 +20,333 @@ func Test_Encrypted_OK(t *testing.T) {
}, },
) )
mCrypto.EXPECT().DecryptString(gomock.Any(), gomock.Any()).DoAndReturn( mCrypto.EXPECT().DecryptString(gomock.Any(), gomock.Any()).DoAndReturn(
func(code []byte, _ string) (string, error) { func(code []byte, keyID string) (string, error) {
if keyID != "id" {
return "", errors.ThrowInternal(nil, "id", "invalid key id")
}
return string(code), nil return string(code), nil
}, },
) )
generator := NewEncryptionGenerator(6, 0, mCrypto, Digits) return mCrypto
crypto, code, err := NewCode(generator)
assert.NoError(t, err)
decrypted, err := DecryptString(crypto, generator.alg)
assert.NoError(t, err)
assert.Equal(t, code, decrypted)
assert.Equal(t, 6, len(decrypted))
} }
func Test_Verify_Encrypted_OK(t *testing.T) { func createMockHashAlg(t *testing.T) HashAlgorithm {
mCrypto := NewMockEncryptionAlg(gomock.NewController(t)) mCrypto := NewMockHashAlgorithm(gomock.NewController(t))
mCrypto.EXPECT().Algorithm().AnyTimes().Return("enc") mCrypto.EXPECT().Algorithm().AnyTimes().Return("hash")
mCrypto.EXPECT().EncryptionKeyID().AnyTimes().Return("id") mCrypto.EXPECT().Hash(gomock.Any()).DoAndReturn(
mCrypto.EXPECT().DecryptionKeyIDs().AnyTimes().Return([]string{"id"}) func(code []byte) ([]byte, error) {
mCrypto.EXPECT().DecryptString(gomock.Any(), gomock.Any()).DoAndReturn( return code, nil
func(code []byte, _ string) (string, error) {
return string(code), nil
}, },
) )
creationDate := time.Now() mCrypto.EXPECT().CompareHash(gomock.Any(), gomock.Any()).DoAndReturn(
code := &CryptoValue{ func(hashed, comparer []byte) error {
CryptoType: TypeEncryption, if string(hashed) != string(comparer) {
Algorithm: "enc", return errors.ThrowInternal(nil, "id", "invalid")
KeyID: "id", }
Crypted: []byte("code"), return nil
},
)
return mCrypto
}
func createMockCrypto(t *testing.T) Crypto {
mCrypto := NewMockCrypto(gomock.NewController(t))
mCrypto.EXPECT().Algorithm().AnyTimes().Return("crypto")
return mCrypto
}
func createMockGenerator(t *testing.T, crypto Crypto) Generator {
mGenerator := NewMockGenerator(gomock.NewController(t))
mGenerator.EXPECT().Alg().AnyTimes().Return(crypto)
return mGenerator
}
func TestIsCodeExpired(t *testing.T) {
type args struct {
creationDate time.Time
expiry time.Duration
} }
generator := NewEncryptionGenerator(6, 0, mCrypto, Digits) tests := []struct {
name string
err := VerifyCode(creationDate, 1*time.Hour, code, "code", generator) args args
assert.NoError(t, err) want bool
} }{
func Test_Verify_Encrypted_Invalid_Err(t *testing.T) { {
mCrypto := NewMockEncryptionAlg(gomock.NewController(t)) "not expired",
mCrypto.EXPECT().Algorithm().AnyTimes().Return("enc") args{
mCrypto.EXPECT().EncryptionKeyID().AnyTimes().Return("id") creationDate: time.Now(),
mCrypto.EXPECT().DecryptionKeyIDs().AnyTimes().Return([]string{"id"}) expiry: time.Duration(5 * time.Minute),
mCrypto.EXPECT().DecryptString(gomock.Any(), gomock.Any()).DoAndReturn( },
func(code []byte, _ string) (string, error) { false,
return string(code), nil },
{
"expired",
args{
creationDate: time.Now().Add(-5 * time.Minute),
expiry: time.Duration(5 * time.Minute),
},
true,
}, },
)
creationDate := time.Now()
code := &CryptoValue{
CryptoType: TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("code"),
} }
generator := NewEncryptionGenerator(6, 0, mCrypto, Digits) for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
err := VerifyCode(creationDate, 1*time.Hour, code, "wrong", generator) if got := IsCodeExpired(tt.args.creationDate, tt.args.expiry); got != tt.want {
assert.Error(t, err) t.Errorf("IsCodeExpired() = %v, want %v", got, tt.want)
}
})
}
} }
func TestIsCodeExpired_Expired(t *testing.T) { func TestVerifyCode(t *testing.T) {
creationDate := time.Date(2019, time.April, 1, 0, 0, 0, 0, time.UTC) type args struct {
expired := IsCodeExpired(creationDate, 1*time.Hour) creationDate time.Time
assert.True(t, expired) expiry time.Duration
cryptoCode *CryptoValue
verificationCode string
g Generator
}
tests := []struct {
name string
args args
wantErr bool
}{
{
"expired",
args{
creationDate: time.Now().Add(-5 * time.Minute),
expiry: 5 * time.Minute,
cryptoCode: nil,
verificationCode: "",
g: nil,
},
true,
},
{
"unsupported alg err",
args{
creationDate: time.Now(),
expiry: 5 * time.Minute,
cryptoCode: nil,
verificationCode: "code",
g: createMockGenerator(t, createMockCrypto(t)),
},
true,
},
{
"encryption alg ok",
args{
creationDate: time.Now(),
expiry: 5 * time.Minute,
cryptoCode: &CryptoValue{
CryptoType: TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("code"),
},
verificationCode: "code",
g: createMockGenerator(t, createMockEncryptionAlg(t)),
},
false,
},
{
"hash alg ok",
args{
creationDate: time.Now(),
expiry: 5 * time.Minute,
cryptoCode: &CryptoValue{
CryptoType: TypeHash,
Algorithm: "hash",
Crypted: []byte("code"),
},
verificationCode: "code",
g: createMockGenerator(t, createMockHashAlg(t)),
},
false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
if err := VerifyCode(tt.args.creationDate, tt.args.expiry, tt.args.cryptoCode, tt.args.verificationCode, tt.args.g); (err != nil) != tt.wantErr {
t.Errorf("VerifyCode() error = %v, wantErr %v", err, tt.wantErr)
}
})
}
} }
func TestIsCodeExpired_NotExpired(t *testing.T) { func Test_verifyEncryptedCode(t *testing.T) {
creationDate := time.Now() type args struct {
expired := IsCodeExpired(creationDate, 1*time.Hour) cryptoCode *CryptoValue
assert.False(t, expired) verificationCode string
alg EncryptionAlgorithm
}
tests := []struct {
name string
args args
wantErr bool
}{
{
"nil error",
args{
cryptoCode: nil,
verificationCode: "",
alg: createMockEncryptionAlg(t),
},
true,
},
{
"wrong cryptotype error",
args{
cryptoCode: &CryptoValue{
CryptoType: TypeHash,
Crypted: nil,
},
verificationCode: "",
alg: createMockEncryptionAlg(t),
},
true,
},
{
"wrong algorithm error",
args{
cryptoCode: &CryptoValue{
CryptoType: TypeEncryption,
Algorithm: "enc2",
Crypted: nil,
},
verificationCode: "",
alg: createMockEncryptionAlg(t),
},
true,
},
{
"wrong key id error",
args{
cryptoCode: &CryptoValue{
CryptoType: TypeEncryption,
Algorithm: "enc",
Crypted: nil,
},
verificationCode: "wrong",
alg: createMockEncryptionAlg(t),
},
true,
},
{
"wrong verification code error",
args{
cryptoCode: &CryptoValue{
CryptoType: TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("code"),
},
verificationCode: "wrong",
alg: createMockEncryptionAlg(t),
},
true,
},
{
"verification code ok",
args{
cryptoCode: &CryptoValue{
CryptoType: TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("code"),
},
verificationCode: "code",
alg: createMockEncryptionAlg(t),
},
false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
if err := verifyEncryptedCode(tt.args.cryptoCode, tt.args.verificationCode, tt.args.alg); (err != nil) != tt.wantErr {
t.Errorf("verifyEncryptedCode() error = %v, wantErr %v", err, tt.wantErr)
}
})
}
}
func Test_verifyHashedCode(t *testing.T) {
type args struct {
cryptoCode *CryptoValue
verificationCode string
alg HashAlgorithm
}
tests := []struct {
name string
args args
wantErr bool
}{
{
"nil error",
args{
cryptoCode: nil,
verificationCode: "",
alg: createMockHashAlg(t),
},
true,
},
{
"wrong cryptotype error",
args{
cryptoCode: &CryptoValue{
CryptoType: TypeEncryption,
Crypted: nil,
},
verificationCode: "",
alg: createMockHashAlg(t),
},
true,
},
{
"wrong algorithm error",
args{
cryptoCode: &CryptoValue{
CryptoType: TypeHash,
Algorithm: "hash2",
Crypted: nil,
},
verificationCode: "",
alg: createMockHashAlg(t),
},
true,
},
{
"wrong verification code error",
args{
cryptoCode: &CryptoValue{
CryptoType: TypeHash,
Algorithm: "hash",
Crypted: []byte("code"),
},
verificationCode: "wrong",
alg: createMockHashAlg(t),
},
true,
},
{
"verification code ok",
args{
cryptoCode: &CryptoValue{
CryptoType: TypeHash,
Algorithm: "hash",
Crypted: []byte("code"),
},
verificationCode: "code",
alg: createMockHashAlg(t),
},
false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
if err := verifyHashedCode(tt.args.cryptoCode, tt.args.verificationCode, tt.args.alg); (err != nil) != tt.wantErr {
t.Errorf("verifyHashedCode() error = %v, wantErr %v", err, tt.wantErr)
}
})
}
} }

View File

@ -13,7 +13,7 @@ type Crypto interface {
Algorithm() string Algorithm() string
} }
type EncryptionAlg interface { type EncryptionAlgorithm interface {
Crypto Crypto
EncryptionKeyID() string EncryptionKeyID() string
DecryptionKeyIDs() []string DecryptionKeyIDs() []string
@ -22,7 +22,7 @@ type EncryptionAlg interface {
DecryptString(hashed []byte, keyID string) (string, error) DecryptString(hashed []byte, keyID string) (string, error)
} }
type HashAlg interface { type HashAlgorithm interface {
Crypto Crypto
Hash(value []byte) ([]byte, error) Hash(value []byte) ([]byte, error)
CompareHash(hashed, comparer []byte) error CompareHash(hashed, comparer []byte) error
@ -39,15 +39,15 @@ type CryptoType int
func Crypt(value []byte, c Crypto) (*CryptoValue, error) { func Crypt(value []byte, c Crypto) (*CryptoValue, error) {
switch alg := c.(type) { switch alg := c.(type) {
case EncryptionAlg: case EncryptionAlgorithm:
return Encrypt(value, alg) return Encrypt(value, alg)
case HashAlg: case HashAlgorithm:
return Hash(value, alg) return Hash(value, alg)
} }
return nil, errors.ThrowInternal(nil, "CRYPT-r4IaHZ", "algorithm not supported") return nil, errors.ThrowInternal(nil, "CRYPT-r4IaHZ", "algorithm not supported")
} }
func Encrypt(value []byte, alg EncryptionAlg) (*CryptoValue, error) { func Encrypt(value []byte, alg EncryptionAlgorithm) (*CryptoValue, error) {
encrypted, err := alg.Encrypt(value) encrypted, err := alg.Encrypt(value)
if err != nil { if err != nil {
return nil, errors.ThrowInternal(err, "CRYPT-qCD0JB", "error encrypting value") return nil, errors.ThrowInternal(err, "CRYPT-qCD0JB", "error encrypting value")
@ -60,21 +60,21 @@ func Encrypt(value []byte, alg EncryptionAlg) (*CryptoValue, error) {
}, nil }, nil
} }
func Decrypt(value *CryptoValue, alg EncryptionAlg) ([]byte, error) { func Decrypt(value *CryptoValue, alg EncryptionAlgorithm) ([]byte, error) {
if err := checkEncAlg(value, alg); err != nil { if err := checkEncryptionAlgorithm(value, alg); err != nil {
return nil, err return nil, err
} }
return alg.Decrypt(value.Crypted, value.KeyID) return alg.Decrypt(value.Crypted, value.KeyID)
} }
func DecryptString(value *CryptoValue, alg EncryptionAlg) (string, error) { func DecryptString(value *CryptoValue, alg EncryptionAlgorithm) (string, error) {
if err := checkEncAlg(value, alg); err != nil { if err := checkEncryptionAlgorithm(value, alg); err != nil {
return "", err return "", err
} }
return alg.DecryptString(value.Crypted, value.KeyID) return alg.DecryptString(value.Crypted, value.KeyID)
} }
func checkEncAlg(value *CryptoValue, alg EncryptionAlg) error { func checkEncryptionAlgorithm(value *CryptoValue, alg EncryptionAlgorithm) error {
if value.Algorithm != alg.Algorithm() { if value.Algorithm != alg.Algorithm() {
return errors.ThrowInvalidArgument(nil, "CRYPT-Nx7XlT", "value was encrypted with a different key") return errors.ThrowInvalidArgument(nil, "CRYPT-Nx7XlT", "value was encrypted with a different key")
} }
@ -86,7 +86,7 @@ func checkEncAlg(value *CryptoValue, alg EncryptionAlg) error {
return errors.ThrowInvalidArgument(nil, "CRYPT-Kq12vn", "value was encrypted with a different key") return errors.ThrowInvalidArgument(nil, "CRYPT-Kq12vn", "value was encrypted with a different key")
} }
func Hash(value []byte, alg HashAlg) (*CryptoValue, error) { func Hash(value []byte, alg HashAlgorithm) (*CryptoValue, error) {
hashed, err := alg.Hash(value) hashed, err := alg.Hash(value)
if err != nil { if err != nil {
return nil, errors.ThrowInternal(err, "CRYPT-rBVaJU", "error hashing value") return nil, errors.ThrowInternal(err, "CRYPT-rBVaJU", "error hashing value")
@ -98,6 +98,9 @@ func Hash(value []byte, alg HashAlg) (*CryptoValue, error) {
}, nil }, nil
} }
func CompareHash(value *CryptoValue, comparer []byte, alg HashAlg) error { func CompareHash(value *CryptoValue, comparer []byte, alg HashAlgorithm) error {
if value.Algorithm != alg.Algorithm() {
return errors.ThrowInvalidArgument(nil, "CRYPT-HF32f", "value was hash with a different algorithm")
}
return alg.CompareHash(value.Crypted, comparer) return alg.CompareHash(value.Crypted, comparer)
} }

View File

@ -46,31 +46,31 @@ func (mr *MockCryptoMockRecorder) Algorithm() *gomock.Call {
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Algorithm", reflect.TypeOf((*MockCrypto)(nil).Algorithm)) return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Algorithm", reflect.TypeOf((*MockCrypto)(nil).Algorithm))
} }
// MockEncryptionAlg is a mock of EncryptionAlg interface // MockEncryptionAlgorithm is a mock of EncryptionAlgorithm interface
type MockEncryptionAlg struct { type MockEncryptionAlgorithm struct {
ctrl *gomock.Controller ctrl *gomock.Controller
recorder *MockEncryptionAlgMockRecorder recorder *MockEncryptionAlgorithmMockRecorder
} }
// MockEncryptionAlgMockRecorder is the mock recorder for MockEncryptionAlg // MockEncryptionAlgorithmMockRecorder is the mock recorder for MockEncryptionAlgorithm
type MockEncryptionAlgMockRecorder struct { type MockEncryptionAlgorithmMockRecorder struct {
mock *MockEncryptionAlg mock *MockEncryptionAlgorithm
} }
// NewMockEncryptionAlg creates a new mock instance // NewMockEncryptionAlgorithm creates a new mock instance
func NewMockEncryptionAlg(ctrl *gomock.Controller) *MockEncryptionAlg { func NewMockEncryptionAlgorithm(ctrl *gomock.Controller) *MockEncryptionAlgorithm {
mock := &MockEncryptionAlg{ctrl: ctrl} mock := &MockEncryptionAlgorithm{ctrl: ctrl}
mock.recorder = &MockEncryptionAlgMockRecorder{mock} mock.recorder = &MockEncryptionAlgorithmMockRecorder{mock}
return mock return mock
} }
// EXPECT returns an object that allows the caller to indicate expected use // EXPECT returns an object that allows the caller to indicate expected use
func (m *MockEncryptionAlg) EXPECT() *MockEncryptionAlgMockRecorder { func (m *MockEncryptionAlgorithm) EXPECT() *MockEncryptionAlgorithmMockRecorder {
return m.recorder return m.recorder
} }
// Algorithm mocks base method // Algorithm mocks base method
func (m *MockEncryptionAlg) Algorithm() string { func (m *MockEncryptionAlgorithm) Algorithm() string {
m.ctrl.T.Helper() m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "Algorithm") ret := m.ctrl.Call(m, "Algorithm")
ret0, _ := ret[0].(string) ret0, _ := ret[0].(string)
@ -78,13 +78,13 @@ func (m *MockEncryptionAlg) Algorithm() string {
} }
// Algorithm indicates an expected call of Algorithm // Algorithm indicates an expected call of Algorithm
func (mr *MockEncryptionAlgMockRecorder) Algorithm() *gomock.Call { func (mr *MockEncryptionAlgorithmMockRecorder) Algorithm() *gomock.Call {
mr.mock.ctrl.T.Helper() mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Algorithm", reflect.TypeOf((*MockEncryptionAlg)(nil).Algorithm)) return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Algorithm", reflect.TypeOf((*MockEncryptionAlgorithm)(nil).Algorithm))
} }
// EncryptionKeyID mocks base method // EncryptionKeyID mocks base method
func (m *MockEncryptionAlg) EncryptionKeyID() string { func (m *MockEncryptionAlgorithm) EncryptionKeyID() string {
m.ctrl.T.Helper() m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "EncryptionKeyID") ret := m.ctrl.Call(m, "EncryptionKeyID")
ret0, _ := ret[0].(string) ret0, _ := ret[0].(string)
@ -92,13 +92,13 @@ func (m *MockEncryptionAlg) EncryptionKeyID() string {
} }
// EncryptionKeyID indicates an expected call of EncryptionKeyID // EncryptionKeyID indicates an expected call of EncryptionKeyID
func (mr *MockEncryptionAlgMockRecorder) EncryptionKeyID() *gomock.Call { func (mr *MockEncryptionAlgorithmMockRecorder) EncryptionKeyID() *gomock.Call {
mr.mock.ctrl.T.Helper() mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "EncryptionKeyID", reflect.TypeOf((*MockEncryptionAlg)(nil).EncryptionKeyID)) return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "EncryptionKeyID", reflect.TypeOf((*MockEncryptionAlgorithm)(nil).EncryptionKeyID))
} }
// DecryptionKeyIDs mocks base method // DecryptionKeyIDs mocks base method
func (m *MockEncryptionAlg) DecryptionKeyIDs() []string { func (m *MockEncryptionAlgorithm) DecryptionKeyIDs() []string {
m.ctrl.T.Helper() m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "DecryptionKeyIDs") ret := m.ctrl.Call(m, "DecryptionKeyIDs")
ret0, _ := ret[0].([]string) ret0, _ := ret[0].([]string)
@ -106,13 +106,13 @@ func (m *MockEncryptionAlg) DecryptionKeyIDs() []string {
} }
// DecryptionKeyIDs indicates an expected call of DecryptionKeyIDs // DecryptionKeyIDs indicates an expected call of DecryptionKeyIDs
func (mr *MockEncryptionAlgMockRecorder) DecryptionKeyIDs() *gomock.Call { func (mr *MockEncryptionAlgorithmMockRecorder) DecryptionKeyIDs() *gomock.Call {
mr.mock.ctrl.T.Helper() mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DecryptionKeyIDs", reflect.TypeOf((*MockEncryptionAlg)(nil).DecryptionKeyIDs)) return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DecryptionKeyIDs", reflect.TypeOf((*MockEncryptionAlgorithm)(nil).DecryptionKeyIDs))
} }
// Encrypt mocks base method // Encrypt mocks base method
func (m *MockEncryptionAlg) Encrypt(value []byte) ([]byte, error) { func (m *MockEncryptionAlgorithm) Encrypt(value []byte) ([]byte, error) {
m.ctrl.T.Helper() m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "Encrypt", value) ret := m.ctrl.Call(m, "Encrypt", value)
ret0, _ := ret[0].([]byte) ret0, _ := ret[0].([]byte)
@ -121,13 +121,13 @@ func (m *MockEncryptionAlg) Encrypt(value []byte) ([]byte, error) {
} }
// Encrypt indicates an expected call of Encrypt // Encrypt indicates an expected call of Encrypt
func (mr *MockEncryptionAlgMockRecorder) Encrypt(value interface{}) *gomock.Call { func (mr *MockEncryptionAlgorithmMockRecorder) Encrypt(value interface{}) *gomock.Call {
mr.mock.ctrl.T.Helper() mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Encrypt", reflect.TypeOf((*MockEncryptionAlg)(nil).Encrypt), value) return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Encrypt", reflect.TypeOf((*MockEncryptionAlgorithm)(nil).Encrypt), value)
} }
// Decrypt mocks base method // Decrypt mocks base method
func (m *MockEncryptionAlg) Decrypt(hashed []byte, keyID string) ([]byte, error) { func (m *MockEncryptionAlgorithm) Decrypt(hashed []byte, keyID string) ([]byte, error) {
m.ctrl.T.Helper() m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "Decrypt", hashed, keyID) ret := m.ctrl.Call(m, "Decrypt", hashed, keyID)
ret0, _ := ret[0].([]byte) ret0, _ := ret[0].([]byte)
@ -136,13 +136,13 @@ func (m *MockEncryptionAlg) Decrypt(hashed []byte, keyID string) ([]byte, error)
} }
// Decrypt indicates an expected call of Decrypt // Decrypt indicates an expected call of Decrypt
func (mr *MockEncryptionAlgMockRecorder) Decrypt(hashed, keyID interface{}) *gomock.Call { func (mr *MockEncryptionAlgorithmMockRecorder) Decrypt(hashed, keyID interface{}) *gomock.Call {
mr.mock.ctrl.T.Helper() mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Decrypt", reflect.TypeOf((*MockEncryptionAlg)(nil).Decrypt), hashed, keyID) return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Decrypt", reflect.TypeOf((*MockEncryptionAlgorithm)(nil).Decrypt), hashed, keyID)
} }
// DecryptString mocks base method // DecryptString mocks base method
func (m *MockEncryptionAlg) DecryptString(hashed []byte, keyID string) (string, error) { func (m *MockEncryptionAlgorithm) DecryptString(hashed []byte, keyID string) (string, error) {
m.ctrl.T.Helper() m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "DecryptString", hashed, keyID) ret := m.ctrl.Call(m, "DecryptString", hashed, keyID)
ret0, _ := ret[0].(string) ret0, _ := ret[0].(string)
@ -151,36 +151,36 @@ func (m *MockEncryptionAlg) DecryptString(hashed []byte, keyID string) (string,
} }
// DecryptString indicates an expected call of DecryptString // DecryptString indicates an expected call of DecryptString
func (mr *MockEncryptionAlgMockRecorder) DecryptString(hashed, keyID interface{}) *gomock.Call { func (mr *MockEncryptionAlgorithmMockRecorder) DecryptString(hashed, keyID interface{}) *gomock.Call {
mr.mock.ctrl.T.Helper() mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DecryptString", reflect.TypeOf((*MockEncryptionAlg)(nil).DecryptString), hashed, keyID) return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DecryptString", reflect.TypeOf((*MockEncryptionAlgorithm)(nil).DecryptString), hashed, keyID)
} }
// MockHashAlg is a mock of HashAlg interface // MockHashAlgorithm is a mock of HashAlgorithm interface
type MockHashAlg struct { type MockHashAlgorithm struct {
ctrl *gomock.Controller ctrl *gomock.Controller
recorder *MockHashAlgMockRecorder recorder *MockHashAlgorithmMockRecorder
} }
// MockHashAlgMockRecorder is the mock recorder for MockHashAlg // MockHashAlgorithmMockRecorder is the mock recorder for MockHashAlgorithm
type MockHashAlgMockRecorder struct { type MockHashAlgorithmMockRecorder struct {
mock *MockHashAlg mock *MockHashAlgorithm
} }
// NewMockHashAlg creates a new mock instance // NewMockHashAlgorithm creates a new mock instance
func NewMockHashAlg(ctrl *gomock.Controller) *MockHashAlg { func NewMockHashAlgorithm(ctrl *gomock.Controller) *MockHashAlgorithm {
mock := &MockHashAlg{ctrl: ctrl} mock := &MockHashAlgorithm{ctrl: ctrl}
mock.recorder = &MockHashAlgMockRecorder{mock} mock.recorder = &MockHashAlgorithmMockRecorder{mock}
return mock return mock
} }
// EXPECT returns an object that allows the caller to indicate expected use // EXPECT returns an object that allows the caller to indicate expected use
func (m *MockHashAlg) EXPECT() *MockHashAlgMockRecorder { func (m *MockHashAlgorithm) EXPECT() *MockHashAlgorithmMockRecorder {
return m.recorder return m.recorder
} }
// Algorithm mocks base method // Algorithm mocks base method
func (m *MockHashAlg) Algorithm() string { func (m *MockHashAlgorithm) Algorithm() string {
m.ctrl.T.Helper() m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "Algorithm") ret := m.ctrl.Call(m, "Algorithm")
ret0, _ := ret[0].(string) ret0, _ := ret[0].(string)
@ -188,13 +188,13 @@ func (m *MockHashAlg) Algorithm() string {
} }
// Algorithm indicates an expected call of Algorithm // Algorithm indicates an expected call of Algorithm
func (mr *MockHashAlgMockRecorder) Algorithm() *gomock.Call { func (mr *MockHashAlgorithmMockRecorder) Algorithm() *gomock.Call {
mr.mock.ctrl.T.Helper() mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Algorithm", reflect.TypeOf((*MockHashAlg)(nil).Algorithm)) return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Algorithm", reflect.TypeOf((*MockHashAlgorithm)(nil).Algorithm))
} }
// Hash mocks base method // Hash mocks base method
func (m *MockHashAlg) Hash(value []byte) ([]byte, error) { func (m *MockHashAlgorithm) Hash(value []byte) ([]byte, error) {
m.ctrl.T.Helper() m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "Hash", value) ret := m.ctrl.Call(m, "Hash", value)
ret0, _ := ret[0].([]byte) ret0, _ := ret[0].([]byte)
@ -203,13 +203,13 @@ func (m *MockHashAlg) Hash(value []byte) ([]byte, error) {
} }
// Hash indicates an expected call of Hash // Hash indicates an expected call of Hash
func (mr *MockHashAlgMockRecorder) Hash(value interface{}) *gomock.Call { func (mr *MockHashAlgorithmMockRecorder) Hash(value interface{}) *gomock.Call {
mr.mock.ctrl.T.Helper() mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Hash", reflect.TypeOf((*MockHashAlg)(nil).Hash), value) return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Hash", reflect.TypeOf((*MockHashAlgorithm)(nil).Hash), value)
} }
// CompareHash mocks base method // CompareHash mocks base method
func (m *MockHashAlg) CompareHash(hashed, comparer []byte) error { func (m *MockHashAlgorithm) CompareHash(hashed, comparer []byte) error {
m.ctrl.T.Helper() m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "CompareHash", hashed, comparer) ret := m.ctrl.Call(m, "CompareHash", hashed, comparer)
ret0, _ := ret[0].(error) ret0, _ := ret[0].(error)
@ -217,7 +217,7 @@ func (m *MockHashAlg) CompareHash(hashed, comparer []byte) error {
} }
// CompareHash indicates an expected call of CompareHash // CompareHash indicates an expected call of CompareHash
func (mr *MockHashAlgMockRecorder) CompareHash(hashed, comparer interface{}) *gomock.Call { func (mr *MockHashAlgorithmMockRecorder) CompareHash(hashed, comparer interface{}) *gomock.Call {
mr.mock.ctrl.T.Helper() mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CompareHash", reflect.TypeOf((*MockHashAlg)(nil).CompareHash), hashed, comparer) return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CompareHash", reflect.TypeOf((*MockHashAlgorithm)(nil).CompareHash), hashed, comparer)
} }

View File

@ -104,7 +104,7 @@ func TestCrypt(t *testing.T) {
func TestEncrypt(t *testing.T) { func TestEncrypt(t *testing.T) {
type args struct { type args struct {
value []byte value []byte
c EncryptionAlg c EncryptionAlgorithm
} }
tests := []struct { tests := []struct {
name string name string
@ -136,7 +136,7 @@ func TestEncrypt(t *testing.T) {
func TestDecrypt(t *testing.T) { func TestDecrypt(t *testing.T) {
type args struct { type args struct {
value *CryptoValue value *CryptoValue
c EncryptionAlg c EncryptionAlgorithm
} }
tests := []struct { tests := []struct {
name string name string
@ -174,7 +174,7 @@ func TestDecrypt(t *testing.T) {
func TestDecryptString(t *testing.T) { func TestDecryptString(t *testing.T) {
type args struct { type args struct {
value *CryptoValue value *CryptoValue
c EncryptionAlg c EncryptionAlgorithm
} }
tests := []struct { tests := []struct {
name string name string
@ -212,7 +212,7 @@ func TestDecryptString(t *testing.T) {
func TestHash(t *testing.T) { func TestHash(t *testing.T) {
type args struct { type args struct {
value []byte value []byte
c HashAlg c HashAlgorithm
} }
tests := []struct { tests := []struct {
name string name string
@ -245,7 +245,7 @@ func TestCompareHash(t *testing.T) {
type args struct { type args struct {
value *CryptoValue value *CryptoValue
comparer []byte comparer []byte
c HashAlg c HashAlgorithm
} }
tests := []struct { tests := []struct {
name string name string

View File

@ -1,3 +1,4 @@
package crypto package crypto
//go:generate mockgen -source crypto.go -destination ./crypto_mock.go -package crypto //go:generate mockgen -source crypto.go -destination ./crypto_mock.go -package crypto
//go:generate mockgen -source code.go -destination ./code_mock.go -package crypto

View File

@ -10,10 +10,13 @@ import (
"github.com/caos/logging" "github.com/caos/logging"
) )
var (
marshaller = new(jsonpb.Marshaler)
)
func MustToPBStruct(object interface{}) *pb_struct.Struct { func MustToPBStruct(object interface{}) *pb_struct.Struct {
s, err := ToPBStruct(object) s, err := ToPBStruct(object)
logging.Log("PROTO-7Aa3t").OnError(err).Panic("unable to map object to pb-struct") logging.Log("PROTO-7Aa3t").OnError(err).Panic("unable to map object to pb-struct")
return s return s
} }
@ -24,15 +27,12 @@ func BytesToPBStruct(b []byte) (*pb_struct.Struct, error) {
} }
func ToPBStruct(object interface{}) (*pb_struct.Struct, error) { func ToPBStruct(object interface{}) (*pb_struct.Struct, error) {
fields := new(pb_struct.Struct)
marshalled, err := json.Marshal(object) marshalled, err := json.Marshal(object)
if err != nil { if err != nil {
return nil, err return nil, err
} }
fields := new(pb_struct.Struct)
err = jsonpb.Unmarshal(bytes.NewReader(marshalled), fields) err = jsonpb.Unmarshal(bytes.NewReader(marshalled), fields)
return fields, err return fields, err
} }
@ -42,11 +42,9 @@ func MustFromPBStruct(object interface{}, s *pb_struct.Struct) {
} }
func FromPBStruct(object interface{}, s *pb_struct.Struct) error { func FromPBStruct(object interface{}, s *pb_struct.Struct) error {
marshaller := new(jsonpb.Marshaler)
jsonString, err := marshaller.MarshalToString(s) jsonString, err := marshaller.MarshalToString(s)
if err != nil { if err != nil {
return err return err
} }
return json.Unmarshal([]byte(jsonString), object) return json.Unmarshal([]byte(jsonString), object)
} }

View File

@ -4,50 +4,112 @@ import (
"testing" "testing"
pb_struct "github.com/golang/protobuf/ptypes/struct" pb_struct "github.com/golang/protobuf/ptypes/struct"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
) )
func TestToPBStruct(t *testing.T) { func Test_ToPBStruct(t *testing.T) {
obj := struct { type obj struct {
ID string ID string
Name string Seq uint64
Seq uint64 }
}{ type args struct {
ID: "asdf", obj obj
Name: "ueli", }
Seq: 208582075, tests := []struct {
name string
args args
wantErr bool
length int
result obj
}{
{
name: "to pb stuct",
args: args{
obj: obj{ID: "ID", Seq: 12345},
},
wantErr: false,
length: 2,
result: obj{ID: "ID", Seq: 12345},
},
{
name: "empty struct",
args: args{
obj: obj{},
},
wantErr: false,
length: 2,
result: obj{ID: "", Seq: 0},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
fields, err := ToPBStruct(tt.args.obj)
if tt.wantErr && err == nil {
t.Errorf("got wrong result, should get err: actual: %v ", err)
}
if !tt.wantErr && len(fields.Fields) != tt.length {
t.Errorf("got wrong result length, expecting: %v, actual: %v ", tt.length, len(fields.Fields))
}
if !tt.wantErr && tt.result.ID != fields.Fields["ID"].GetStringValue() {
t.Errorf("got wrong result, ID should be same: expecting: %v, actual: %v ", tt.result.ID, fields.Fields["ID"].GetStringValue())
}
if !tt.wantErr && int(tt.result.Seq) != int(fields.Fields["Seq"].GetNumberValue()) {
t.Errorf("got wrong result, Seq should be same: expecting: %v, actual: %v ", tt.result.Seq, fields.Fields["Seq"].GetStringValue())
}
})
} }
fields, err := ToPBStruct(&obj)
require.NoError(t, err)
require.Len(t, fields.Fields, 3)
assert.Equal(t, obj.ID, fields.Fields["ID"].GetStringValue())
assert.Equal(t, int(obj.Seq), int(fields.Fields["Seq"].GetNumberValue()))
assert.Equal(t, obj.Name, fields.Fields["Name"].GetStringValue())
} }
func TestFromPBStruct(t *testing.T) { func Test_FromPBStruct(t *testing.T) {
name := "ueli" type obj struct {
id := "asdf" ID string
seq := float64(208582075) Seq uint64
s := &pb_struct.Struct{Fields: map[string]*pb_struct.Value{ }
"ID": &pb_struct.Value{Kind: &pb_struct.Value_StringValue{StringValue: id}}, type args struct {
"Name": &pb_struct.Value{Kind: &pb_struct.Value_StringValue{StringValue: name}}, obj *obj
"Seq": &pb_struct.Value{Kind: &pb_struct.Value_NumberValue{NumberValue: seq}}, fields *pb_struct.Struct
}} }
tests := []struct {
obj := struct { name string
ID string args args
Name string wantErr bool
Seq uint64 result obj
}{} }{
{
err := FromPBStruct(&obj, s) name: "from pb stuct",
require.NoError(t, err) args: args{
obj: &obj{},
assert.Equal(t, id, obj.ID) fields: &pb_struct.Struct{Fields: map[string]*pb_struct.Value{
assert.Equal(t, name, obj.Name) "ID": &pb_struct.Value{Kind: &pb_struct.Value_StringValue{StringValue: "ID"}},
assert.Equal(t, int(seq), int(obj.Seq)) "Seq": &pb_struct.Value{Kind: &pb_struct.Value_NumberValue{NumberValue: 12345}},
},
},
},
wantErr: false,
result: obj{ID: "ID", Seq: 12345},
},
{
name: "no fields",
args: args{
obj: &obj{},
fields: &pb_struct.Struct{Fields: map[string]*pb_struct.Value{},
},
},
wantErr: false,
result: obj{ID: "", Seq: 0},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
err := FromPBStruct(tt.args.obj, tt.args.fields)
if tt.wantErr && err == nil {
t.Errorf("got wrong result, should get err: actual: %v ", err)
}
if !tt.wantErr && tt.result.ID != tt.args.obj.ID {
t.Errorf("got wrong result, ID should be same: expecting: %v, actual: %v ", tt.result.ID, tt.args.obj.ID)
}
if !tt.wantErr && int(tt.result.Seq) != int(tt.args.obj.Seq) {
t.Errorf("got wrong result, Seq should be same: expecting: %v, actual: %v ", tt.result.Seq, tt.args.obj.Seq)
}
})
}
} }

View File

@ -8,17 +8,15 @@ import (
func GetCaller() string { func GetCaller() string {
fpcs := make([]uintptr, 1) fpcs := make([]uintptr, 1)
n := runtime.Callers(3, fpcs) n := runtime.Callers(3, fpcs)
if n == 0 { if n == 0 {
logging.Log("HELPE-rWjfC").Debug("no caller") logging.Log("TRACE-rWjfC").Debug("no caller")
return ""
} }
caller := runtime.FuncForPC(fpcs[0] - 1) caller := runtime.FuncForPC(fpcs[0] - 1)
if caller == nil { if caller == nil {
logging.Log("HELPE-25POw").Debug("caller was nil") logging.Log("TRACE-25POw").Debug("caller was nil")
return ""
} }
// Print the name of the function
return caller.Name() return caller.Name()
} }

View File

@ -3,9 +3,7 @@ package config
import ( import (
"encoding/json" "encoding/json"
"google.golang.org/grpc/codes" "github.com/caos/zitadel/internal/errors"
"google.golang.org/grpc/status"
"github.com/caos/zitadel/internal/tracing" "github.com/caos/zitadel/internal/tracing"
tracing_g "github.com/caos/zitadel/internal/tracing/google" tracing_g "github.com/caos/zitadel/internal/tracing/google"
tracing_log "github.com/caos/zitadel/internal/tracing/log" tracing_log "github.com/caos/zitadel/internal/tracing/log"
@ -28,7 +26,7 @@ func (c *TracingConfig) UnmarshalJSON(data []byte) error {
} }
if err := json.Unmarshal(data, &rc); err != nil { if err := json.Unmarshal(data, &rc); err != nil {
return status.Errorf(codes.Internal, "%v parse config: %v", "TRACE-vmjS", err) return errors.ThrowInternal(err, "TRACE-vmjS", "error parsing config")
} }
c.Type = rc.Type c.Type = rc.Type
@ -36,7 +34,7 @@ func (c *TracingConfig) UnmarshalJSON(data []byte) error {
var err error var err error
c.Config, err = newTracingConfig(c.Type, rc.Config) c.Config, err = newTracingConfig(c.Type, rc.Config)
if err != nil { if err != nil {
return status.Errorf(codes.Internal, "%v parse config: %v", "TRACE-Ws9E", err) return err
} }
return c.Config.NewTracer() return c.Config.NewTracer()
@ -45,7 +43,7 @@ func (c *TracingConfig) UnmarshalJSON(data []byte) error {
func newTracingConfig(tracerType string, configData []byte) (tracing.Config, error) { func newTracingConfig(tracerType string, configData []byte) (tracing.Config, error) {
t, ok := tracer[tracerType] t, ok := tracer[tracerType]
if !ok { if !ok {
return nil, status.Errorf(codes.Internal, "%v No config: %v", "TRACE-HMEJ", tracerType) return nil, errors.ThrowInternalf(nil, "TRACE-HMEJ", "config type %s not supported", tracerType)
} }
tracingConfig := t() tracingConfig := t()
@ -54,7 +52,7 @@ func newTracingConfig(tracerType string, configData []byte) (tracing.Config, err
} }
if err := json.Unmarshal(configData, tracingConfig); err != nil { if err := json.Unmarshal(configData, tracingConfig); err != nil {
return nil, status.Errorf(codes.Internal, "%v Could not read conifg: %v", "TRACE-1tSS", err) return nil, errors.ThrowInternal(err, "TRACE-1tSS", "Could not read config: %v")
} }
return tracingConfig, nil return tracingConfig, nil

View File

@ -2,9 +2,8 @@ package google
import ( import (
"go.opencensus.io/trace" "go.opencensus.io/trace"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/status"
"github.com/caos/zitadel/internal/errors"
"github.com/caos/zitadel/internal/tracing" "github.com/caos/zitadel/internal/tracing"
) )
@ -16,7 +15,7 @@ type Config struct {
func (c *Config) NewTracer() error { func (c *Config) NewTracer() error {
if !envIsSet() { if !envIsSet() {
return status.Error(codes.InvalidArgument, "env not properly set, GOOGLE_APPLICATION_CREDENTIALS is misconfigured or missing") return errors.ThrowInvalidArgument(nil, "GOOGL-sdh3a", "env not properly set, GOOGLE_APPLICATION_CREDENTIALS is misconfigured or missing")
} }
tracing.T = &Tracer{projectID: c.ProjectID, metricPrefix: c.MetricPrefix, sampler: trace.ProbabilitySampler(c.Fraction)} tracing.T = &Tracer{projectID: c.ProjectID, metricPrefix: c.MetricPrefix, sampler: trace.ProbabilitySampler(c.Fraction)}

View File

@ -5,8 +5,9 @@ import (
"strconv" "strconv"
"go.opencensus.io/trace" "go.opencensus.io/trace"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/status" "github.com/caos/zitadel/internal/api/grpc"
"github.com/caos/zitadel/internal/errors"
) )
type Span struct { type Span struct {
@ -39,10 +40,8 @@ func (s *Span) SetStatusByError(err error) {
} }
func statusFromError(err error) trace.Status { func statusFromError(err error) trace.Status {
if statusErr, ok := status.FromError(err); ok { code, msg, _ := grpc.Extract(err)
return trace.Status{Code: int32(statusErr.Code()), Message: statusErr.Message()} return trace.Status{Code: int32(code), Message: msg}
}
return trace.Status{Code: int32(codes.Unknown), Message: "Unknown"}
} }
// AddAnnotation creates an annotation. The annotation will not be added to the tracing use Annotate(msg) afterwards // AddAnnotation creates an annotation. The annotation will not be added to the tracing use Annotate(msg) afterwards
@ -80,7 +79,7 @@ func toTraceAttribute(key string, value interface{}) (attr trace.Attribute, err
if valueInt, err := convertToInt64(value); err == nil { if valueInt, err := convertToInt64(value); err == nil {
return trace.Int64Attribute(key, valueInt), nil return trace.Int64Attribute(key, valueInt), nil
} }
return attr, status.Error(codes.InvalidArgument, "Attribute is not of type bool, string or int64") return attr, errors.ThrowInternal(nil, "TRACE-jlq3s", "Attribute is not of type bool, string or int64")
} }
func convertToInt64(value interface{}) (int64, error) { func convertToInt64(value interface{}) (int64, error) {

View File

@ -3,19 +3,17 @@ package admin
import ( import (
"context" "context"
"github.com/caos/logging"
app "github.com/caos/zitadel/internal/admin" app "github.com/caos/zitadel/internal/admin"
"github.com/caos/zitadel/internal/api/auth" "github.com/caos/zitadel/internal/api/auth"
"github.com/caos/zitadel/internal/errors"
"github.com/caos/zitadel/pkg/admin/api" "github.com/caos/zitadel/pkg/admin/api"
) )
type Config struct { type Config struct {
App *app.Config App app.Config
API *api.Config API api.Config
} }
func Start(ctx context.Context, config *Config, authZ *auth.Config) error { func Start(ctx context.Context, config Config, authZ auth.Config) error {
err := api.Start(ctx, config.API) return errors.ThrowUnimplemented(nil, "ADMIN-n8vw5", "not implemented yet") //TODO: implement
logging.Log("MAIN-BmOLI").OnError(err).Panic("unable to start api")
return err
} }

7
pkg/admin/api/config.go Normal file
View File

@ -0,0 +1,7 @@
package api
import "github.com/caos/zitadel/internal/api/grpc"
type Config struct {
GRPC grpc.Config
}

7
pkg/auth/api/config.go Normal file
View File

@ -0,0 +1,7 @@
package api
import "github.com/caos/zitadel/internal/api/grpc"
type Config struct {
GRPC grpc.Config
}

View File

@ -2,20 +2,18 @@ package auth
import ( import (
"context" "context"
"github.com/caos/logging"
"github.com/caos/zitadel/internal/api/auth" "github.com/caos/zitadel/internal/api/auth"
app "github.com/caos/zitadel/internal/auth" app "github.com/caos/zitadel/internal/auth"
"github.com/caos/zitadel/internal/errors"
"github.com/caos/zitadel/pkg/auth/api" "github.com/caos/zitadel/pkg/auth/api"
) )
type Config struct { type Config struct {
App *app.Config App app.Config
API *api.Config API api.Config
} }
func Start(ctx context.Context, config *Config, authZ *auth.Config) error { func Start(ctx context.Context, config Config, authZ auth.Config) error {
err := api.Start(ctx, config.API) return errors.ThrowUnimplemented(nil, "AUTH-l7Hdx", "not implemented yet") //TODO: implement
logging.Log("MAIN-BmOLI").OnError(err).Panic("unable to start api")
return err
} }

View File

@ -11,6 +11,6 @@ type Config struct {
StaticDir string StaticDir string
} }
func Start(ctx context.Context, config *Config) error { func Start(ctx context.Context, config Config) error {
return errors.ThrowUnimplemented(nil, "CONSO-4cT5D", "not implemented yet") //TODO: implement return errors.ThrowUnimplemented(nil, "CONSO-4cT5D", "not implemented yet") //TODO: implement
} }

View File

@ -9,10 +9,10 @@ import (
) )
type Config struct { type Config struct {
App *app.Config App app.Config
API *api.Config API api.Config
} }
func Start(ctx context.Context, config *Config) error { func Start(ctx context.Context, config Config) error {
return errors.ThrowUnimplemented(nil, "LOGIN-3fwvD", "not implemented yet") //TODO: implement return errors.ThrowUnimplemented(nil, "LOGIN-3fwvD", "not implemented yet") //TODO: implement
} }

View File

@ -0,0 +1,7 @@
package api
import "github.com/caos/zitadel/internal/api/grpc"
type Config struct {
GRPC grpc.Config
}

View File

@ -2,20 +2,18 @@ package management
import ( import (
"context" "context"
"github.com/caos/logging"
"github.com/caos/zitadel/internal/api/auth" "github.com/caos/zitadel/internal/api/auth"
"github.com/caos/zitadel/internal/errors"
app "github.com/caos/zitadel/internal/management" app "github.com/caos/zitadel/internal/management"
"github.com/caos/zitadel/pkg/management/api" "github.com/caos/zitadel/pkg/management/api"
) )
type Config struct { type Config struct {
App *app.Config App app.Config
API *api.Config API api.Config
} }
func Start(ctx context.Context, config *Config, authZ *auth.Config) error { func Start(ctx context.Context, config Config, authZ auth.Config) error {
err := api.Start(ctx, config.API) return errors.ThrowUnimplemented(nil, "MANAG-h3k3x", "not implemented yet") //TODO: implement
logging.Log("MAIN-BmOLI").OnError(err).Panic("unable to start api")
return err
} }

Binary file not shown.

After

Width:  |  Height:  |  Size: 52 KiB