From c972e26d9355d233dd5948262becaa539eee5d65 Mon Sep 17 00:00:00 2001 From: Akshay Gaikwad Date: Fri, 25 Mar 2022 10:17:55 +0530 Subject: [PATCH 1/2] Update Auth constructor function and middleware Auth constructor should handle creation of Kratos, database, ApiKeyService itself for benefit to other dependent modules/repos. The Prompt module does not need db instance hence it should not pass db parameter when initializing Auth context and middleware. Signed-off-by: Akshay Gaikwad --- main.go | 2 +- pkg/auth/v3/auth.go | 28 +++++++++++++++++++++++++--- pkg/auth/v3/middleware.go | 5 ++--- 3 files changed, 28 insertions(+), 7 deletions(-) diff --git a/main.go b/main.go index 1b3a816..d4f35b5 100644 --- a/main.go +++ b/main.go @@ -554,7 +554,7 @@ func runRPC(wg *sync.WaitGroup, ctx context.Context) { var opts []_grpc.ServerOption if !dev { _log.Infow("adding auth interceptor") - ac := authv3.NewAuthContext(db) + ac := authv3.NewAuthContext() o := authv3.Option{} opts = append(opts, _grpc.UnaryInterceptor( ac.NewAuthUnaryInterceptor(o), diff --git a/pkg/auth/v3/auth.go b/pkg/auth/v3/auth.go index 849bfcb..884b4b5 100644 --- a/pkg/auth/v3/auth.go +++ b/pkg/auth/v3/auth.go @@ -1,6 +1,8 @@ package authv3 import ( + "database/sql" + "fmt" "os" "github.com/RafayLabs/rcloud-base/pkg/enforcer" @@ -8,6 +10,9 @@ import ( "github.com/RafayLabs/rcloud-base/pkg/service" kclient "github.com/ory/kratos-client-go" "github.com/uptrace/bun" + + "github.com/uptrace/bun/dialect/pgdialect" + "github.com/uptrace/bun/driver/pgdriver" "gorm.io/driver/postgres" "gorm.io/gorm" ) @@ -33,14 +38,23 @@ type authContext struct { } // NewAuthContext setup authentication and authorization dependencies. -func NewAuthContext(db *bun.DB) authContext { +func NewAuthContext() authContext { var ( kc *kclient.APIClient kratosScheme string kratosAddr string + db *bun.DB ) - // TODO: https://github.com/RafayLabs/prompt/pull/3#issuecomment-1073557206 - // Where exactly should we be getting these values from? + + // Initialize database + dbUser := getEnvWithDefault("DB_USER", "admindbuser") + dbPassword := getEnvWithDefault("DB_PASSWORD", "admindbpassword") + dbAddr := getEnvWithDefault("DB_ADDR", "localhost:5432") + dbName := getEnvWithDefault("DB_NAME", "admindb") + dsn := fmt.Sprintf("postgres://%s:%s@%s/%s?sslmode=disable", dbUser, dbPassword, dbAddr, dbName) + sqldb := sql.OpenDB(pgdriver.NewConnector(pgdriver.WithDSN(dsn))) + db = bun.NewDB(sqldb, pgdialect.New()) + if v, ok := os.LookupEnv("KRATOS_SCHEME"); ok { kratosScheme = v } else { @@ -71,3 +85,11 @@ func NewAuthContext(db *bun.DB) authContext { return authContext{kc: kc, as: as, ks: service.NewApiKeyService(db)} } + +func getEnvWithDefault(env, def string) string { + val := os.Getenv(env) + if val == "" { + return def + } + return val +} diff --git a/pkg/auth/v3/middleware.go b/pkg/auth/v3/middleware.go index 3eae9b8..0b1db40 100644 --- a/pkg/auth/v3/middleware.go +++ b/pkg/auth/v3/middleware.go @@ -18,10 +18,9 @@ type authMiddleware struct { opt Option } -func NewAuthMiddleware(opt Option, db *bun.DB) negroni.Handler { +func NewAuthMiddleware(opt Option) negroni.Handler { return &authMiddleware{ - db: db, - ac: NewAuthContext(db), + ac: NewAuthContext(), opt: opt, } } From 5de4ba97659a46aab25654b87b0fe596f49bcd6f Mon Sep 17 00:00:00 2001 From: Akshay Gaikwad Date: Wed, 30 Mar 2022 13:00:35 +0530 Subject: [PATCH 2/2] Add two constructors for authContext This includes: - SetupAuthContext: Setups authContext with new authContext fields. - NewAuthContext: Create AuthContext with using authContext fields from caller function. --- main.go | 2 +- pkg/auth/v3/auth.go | 22 ++++++++++++++++++++-- pkg/auth/v3/middleware.go | 2 +- 3 files changed, 22 insertions(+), 4 deletions(-) diff --git a/main.go b/main.go index d4f35b5..5940fe3 100644 --- a/main.go +++ b/main.go @@ -554,7 +554,7 @@ func runRPC(wg *sync.WaitGroup, ctx context.Context) { var opts []_grpc.ServerOption if !dev { _log.Infow("adding auth interceptor") - ac := authv3.NewAuthContext() + ac := authv3.NewAuthContext(kc, ks, as) o := authv3.Option{} opts = append(opts, _grpc.UnaryInterceptor( ac.NewAuthUnaryInterceptor(o), diff --git a/pkg/auth/v3/auth.go b/pkg/auth/v3/auth.go index 884b4b5..01bddea 100644 --- a/pkg/auth/v3/auth.go +++ b/pkg/auth/v3/auth.go @@ -37,8 +37,10 @@ type authContext struct { as service.AuthzService } -// NewAuthContext setup authentication and authorization dependencies. -func NewAuthContext() authContext { +// SetupAuthContext sets up new authContext along with its +// dependencies. If the caller already has instances of authContext +// fields created then use NewAuthContext instead. +func SetupAuthContext() authContext { var ( kc *kclient.APIClient kratosScheme string @@ -93,3 +95,19 @@ func getEnvWithDefault(env, def string) string { } return val } + +// NewAuthContext instantiate authContext. NewAuthContext creates +// authContext reusing dependency instances from calling function +// instead of creating new instances. To create authContext along with +// its dependencies, use SetupAuthContext. +func NewAuthContext( + kc *kclient.APIClient, + apiKeySvc service.ApiKeyService, + authzSvc service.AuthzService, +) authContext { + return authContext{ + kc: kc, + ks: apiKeySvc, + as: authzSvc, + } +} diff --git a/pkg/auth/v3/middleware.go b/pkg/auth/v3/middleware.go index 0b1db40..c49d48c 100644 --- a/pkg/auth/v3/middleware.go +++ b/pkg/auth/v3/middleware.go @@ -20,7 +20,7 @@ type authMiddleware struct { func NewAuthMiddleware(opt Option) negroni.Handler { return &authMiddleware{ - ac: NewAuthContext(), + ac: SetupAuthContext(), opt: opt, } }