m6l2 - Auth

otuskotlin · Nov 9, 2023 · 31391eb · 31391eb
1 parent fea1ebb
commit 31391eb
Show file tree

Hide file tree

Showing 67 changed files with 1,277 additions and 191 deletions.
diff --git a/ok-marketplace-acceptance/src/test/kotlin/docker/DebugDockerCompose.kt b/ok-marketplace-acceptance/src/test/kotlin/docker/DebugDockerCompose.kt
@@ -0,0 +1,20 @@
+package ru.otus.otuskotlin.marketplace.blackbox.docker
+
+import io.ktor.http.*
+import ru.otus.otuskotlin.marketplace.blackbox.fixture.docker.DockerCompose
+
+// для отладки тестов, предполагается, что докер-компоуз запущен вручную
+object DebugDockerCompose : DockerCompose  {
+    override fun start() {
+    }
+
+    override fun stop() {
+    }
+
+    override val inputUrl: URLBuilder
+        get() = URLBuilder(
+            protocol = URLProtocol.HTTP,
+            host = "localhost",
+            port = 8080,
+        )
+}
diff --git a/ok-marketplace-acceptance/src/test/kotlin/fixture/client/RestClient.kt b/ok-marketplace-acceptance/src/test/kotlin/fixture/client/RestClient.kt
@@ -8,6 +8,8 @@ import io.ktor.http.*
 import ru.otus.otuskotlin.marketplace.blackbox.fixture.client.Client
 import ru.otus.otuskotlin.marketplace.blackbox.fixture.docker.DockerCompose
 
+private const val TOKEN = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJhZC11c2VycyIsImlzcyI6Ik90dXNLb3RsaW4iLCJncm91cHMiOlsiVVNFUiJdfQ.Ef_RcXDSuVU4P9bEDH5FwUrPioToz3H_Plylpuc2C1M"
+
 /**
  * Отправка запросов по http/rest
  */
@@ -23,6 +25,7 @@ class RestClient(dockerCompose: DockerCompose) : Client {
             url(url)
             headers {
                 append(HttpHeaders.ContentType, ContentType.Application.Json)
+                append(HttpHeaders.Authorization, "Bearer $TOKEN")
             }
             accept(ContentType.Application.Json)
             setBody(request)

diff --git a/ok-marketplace-app-common/src/commonMain/kotlin/AuthConfig.kt b/ok-marketplace-app-common/src/commonMain/kotlin/AuthConfig.kt
@@ -0,0 +1,34 @@
+package ru.otus.otuskotlin.marketplace.app.common
+
+data class AuthConfig(
+    val secret: String,
+    val issuer: String,
+    val audience: String,
+    val realm: String,
+    val clientId: String,
+    val certUrl: String? = null,
+) {
+    companion object {
+        const val ID_CLAIM = "sub"
+        const val GROUPS_CLAIM = "groups"
+        const val F_NAME_CLAIM = "fname"
+        const val M_NAME_CLAIM = "mname"
+        const val L_NAME_CLAIM = "lname"
+
+        val TEST = AuthConfig(
+            secret = "secret",
+            issuer = "OtusKotlin",
+            audience = "ad-users",
+            realm = "otus-marketplace",
+            clientId = "otus-marketplace-service",
+        )
+
+        val NONE = AuthConfig(
+            secret = "",
+            issuer = "",
+            audience = "",
+            realm = "",
+            clientId = "",
+        )
+    }
+}
diff --git a/ok-marketplace-app-common/src/commonMain/kotlin/MkplAppSettings.kt b/ok-marketplace-app-common/src/commonMain/kotlin/MkplAppSettings.kt
@@ -8,5 +8,6 @@ data class MkplAppSettings(
     val appUrls: List<String> = emptyList(),
     val corSettings: MkplCorSettings = MkplCorSettings(),
     val processor: MkplAdProcessor = MkplAdProcessor(corSettings),
-    val logger: MpLoggerProvider = MpLoggerProvider()
+    val logger: MpLoggerProvider = MpLoggerProvider(),
+    val auth: AuthConfig = AuthConfig.NONE,
 )
diff --git a/ok-marketplace-app-ktor/src/commonMain/kotlin/plugins/InitAppSettings.kt b/ok-marketplace-app-ktor/src/commonMain/kotlin/plugins/InitAppSettings.kt
@@ -1,12 +1,12 @@
 package ru.otus.otuskotlin.marketplace.app.plugins
 
 import io.ktor.server.application.*
+import ru.otus.otuskotlin.marketplace.app.common.AuthConfig
 import ru.otus.otuskotlin.marketplace.app.common.MkplAppSettings
 import ru.otus.otuskotlin.marketplace.backend.repository.inmemory.AdRepoStub
 import ru.otus.otuskotlin.marketplace.biz.MkplAdProcessor
 import ru.otus.otuskotlin.marketplace.common.MkplCorSettings
 import ru.otus.otuskotlin.marketplace.logging.common.MpLoggerProvider
-import ru.otus.otuskotlin.marketplace.repo.inmemory.AdRepoInMemory
 
 fun Application.initAppSettings(): MkplAppSettings {
     val corSettings = MkplCorSettings(
@@ -19,6 +19,16 @@ fun Application.initAppSettings(): MkplAppSettings {
         appUrls = environment.config.propertyOrNull("ktor.urls")?.getList() ?: emptyList(),
         processor = MkplAdProcessor(corSettings),
         logger = getLoggerProviderConf(),
+        auth = initAppAuth(),
     )
 }
 expect fun Application.getLoggerProviderConf(): MpLoggerProvider
+
+private fun Application.initAppAuth(): AuthConfig = AuthConfig(
+    secret = environment.config.propertyOrNull("jwt.secret")?.getString() ?: "",
+    issuer = environment.config.property("jwt.issuer").getString(),
+    audience = environment.config.property("jwt.audience").getString(),
+    realm = environment.config.property("jwt.realm").getString(),
+    clientId = environment.config.property("jwt.clientId").getString(),
+    certUrl = environment.config.propertyOrNull("jwt.certUrl")?.getString(),
+)
diff --git a/ok-marketplace-app-ktor/src/commonMain/kotlin/v2/ControllerHelperV2.kt b/ok-marketplace-app-ktor/src/commonMain/kotlin/v2/ControllerHelperV2.kt
@@ -8,6 +8,9 @@ import ru.otus.otuskotlin.marketplace.api.v2.models.IRequest
 import ru.otus.otuskotlin.marketplace.api.v2.models.IResponse
 import ru.otus.otuskotlin.marketplace.app.common.MkplAppSettings
 import ru.otus.otuskotlin.marketplace.app.common.process
+import ru.otus.otuskotlin.marketplace.common.models.MkplUserId
+import ru.otus.otuskotlin.marketplace.common.permissions.MkplPrincipalModel
+import ru.otus.otuskotlin.marketplace.common.permissions.MkplUserGroups
 import ru.otus.otuskotlin.marketplace.mappers.v2.fromTransport
 import ru.otus.otuskotlin.marketplace.mappers.v2.toTransportAd
 import kotlin.reflect.KClass
@@ -20,8 +23,19 @@ suspend inline fun <reified Q : IRequest, @Suppress("unused") reified R : IRespo
     appSettings.processor.process(appSettings.logger.logger(klass), logId,
         fromTransport = {
             val request = receive<Q>()
+            principal = mkplPrincipal(appSettings)
             fromTransport(request)
         },
         sendResponse = { respond(toTransportAd()) }
     )
 }
+
+// TODO: костыль для решения проблемы отсутствия jwt в native
+@Suppress("UnusedReceiverParameter", "UNUSED_PARAMETER")
+fun ApplicationCall.mkplPrincipal(appSettings: MkplAppSettings): MkplPrincipalModel = MkplPrincipalModel(
+    id = MkplUserId("user-1"),
+    fname = "Ivan",
+    mname = "Ivanovich",
+    lname = "Ivanov",
+    groups = setOf(MkplUserGroups.TEST, MkplUserGroups.USER),
+)
diff --git a/...c/jvmTest/kotlin/stubs/V2AdStubApiTest.kt → .../src/commonTest/kotlin/V2AdStubApiTest.kt b/...c/jvmTest/kotlin/stubs/V2AdStubApiTest.kt → .../src/commonTest/kotlin/V2AdStubApiTest.kt
@@ -1,20 +1,24 @@
-package ru.otus.otuskotlin.marketplace.app.stubs
+package ru.otus.otuskotlin.marketplace.app
 
 import io.ktor.client.request.*
 import io.ktor.client.statement.*
 import io.ktor.http.*
 import io.ktor.server.testing.*
 import kotlinx.serialization.decodeFromString
 import kotlinx.serialization.encodeToString
-import org.junit.Test
 import ru.otus.otuskotlin.marketplace.api.v2.apiV2Mapper
 import ru.otus.otuskotlin.marketplace.api.v2.models.*
+import ru.otus.otuskotlin.marketplace.app.auth.addAuth
+import ru.otus.otuskotlin.marketplace.app.common.AuthConfig
+import ru.otus.otuskotlin.marketplace.app.helpers.testSettings
+import kotlin.test.Test
 import kotlin.test.assertEquals
 
 class V2AdStubApiTest {
 
     @Test
     fun create() = testApplication {
+        application { module(testSettings()) }
         val response = client.post("/v2/ad/create") {
             val requestObj = AdCreateRequest(
                 requestId = "12345",
@@ -30,6 +34,7 @@ class V2AdStubApiTest {
                 )
             )
             contentType(ContentType.Application.Json)
+            addAuth(config = AuthConfig.TEST)
             val requestJson = apiV2Mapper.encodeToString(requestObj)
             setBody(requestJson)
         }
@@ -41,6 +46,7 @@ class V2AdStubApiTest {
 
     @Test
     fun read() = testApplication {
+        application { module(testSettings()) }
         val response = client.post("/v2/ad/read") {
             val requestObj = AdReadRequest(
                 requestId = "12345",
@@ -51,6 +57,7 @@ class V2AdStubApiTest {
                 )
             )
             contentType(ContentType.Application.Json)
+            addAuth(config = AuthConfig.TEST)
             val requestJson = apiV2Mapper.encodeToString(requestObj)
             setBody(requestJson)
         }
@@ -62,6 +69,7 @@ class V2AdStubApiTest {
 
     @Test
     fun update() = testApplication {
+        application { module(testSettings()) }
         val response = client.post("/v2/ad/update") {
             val requestObj = AdUpdateRequest(
                 requestId = "12345",
@@ -78,6 +86,7 @@ class V2AdStubApiTest {
                 )
             )
             contentType(ContentType.Application.Json)
+            addAuth(config = AuthConfig.TEST)
             val requestJson = apiV2Mapper.encodeToString(requestObj)
             setBody(requestJson)
         }
@@ -89,6 +98,7 @@ class V2AdStubApiTest {
 
     @Test
     fun delete() = testApplication {
+        application { module(testSettings()) }
         val response = client.post("/v2/ad/delete") {
             val requestObj = AdDeleteRequest(
                 requestId = "12345",
@@ -102,6 +112,7 @@ class V2AdStubApiTest {
                 )
             )
             contentType(ContentType.Application.Json)
+            addAuth(config = AuthConfig.TEST)
             val requestJson = apiV2Mapper.encodeToString(requestObj)
             setBody(requestJson)
         }
@@ -113,6 +124,7 @@ class V2AdStubApiTest {
 
     @Test
     fun search() = testApplication {
+        application { module(testSettings()) }
         val response = client.post("/v2/ad/search") {
             val requestObj = AdSearchRequest(
                 requestId = "12345",
@@ -123,6 +135,7 @@ class V2AdStubApiTest {
                 )
             )
             contentType(ContentType.Application.Json)
+            addAuth(config = AuthConfig.TEST)
             val requestJson = apiV2Mapper.encodeToString(requestObj)
             setBody(requestJson)
         }
@@ -134,6 +147,7 @@ class V2AdStubApiTest {
 
     @Test
     fun offers() = testApplication {
+        application { module(testSettings()) }
         val response = client.post("/v2/ad/offers") {
             val requestObj = AdOffersRequest(
                 requestId = "12345",
@@ -145,6 +159,7 @@ class V2AdStubApiTest {
                     stub = AdRequestDebugStubs.SUCCESS
                 )
             )
+            addAuth(config = AuthConfig.TEST)
             contentType(ContentType.Application.Json)
             val requestJson = apiV2Mapper.encodeToString(requestObj)
             setBody(requestJson)

diff --git a/ok-marketplace-app-ktor/src/commonTest/kotlin/auth/authHelpers.kt b/ok-marketplace-app-ktor/src/commonTest/kotlin/auth/authHelpers.kt
@@ -0,0 +1,10 @@
+package ru.otus.otuskotlin.marketplace.app.auth
+
+import io.ktor.client.request.*
+import ru.otus.otuskotlin.marketplace.app.common.AuthConfig
+
+expect fun HttpRequestBuilder.addAuth(
+    id: String = "user1",
+    groups: List<String> = listOf("USER", "TEST"),
+    config: AuthConfig = AuthConfig.TEST,
+)
diff --git a/ok-marketplace-app-ktor/src/commonTest/kotlin/helpers/TestHelpers.kt b/ok-marketplace-app-ktor/src/commonTest/kotlin/helpers/TestHelpers.kt
@@ -0,0 +1,18 @@
+package ru.otus.otuskotlin.marketplace.app.helpers
+
+
+import ru.otus.otuskotlin.marketplace.app.common.AuthConfig
+import ru.otus.otuskotlin.marketplace.app.common.MkplAppSettings
+import ru.otus.otuskotlin.marketplace.backend.repository.inmemory.AdRepoStub
+import ru.otus.otuskotlin.marketplace.common.MkplCorSettings
+import ru.otus.otuskotlin.marketplace.common.repo.IAdRepository
+import ru.otus.otuskotlin.marketplace.repo.inmemory.AdRepoInMemory
+
+fun testSettings(repo: IAdRepository? = null) = MkplAppSettings(
+    corSettings = MkplCorSettings(
+        repoStub = AdRepoStub(),
+        repoTest = repo ?: AdRepoInMemory(),
+        repoProd = repo ?: AdRepoInMemory(),
+    ),
+    auth = AuthConfig.TEST
+)