valitydev/api-key-mgmt-v2
14
0
Fork 0
mirror of https://github.com/valitydev/api-key-mgmt-v2.git synced 2024-11-06 02:15:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

TD-651: add secret and template (#10)

Browse Source 
* TD-651: update template rendering

* TD-651: add vault client

* TD-651: delete vault client

* TD-651: cleanup

---------

Co-authored-by: anatoliy.losev <losto@nix>
This commit is contained in:
ttt161 2023-07-28 10:49:37 +03:00 committed by GitHub
parent 6e02444fbd
commit 9c3e1f3968
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 37 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
apps/akm/include/akm.hrl Normal file
View File

@ -0,0 +1 @@
-define(RENDER_MODULE, akm_mail_request_revoke).

1
apps/akm/priv/mails/request_revoke.dtl Normal file
View File

@ -0,0 +1 @@
To revoke key, go to link: {{ url }}/apikeys/v2/orgs/{{ party_id }}/revoke-api-key/{{ api_key_id }}?apiKeyRevokeToken={{ revoke_token }}

8
apps/akm/src/akm_mailer.erl
View File

@ -1,5 +1,6 @@
-module(akm_mailer).
-include("akm.hrl").
-include_lib("bouncer_proto/include/bouncer_ctx_v1_thrift.hrl").
-include_lib("bouncer_proto/include/bouncer_ctx_thrift.hrl").
-include_lib("epgsql/include/epgsql.hrl").
@ -11,7 +12,7 @@
-spec send_revoke_mail(string(), binary(), binary(), binary()) ->
ok | {error, {failed_to_send, term()}}.
send_revoke_mail(Email, PartyID, ApiKeyID, Token) ->
{ok, Mod} = compile_template(),
Mod = ?RENDER_MODULE,
{ok, Body} = Mod:render([
{url, url()},
{party_id, PartyID},
@ -63,11 +64,6 @@ get_env() ->
password => "password"
}).
compile_template() ->
WorkDir = akm_utils:get_env_var("WORK_DIR"),
File = filename:join([WorkDir, "priv", "mails", ?TEMPLATE_FILE]),
erlydtl:compile(File, akm_mail_request_revoke).
wait_result() ->
receive
{sending_result, {ok, _Receipt}} ->

23
apps/akm/src/akm_sup.erl
View File

@ -5,6 +5,11 @@
-behaviour(supervisor).
-include("akm.hrl").
-define(TEMPLATE_FILE, "request_revoke.dtl").
-define(TEMPLATE_DIR, "/opt/api-key-mgmt-v2/templates").
%% API
-export([start_link/0]).
@ -22,6 +27,7 @@ start_link() ->
-spec init([]) -> {ok, {supervisor:sup_flags(), [supervisor:child_spec()]}}.
init([]) ->
ok = dbinit(),
{ok, _} = compile_template(),
{LogicHandlers, LogicHandlerSpecs} = get_logic_handler_info(),
HealthCheck = enable_health_logging(genlib_app:env(akm, health_check, #{})),
AdditionalRoutes = [{'_', [erl_health_handle:get_route(HealthCheck), get_prometheus_route()]}],
@ -72,3 +78,20 @@ dbinit() ->
ok -> ok;
{error, Reason} -> throw({migrations_error, Reason})
end.
compile_template() ->
TemplateFile = template_file(),
File =
case filelib:is_file(TemplateFile) of
true -> TemplateFile;
false -> default_template_file()
end,
AkmEbinDir = code:lib_dir(akm, ebin),
erlydtl:compile({file, File}, ?RENDER_MODULE, [{out_dir, AkmEbinDir}]).
default_template_file() ->
AkmPrivDir = code:priv_dir(akm),
filename:join([AkmPrivDir, "mails", ?TEMPLATE_FILE]).
template_file() ->
filename:join([?TEMPLATE_DIR, ?TEMPLATE_FILE]).

10
apps/akm/test/akm_basic_test_SUITE.erl
View File

@ -65,7 +65,7 @@ init_per_testcase(revoke_key_test, C) ->
gen_smtp_client,
send,
fun({_, _, Msg}, _, CallbackFun) ->
application:set_env(akm, email_msg, Msg),
application:set_env(akm, email_msg_revoke_key_test, Msg),
P = spawn(fun() -> CallbackFun({ok, <<"success">>}) end),
{ok, P}
end
@ -202,7 +202,7 @@ revoke_key_test(Config) ->
%% check success request revoke
{204, _, _} = akm_client:request_revoke_key(Host, Port, PartyId, ApiKeyId),
RevokePath = extract_revoke_path(),
RevokePath = extract_revoke_path(email_msg_revoke_key_test),
RevokeWithBadApiKeyId = break_api_key_id(RevokePath, ApiKeyId),
RevokeWithBadRevokeToken = break_revoke_token(RevokePath),
@ -221,10 +221,10 @@ get_list_keys(Host, Port, PartyId, Limit, #{<<"results">> := ListKeys, <<"contin
get_list_keys(_Host, _Port, _PartyId, _Limit, #{<<"results">> := ListKeys}, Acc) ->
Acc ++ ListKeys.
extract_revoke_path() ->
{ok, Msg} = application:get_env(akm, email_msg),
extract_revoke_path(VarName) ->
{ok, Msg} = application:get_env(akm, VarName),
[_, Path] = binary:split(Msg, <<".dev">>),
Path.
binary:replace(Path, <<"\n">>, <<>>, [global]).
break_api_key_id(Path, ApiKeyId) ->
binary:replace(Path, ApiKeyId, <<"BadID">>).

5
apps/akm/test/akm_cth.erl
View File

@ -102,11 +102,12 @@ prepare_config(State) ->
url => "http://vality.dev",
from_email => "example@example.com",
relay => "smtp4dev",
username => "username",
password => "password"
password => "password",
username => "username"
}}
]}
],
[
{sys_config, SysConfig},
{akm_host, "localhost"},

25
compose.yaml
View File

@ -59,28 +59,3 @@ services:
interval: 5s
timeout: 1s
retries: 20
smtp4dev:
image: rnwood/smtp4dev:v3
ports:
# Change the number before : to the port the web interface should be accessible on
- '5000:80'
# Change the number before : to the port the SMTP server should be accessible on
- '25:25'
# Change the number before : to the port the IMAP server should be accessible on
- '143:143'
volumes:
# This is where smtp4dev stores the database..
- smtp4dev-data:/smtp4dev
environment:
#Specifies the server hostname. Used in auto-generated TLS certificate if enabled.
- ServerOptions__HostName=smtp4dev
#The username for the SMTP server used to relay messages. If "" no authentication is attempted.
- RelayOptions__Login=username
#The password for the SMTP server used to relay messages
- RelayOptions__Password=password
volumes:
smtp4dev-data:

4
config/sys.config
View File

@ -81,8 +81,8 @@
url => "vality.dev",
from_email => "example@example.com",
relay => "smtp.gmail.com",
username => "username",
password => "password"
password => "password",
username => "username"
}}
]},

1
priv/mails/request_revoke.dtl
View File

@ -1 +0,0 @@
To revoke key, go to link: {{ url }}/apikeys/v2/orgs/{{ party_id }}/revoke-api-key/{{ api_key_id }}?apiKeyRevokeToken={{ revoke_token }}