valitydev/bouncer-client-erlang
14
0
Fork 0
mirror of https://github.com/valitydev/bouncer-client-erlang.git synced 2024-11-06 00:25:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

TD-400: Add context helpers for token access (#11)

Browse Source
This commit is contained in:
Alexey S 2022-09-19 17:15:36 +00:00 committed by GitHub
parent 5b3b5c7160
commit 79d9d0144e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 47 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Dockerfile.dev
View File

@ -1,10 +1,10 @@
ARG OTP_VERSION ARG OTP_VERSION
FROM docker.io/library/erlang:${OTP_VERSION} FROM docker.io/library/erlang:${OTP_VERSION}
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
# Install thrift compiler # Install thrift compiler
ARG THRIFT_VERSION ARG THRIFT_VERSION
ARG TARGETARCH ARG TARGETARCH
RUN wget -q -O- "https://github.com/valitydev/thrift/releases/download/${THRIFT_VERSION}/thrift-${THRIFT_VERSION}-linux-${TARGETARCH}.tar.gz" \ RUN wget -q -O- "https://github.com/valitydev/thrift/releases/download/${THRIFT_VERSION}/thrift-${THRIFT_VERSION}-linux-${TARGETARCH}.tar.gz" \
| tar -xvz -C /usr/local/bin/ | tar -xvz -C /usr/local/bin/
@ -14,4 +14,4 @@ ENV CHARSET=UTF-8
ENV LANG=C.UTF-8 ENV LANG=C.UTF-8
# Set runtime # Set runtime
CMD /bin/bash CMD ["/bin/bash"]

28
src/bouncer_context_helpers.erl
View File

@ -44,7 +44,13 @@
}. }.
-type token() :: #{ -type token() :: #{
id => id() id => id(),
access => [resource_access()]
}.
-type resource_access() :: #{
id => id(),
roles => [binary()]
}. }.
-type auth_scope() :: #{ -type auth_scope() :: #{
@ -205,7 +211,25 @@ maybe_marshal_entity(Entity) ->
#base_Entity{id = EntityID}. #base_Entity{id = EntityID}.
marshal_token(Token) -> marshal_token(Token) ->
#ctx_v1_Token{id = maybe_get_param(id, Token)}. TokenAccess = maybe_get_param(access, Token),
#ctx_v1_Token{
id = maybe_get_param(id, Token),
access = maybe(TokenAccess, fun marshal_token_access/1)
}.
marshal_token_access(TokenAccess) ->
[marshal_resource_access(ResourceAccess) || ResourceAccess <- TokenAccess].
marshal_resource_access(ResourceAccess) ->
ID = maybe_get_param(id, ResourceAccess),
Roles = maybe_get_param(roles, ResourceAccess),
#ctx_v1_ResourceAccess{
id = ID,
roles = maybe(Roles, fun marshal_token_access_roles/1)
}.
marshal_token_access_roles(TokenAccessRoles) when is_list(TokenAccessRoles) ->
TokenAccessRoles.
maybe_marshal_auth_scopes(undefined) -> maybe_marshal_auth_scopes(undefined) ->
undefined; undefined;

21
test/bouncer_client_SUITE.erl
View File

@ -237,6 +237,12 @@ validate_env_fragment(C) ->
validate_auth_fragment(C) -> validate_auth_fragment(C) ->
Method = <<"someMethod">>, Method = <<"someMethod">>,
TokenID = <<"📟"/utf8>>, TokenID = <<"📟"/utf8>>,
TokenAccess = [
#{
id => <<"some-api">>,
roles => [<<"do-nothing">>]
}
],
_ = mock_services( _ = mock_services(
[ [
{bouncer, fun('Judge', {_RulesetID, Fragments}) -> {bouncer, fun('Judge', {_RulesetID, Fragments}) ->
@ -245,7 +251,15 @@ validate_auth_fragment(C) ->
#ctx_v1_ContextFragment{ #ctx_v1_ContextFragment{
auth = #ctx_v1_Auth{ auth = #ctx_v1_Auth{
method = Method, method = Method,
token = #ctx_v1_Token{id = TokenID} token = #ctx_v1_Token{
id = TokenID,
access = [
#ctx_v1_ResourceAccess{
id = <<"some-api">>,
roles = [<<"do-nothing">>]
}
]
}
} }
}, },
Auth Auth
@ -264,7 +278,10 @@ validate_auth_fragment(C) ->
fragments => #{ fragments => #{
<<"auth">> => bouncer_context_helpers:make_auth_fragment(#{ <<"auth">> => bouncer_context_helpers:make_auth_fragment(#{
method => Method, method => Method,
token => #{id => TokenID} token => #{
id => TokenID,
access => TokenAccess
}
}) })
} }
}, },