MSPF-532: get rid of rfc3339 (#473)

* MSPF-532: Update image * MSPF-532: Remove rfc339 from capi * Upgrade libs * Update uac * Refactor auth code * Fix dialyzer errors
2024-11-06 01:55:20 +00:00 · 2020-04-27 18:43:54 +03:00 · 2020-04-27 18:43:54 +03:00 · 2d3cd91661
commit 2d3cd91661
parent 52c9a22706
13 changed files with 60 additions and 81 deletions
--- a/2
+++ b/2
@ -33,7 +33,7 @@ build('capi', 'docker-host', finalHook) {
        sh 'make wc_xref'
      }
      runStage('pre-dialyze') {
-        withWsCache("_build/default/rebar3_22.2.6_plt") {
+        withWsCache("_build/default/rebar3_22.3.1_plt") {
          sh 'make wc_update_plt'
        }
      }
--- a/2
+++ b/2
@ -19,7 +19,7 @@ SERVICE_IMAGE_PUSH_TAG ?= $(SERVICE_IMAGE_TAG)
 BASE_IMAGE_NAME := service-erlang
 BASE_IMAGE_TAG := da0ab769f01b650b389d18fc85e7418e727cbe96

-BUILD_IMAGE_TAG := 14519aa9b9c10f79081567d8add33cdf408dfbd2
+BUILD_IMAGE_TAG := 442c2c274c1d8e484e5213089906a4271641d95e

 CALL_ANYWHERE := \
 	submodules \
--- a/apps/capi/src/capi.app.src
+++ b/apps/capi/src/capi.app.src
@ -22,7 +22,6 @@
        jose,
        cowboy_cors,
        cowboy_access_log,
-        rfc3339,
        base64url,
        woody_user_identity,
        payproc_errors,
--- a/apps/capi/src/capi_auth.erl
+++ b/apps/capi/src/capi_auth.erl
@ -48,24 +48,20 @@ issue_access_token(PartyID, TokenSpec) ->
 -spec issue_access_token(PartyID :: binary(), token_spec(), map()) ->
    uac_authorizer_jwt:token().
 issue_access_token(PartyID, TokenSpec, ExtraProperties) ->
-    {Claims0, DomainRoles, LifeTime} = resolve_token_spec(TokenSpec),
-    Claims = maps:merge(ExtraProperties, Claims0),
+    Claims = maps:merge(
+        ExtraProperties,
+        resolve_token_spec(TokenSpec)
+    ),
    capi_utils:unwrap(uac_authorizer_jwt:issue(
        capi_utils:get_unique_id(),
-        LifeTime,
        PartyID,
-        DomainRoles,
        Claims,
        ?SIGNEE
    )).

 -spec resolve_token_spec(token_spec()) ->
-    {claims(), uac_authorizer_jwt:domains(), uac_authorizer_jwt:expiration()}.
+    claims().
 resolve_token_spec({invoice, InvoiceID}) ->
-    Claims =
-        #{
-            <<"cons">> => <<"client">> % token consumer
-        },
    DomainRoles = #{
        <<"common-api">> => uac_acl:from_list([
            {[{invoices, InvoiceID}]           , read },
@ -75,7 +71,11 @@ resolve_token_spec({invoice, InvoiceID}) ->
        ])
    },
    Expiration = {lifetime, ?DEFAULT_INVOICE_ACCESS_TOKEN_LIFETIME},
-    {Claims, DomainRoles, Expiration};
+    #{
+        <<"exp">> => Expiration,
+        <<"resource_access">> => DomainRoles,
+        <<"cons">> => <<"client">> % token consumer
+    };
 resolve_token_spec({invoice_tpl, InvoiceTplID}) ->
    DomainRoles = #{
        <<"common-api">> => uac_acl:from_list([
@ -83,7 +83,10 @@ resolve_token_spec({invoice_tpl, InvoiceTplID}) ->
            {[party, {invoice_templates, InvoiceTplID}, invoice_template_invoices], write}
        ])
    },
-    {#{}, DomainRoles, unlimited};
+    #{
+        <<"exp">> => unlimited,
+        <<"resource_access">> => DomainRoles
+    };
 resolve_token_spec({customer, CustomerID}) ->
    DomainRoles = #{
        <<"common-api">> => uac_acl:from_list([
@ -94,7 +97,10 @@ resolve_token_spec({customer, CustomerID}) ->
        ])
    },
    Expiration = {lifetime, ?DEFAULT_CUSTOMER_ACCESS_TOKEN_LIFETIME},
-    {#{}, DomainRoles, Expiration}.
+    #{
+        <<"exp">> => Expiration,
+        <<"resource_access">> => DomainRoles
+    }.

 %%

--- a/apps/capi/src/capi_handler_invoice_templates.erl
+++ b/apps/capi/src/capi_handler_invoice_templates.erl
@ -155,7 +155,7 @@ process_request('CreateInvoiceWithTemplate' = OperationID, Req, Context) ->

 process_request('GetInvoicePaymentMethodsByTemplateID', Req, Context) ->
    InvoiceTemplateID = maps:get('invoiceTemplateID', Req),
-    Timestamp = capi_utils:unwrap(rfc3339:format(erlang:system_time())),
+    Timestamp = genlib_rfc3339:format_relaxed(erlang:system_time(microsecond), microsecond),
    {ok, Party} = capi_handler_utils:get_my_party(Context),
    Revision = Party#domain_Party.revision,
    Args = [InvoiceTemplateID, Timestamp, {revision, Revision}],
--- a/apps/capi/src/capi_handler_reports.erl
+++ b/apps/capi/src/capi_handler_reports.erl
@ -135,7 +135,7 @@ generate_report_presigned_url(FileID, Context) ->
 get_default_url_lifetime() ->
    Now      = erlang:system_time(second),
    Lifetime = application:get_env(capi, reporter_url_lifetime, ?DEFAULT_URL_LIFETIME),
-    capi_utils:unwrap(rfc3339:format(Now + Lifetime, second)).
+    genlib_rfc3339:format_relaxed(Now + Lifetime, second).

 %%

--- a/apps/capi/src/capi_handler_utils.erl
+++ b/apps/capi/src/capi_handler_utils.erl
@ -203,16 +203,10 @@ get_split_interval(SplitSize, year  ) -> get_split_interval(SplitSize, day   ) *
    integer().

 get_time_diff(From, To) ->
-    {DateFrom, TimeFrom} = parse_rfc3339_datetime(From),
-    {DateTo, TimeTo} = parse_rfc3339_datetime(To),
-    UnixFrom = genlib_time:daytime_to_unixtime({DateFrom, TimeFrom}),
-    UnixTo = genlib_time:daytime_to_unixtime({DateTo, TimeTo}),
+    UnixFrom = genlib_rfc3339:parse(From, second),
+    UnixTo = genlib_rfc3339:parse(To, second),
    UnixTo - UnixFrom.

-parse_rfc3339_datetime(DateTime) ->
-    {ok, {DateFrom, TimeFrom, _, _}} = rfc3339:parse(DateTime),
-    {DateFrom, TimeFrom}.
-
 -spec collect_events(
    integer(),
    integer(),
--- a/apps/capi/src/capi_utils.erl
+++ b/apps/capi/src/capi_utils.erl
@ -53,20 +53,8 @@ redact_match([Capture], Message) ->

 -spec to_universal_time(Timestamp :: binary()) -> TimestampUTC :: binary().
 to_universal_time(Timestamp) ->
-    {ok, {Date, Time, Usec, TZOffset}} = rfc3339:parse(Timestamp),
-    Seconds = calendar:datetime_to_gregorian_seconds({Date, Time}),
-    %% The following crappy code is a dialyzer workaround
-    %% for the wrong rfc3339:parse/1 spec.
-    {DateUTC, TimeUTC} = calendar:gregorian_seconds_to_datetime(
-        case TZOffset of
-            _ when is_integer(TZOffset) ->
-                Seconds - (60 * TZOffset);
-            _ ->
-                Seconds
-        end
-    ),
-    {ok, TimestampUTC} = rfc3339:format({DateUTC, TimeUTC, Usec, 0}),
-    TimestampUTC.
+    Micros = genlib_rfc3339:parse(Timestamp, microsecond),
+    genlib_rfc3339:format_relaxed(Micros, microsecond).

 -spec unwrap(ok | {ok, Value} | {error, _Error}) ->
    Value | no_return().
@ -114,7 +102,7 @@ try_parse_woody_default(DeadlineStr) ->
    catch
        error:{bad_deadline, _Reason} ->
            {error, bad_deadline};
-        error:{badmatch, {error, baddate}} ->
+        error:{badmatch, _} ->
            {error, bad_deadline};
        error:deadline_reached ->
            {error, bad_deadline}
@ -218,9 +206,9 @@ get_unique_id() ->
 -spec to_universal_time_test() -> _.
 to_universal_time_test() ->
    ?assertEqual(<<"2017-04-19T13:56:07Z">>,        to_universal_time(<<"2017-04-19T13:56:07Z">>)),
-    ?assertEqual(<<"2017-04-19T13:56:07.530000Z">>, to_universal_time(<<"2017-04-19T13:56:07.53Z">>)),
-    ?assertEqual(<<"2017-04-19T10:36:07.530000Z">>, to_universal_time(<<"2017-04-19T13:56:07.53+03:20">>)),
-    ?assertEqual(<<"2017-04-19T17:16:07.530000Z">>, to_universal_time(<<"2017-04-19T13:56:07.53-03:20">>)).
+    ?assertEqual(<<"2017-04-19T13:56:07.530Z">>, to_universal_time(<<"2017-04-19T13:56:07.53Z">>)),
+    ?assertEqual(<<"2017-04-19T10:36:07.530Z">>, to_universal_time(<<"2017-04-19T13:56:07.53+03:20">>)),
+    ?assertEqual(<<"2017-04-19T17:16:07.530Z">>, to_universal_time(<<"2017-04-19T13:56:07.53-03:20">>)).

 -spec redact_test() -> _.
 redact_test() ->
--- a/apps/capi/test/capi_ct_helper.erl
+++ b/apps/capi/test/capi_ct_helper.erl
@ -133,15 +133,16 @@ issue_token(ACL, LifeTime, ExtraProperties) ->
    }.

 issue_token(PartyID, ACL, LifeTime, ExtraProperties) ->
-    Claims = maps:merge(#{?STRING => ?STRING}, ExtraProperties),
-    DomainRoles = #{
-        <<"common-api">> => uac_acl:from_list(ACL)
-    },
+    Claims = maps:merge(#{
+        ?STRING => ?STRING,
+        <<"exp">> => LifeTime,
+        <<"resource_access">> => #{
+            <<"common-api">> => uac_acl:from_list(ACL)
+        }
+    }, ExtraProperties),
    uac_authorizer_jwt:issue(
        capi_utils:get_unique_id(),
-        LifeTime,
        PartyID,
-        DomainRoles,
        Claims,
        capi
    ).
--- a/apps/capi/test/capi_gracefull_shutdown_SUITE.erl
+++ b/apps/capi/test/capi_gracefull_shutdown_SUITE.erl
@ -123,7 +123,7 @@ worker(Token, ParentPID) ->
    ParentPID ! {result, Result}.

 get_context(Token) ->
-    {ok, Deadline} = build_deadline(genlib_time:now()),
+    Deadline = build_deadline(genlib_time:now()),
    capi_ct_helper:get_context(Token, #{}, Deadline).

 get_token() ->
@ -135,8 +135,4 @@ get_token() ->
    Token.

 build_deadline(CurrentSeconds) ->
-    rfc3339:format(
-        genlib_time:unixtime_to_daytime(
-            genlib_time:add_hours(CurrentSeconds, 1)
-        )
-    ).
+    genlib_rfc3339:format_relaxed(genlib_time:add_hours(CurrentSeconds, 1), second).
--- a/apps/capi_client/src/capi_client_lib.erl
+++ b/apps/capi_client/src/capi_client_lib.erl
@ -60,8 +60,8 @@ prepare_param(Param) ->
    case Param of
        {limit, P}          -> #{<<"limit">> => genlib:to_binary(P)};
        {offset, P}         -> #{<<"offset">> => genlib:to_binary(P)};
-        {from_time, P}      -> #{<<"fromTime">> => genlib_format:format_datetime_iso8601(P)};
-        {to_time, P}        -> #{<<"toTime">> => genlib_format:format_datetime_iso8601(P)};
+        {from_time, P}      -> #{<<"fromTime">> => format_datetime(P)};
+        {to_time, P}        -> #{<<"toTime">> => format_datetime(P)};
        {status, P}         -> #{<<"status">> => genlib:to_binary(P)};
        {split_unit, P}     -> #{<<"splitUnit">> => genlib:to_binary(P)};
        {split_size, P}     -> #{<<"splitSize">> => genlib:to_binary(P)};
@ -195,3 +195,7 @@ decode_body(Body) when is_binary(Body) ->
    jsx:decode(Body, [return_maps]);
 decode_body(Body) ->
    Body.
+
+format_datetime(P) ->
+    Seconds = genlib_time:daytime_to_unixtime(P),
+    genlib_rfc3339:format_relaxed(Seconds, second).
--- a/rebar.config
+++ b/rebar.config
@ -27,14 +27,9 @@

 %% Common project dependencies.
 {deps, [
-    {cowboy,    "2.5.0"},
+    {cowboy,    "2.7.0"},
    {jose,      "1.7.9"},
    {base64url, "0.0.1"},
-    {rfc3339,
-        {git, "https://github.com/rbkmoney/rfc3339.git",
-            {branch, "master"}
-        }
-    },
    {genlib,
        {git, "https://github.com/rbkmoney/genlib.git",
            {branch, "master"}
--- a/rebar.lock
+++ b/rebar.lock
@ -11,7 +11,7 @@
  {git,"https://github.com/rbkmoney/cg_mon.git",
       {ref,"5a87a37694e42b6592d3b4164ae54e0e87e24e18"}},
  1},
- {<<"cowboy">>,{pkg,<<"cowboy">>,<<"2.5.0">>},0},
+ {<<"cowboy">>,{pkg,<<"cowboy">>,<<"2.7.0">>},0},
 {<<"cowboy_access_log">>,
  {git,"git@github.com:rbkmoney/cowboy_access_log.git",
       {ref,"98e3b278e29da1bd298140349d68d8ebaeeec31e"}},
@ -20,14 +20,14 @@
  {git,"https://github.com/rbkmoney/cowboy_cors.git",
       {ref,"4cac7528845a8610d471b6fbb92321f79d93f0b8"}},
  0},
- {<<"cowlib">>,{pkg,<<"cowlib">>,<<"2.6.0">>},1},
+ {<<"cowlib">>,{pkg,<<"cowlib">>,<<"2.8.0">>},1},
 {<<"damsel">>,
  {git,"git@github.com:rbkmoney/damsel.git",
       {ref,"1a54c2a3c856901e03c09fc7c7f6c48db9663ce6"}},
  0},
 {<<"dmt_client">>,
  {git,"git@github.com:rbkmoney/dmt_client.git",
-       {ref,"621fb49e9ca1b97b6fb1317d0287b5960cb3c2a7"}},
+       {ref,"32b702a6a25b4019de95e916e86f9dffda3289e3"}},
  0},
 {<<"dmt_core">>,
  {git,"git@github.com:rbkmoney/dmt_core.git",
@ -47,7 +47,7 @@
  1},
 {<<"genlib">>,
  {git,"https://github.com/rbkmoney/genlib.git",
-       {ref,"f805a11f6e73faffb05656c5192fbe199df36f27"}},
+       {ref,"54920e768a71f121304a5eda547ee60295398f3c"}},
  0},
 {<<"gproc">>,{pkg,<<"gproc">>,<<"0.8.0">>},1},
 {<<"gun">>,
@ -62,7 +62,7 @@
 {<<"idna">>,{pkg,<<"idna">>,<<"6.0.0">>},1},
 {<<"jesse">>,
  {git,"https://github.com/rbkmoney/jesse.git",
-       {ref,"723e835708a022bbce9e57807ecf220b00fb771a"}},
+       {ref,"a21da0609e446f328c01b1a72191cda26a8969a4"}},
  0},
 {<<"jose">>,{pkg,<<"jose">>,<<"1.7.9">>},0},
 {<<"jsx">>,{pkg,<<"jsx">>,<<"2.8.2">>},0},
@ -72,7 +72,7 @@
  0},
 {<<"logger_logstash_formatter">>,
  {git,"git@github.com:rbkmoney/logger_logstash_formatter.git",
-       {ref,"4348f24487c400da0579032422d93acd89c6e121"}},
+       {ref,"41e8e3cc3ba6d1f53f1f0a0c9eb07c32f0868205"}},
  0},
 {<<"metrics">>,{pkg,<<"metrics">>,<<"1.0.1">>},1},
 {<<"mimerl">>,{pkg,<<"mimerl">>,<<"1.2.0">>},1},
@ -88,22 +88,18 @@
  {git,"git@github.com:rbkmoney/payproc-errors-erlang.git",
       {ref,"77cc445a4bb1496854586853646e543579ac1212"}},
  0},
- {<<"ranch">>,{pkg,<<"ranch">>,<<"1.6.2">>},1},
+ {<<"ranch">>,{pkg,<<"ranch">>,<<"1.7.1">>},1},
 {<<"reporter_proto">>,
  {git,"git@github.com:rbkmoney/reporter-proto.git",
       {ref,"c5ac89c368c4d3de5f1cd96062d57a3c4a120113"}},
  0},
- {<<"rfc3339">>,
-  {git,"https://github.com/rbkmoney/rfc3339.git",
-       {ref,"ee3a1a6b1ee60219c49fdcaa9f36a25e91962bb5"}},
-  0},
 {<<"scoper">>,
  {git,"git@github.com:rbkmoney/scoper.git",
       {ref,"95643f40dd628c77f33f12be96cf1c39dccc9683"}},
  0},
 {<<"snowflake">>,
  {git,"https://github.com/rbkmoney/snowflake.git",
-       {ref,"0a598108f6582affe3b4ae550fc5b9f2062e318a"}},
+       {ref,"c34a962e17539e63a53f721cbf4ddcffeb0032a4"}},
  1},
 {<<"ssl_verify_fun">>,{pkg,<<"ssl_verify_fun">>,<<"1.1.4">>},1},
 {<<"thrift">>,
@ -112,16 +108,16 @@
  1},
 {<<"uac">>,
  {git,"git@github.com:rbkmoney/erlang_uac.git",
-       {ref,"6bd5b5dfc62b8c2673e7360eb99f9092ae3c6e12"}},
+       {ref,"dfeb52c2432864a0f4522f35405bb5361155f3e2"}},
  0},
 {<<"unicode_util_compat">>,{pkg,<<"unicode_util_compat">>,<<"0.4.1">>},2},
 {<<"woody">>,
  {git,"git@github.com:rbkmoney/woody_erlang.git",
-       {ref,"f2e56d8affcb57bdb603802362dc9d9058e2bddb"}},
+       {ref,"8543878a5560a7828c71629d1f81270e5dcfd811"}},
  0},
 {<<"woody_user_identity">>,
  {git,"git@github.com:rbkmoney/woody_erlang_user_identity.git",
-       {ref,"9c7ad2b8beac9c88c54594b264743dec7b9cf696"}},
+       {ref,"0feebda4f7b4a9b5ee93cfe7b28d824a3dc2d8dc"}},
  0}]}.
 [
 {pkg_hash,[
@ -129,8 +125,8 @@
 {<<"bear">>, <<"16264309AE5D005D03718A5C82641FCC259C9E8F09ADEB6FD79CA4271168656F">>},
 {<<"cache">>, <<"3C11DBF4CD8FCD5787C95A5FB2A04038E3729CFCA0386016EEA8C953AB48A5AB">>},
 {<<"certifi">>, <<"867CE347F7C7D78563450A18A6A28A8090331E77FA02380B4A21962A65D36EE5">>},
- {<<"cowboy">>, <<"4EF3AE066EE10FE01EA3272EDC8F024347A0D3EB95F6FBB9AED556DACBFC1337">>},
- {<<"cowlib">>, <<"8AA629F81A0FC189F261DC98A42243FA842625FEEA3C7EC56C48F4CCDB55490F">>},
+ {<<"cowboy">>, <<"91ED100138A764355F43316B1D23D7FF6BDB0DE4EA618CB5D8677C93A7A2F115">>},
+ {<<"cowlib">>, <<"FD0FF1787DB84AC415B8211573E9A30A3EBE71B5CBFF7F720089972B2319C8A4">>},
 {<<"gproc">>, <<"CEA02C578589C61E5341FCE149EA36CCEF236CC2ECAC8691FBA408E7EA77EC2F">>},
 {<<"hackney">>, <<"9F8F471C844B8CE395F7B6D8398139E26DDCA9EBC171A8B91342EE15A19963F4">>},
 {<<"idna">>, <<"689C46CBCDF3524C44D5F3DDE8001F364CD7608A99556D8FBD8239A5798D4C10">>},
@ -138,7 +134,7 @@
 {<<"jsx">>, <<"7ACC7D785B5ABE8A6E9ADBDE926A24E481F29956DD8B4DF49E3E4E7BCC92A018">>},
 {<<"metrics">>, <<"25F094DEA2CDA98213CECC3AEFF09E940299D950904393B2A29D191C346A8486">>},
 {<<"mimerl">>, <<"67E2D3F571088D5CFD3E550C383094B47159F3EEE8FFA08E64106CDF5E981BE3">>},
- {<<"ranch">>, <<"6DB93C78F411EE033DBB18BA8234C5574883ACB9A75AF0FB90A9B82EA46AFA00">>},
+ {<<"ranch">>, <<"6B1FAB51B49196860B733A49C07604465A47BDB78AA10C1C16A3D199F7F8C881">>},
 {<<"ssl_verify_fun">>, <<"F0EAFFF810D2041E93F915EF59899C923F4568F4585904D010387ED74988E77B">>},
 {<<"unicode_util_compat">>, <<"D869E4C68901DD9531385BB0C8C40444EBF624E60B6962D95952775CAC5E90CD">>}]}
 ].