Merge pull request #162 from ARGOeu/devel

Version 1.0.0
ARGOeu · Oct 10, 2022 · 5601351 · 5601351
2 parents 9a04982 + 909aff5
commit 5601351
Show file tree

Hide file tree

Showing 32 changed files with 396 additions and 298 deletions.
diff --git a/README.md b/README.md
@@ -1,6 +1,7 @@
 # Argo Api Authn
 
-<img src="https://jenkins.argo.grnet.gr/static/3c75a153/images/headshot.png" alt="Jenkins" width="25"/> [![Build Status](https://jenkins.argo.grnet.gr/job/argo-api-authn_devel/badge/icon)](https://jenkins.argo.grnet.gr/job/argo-api-authn_devel)
+[![Build Status](https://jenkins.einfra.grnet.gr/buildStatus/icon?job=ARGO%2Fargo-api-authn%2Fmaster&style=flat-square&color=darkturquoise&subject=build-master)](https://jenkins.einfra.grnet.gr/job/ARGO/job/argo-api-authn/job/master/) 
+[![Build Status](https://jenkins.einfra.grnet.gr/buildStatus/icon?job=ARGO%2Fargo-api-authn%2Fdevel&style=flat-square&subject=build-devel)](https://jenkins.einfra.grnet.gr/job/ARGO/job/argo-api-authn/job/devel/)
 
 Authentication Service for ARGO API(s)
 
@@ -75,7 +76,7 @@ Before you start, you need to issue a valid certificate.
    "trust_unknown_cas": false,
    "verify_certificate": true,
    "service_types_paths": {
-    "ams": "/v1/users:byUUID/{{identifier}}?key={{access_key}}",
+    "ams": "/v1/users:byUUID/{{identifier}}",
     "web-api": "/api/v2/users:byID/{{identifier}}?export=flat"
     },
    "service_types_retrieval_fields": {
@@ -127,4 +128,4 @@ but a reverse dns look up returns another hostname for the client from where the
 
 - ~~Add default configuration for interacting easier with the [argo-web-api](https://github.com/ARGOeu/argo-web-api).~~
 
-- Add support for using OIDC tokens as an alternative authentication mechanism.
+- Add support for using OIDC tokens as an alternative authentication mechanism.
diff --git a/argo-api-authn.spec b/argo-api-authn.spec
@@ -3,7 +3,7 @@
 
 Name: argo-api-authn
 Summary: ARGO Authentication API. Map X509, OICD to token.
-Version: 0.1.8
+Version: 1.0.0
 Release: 1%{?dist}
 License: ASL 2.0
 Buildroot: %{_tmppath}/%{name}-buildroot
@@ -57,6 +57,8 @@ go clean
 %attr(0644,root,root) /usr/lib/systemd/system/argo-api-authn.service
 
 %changelog
+* Mon Oct 10 2022 Agelos Tsalapatis  <[email protected]> - 1.0.0-1%{?dist}
+- Release of argo-api-authn version 1.0.0
 * Mon Nov 8 2021 Agelos Tsalapatis  <[email protected]> - 0.1.8-1%{?dist}
 - Release of argo-api-authn version 0.1.8
 * Tue Apr 13 2021 Agelos Tsalapatis  <[email protected]> - 0.1.7-1%{?dist}

diff --git a/auth/certificate.go b/auth/certificate.go
@@ -64,7 +64,7 @@ func LoadCAs(dir string) (roots *x509.CertPool) {
 		).Error("Error walking certificate system path")
 	} else {
 		log.WithFields(
-			log.Fields{},
+			log.Fields{"type": "service_log"},
 		).Info("All certificates parsed successfully!")
 	}
 

diff --git a/authmethods/api_key_auth.go b/authmethods/api_key_auth.go
@@ -57,7 +57,7 @@ func (m *ApiKeyAuthMethod) Update(r io.ReadCloser) (AuthMethod, error) {
 	var authMBytes []byte
 	var tempAM TempApiKeyAuthMethod
 
-	var updatedAM = NewApiKeyAuthMethod()
+	var updatedAM = &ApiKeyAuthMethod{}
 
 	// first fill the temp auth method with the already existing data
 	// convert the existing auth method to bytes
@@ -104,6 +104,7 @@ func (m *ApiKeyAuthMethod) Update(r io.ReadCloser) (AuthMethod, error) {
 		return updatedAM, err
 	}
 
+	updatedAM.UpdatedOn = utils.ZuluTimeNow()
 	return updatedAM, err
 }
 

diff --git a/authmethods/api_key_auth_test.go b/authmethods/api_key_auth_test.go
@@ -66,7 +66,7 @@ func (suite *ApiKeyAuthMethodTestSuite) TestApiKeyAuthFinder() {
 
 func (suite *ApiKeyAuthMethodTestSuite) TestUpdate() {
 
-	apk1 := ApiKeyAuthMethod{}
+	apk1 := &ApiKeyAuthMethod{}
 	ba1 := BasicAuthMethod{ServiceUUID: "uuid1", Host: "host1", Port: 9000, Type: "api-key"}
 	apk1.BasicAuthMethod = ba1
 
@@ -76,16 +76,20 @@ func (suite *ApiKeyAuthMethodTestSuite) TestUpdate() {
 	apkUpd1.BasicAuthMethod = baUpd1
 	r1 := ConvertAuthMethodToReadCloser(apkUpd1)
 	a1, err1 := apk1.Update(r1)
+	ca1 := a1.(*ApiKeyAuthMethod)
+	apkUpd1.UpdatedOn = ca1.UpdatedOn
 
 	// update fields that aren't supposed to be updated
 	apkUpd2 := &ApiKeyAuthMethod{}
 	baUpd2 := BasicAuthMethod{ServiceUUID: "uuid1", Host: "host1", Port: 9000, Type: "some_api-key", UUID: "some_uuid", CreatedOn: "some_time"}
 	apkUpd2.BasicAuthMethod = baUpd2
 	r2 := ConvertAuthMethodToReadCloser(apkUpd2)
 	a2, err2 := apk1.Update(r2)
+	ca2 := a2.(*ApiKeyAuthMethod)
+	apk1.UpdatedOn = ca2.UpdatedOn
 
 	suite.Equal(apkUpd1, a1)
-	suite.NotEqual(apk1, a2)
+	suite.Equal(apk1, a2)
 
 	suite.Nil(err1)
 	suite.Nil(err2)

diff --git a/authmethods/authmethods_test.go b/authmethods/authmethods_test.go
@@ -195,55 +195,65 @@ func (suite *AuthMethodsTestSuite) TestAuthMethodUpdate() {
 	amU1.BasicAuthMethod = ambU1
 	r1 := ConvertAuthMethodToReadCloser(amU1)
 	a1, err1 := AuthMethodUpdate(am1, r1, mockstore)
+	ca1 := a1.(*ApiKeyAuthMethod)
+	amU1.UpdatedOn = ca1.UpdatedOn
 
 	// normal case - update fields that can't be updated
 	ambU2 := BasicAuthMethod{ServiceUUID: "uuid1", Host: "host1", Port: 9000, Type: "some_api-key", UUID: "some_am_uuid_1", CreatedOn: "some_time"}
 	amU2 := &ApiKeyAuthMethod{AccessKey: "access_key"}
 	amU2.BasicAuthMethod = ambU2
 	r2 := ConvertAuthMethodToReadCloser(amU2)
 	a2, err2 := AuthMethodUpdate(am1, r2, mockstore)
+	amU2.UpdatedOn = ca1.UpdatedOn
+	am1.UpdatedOn = ca1.UpdatedOn
 
 	// unknown service uuid
 	ambU3 := BasicAuthMethod{ServiceUUID: "unknown", Host: "host1", Port: 9000, Type: "api-key", UUID: "am_uuid_1", CreatedOn: ""}
 	amU3 := &ApiKeyAuthMethod{AccessKey: "access_key"}
 	amU3.BasicAuthMethod = ambU3
 	r3 := ConvertAuthMethodToReadCloser(amU3)
 	a3, err3 := AuthMethodUpdate(am1, r3, mockstore)
+	amU3.UpdatedOn = ca1.UpdatedOn
 
 	// unknown host
 	ambU4 := BasicAuthMethod{ServiceUUID: "uuid1", Host: "unknown", Port: 9000, Type: "api-key", UUID: "am_uuid_1", CreatedOn: ""}
 	amU4 := &ApiKeyAuthMethod{AccessKey: "access_key"}
 	amU4.BasicAuthMethod = ambU4
 	r4 := ConvertAuthMethodToReadCloser(amU4)
 	a4, err4 := AuthMethodUpdate(am1, r4, mockstore)
+	amU4.UpdatedOn = ca1.UpdatedOn
 
 	// empty service uuid
 	ambU6 := BasicAuthMethod{ServiceUUID: "", Host: "host1", Port: 9000, Type: "api-key", UUID: "am_uuid_1", CreatedOn: ""}
 	amU6 := &ApiKeyAuthMethod{AccessKey: "access_key"}
 	amU6.BasicAuthMethod = ambU6
 	r6 := ConvertAuthMethodToReadCloser(amU6)
 	a6, err6 := AuthMethodUpdate(am1, r6, mockstore)
+	amU6.UpdatedOn = ca1.UpdatedOn
 
 	// empty host
 	ambU7 := BasicAuthMethod{ServiceUUID: "uuid1", Host: "", Port: 9000, Type: "api-key", UUID: "am_uuid_1", CreatedOn: ""}
 	amU7 := &ApiKeyAuthMethod{AccessKey: "access_key"}
 	amU7.BasicAuthMethod = ambU7
 	r7 := ConvertAuthMethodToReadCloser(amU7)
 	a7, err7 := AuthMethodUpdate(am1, r7, mockstore)
+	amU7.UpdatedOn = ca1.UpdatedOn
 
 	// empty port
 	ambU8 := BasicAuthMethod{ServiceUUID: "uuid1", Host: "host1", Port: 0, Type: "api-key", UUID: "am_uuid_1", CreatedOn: ""}
 	amU8 := &ApiKeyAuthMethod{AccessKey: "access_key"}
 	amU8.BasicAuthMethod = ambU8
 	r8 := ConvertAuthMethodToReadCloser(amU8)
 	a8, err8 := AuthMethodUpdate(am1, r8, mockstore)
+	amU8.UpdatedOn = ca1.UpdatedOn
 
 	// empty access key
 	ambU10 := BasicAuthMethod{ServiceUUID: "uuid1", Host: "host1", Port: 10000, Type: "api-key", UUID: "am_uuid_1", CreatedOn: ""}
 	amU10 := &ApiKeyAuthMethod{AccessKey: ""}
 	amU10.BasicAuthMethod = ambU10
 	r10 := ConvertAuthMethodToReadCloser(amU10)
 	a10, err10 := AuthMethodUpdate(am1, r10, mockstore)
+	amU10.UpdatedOn = ca1.UpdatedOn
 
 	// auth method for host and service already exists
 	amb2 := BasicAuthMethod{ServiceUUID: "uuid1", Host: "host1", Port: 9000, Type: "api-key", UUID: "am_uuid_1", CreatedOn: ""}
@@ -254,6 +264,7 @@ func (suite *AuthMethodsTestSuite) TestAuthMethodUpdate() {
 	amU11.BasicAuthMethod = ambU11
 	r11 := ConvertAuthMethodToReadCloser(amU11)
 	a11, err11 := AuthMethodUpdate(am2, r11, mockstore)
+	amU11.UpdatedOn = ca1.UpdatedOn
 
 	suite.Equal(a1, amU1)
 	suite.Equal(a2, am1)

diff --git a/authmethods/basic_auth_method.go b/authmethods/basic_auth_method.go
@@ -13,6 +13,7 @@ type BasicAuthMethod struct {
 	Type        string `json:"type" required:"true"`
 	UUID        string `json:"uuid"`
 	CreatedOn   string `json:"created_on"`
+	UpdatedOn   string `json:"updated_on,omitempty"`
 }
 
 // TempBasicAuthMethod represents the fields that are allowed to be modified

diff --git a/authmethods/headers_auth.go b/authmethods/headers_auth.go
@@ -63,7 +63,7 @@ func (m *HeadersAuthMethod) Update(r io.ReadCloser) (AuthMethod, error) {
 	var authMBytes []byte
 	var tempAM TempHeadersAuthMethod
 
-	var updatedAM = NewHeadersAuthMethod()
+	var updatedAM = &HeadersAuthMethod{}
 
 	// first fill the temp auth method with the already existing data
 	// convert the existing auth method to bytes
@@ -110,6 +110,7 @@ func (m *HeadersAuthMethod) Update(r io.ReadCloser) (AuthMethod, error) {
 		return updatedAM, err
 	}
 
+	m.UpdatedOn = utils.ZuluTimeNow()
 	return updatedAM, err
 }
 

diff --git a/authmethods/headers_auth_test.go b/authmethods/headers_auth_test.go
@@ -69,6 +69,8 @@ func (suite *HeadersAuthMethodTestSuite) TestUpdate() {
 	hamUpd1 := HeadersAuthMethod{BasicAuthMethod: amb2, Headers: map[string]string{"x-api-key": "key-2", "Accept": "application/json"}}
 	r1 := ConvertAuthMethodToReadCloser(&hamUpd1)
 	a1, err1 := hamUpd1.Update(r1)
+	ca1 := a1.(*HeadersAuthMethod)
+	ham.UpdatedOn = ca1.UpdatedOn
 
 	// update fields that aren't supposed to be updated
 	apkUpd2 := &HeadersAuthMethod{}