Merge pull request #661 from galasa-dev/ash-users-framework

Added user service methods and tests
galasa-dev · Oct 28, 2024 · aa5e226 · aa5e226
2 parents 329bce6 + 8f5b8a5
commit aa5e226
Show file tree

Hide file tree

Showing 26 changed files with 1,109 additions and 272 deletions.
diff --git a/galasa-parent/dev.galasa.framework.api.authentication/build.gradle b/galasa-parent/dev.galasa.framework.api.authentication/build.gradle
@@ -14,6 +14,7 @@ dependencies {
     implementation project(':dev.galasa.framework')
     implementation project(':dev.galasa.framework.api.beans')
     implementation project(':dev.galasa.framework.api.common')
+    implementation project(':dev.galasa.framework.api.users')
 
     implementation 'org.apache.commons:commons-lang3:3.14.0'
     implementation 'dev.galasa:com.auth0.jwt:4.4.1'

diff --git a/...tication/src/main/java/dev/galasa/framework/api/authentication/AuthenticationServlet.java b/...tication/src/main/java/dev/galasa/framework/api/authentication/AuthenticationServlet.java
@@ -29,6 +29,8 @@
 import dev.galasa.framework.api.common.SystemEnvironment;
 import dev.galasa.framework.spi.IFramework;
 import dev.galasa.framework.spi.auth.IAuthStoreService;
+import dev.galasa.framework.spi.utils.ITimeService;
+import dev.galasa.framework.spi.utils.SystemTimeService;
 
 /**
  * Authentication Servlet that acts as a proxy to send requests to Dex's /token
@@ -46,6 +48,7 @@ public class AuthenticationServlet extends BaseServlet {
     private Log logger = LogFactory.getLog(getClass());
 
     protected Environment env = new SystemEnvironment();
+    protected ITimeService timeService = new SystemTimeService();
     protected IOidcProvider oidcProvider;
     protected DexGrpcClient dexGrpcClient;
 
@@ -67,7 +70,7 @@ public void init() throws ServletException {
         addRoute(new AuthRoute(getResponseBuilder(), oidcProvider, dexGrpcClient, authStoreService, env));
         addRoute(new AuthClientsRoute(getResponseBuilder(), dexGrpcClient));
         addRoute(new AuthCallbackRoute(getResponseBuilder(), externalApiServerUrl));
-        addRoute(new AuthTokensRoute(getResponseBuilder(), oidcProvider, dexGrpcClient, authStoreService, env));
+        addRoute(new AuthTokensRoute(getResponseBuilder(), oidcProvider, dexGrpcClient, authStoreService,timeService,env));
         addRoute(new AuthTokensDetailsRoute(getResponseBuilder(), dexGrpcClient, authStoreService));
 
         logger.info("Galasa Authentication API initialised");

diff --git a/...rc/main/java/dev/galasa/framework/api/authentication/internal/routes/AuthTokensRoute.java b/...rc/main/java/dev/galasa/framework/api/authentication/internal/routes/AuthTokensRoute.java
@@ -9,6 +9,7 @@
 
 import java.io.IOException;
 import java.net.http.HttpResponse;
+import java.time.Instant;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.Comparator;
@@ -40,8 +41,12 @@
 import dev.galasa.framework.api.common.ServletError;
 import dev.galasa.framework.spi.FrameworkException;
 import dev.galasa.framework.spi.auth.IAuthStoreService;
+import dev.galasa.framework.spi.auth.IFrontEndClient;
 import dev.galasa.framework.spi.auth.IInternalAuthToken;
 import dev.galasa.framework.spi.auth.IInternalUser;
+import dev.galasa.framework.spi.auth.IUser;
+import dev.galasa.framework.spi.utils.ITimeService;
+import dev.galasa.framework.spi.utils.SystemTimeService;
 import dev.galasa.framework.spi.auth.AuthStoreException;
 
 public class AuthTokensRoute extends BaseRoute {
@@ -58,19 +63,27 @@ public class AuthTokensRoute extends BaseRoute {
     // Regex to match /auth/tokens and /auth/tokens/ only
     private static final String PATH_PATTERN = "\\/tokens\\/?";
 
+    private static final String REST_API_CLIENT = "rest-api";
+    private static final String WEB_UI_CLIENT = "web-ui";
+
     private static final IBeanValidator<TokenPayload> validator = new TokenPayloadValidator();
 
+    private ITimeService timeService;
+
     public AuthTokensRoute(
             ResponseBuilder responseBuilder,
             IOidcProvider oidcProvider,
             DexGrpcClient dexGrpcClient,
             IAuthStoreService authStoreService,
+            ITimeService timeService,
             Environment env) {
         super(responseBuilder, PATH_PATTERN);
         this.oidcProvider = oidcProvider;
         this.dexGrpcClient = dexGrpcClient;
         this.authStoreService = authStoreService;
         this.env = env;
+
+        this.timeService = timeService;
     }
 
     /**
@@ -102,7 +115,7 @@ public HttpServletResponse handleGetRequest(String pathInfo, QueryParameters que
 
         // Convert the token received from the auth store into the token bean that will
         // be returned as JSON
-        List<AuthToken>tokensToReturn = convertAuthStoreTokenIntoTokenBeans(authTokensFromAuthStore);
+        List<AuthToken> tokensToReturn = convertAuthStoreTokenIntoTokenBeans(authTokensFromAuthStore);
 
         return getResponseBuilder().buildResponse(request, response, "application/json",
                 getTokensAsJsonString(tokensToReturn), HttpServletResponse.SC_OK);
@@ -182,6 +195,9 @@ public HttpServletResponse handlePostRequest(String pathInfo, QueryParameters qu
                     addTokenToAuthStore(requestPayload.getClientId(), jwt, tokenDescription);
                 }
 
+                boolean isWebUiLogin = isLoggingIntoWebUI(requestPayload.getRefreshToken(), tokenDescription);
+                recordUserJustLoggedIn(isWebUiLogin , jwt, this.timeService, this.env);
+
             } else {
                 logger.info("Unable to get new bearer and refresh tokens from issuer.");
 
@@ -295,6 +311,37 @@ private List<AuthToken> convertAuthStoreTokenIntoTokenBeans(List<IInternalAuthTo
 
     }
 
+    // This method is protected so we can unit test it easily.
+    protected void recordUserJustLoggedIn(boolean isWebUI, String jwt, ITimeService timeService, Environment env)
+            throws InternalServletException, AuthStoreException {
+
+        JwtWrapper jwtWrapper = new JwtWrapper(jwt, env);
+        String loginId = jwtWrapper.getUsername();
+        IUser user;
+
+        String clientName = REST_API_CLIENT;
+        if (isWebUI) {
+            clientName = WEB_UI_CLIENT;
+        }
+
+        user = authStoreService.getUserByLoginId(loginId);
+
+        if (user == null) {
+            authStoreService.createUser(loginId, clientName);
+        } else {
+
+            IFrontEndClient client = user.getClient(clientName);
+            if (client == null) {
+                client = authStoreService.createClient(clientName);
+                user.addClient(client);
+            }
+
+            client.setLastLogin(timeService.now());
+
+            authStoreService.updateUser(user);
+        }
+    }
+
     private void validateLoginId(String loginId, String servletPath) throws InternalServletException {
 
         if (loginId == null || loginId.trim().length() == 0) {
@@ -303,4 +350,11 @@ private void validateLoginId(String loginId, String servletPath) throws Internal
         }
 
     }
+
+    private boolean isLoggingIntoWebUI(String refreshToken, String tokenDescription) {
+
+        return (refreshToken == null && tokenDescription == null);
+
+    }
+
 }
diff --git a/...ication/routes/AuthCallbackRouteTest.java → ...nternal/routes/AuthCallbackRouteTest.java b/...ication/routes/AuthCallbackRouteTest.java → ...nternal/routes/AuthCallbackRouteTest.java
@@ -3,7 +3,7 @@
  *
  * SPDX-License-Identifier: EPL-2.0
  */
-package dev.galasa.framework.api.authentication.routes;
+package dev.galasa.framework.api.authentication.internal.routes;
 
 import static org.assertj.core.api.Assertions.*;
 

diff --git a/...tication/routes/AuthClientsRouteTest.java → ...internal/routes/AuthClientsRouteTest.java b/...tication/routes/AuthClientsRouteTest.java → ...internal/routes/AuthClientsRouteTest.java
@@ -3,7 +3,7 @@
  *
  * SPDX-License-Identifier: EPL-2.0
  */
-package dev.galasa.framework.api.authentication.routes;
+package dev.galasa.framework.api.authentication.internal.routes;
 
 import static org.assertj.core.api.Assertions.*;
 

diff --git a/.../authentication/routes/AuthRouteTest.java → ...cation/internal/routes/AuthRouteTest.java b/.../authentication/routes/AuthRouteTest.java → ...cation/internal/routes/AuthRouteTest.java
@@ -3,7 +3,7 @@
  *
  * SPDX-License-Identifier: EPL-2.0
  */
-package dev.galasa.framework.api.authentication.routes;
+package dev.galasa.framework.api.authentication.internal.routes;
 
 import static org.assertj.core.api.Assertions.*;
 

diff --git a/...on/routes/AuthTokensDetailsRouteTest.java → ...al/routes/AuthTokensDetailsRouteTest.java b/...on/routes/AuthTokensDetailsRouteTest.java → ...al/routes/AuthTokensDetailsRouteTest.java
@@ -3,7 +3,7 @@
  *
  * SPDX-License-Identifier: EPL-2.0
  */
-package dev.galasa.framework.api.authentication.routes;
+package dev.galasa.framework.api.authentication.internal.routes;
 
 import static org.assertj.core.api.Assertions.*;
 
@@ -16,7 +16,6 @@
 
 import org.junit.Test;
 
-import dev.galasa.framework.api.authentication.internal.routes.AuthTokensDetailsRoute;
 import dev.galasa.framework.api.authentication.mocks.MockAuthenticationServlet;
 import dev.galasa.framework.api.authentication.mocks.MockDexGrpcClient;
 import dev.galasa.framework.api.common.BaseServletTest;