Skip to content

Commit

Permalink
MG-2264 - Split Auth Client into Separate Clients for AuthN/AuthZ and…
Browse files Browse the repository at this point in the history
… Policy CRUD (absmach#2392)

Signed-off-by: 1998-felix <[email protected]>
  • Loading branch information
felixgateru authored Sep 3, 2024
1 parent 529d817 commit 48c4a7e
Show file tree
Hide file tree
Showing 78 changed files with 2,646 additions and 2,367 deletions.
4 changes: 4 additions & 0 deletions .github/workflows/check-generated-files.yml
Original file line number Diff line number Diff line change
Expand Up @@ -154,6 +154,8 @@ jobs:
mv ./journal/mocks/repository.go ./journal/mocks/repository.go.tmp
mv ./journal/mocks/service.go ./journal/mocks/service.go.tmp
mv ./auth/mocks/auth_client.go ./auth/mocks/auth_client.go.tmp
mv ./auth/mocks/policy_client.go ./auth/mocks/policy_client.go.tmp
mv ./things/mocks/authz_client.go ./things/mocks/authz_client.go.tmp
make mocks
Expand Down Expand Up @@ -203,3 +205,5 @@ jobs:
check_mock_changes ./journal/mocks/repository.go "Journal Repository ./journal/mocks/repository.go"
check_mock_changes ./journal/mocks/service.go "Journal Service ./journal/mocks/service.go"
check_mock_changes ./auth/mocks/auth_client.go "Auth Service Client ./auth/mocks/auth_client.go"
check_mock_changes ./auth/mocks/policy_client.go "Policy Service Client ./auth/mocks/policy_client.go"
check_mock_changes ./things/mocks/authz_client.go "Authz Service Client things/mocks/authz_client.go"
16 changes: 8 additions & 8 deletions .github/workflows/tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -160,9 +160,6 @@ jobs:
- "logger/**"
- "pkg/events/**"
pkg-auth:
- "pkg/auth/**"
pkg-clients:
- "pkg/clients/**"
Expand All @@ -173,6 +170,9 @@ jobs:
- "pkg/events/**"
- "pkg/messaging/**"
pkg-grpcclient:
- "pkg/grpcclient/**"
pkg-messaging:
- "pkg/messaging/**"
Expand Down Expand Up @@ -314,11 +314,6 @@ jobs:
run: |
go test --race -v -count=1 -coverprofile=coverage/mqtt.out ./mqtt/...
- name: Run pkg auth tests
if: steps.changes.outputs.pkg-auth == 'true' || steps.changes.outputs.workflow == 'true'
run: |
go test --race -v -count=1 -coverprofile=coverage/pkg-auth.out ./pkg/auth/...
- name: Run pkg clients tests
if: steps.changes.outputs.pkg-clients == 'true' || steps.changes.outputs.workflow == 'true'
run: |
Expand All @@ -334,6 +329,11 @@ jobs:
run: |
go test --race -v -count=1 -coverprofile=coverage/pkg-events.out ./pkg/events/...
- name: Run pkg grpcclient tests
if: steps.changes.outputs.pkg-grpcclient == 'true' || steps.changes.outputs.workflow == 'true'
run: |
go test --race -v -count=1 -coverprofile=coverage/pkg-grpcclient.out ./pkg/grpcclient/...
- name: Run pkg messaging tests
if: steps.changes.outputs.pkg-messaging == 'true' || steps.changes.outputs.workflow == 'true'
run: |
Expand Down
1 change: 1 addition & 0 deletions api/openapi/auth.yml
Original file line number Diff line number Diff line change
Expand Up @@ -466,6 +466,7 @@ paths:
summary: Retrieves service health check info.
tags:
- health
security: []
responses:
"200":
$ref: "#/components/responses/HealthRes"
Expand Down
1 change: 1 addition & 0 deletions api/openapi/bootstrap.yml
Original file line number Diff line number Diff line change
Expand Up @@ -306,6 +306,7 @@ paths:
summary: Retrieves service health check info.
tags:
- health
security: []
responses:
"200":
$ref: "#/components/responses/HealthRes"
Expand Down
1 change: 1 addition & 0 deletions api/openapi/certs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -131,6 +131,7 @@ paths:
summary: Retrieves service health check info.
tags:
- health
security: []
responses:
"200":
$ref: "#/components/responses/HealthRes"
Expand Down
1 change: 1 addition & 0 deletions api/openapi/http.yml
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,7 @@ paths:
summary: Retrieves service health check info.
tags:
- health
security: []
responses:
"200":
$ref: "#/components/responses/HealthRes"
Expand Down
1 change: 1 addition & 0 deletions api/openapi/invitations.yml
Original file line number Diff line number Diff line change
Expand Up @@ -171,6 +171,7 @@ paths:
summary: Retrieves service health check info.
tags:
- health
security: []
responses:
"200":
$ref: "#/components/responses/HealthRes"
Expand Down
1 change: 1 addition & 0 deletions api/openapi/journal.yml
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,7 @@ paths:
summary: Retrieves service health check info.
tags:
- health
security: []
responses:
"200":
$ref: "#/components/responses/HealthRes"
Expand Down
1 change: 1 addition & 0 deletions api/openapi/notifiers.yml
Original file line number Diff line number Diff line change
Expand Up @@ -131,6 +131,7 @@ paths:
summary: Retrieves service health check info.
tags:
- health
security: []
responses:
"200":
$ref: "#/components/responses/HealthRes"
Expand Down
1 change: 1 addition & 0 deletions api/openapi/provision.yml
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,7 @@ paths:
summary: Retrieves service health check info.
tags:
- health
security: []
responses:
"200":
$ref: "#/components/responses/HealthRes"
Expand Down
1 change: 1 addition & 0 deletions api/openapi/readers.yml
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,7 @@ paths:
summary: Retrieves service health check info.
tags:
- health
security: []
responses:
"200":
$ref: "#/components/responses/HealthRes"
Expand Down
5 changes: 3 additions & 2 deletions api/openapi/things.yml
Original file line number Diff line number Diff line change
Expand Up @@ -453,7 +453,7 @@ paths:
"403":
description: Failed to perform authorization over the entity.
"404":
descripttion: A non-existent entity request.
description: A non-existent entity request.
"409":
description: Failed due to using an existing identity.
"415":
Expand Down Expand Up @@ -577,7 +577,7 @@ paths:
"403":
description: Unauthorized access to thing id.
"404":
descripttion: A non-existent entity request.
description: A non-existent entity request.
"500":
$ref: "#/components/responses/ServiceError"

Expand Down Expand Up @@ -967,6 +967,7 @@ paths:
summary: Retrieves service health check info.
tags:
- health
security: []
responses:
"200":
$ref: "#/components/responses/HealthRes"
Expand Down
1 change: 1 addition & 0 deletions api/openapi/twins.yml
Original file line number Diff line number Diff line change
Expand Up @@ -180,6 +180,7 @@ paths:
summary: Retrieves service health check info.
tags:
- health
security: []
responses:
"200":
$ref: "#/components/responses/HealthRes"
Expand Down
3 changes: 2 additions & 1 deletion api/openapi/users.yml
Original file line number Diff line number Diff line change
Expand Up @@ -397,7 +397,7 @@ paths:
"500":
$ref: "#/components/responses/ServiceError"

/users/search:
/users/search:
get:
operationId: searchUsers
summary: Search users
Expand Down Expand Up @@ -1062,6 +1062,7 @@ paths:
summary: Retrieves service health check info.
tags:
- health
security: []
responses:
"200":
$ref: "#/components/responses/HealthRes"
Expand Down
101 changes: 48 additions & 53 deletions auth.pb.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

16 changes: 10 additions & 6 deletions auth.proto
Original file line number Diff line number Diff line change
Expand Up @@ -6,21 +6,25 @@ syntax = "proto3";
package magistrala;
option go_package = "./magistrala";

// AuthzService is a service that provides authentication and authorization
// functionalities for the things service.
// AuthzService is a service that provides authorization functionalities
// for magistrala services.
service AuthzService {
// Authorize checks if the subject is authorized to perform
// the action on the object.
rpc Authorize(AuthorizeReq) returns (AuthorizeRes) {}
}

// AuthService is a service that provides authentication and authorization
// functionalities for the users service.
service AuthService {
// AuthnService is a service that provides authentication functionalities
// for magistrala services.
service AuthnService {
rpc Issue(IssueReq) returns (Token) {}
rpc Refresh(RefreshReq) returns (Token) {}
rpc Identify(IdentityReq) returns (IdentityRes) {}
rpc Authorize(AuthorizeReq) returns (AuthorizeRes) {}
}

// PolicyService is a service that provides policy CRUD
// functionalities for magistrala services.
service PolicyService {
rpc AddPolicy(AddPolicyReq) returns (AddPolicyRes) {}
rpc AddPolicies(AddPoliciesReq) returns (AddPoliciesRes) {}
rpc DeletePolicyFilter(DeletePolicyFilterReq) returns (DeletePolicyRes) {}
Expand Down
Loading

0 comments on commit 48c4a7e

Please sign in to comment.