Fix #410 Refactor iam

decentralised-dataexchange · Oct 31, 2023 · 2f5d6b7 · 2f5d6b7
1 parent 0622d4f
commit 2f5d6b7
Show file tree

Hide file tree

Showing 6 changed files with 47 additions and 235 deletions.
diff --git a/internal/handler/v2/config/individual/config_create_individual.go b/internal/handler/v2/config/individual/config_create_individual.go
@@ -1,14 +1,12 @@
 package individual
 
 import (
-	"context"
 	"encoding/json"
 	"fmt"
 	"io"
 	"log"
 	"net/http"
 
-	"github.com/Nerzal/gocloak/v13"
 	"github.com/asaskevich/govalidator"
 	"github.com/bb-consent/api/internal/common"
 	"github.com/bb-consent/api/internal/config"
@@ -17,52 +15,6 @@ import (
 	"go.mongodb.org/mongo-driver/bson/primitive"
 )
 
-func getClient() *gocloak.GoCloak {
-	client := gocloak.NewClient(iam.IamConfig.URL)
-	return client
-}
-
-func getToken(username string, password string, realm string, client *gocloak.GoCloak) (*gocloak.JWT, error) {
-	ctx := context.Background()
-	token, err := client.LoginAdmin(ctx, username, password, realm)
-	if err != nil {
-		return token, err
-	}
-
-	return token, err
-}
-
-func getAdminToken(client *gocloak.GoCloak) (*gocloak.JWT, error) {
-	t, err := getToken(iam.IamConfig.AdminUser, iam.IamConfig.AdminPassword, "master", client)
-	return t, err
-}
-
-// registerUser Registers a new user
-func registerUser(iamRegReq iamIndividualRegisterReq, adminToken string, client *gocloak.GoCloak) (string, error) {
-	user := gocloak.User{
-		FirstName: &iamRegReq.Firstname,
-		Email:     &iamRegReq.Email,
-		Enabled:   gocloak.BoolP(true),
-		Username:  &iamRegReq.Email,
-	}
-
-	iamId, err := client.CreateUser(context.Background(), adminToken, iam.IamConfig.Realm, user)
-	if err != nil {
-		return "", err
-	}
-	return iamId, err
-}
-
-func createIamRegisterRequestFromRequestBody(requestBody addIndividualReq, iamRegReq iamIndividualRegisterReq) iamIndividualRegisterReq {
-
-	iamRegReq.Username = requestBody.Individual.Email
-	iamRegReq.Firstname = requestBody.Individual.Name
-	iamRegReq.Email = requestBody.Individual.Email
-	iamRegReq.Enabled = true
-	iamRegReq.RequiredActions = []string{"UPDATE_PASSWORD"}
-
-	return iamRegReq
-}
 func updateIndividualFromRequestBody(requestBody addIndividualReq, newIndividual individual.Individual) individual.Individual {
 	newIndividual.ExternalId = requestBody.Individual.ExternalId
 	newIndividual.ExternalIdType = requestBody.Individual.ExternalIdType
@@ -74,14 +26,6 @@ func updateIndividualFromRequestBody(requestBody addIndividualReq, newIndividual
 	return newIndividual
 }
 
-type iamIndividualRegisterReq struct {
-	Username        string   `json:"username"`
-	Firstname       string   `json:"firstName"`
-	Email           string   `json:"email"`
-	Enabled         bool     `json:"enabled"`
-	RequiredActions []string `json:"requiredActions"`
-}
-
 func validateAddIndividualRequestBody(IndividualReq addIndividualReq) error {
 	// validating request payload
 	valid, err := govalidator.ValidateStruct(IndividualReq)
@@ -119,20 +63,8 @@ func ConfigCreateIndividual(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	var iamRegReq iamIndividualRegisterReq
-
-	iamRegReq = createIamRegisterRequestFromRequestBody(individualReq, iamRegReq)
-
-	client := getClient()
-
-	t, err := getAdminToken(client)
-	if err != nil {
-		log.Printf("Failed to get admin token, user: %v registration", individualReq.Individual.Email)
-		common.HandleErrorV2(w, http.StatusBadRequest, err.Error(), err)
-		return
-	}
-
-	iamId, err := registerUser(iamRegReq, t.AccessToken, client)
+	// Register user to keyclock
+	iamId, err := iam.RegisterUser(individualReq.Individual.Email, individualReq.Individual.Name)
 	if err != nil {
 		log.Printf("Failed to register user: %v err: %v", individualReq.Individual.Email, err)
 		common.HandleErrorV2(w, http.StatusBadRequest, err.Error(), err)

diff --git a/internal/handler/v2/config/individual/config_delete_user.go b/internal/handler/v2/config/individual/config_delete_user.go
@@ -1,26 +1,17 @@
 package individual
 
 import (
-	"context"
 	"encoding/json"
 	"fmt"
-	"log"
 	"net/http"
 
-	"github.com/Nerzal/gocloak/v13"
 	"github.com/bb-consent/api/internal/common"
 	"github.com/bb-consent/api/internal/config"
 	"github.com/bb-consent/api/internal/iam"
 	"github.com/bb-consent/api/internal/individual"
 	"github.com/gorilla/mux"
 )
 
-// unregisterUser Unregisters an existing user
-func unregisterUser(iamUserID string, adminToken string, client *gocloak.GoCloak) error {
-	err := client.DeleteUser(context.Background(), adminToken, iam.IamConfig.Realm, iamUserID)
-	return err
-}
-
 type deleteIndividualResp struct {
 	Individual individual.Individual `json:"individual"`
 }
@@ -44,16 +35,8 @@ func ConfigDeleteIndividual(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	client := getClient()
-
-	t, err := getAdminToken(client)
-	if err != nil {
-		log.Printf("Failed to get admin token, user: %v registration", individualId)
-		common.HandleErrorV2(w, http.StatusBadRequest, err.Error(), err)
-		return
-	}
-
-	err = unregisterUser(individual.IamId, t.AccessToken, client)
+	// Unregister individual in iam
+	err = iam.UnregisterIndividual(individual.IamId)
 	if err != nil {
 		m := fmt.Sprintf("Failed to unregister user: %v err: %v", individualId, err)
 		common.HandleErrorV2(w, http.StatusInternalServerError, m, err)

diff --git a/internal/handler/v2/config/individual/config_update_individual.go b/internal/handler/v2/config/individual/config_update_individual.go
@@ -1,14 +1,11 @@
 package individual
 
 import (
-	"context"
 	"encoding/json"
 	"fmt"
 	"io"
-	"log"
 	"net/http"
 
-	"github.com/Nerzal/gocloak/v13"
 	"github.com/asaskevich/govalidator"
 	"github.com/bb-consent/api/internal/common"
 	"github.com/bb-consent/api/internal/config"
@@ -27,45 +24,6 @@ func validateUpdateIndividualRequestBody(IndividualReq updateIndividualReq) erro
 	return nil
 }
 
-type iamIndividualUpdateReq struct {
-	Username  string `json:"username"`
-	Firstname string `json:"firstName"`
-	Email     string `json:"email"`
-}
-
-// updateIamIndividual Update user info on IAM server end.
-func updateIamIndividual(iamUpdateReq iamIndividualUpdateReq, iamID string) error {
-	client := getClient()
-
-	t, err := getAdminToken(client)
-	if err != nil {
-		log.Printf("Failed to get admin token, user: %v update err:%v", iamUpdateReq.Firstname, err)
-		return err
-	}
-	user, err := client.GetUserByID(context.Background(), t.AccessToken, iam.IamConfig.Realm, iamID)
-	if err != nil {
-		return err
-	}
-	user.FirstName = gocloak.StringP(iamUpdateReq.Firstname)
-	user.Username = gocloak.StringP(iamUpdateReq.Username)
-	user.Email = gocloak.StringP(iamUpdateReq.Email)
-	u := *user
-
-	err = client.UpdateUser(context.Background(), t.AccessToken, iam.IamConfig.Realm, u)
-
-	return err
-}
-
-func updateIamUpdateRequestFromRequestBody(requestBody updateIndividualReq) iamIndividualUpdateReq {
-	var iamIndividualReq iamIndividualUpdateReq
-
-	iamIndividualReq.Username = requestBody.Individual.Email
-	iamIndividualReq.Firstname = requestBody.Individual.Name
-	iamIndividualReq.Email = requestBody.Individual.Email
-
-	return iamIndividualReq
-}
-
 func updateIndividualFromUpdateIndividualRequestBody(requestBody updateIndividualReq, tobeUpdatedIndividual individual.Individual) individual.Individual {
 	tobeUpdatedIndividual.ExternalId = requestBody.Individual.ExternalId
 	tobeUpdatedIndividual.ExternalIdType = requestBody.Individual.ExternalIdType
@@ -117,9 +75,8 @@ func ConfigUpdateIndividual(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	iamUpdateReq := updateIamUpdateRequestFromRequestBody(individualReq)
-
-	err = updateIamIndividual(iamUpdateReq, tobeUpdatedIndividual.IamId)
+	// Update individual in iam
+	err = iam.UpdateIamIndividual(individualReq.Individual.Name, tobeUpdatedIndividual.IamId, individualReq.Individual.Email)
 	if err != nil {
 		m := fmt.Sprintf("Failed to update IAM user by id:%v", individualId)
 		common.HandleErrorV2(w, http.StatusInternalServerError, m, err)

diff --git a/internal/handler/v2/service/individual/service_create_individual.go b/internal/handler/v2/service/individual/service_create_individual.go
@@ -1,14 +1,12 @@
 package individual
 
 import (
-	"context"
 	"encoding/json"
 	"fmt"
 	"io"
 	"log"
 	"net/http"
 
-	"github.com/Nerzal/gocloak/v13"
 	"github.com/asaskevich/govalidator"
 	"github.com/bb-consent/api/internal/common"
 	"github.com/bb-consent/api/internal/config"
@@ -17,24 +15,6 @@ import (
 	"go.mongodb.org/mongo-driver/bson/primitive"
 )
 
-type iamIndividualRegisterReq struct {
-	Username        string   `json:"username"`
-	Firstname       string   `json:"firstName"`
-	Email           string   `json:"email"`
-	Enabled         bool     `json:"enabled"`
-	RequiredActions []string `json:"requiredActions"`
-}
-
-func createIamRegisterRequestFromAddRequestBody(requestBody addServiceIndividualReq, iamRegReq iamIndividualRegisterReq) iamIndividualRegisterReq {
-
-	iamRegReq.Username = requestBody.Individual.Email
-	iamRegReq.Firstname = requestBody.Individual.Name
-	iamRegReq.Email = requestBody.Individual.Email
-	iamRegReq.Enabled = true
-	iamRegReq.RequiredActions = []string{"UPDATE_PASSWORD"}
-
-	return iamRegReq
-}
 func updateIndividualFromAddRequestBody(requestBody addServiceIndividualReq, newIndividual individual.Individual) individual.Individual {
 	newIndividual.ExternalId = requestBody.Individual.ExternalId
 	newIndividual.ExternalIdType = requestBody.Individual.ExternalIdType
@@ -54,22 +34,6 @@ type addServiceIndividualResp struct {
 	Individual individual.Individual `json:"individual"`
 }
 
-// registerUser Registers a new user
-func registerUser(iamRegReq iamIndividualRegisterReq, adminToken string, client *gocloak.GoCloak) (string, error) {
-	user := gocloak.User{
-		FirstName: &iamRegReq.Firstname,
-		Email:     &iamRegReq.Email,
-		Enabled:   gocloak.BoolP(true),
-		Username:  &iamRegReq.Email,
-	}
-
-	iamId, err := client.CreateUser(context.Background(), adminToken, iam.IamConfig.Realm, user)
-	if err != nil {
-		return "", err
-	}
-	return iamId, err
-}
-
 // ServiceCreateIndividual
 func ServiceCreateIndividual(w http.ResponseWriter, r *http.Request) {
 	// Headers
@@ -89,20 +53,8 @@ func ServiceCreateIndividual(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	var iamRegReq iamIndividualRegisterReq
-
-	iamRegReq = createIamRegisterRequestFromAddRequestBody(individualReq, iamRegReq)
-
-	client := iam.GetClient()
-
-	t, err := getAdminToken(client)
-	if err != nil {
-		log.Printf("Failed to get admin token, user: %v registration", individualReq.Individual.Email)
-		common.HandleErrorV2(w, http.StatusBadRequest, err.Error(), err)
-		return
-	}
-
-	iamId, err := registerUser(iamRegReq, t.AccessToken, client)
+	// Register user to keyclock
+	iamId, err := iam.RegisterUser(individualReq.Individual.Email, individualReq.Individual.Name)
 	if err != nil {
 		log.Printf("Failed to register user: %v err: %v", individualReq.Individual.Email, err)
 		common.HandleErrorV2(w, http.StatusBadRequest, err.Error(), err)

diff --git a/internal/handler/v2/service/individual/service_update_individual.go b/internal/handler/v2/service/individual/service_update_individual.go
@@ -1,14 +1,11 @@
 package individual
 
 import (
-	"context"
 	"encoding/json"
 	"fmt"
 	"io"
-	"log"
 	"net/http"
 
-	"github.com/Nerzal/gocloak/v13"
 	"github.com/asaskevich/govalidator"
 	"github.com/bb-consent/api/internal/common"
 	"github.com/bb-consent/api/internal/config"
@@ -17,50 +14,6 @@ import (
 	"github.com/gorilla/mux"
 )
 
-type iamIndividualUpdateReq struct {
-	Username  string `json:"username"`
-	Firstname string `json:"firstName"`
-	Email     string `json:"email"`
-}
-
-func updateIamUpdateRequestFromUpdateRequestBody(requestBody updateServiceIndividualReq) iamIndividualUpdateReq {
-	var iamIndividualReq iamIndividualUpdateReq
-
-	iamIndividualReq.Username = requestBody.Individual.Email
-	iamIndividualReq.Firstname = requestBody.Individual.Name
-	iamIndividualReq.Email = requestBody.Individual.Email
-
-	return iamIndividualReq
-}
-
-func getAdminToken(client *gocloak.GoCloak) (*gocloak.JWT, error) {
-	t, err := iam.GetToken(iam.IamConfig.AdminUser, iam.IamConfig.AdminPassword, "master", client)
-	return t, err
-}
-
-// updateIamIndividual Update user info on IAM server end.
-func updateIamIndividual(iamUpdateReq iamIndividualUpdateReq, iamID string) error {
-	client := iam.GetClient()
-
-	t, err := getAdminToken(client)
-	if err != nil {
-		log.Printf("Failed to get admin token, user: %v update err:%v", iamUpdateReq.Firstname, err)
-		return err
-	}
-	user, err := client.GetUserByID(context.Background(), t.AccessToken, iam.IamConfig.Realm, iamID)
-	if err != nil {
-		return err
-	}
-	user.FirstName = gocloak.StringP(iamUpdateReq.Firstname)
-	user.Username = gocloak.StringP(iamUpdateReq.Username)
-	user.Email = gocloak.StringP(iamUpdateReq.Email)
-	u := *user
-
-	err = client.UpdateUser(context.Background(), t.AccessToken, iam.IamConfig.Realm, u)
-
-	return err
-}
-
 func updateIndividualFromUpdateIndividualServiceRequestBody(requestBody updateServiceIndividualReq, tobeUpdatedIndividual individual.Individual) individual.Individual {
 	tobeUpdatedIndividual.ExternalId = requestBody.Individual.ExternalId
 	tobeUpdatedIndividual.ExternalIdType = requestBody.Individual.ExternalIdType
@@ -113,9 +66,7 @@ func ServiceUpdateIndividual(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	iamUpdateReq := updateIamUpdateRequestFromUpdateRequestBody(individualReq)
-
-	err = updateIamIndividual(iamUpdateReq, tobeUpdatedIndividual.IamId)
+	err = iam.UpdateIamIndividual(individualReq.Individual.Name, tobeUpdatedIndividual.IamId, individualReq.Individual.Email)
 	if err != nil {
 		m := fmt.Sprintf("Failed to update IAM user by id:%v", individualId)
 		common.HandleErrorV2(w, http.StatusInternalServerError, m, err)