From 627773c70a78180d46e7a591d6611e713029f5db Mon Sep 17 00:00:00 2001
From: joerivrij <joerivrijaldenhoven@gmail.com>
Date: Thu, 19 Oct 2023 12:23:12 +0200
Subject: [PATCH] all endpoints now work with and without slash. They will also
 set the correct location. (#6)

---
 .github/workflows/ci.yml       |  5 ++++-
 api/base/endpoints/redirect.py |  3 ++-
 api/v1/endpoints/register.py   | 38 ++++++++++++++++++++++++++++++----
 api/v1/endpoints/status.py     | 19 ++++++++++++++---
 api/v1/endpoints/tokens.py     | 17 ++++++++++++---
 main.py                        |  3 ++-
 requirements.txt               |  2 +-
 util/tokens.py                 |  2 --
 8 files changed, 73 insertions(+), 16 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index ee6d0c7..dd7ecef 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -6,6 +6,9 @@ on:
       - 'main'
     tags:
       - "v*.*.*"
+  pull_request:
+    branches:
+      - "main"
 
 jobs:
   push-images:
@@ -44,6 +47,6 @@ jobs:
         uses: docker/build-push-action@v3
         with:
           context: .
-          push: ${{ github.event_name != 'pull_request' }}
+          push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
diff --git a/api/base/endpoints/redirect.py b/api/base/endpoints/redirect.py
index afacbc6..b79f875 100644
--- a/api/base/endpoints/redirect.py
+++ b/api/base/endpoints/redirect.py
@@ -3,7 +3,8 @@
 
 router = APIRouter()
 
+
 @router.get("/", include_in_schema=False)
 async def redirect():
-    response = RedirectResponse(url='redoc')
+    response = RedirectResponse(url="redoc")
     return response
diff --git a/api/v1/endpoints/register.py b/api/v1/endpoints/register.py
index 1ba1b91..e0f6361 100644
--- a/api/v1/endpoints/register.py
+++ b/api/v1/endpoints/register.py
@@ -1,6 +1,6 @@
 import logging
 
-from fastapi import APIRouter
+from fastapi import APIRouter, Request
 from fastapi.responses import JSONResponse
 
 from config.settings import settings
@@ -17,7 +17,13 @@
     responses={400: {"model": response.BadRequest}},
     tags=["register"],
 )
-def create_propagated_user(user: models.User):
+@router.post(
+    "/register",
+    response_model=response.TokenPropagated,
+    responses={400: {"model": response.BadRequest}},
+    tags=["register"],
+)
+async def create_propagated_user(user: models.User, request: Request):
     """
     Create the requested client_ids with different APIs.
 
@@ -57,7 +63,14 @@ def create_propagated_user(user: models.User):
     created = settings.ZGW_CLIENT.autorisatie.create_user(body=body)
 
     if created.status_code != 201:
-        return JSONResponse(status_code=400, content={"message": created.json()})
+        if settings.ENV.lower() == "kubernetes":
+            https_url = request.url.replace(scheme="https")
+            headers = {"Location": str(https_url)}
+            return JSONResponse(status_code=400, content={"message": created.json()}, headers=headers)
+
+        else:
+            return JSONResponse(status_code=400, content={"message": created.json()})
+
 
     logging.debug(f"got a response {str(created.status_code)} when creating new user")
     logging.info(
@@ -77,4 +90,21 @@ def create_propagated_user(user: models.User):
     logging.info(f"propagated to all apis result: {str(propagated)}")
 
     token = tokens.create_token(user_ids[0], secret)
-    return {"authorization": f"Bearer {token}", "propagated": propagated}
+    propagated_list = [
+        {
+            "endpoint": propagation.endpoint,
+            "success": propagation.success,
+            "client_id": propagation.client_id,
+        }
+        for propagation in propagated
+    ]
+
+    if settings.ENV.lower() == "kubernetes":
+        https_url = request.url.replace(scheme="https")
+        headers = {"Location": str(https_url)}
+        logging.info(https_url)
+        logging.info(headers)
+        return JSONResponse(status_code=200, content={"authorization": f"Bearer {token}", "propagated": propagated_list}, headers=headers)
+
+    else:
+        return JSONResponse(status_code=200, content={"authorization": f"Bearer {token}", "propagated": propagated_list})
diff --git a/api/v1/endpoints/status.py b/api/v1/endpoints/status.py
index e872290..2dfc277 100644
--- a/api/v1/endpoints/status.py
+++ b/api/v1/endpoints/status.py
@@ -1,6 +1,6 @@
 import logging
 
-from fastapi import APIRouter
+from fastapi import APIRouter, Request
 from fastapi.responses import JSONResponse
 
 from config.settings import settings
@@ -15,7 +15,13 @@
     responses={400: {"model": response.Health}},
     tags=["status"],
 )
-async def check_health():
+@router.get(
+    "/status",
+    response_model=response.Health,
+    responses={400: {"model": response.Health}},
+    tags=["status"],
+)
+async def check_health(request: Request):
     """
     Check health before creating tokens:
 
@@ -25,4 +31,11 @@ async def check_health():
     status = settings.ZGW_CLIENT.check_availability_of_apis()
     if status:
         code = 200
-    return JSONResponse(status_code=code, content={"health": status})
+
+    if settings.ENV.lower() == "kubernetes":
+        https_url = request.url.replace(scheme="https")
+        headers = {"Location": str(https_url)}
+        return JSONResponse(status_code=code, content={"health": status}, headers=headers)
+
+    else:
+        return JSONResponse(status_code=code, content={"health": status})
diff --git a/api/v1/endpoints/tokens.py b/api/v1/endpoints/tokens.py
index 7762d45..73ca0b4 100644
--- a/api/v1/endpoints/tokens.py
+++ b/api/v1/endpoints/tokens.py
@@ -1,14 +1,18 @@
-from fastapi import APIRouter
+from fastapi import APIRouter, Request
 
 from models import response
 from models import token as models
 from util import tokens
+from fastapi.responses import JSONResponse
+
+from config.settings import settings
 
 router = APIRouter()
 
 
 @router.post("/tokens/", response_model=response.TokenCreated, tags=["tokens"])
-async def create_token_endpoint(token: models.Token):
+@router.post("/tokens", response_model=response.TokenCreated, tags=["tokens"])
+async def create_token_endpoint(token: models.Token, request: Request):
     """
     Create a token based on an existing set of clientId and secret.
     And this path operation will:
@@ -17,4 +21,11 @@ async def create_token_endpoint(token: models.Token):
     * Returns the token to be used by the client.
     """
     created = tokens.create_token(identifier=token.client_id[0], secret=token.secret)
-    return {"authorization": f"Bearer {created}"}
+    resp = {"authorization": f"Bearer {created}"}
+    if settings.ENV.lower() == "kubernetes":
+        https_url = request.url.replace(scheme="https")
+        headers = {"Location": str(https_url)}
+        return JSONResponse(status_code=200, content=resp, headers=headers)
+
+    else:
+        return JSONResponse(status_code=200, content=resp)
diff --git a/main.py b/main.py
index aa814ff..6f68b7a 100644
--- a/main.py
+++ b/main.py
@@ -47,9 +47,9 @@
     },
     openapi_tags=tags_metadata,
     openapi_url="/api/v1/openapi.json",
+    trusting_proxy=True,
 )
 
-
 # Set all CORS enabled origins
 if settings.BACKEND_CORS_ORIGINS:
     app.add_middleware(
@@ -60,6 +60,7 @@
         allow_headers=["*"],
     )
 
+
 app.add_middleware(
     TrustedHostMiddleware, allowed_hosts=settings.HOSTS
 )
diff --git a/requirements.txt b/requirements.txt
index ae9a64c..f990952 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -9,7 +9,7 @@ idna==3.4
 pydantic==1.10.2
 PyJWT==2.6.0
 python-dotenv==0.21.0
-PyYAML==6.0
+PyYAML==6.0.1
 requests==2.28.1
 sniffio==1.3.0
 starlette==0.22.0
diff --git a/util/tokens.py b/util/tokens.py
index 0427091..7f45653 100644
--- a/util/tokens.py
+++ b/util/tokens.py
@@ -9,8 +9,6 @@ def create_token(identifier: str, secret: str):
         "iss": identifier,
         "iat": int(time.time()),
         "client_id": identifier,
-        "user_id": "",
-        "user_representation": "",
     }
 
     headers = {"client_identifier": identifier}