implement first version of github auth

mantil-io · Feb 23, 2022 · eb19d41 · eb19d41
1 parent 088b4d0
commit eb19d41
Show file tree

Hide file tree

Showing 19 changed files with 603 additions and 5 deletions.
diff --git a/cli/cmd/root.go b/cli/cmd/root.go
@@ -6,6 +6,7 @@ import (
 	"strings"
 
 	"github.com/mantil-io/mantil/cli/controller"
+	"github.com/mantil-io/mantil/cli/controller/examples"
 	"github.com/mantil-io/mantil/cli/log"
 	"github.com/mantil-io/mantil/cli/ui"
 	"github.com/mantil-io/mantil/domain"
@@ -75,6 +76,9 @@ func root() *cobra.Command {
 		// for testing:
 		//examples.NewErrorsCommand,
 		//examples.NewArgsCommand,
+		examples.NewGithubAuthCommand,
+		examples.NewUserCommand,
+		examples.NewProjectCommand,
 	}
 	for _, sub := range subCommands {
 		add(sub)

diff --git a/cli/controller/examples/github_auth_example.go b/cli/controller/examples/github_auth_example.go
@@ -0,0 +1,116 @@
+package examples
+
+import (
+	"context"
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"net/url"
+
+	"github.com/mantil-io/mantil.go/logs"
+	"github.com/mantil-io/mantil/cli/secret"
+	"github.com/mantil-io/mantil/domain"
+	"github.com/nats-io/nats.go"
+	"github.com/pkg/browser"
+	"github.com/spf13/cobra"
+)
+
+const (
+	clientID = "db4946aabe86cd6c126e"
+)
+
+func NewGithubAuthCommand() *cobra.Command {
+	cmd := &cobra.Command{
+		Use:    "gh-auth",
+		Short:  "authenticate to github",
+		Hidden: true,
+		RunE: func(cmd *cobra.Command, args []string) error {
+			node := cmd.Flag("node").Value.String()
+			n, err := findNode(node)
+			if err != nil {
+				return err
+			}
+			s, err := createState(n)
+			if err != nil {
+				return err
+			}
+			if err := githubLogin(s); err != nil {
+				return err
+			}
+			if err := waitToken(s.Inbox); err != nil {
+				return err
+			}
+			return nil
+		},
+	}
+	cmd.Flags().StringP("node", "", domain.DefaultNodeName, "")
+	return cmd
+}
+
+func findNode(name string) (*domain.Node, error) {
+	fs, err := domain.NewSingleDeveloperWorkspaceStore()
+	if err != nil {
+		return nil, err
+	}
+	w := fs.Workspace()
+	if len(w.Nodes) == 0 {
+		return nil, fmt.Errorf("no nodes avaiable")
+	}
+	n := w.FindNode(name)
+	if n == nil {
+		return nil, fmt.Errorf("node not found")
+	}
+	return n, nil
+}
+
+type state struct {
+	Inbox        string `json:"inbox"`
+	NodeEndpoint string `json:"node_endpoint"`
+}
+
+func createState(n *domain.Node) (*state, error) {
+	inbox := nats.NewInbox()
+	s := state{
+		Inbox:        inbox,
+		NodeEndpoint: n.Endpoints.Rest,
+	}
+	return &s, nil
+}
+
+func githubLogin(state *state) error {
+	u, err := url.Parse("https://github.com/login/oauth/authorize")
+	if err != nil {
+		return err
+	}
+	q := u.Query()
+	q.Set("client_id", clientID)
+	buf, err := json.Marshal(state)
+	if err != nil {
+		return err
+	}
+	sb64 := base64.StdEncoding.EncodeToString([]byte(buf))
+	q.Set("state", sb64)
+	u.RawQuery = q.Encode()
+	return browser.OpenURL(u.String())
+}
+
+func waitToken(inbox string) error {
+	rsp := struct {
+		JWT string `json:"jwt"`
+	}{}
+	lc := logs.ListenerConfig{
+		ListenerJWT: secret.LogsListenerCreds,
+		Subject:     inbox,
+		Rsp:         &rsp,
+	}
+	l, err := logs.NewLambdaListener(lc)
+	if err != nil {
+		return err
+	}
+	if err := l.Done(context.Background()); err != nil {
+		return err
+	}
+	r, _ := json.MarshalIndent(rsp, "", "  ")
+	fmt.Println(string(r))
+	return nil
+}
diff --git a/cli/controller/examples/node_example.go b/cli/controller/examples/node_example.go
@@ -0,0 +1,91 @@
+package examples
+
+import (
+	"github.com/mantil-io/mantil/cli/controller/invoke"
+	"github.com/mantil-io/mantil/cli/log"
+	"github.com/mantil-io/mantil/cli/ui"
+	"github.com/mantil-io/mantil/domain"
+	"github.com/spf13/cobra"
+)
+
+func NewUserCommand() *cobra.Command {
+	cmd := &cobra.Command{
+		Use:    "user",
+		Hidden: true,
+	}
+	cmd.AddCommand(NewUserAddCommand())
+	return cmd
+}
+
+type AddUserRequest struct {
+	Username string `json:"username"`
+}
+
+func NewUserAddCommand() *cobra.Command {
+	cmd := &cobra.Command{
+		Use:    "add",
+		Hidden: true,
+		Args:   cobra.ExactArgs(1),
+		RunE: func(cmd *cobra.Command, args []string) error {
+			node := cmd.Flag("node").Value.String()
+			n, err := findNode(node)
+			if err != nil {
+				return err
+			}
+			i, err := nodeInvoker(n)
+			if err != nil {
+				return err
+			}
+			return i.Do("auth/addUser", &AddUserRequest{
+				Username: args[0],
+			}, nil)
+		},
+	}
+	cmd.Flags().StringP("node", "", domain.DefaultNodeName, "")
+	return cmd
+}
+
+func NewProjectCommand() *cobra.Command {
+	cmd := &cobra.Command{
+		Use:    "project",
+		Hidden: true,
+	}
+	cmd.AddCommand(NewProjectAddCommand())
+	return cmd
+}
+
+type AddProjectRequest struct {
+	Repo string `json:"repo"`
+}
+
+func NewProjectAddCommand() *cobra.Command {
+	cmd := &cobra.Command{
+		Use:    "add",
+		Hidden: true,
+		Args:   cobra.ExactArgs(1),
+		RunE: func(cmd *cobra.Command, args []string) error {
+			node := cmd.Flag("node").Value.String()
+			n, err := findNode(node)
+			if err != nil {
+				return err
+			}
+			i, err := nodeInvoker(n)
+			if err != nil {
+				return err
+			}
+			return i.Do("auth/addProject", &AddProjectRequest{
+				Repo: args[0],
+			}, nil)
+		},
+	}
+	cmd.Flags().StringP("node", "", domain.DefaultNodeName, "")
+	return cmd
+}
+
+func nodeInvoker(node *domain.Node) (*invoke.HTTPClient, error) {
+	token, err := node.AuthToken()
+	if err != nil {
+		return nil, log.Wrap(err)
+	}
+	return invoke.Node(node.Endpoints.Rest, token, ui.NodeLogsSink), nil
+}
diff --git a/cli/controller/setup_stack_template.yml b/cli/controller/setup_stack_template.yml
@@ -105,6 +105,16 @@ Resources:
                   - logs:DeleteLogDelivery
                 Resource:
                   - "*"
+              - Effect: Allow
+                Action:
+                  - ssm:PutParameter
+                  - ssm:AddTagsToResource
+                  - ssm:ListTagsForResource
+                  - ssm:GetParameter
+                  - ssm:GetParameters
+                  - ssm:DescribeParameters
+                Resource:
+                  - "*"
   MantilSetupLambda:
     Type: AWS::Lambda::Function
     Properties:

diff --git a/go.mod b/go.mod
@@ -6,7 +6,7 @@ require (
 	github.com/Microsoft/go-winio v0.4.17 // indirect
 	github.com/alecthomas/jsonschema v0.0.0-20210920000243-787cd8204a0d
 	github.com/aws/aws-lambda-go v1.27.0
-	github.com/aws/aws-sdk-go-v2 v1.11.2
+	github.com/aws/aws-sdk-go-v2 v1.13.0
 	github.com/aws/aws-sdk-go-v2/config v1.11.0
 	github.com/aws/aws-sdk-go-v2/credentials v1.6.4
 	github.com/aws/aws-sdk-go-v2/feature/dynamodb/attributevalue v1.4.4 // indirect
@@ -20,32 +20,36 @@ require (
 	github.com/aws/aws-sdk-go-v2/service/lambda v1.14.1
 	github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.5.1
 	github.com/aws/aws-sdk-go-v2/service/s3 v1.21.0
+	github.com/aws/aws-sdk-go-v2/service/ssm v1.20.0
 	github.com/aws/aws-sdk-go-v2/service/sts v1.11.1
-	github.com/aws/smithy-go v1.9.0
+	github.com/aws/smithy-go v1.10.0
 	github.com/denisbrodbeck/machineid v1.0.1
 	github.com/fatih/color v1.12.0
 	github.com/go-git/go-git/v5 v5.4.2
+	github.com/google/go-github/v42 v42.0.0 // indirect
 	github.com/google/uuid v1.3.0
 	github.com/joho/godotenv v1.4.0
 	github.com/json-iterator/go v1.1.12
 	github.com/kataras/jwt v0.1.2
 	github.com/manifoldco/promptui v0.8.0
-	github.com/mantil-io/mantil.go v0.1.10
+	github.com/mantil-io/mantil.go v0.1.11-0.20220223091223-2b256f9b76e4
 	github.com/mattn/go-colorable v0.1.11
 	github.com/mitchellh/mapstructure v1.4.3 // indirect
 	github.com/nats-io/jsm.go v0.0.27
 	github.com/nats-io/nats.go v1.13.1-0.20220121202836-972a071d373d
 	github.com/nats-io/nkeys v0.3.0
 	github.com/olekukonko/tablewriter v0.0.5
+	github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 // indirect
 	github.com/pkg/errors v0.9.1
 	github.com/qri-io/jsonschema v0.2.2-0.20210831022256-780655b2ba0e
 	github.com/radovskyb/watcher v1.0.7
 	github.com/sergi/go-diff v1.2.0
 	github.com/spf13/cobra v1.2.1
 	github.com/stretchr/testify v1.7.0
 	golang.org/x/mod v0.4.2
+	golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 // indirect
 	golang.org/x/term v0.0.0-20210927222741-03fcf44c2211
 	gopkg.in/yaml.v2 v2.4.0
 )
 
-//replace github.com/mantil-io/mantil.go => ../mantil.go
+// replace github.com/mantil-io/mantil.go => ../mantil.go