feat(api): signin register (#6110)

Author: fsamin

.build/go.mk

@@ -88,7 +88,7 @@ $(GO_GOJUNIT):
 
 GO_COBERTURA = ${GOPATH}/bin/gocover-cobertura
 $(GO_COBERTURA):
-	go get -u github.com/t-yuki/gocover-cobertura
+	go get -u github.com/richardlt/gocover-cobertura
 
 GO_XUTOOLS = ${GOPATH}/bin/xutools
 $(GO_XUTOOLS):

cli/Makefile

@@ -15,7 +15,7 @@ $(GO_GOJUNIT):
 	go get -u github.com/jstemmer/go-junit-report
 
 $(GO_COBERTURA):
-	go get -u github.com/t-yuki/gocover-cobertura
+	go get -u github.com/richardlt/gocover-cobertura
 
 $(TARGET_DIR):
 	@mkdir -p $(TARGET_DIR)

contrib/grpcplugins/action/plugin-archive/go.mod

@@ -58,6 +58,7 @@ require (
 	github.com/sguiheux/go-coverage v0.0.0-20190710153556-287b082a7197 // indirect
 	github.com/sirupsen/logrus v1.8.1 // indirect
 	github.com/spf13/afero v1.8.1 // indirect
+	github.com/spf13/cast v1.4.1 // indirect
 	github.com/ulikunitz/xz v0.5.10 // indirect
 	github.com/xanzy/ssh-agent v0.3.0 // indirect
 	github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect

contrib/grpcplugins/action/plugin-artifactory-release-bundle-distribute/go.mod

@@ -55,6 +55,7 @@ require (
 	github.com/sguiheux/go-coverage v0.0.0-20190710153556-287b082a7197 // indirect
 	github.com/sirupsen/logrus v1.8.1 // indirect
 	github.com/spf13/afero v1.8.1 // indirect
+	github.com/spf13/cast v1.4.1 // indirect
 	github.com/ulikunitz/xz v0.5.9 // indirect
 	github.com/xanzy/ssh-agent v0.3.0 // indirect
 	github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect

contrib/grpcplugins/action/plugin-download/go.mod

@@ -58,6 +58,7 @@ require (
 	github.com/sguiheux/go-coverage v0.0.0-20190710153556-287b082a7197 // indirect
 	github.com/sirupsen/logrus v1.8.1 // indirect
 	github.com/spf13/afero v1.8.1 // indirect
+	github.com/spf13/cast v1.4.1 // indirect
 	github.com/ulikunitz/xz v0.5.9 // indirect
 	github.com/xanzy/ssh-agent v0.3.0 // indirect
 	github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect

contrib/grpcplugins/action/plugin-group-tmpl/go.mod

@@ -55,6 +55,7 @@ require (
 	github.com/sguiheux/go-coverage v0.0.0-20190710153556-287b082a7197 // indirect
 	github.com/sirupsen/logrus v1.8.1 // indirect
 	github.com/spf13/afero v1.8.1 // indirect
+	github.com/spf13/cast v1.4.1 // indirect
 	github.com/ulikunitz/xz v0.5.9 // indirect
 	github.com/xanzy/ssh-agent v0.3.0 // indirect
 	github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect

contrib/grpcplugins/action/plugin-kafka-publish/go.mod

@@ -101,6 +101,7 @@ require (
 	github.com/sguiheux/go-coverage v0.0.0-20190710153556-287b082a7197 // indirect
 	github.com/sirupsen/logrus v1.8.1 // indirect
 	github.com/spf13/afero v1.8.1 // indirect
+	github.com/spf13/cast v1.4.1 // indirect
 	github.com/spf13/cobra v1.1.1 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/ulikunitz/xz v0.5.9 // indirect

contrib/grpcplugins/action/plugin-marathon/go.mod

@@ -79,6 +79,7 @@ require (
 	github.com/sguiheux/go-coverage v0.0.0-20190710153556-287b082a7197 // indirect
 	github.com/sirupsen/logrus v1.8.1 // indirect
 	github.com/spf13/afero v1.8.1 // indirect
+	github.com/spf13/cast v1.4.1 // indirect
 	github.com/spf13/cobra v1.1.1 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/ulikunitz/xz v0.5.9 // indirect

contrib/grpcplugins/action/plugin-npm-audit-parser/go.mod

@@ -55,6 +55,7 @@ require (
 	github.com/sguiheux/go-coverage v0.0.0-20190710153556-287b082a7197 // indirect
 	github.com/sirupsen/logrus v1.8.1 // indirect
 	github.com/spf13/afero v1.8.1 // indirect
+	github.com/spf13/cast v1.4.1 // indirect
 	github.com/ulikunitz/xz v0.5.9 // indirect
 	github.com/xanzy/ssh-agent v0.3.0 // indirect
 	github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect

contrib/grpcplugins/action/plugin-ssh-cmd/go.mod

@@ -56,6 +56,7 @@ require (
 	github.com/sguiheux/go-coverage v0.0.0-20190710153556-287b082a7197 // indirect
 	github.com/sirupsen/logrus v1.8.1 // indirect
 	github.com/spf13/afero v1.8.1 // indirect
+	github.com/spf13/cast v1.4.1 // indirect
 	github.com/ulikunitz/xz v0.5.9 // indirect
 	github.com/xanzy/ssh-agent v0.3.0 // indirect
 	github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect

contrib/grpcplugins/action/plugin-tmpl/go.mod

@@ -55,6 +55,7 @@ require (
 	github.com/sguiheux/go-coverage v0.0.0-20190710153556-287b082a7197 // indirect
 	github.com/sirupsen/logrus v1.8.1 // indirect
 	github.com/spf13/afero v1.8.1 // indirect
+	github.com/spf13/cast v1.4.1 // indirect
 	github.com/ulikunitz/xz v0.5.9 // indirect
 	github.com/xanzy/ssh-agent v0.3.0 // indirect
 	github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect

contrib/grpcplugins/action/plugin-venom/go.mod

@@ -86,6 +86,7 @@ require (
 	github.com/sirupsen/logrus v1.8.1 // indirect
 	github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d // indirect
 	github.com/spf13/afero v1.8.1 // indirect
+	github.com/spf13/cast v1.4.1 // indirect
 	github.com/ulikunitz/xz v0.5.9 // indirect
 	github.com/xanzy/ssh-agent v0.3.0 // indirect
 	github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect

engine/Makefile

@@ -59,7 +59,7 @@ $(GO_GOJUNIT):
 	go get -u github.com/jstemmer/go-junit-report
 
 $(GO_COBERTURA):
-	go get -u github.com/t-yuki/gocover-cobertura
+	go get -u github.com/richardlt/gocover-cobertura
 
 $(GO_XUTOOLS):
 	go get -u github.com/richardlt/xutools

engine/api/api_routes.go

@@ -432,7 +432,6 @@ func (api *API) InitRouter() {
 	r.Handle("/ws", ScopeNone(), r.GET(api.getWebsocketHandler))
 
 	// Engine µServices
-	r.Handle("/services/register", Scope(sdk.AuthConsumerScopeService), r.POST(api.postServiceRegisterHandler, MaintenanceAware()))
 	r.Handle("/services/heartbeat", Scope(sdk.AuthConsumerScopeService), r.POST(api.postServiceHearbeatHandler))
 	r.Handle("/services/{type}", Scope(sdk.AuthConsumerScopeService), r.GET(api.getServiceHandler))
 

engine/api/application_deployment_test.go

@@ -297,8 +297,15 @@ func Test_postApplicationDeploymentStrategyConfigHandlerAsProvider(t *testing.T)
 	localConsumer, err := authentication.LoadConsumerByTypeAndUserID(context.TODO(), api.mustDB(), sdk.ConsumerLocal, u.ID, authentication.LoadConsumerOptions.WithAuthentifiedUser)
 	require.NoError(t, err)
 
-	_, jws, err := builtin.NewConsumer(context.TODO(), db, sdk.RandomString(10), sdk.RandomString(10), 0, localConsumer, u.GetGroupIDs(),
-		sdk.NewAuthConsumerScopeDetails(sdk.AuthConsumerScopeProject))
+	consumerOpts := builtin.NewConsumerOptions{
+		Name:        sdk.RandomString(10),
+		Description: sdk.RandomString(10),
+		Duration:    0,
+		GroupIDs:    u.GetGroupIDs(),
+		Scopes:      sdk.NewAuthConsumerScopeDetails(sdk.AuthConsumerScopeProject),
+	}
+
+	_, jws, err := builtin.NewConsumer(context.TODO(), db, consumerOpts, localConsumer)
 	require.NoError(t, err)
 
 	pkey := sdk.RandomString(10)

engine/api/application_test.go

@@ -36,8 +36,16 @@ func Test_postApplicationMetadataHandler_AsProvider(t *testing.T) {
 	u, _ := assets.InsertAdminUser(t, db)
 	localConsumer, err := authentication.LoadConsumerByTypeAndUserID(context.TODO(), api.mustDB(), sdk.ConsumerLocal, u.ID, authentication.LoadConsumerOptions.WithAuthentifiedUser)
 	require.NoError(t, err)
-	_, jws, err := builtin.NewConsumer(context.TODO(), db, sdk.RandomString(10), sdk.RandomString(10), 0, localConsumer, u.GetGroupIDs(),
-		sdk.NewAuthConsumerScopeDetails(sdk.AuthConsumerScopeProject))
+
+	consumerOptions := builtin.NewConsumerOptions{
+		Name:        sdk.RandomString(10),
+		Description: sdk.RandomString(10),
+		Duration:    0,
+		GroupIDs:    u.GetGroupIDs(),
+		Scopes:      sdk.NewAuthConsumerScopeDetails(sdk.AuthConsumerScopeProject),
+	}
+
+	_, jws, err := builtin.NewConsumer(context.TODO(), db, consumerOptions, localConsumer)
 	require.NoError(t, err)
 
 	pkey := sdk.RandomString(10)

engine/api/auth.go

@@ -133,8 +133,8 @@ func (api *API) postAuthSigninHandler() service.Handler {
 		defer tx.Rollback() // nolint
 
 		var signupDone bool
-		initToken, hasInitToken := req["init_token"]
-		hasInitToken = hasInitToken && initToken != ""
+		initToken := req.String("init_token")
+		hasInitToken := initToken != ""
 
 		// Check if a consumer exists for consumer type and external user identifier
 		consumer, err := authentication.LoadConsumerByTypeAndUserExternalID(ctx, tx, consumerType, userInfo.ExternalID,

engine/api/auth_builtin.go

@@ -3,6 +3,7 @@ package api
 import (
 	"context"
 	"encoding/base64"
+	"encoding/json"
 	"net/http"
 	"time"
 
@@ -12,6 +13,7 @@ import (
 	"github.com/ovh/cds/engine/service"
 	"github.com/ovh/cds/sdk"
 	"github.com/ovh/cds/sdk/jws"
+	cdslog "github.com/ovh/cds/sdk/log"
 )
 
 func (api *API) postAuthBuiltinSigninHandler() service.Handler {
@@ -43,13 +45,18 @@ func (api *API) postAuthBuiltinSigninHandler() service.Handler {
 		defer tx.Rollback() // nolint
 
 		// Check if a consumer exists for consumer type and external user identifier
-		consumer, err := authentication.LoadConsumerByID(ctx, tx, userInfo.ExternalID)
+		consumer, err := authentication.LoadConsumerByID(ctx, tx, userInfo.ExternalID, authentication.LoadConsumerOptions.WithAuthentifiedUser)
 		if err != nil {
 			return sdk.NewError(sdk.ErrForbidden, err)
 		}
 
+		token, err := req.StringE("token")
+		if err != nil {
+			return err
+		}
+
 		// Check the Token validity againts the IAT attribute
-		if _, err := builtin.CheckSigninConsumerTokenIssuedAt(ctx, req["token"], consumer); err != nil {
+		if _, err := builtin.CheckSigninConsumerTokenIssuedAt(ctx, token, consumer); err != nil {
 			return sdk.NewError(sdk.ErrForbidden, err)
 		}
 
@@ -72,6 +79,54 @@ func (api *API) postAuthBuiltinSigninHandler() service.Handler {
 			return err
 		}
 
+		// Set those values (has it would be done in api.authOptionalMiddleware)
+		ctx = context.WithValue(ctx, contextConsumer, consumer)
+		ctx = context.WithValue(ctx, cdslog.AuthUserID, consumer.AuthentifiedUserID)
+		SetTracker(w, cdslog.AuthUserID, consumer.AuthentifiedUserID)
+		ctx = context.WithValue(ctx, cdslog.AuthConsumerID, consumer.ID)
+		SetTracker(w, cdslog.AuthConsumerID, consumer.ID)
+
+		ctx = context.WithValue(ctx, contextSession, session)
+		ctx = context.WithValue(ctx, cdslog.AuthSessionID, session.ID)
+		SetTracker(w, cdslog.AuthSessionID, session.ID)
+		ctx = context.WithValue(ctx, cdslog.AuthSessionIAT, session.Created.Unix())
+		SetTracker(w, cdslog.AuthSessionIAT, session.Created.Unix())
+		ctx = context.WithValue(ctx, contextSession, session)
+
+		var driverManifest *sdk.AuthDriverManifest
+		if authDriver, ok := api.AuthenticationDrivers[consumer.Type]; ok {
+			m := authDriver.GetManifest()
+			driverManifest = &m
+		}
+		if driverManifest == nil {
+			return sdk.WrapError(sdk.ErrUnauthorized, "consumer driver (%s) was not found", consumer.Type)
+		}
+		ctx = context.WithValue(ctx, contextDriverManifest, driverManifest)
+
+		// If the Signin has a *service* Payload, we have to perform the service registration
+		srvInput, has := req["service"]
+		var srv sdk.Service
+		if has {
+			btes, err := json.Marshal(srvInput)
+			if err != nil {
+				return sdk.NewError(sdk.ErrWrongRequest, err)
+			}
+
+			if err := sdk.JSONUnmarshal(btes, &srv); err != nil {
+				return sdk.NewError(sdk.ErrWrongRequest, err)
+			}
+
+			ctx = context.WithValue(ctx, cdslog.AuthServiceName, srv.Name)
+			SetTracker(w, cdslog.AuthServiceName, srv.Name)
+
+			if err := api.serviceRegister(ctx, tx, &srv); err != nil {
+				return err
+			}
+		} else {
+			ctx = context.WithValue(ctx, cdslog.AuthUsername, consumer.AuthentifiedUser.Username)
+			SetTracker(w, cdslog.AuthUsername, consumer.AuthentifiedUser.Username)
+		}
+
 		// Set a cookie with the jwt token
 		api.SetCookie(w, service.JWTCookieName, jwt, session.ExpireAt, true)
 
@@ -82,9 +137,10 @@ func (api *API) postAuthBuiltinSigninHandler() service.Handler {
 
 		// Prepare http response
 		resp := sdk.AuthConsumerSigninResponse{
-			Token:  jwt,
-			User:   usr,
-			APIURL: api.Config.URL.API,
+			Token:   jwt,
+			User:    usr,
+			APIURL:  api.Config.URL.API,
+			Service: &srv,
 		}
 
 		if err := tx.Commit(); err != nil {

engine/api/auth_builtin_test.go

@@ -16,10 +16,14 @@ import (
 	"github.com/stretchr/testify/require"
 )
 
-func AuthentififyBuiltinConsumer(t *testing.T, api *API, jwsToken string) string {
+func AuthentififyBuiltinConsumer(t *testing.T, api *API, jwsToken string, srv *sdk.Service) string {
 	uri := api.Router.GetRoute("POST", api.postAuthBuiltinSigninHandler, nil)
 	require.NotEmpty(t, uri)
-	btes, err := json.Marshal(sdk.AuthConsumerSigninRequest{"token": jwsToken})
+	reqSignin := sdk.AuthConsumerSigninRequest{"token": jwsToken}
+	if srv != nil {
+		reqSignin["service"] = srv
+	}
+	btes, err := json.Marshal(reqSignin)
 	require.NoError(t, err)
 
 	t.Logf("signin with jws : %s", jwsToken)
@@ -49,8 +53,14 @@ func Test_postAuthBuiltinSigninHandler(t *testing.T) {
 	localConsumer, err := authentication.LoadConsumerByTypeAndUserID(context.TODO(), api.mustDB(), sdk.ConsumerLocal, usr.ID, authentication.LoadConsumerOptions.WithAuthentifiedUser)
 	require.NoError(t, err)
 
-	_, jws, err := builtin.NewConsumer(context.TODO(), db, sdk.RandomString(10), sdk.RandomString(10), 0, localConsumer, usr.GetGroupIDs(),
-		sdk.NewAuthConsumerScopeDetails(sdk.AuthConsumerScopeProject))
+	consumerOptions := builtin.NewConsumerOptions{
+		Name:        sdk.RandomString(10),
+		Description: sdk.RandomString(10),
+		Duration:    0,
+		GroupIDs:    usr.GetGroupIDs(),
+		Scopes:      sdk.NewAuthConsumerScopeDetails(sdk.AuthConsumerScopeProject),
+	}
+	_, jws, err := builtin.NewConsumer(context.TODO(), db, consumerOptions, localConsumer)
 	require.NoError(t, err)
-	AuthentififyBuiltinConsumer(t, api, jws)
+	AuthentififyBuiltinConsumer(t, api, jws, nil)
 }

engine/api/auth_consumer.go

@@ -84,8 +84,16 @@ func (api *API) postConsumerByUserHandler() service.Handler {
 		}
 
 		// Create the new built in consumer from request data
-		newConsumer, token, err := builtin.NewConsumer(ctx, tx, reqData.Name, reqData.Description, reqData.ValidityPeriods.Latest().Duration,
-			consumer, reqData.GroupIDs, reqData.ScopeDetails)
+		consumerOpts := builtin.NewConsumerOptions{
+			Name:        reqData.Name,
+			Description: reqData.Description,
+			Duration:    reqData.ValidityPeriods.Latest().Duration,
+			GroupIDs:    reqData.GroupIDs,
+			Scopes:      reqData.ScopeDetails,
+			ServiceName: reqData.ServiceName,
+			ServiceType: reqData.ServiceType,
+		}
+		newConsumer, token, err := builtin.NewConsumer(ctx, tx, consumerOpts, consumer)
 		if err != nil {
 			return err
 		}

engine/api/auth_consumer_test.go

@@ -25,8 +25,13 @@ func Test_getConsumersByUserHandler(t *testing.T) {
 		authentication.LoadConsumerOptions.WithAuthentifiedUser)
 	require.NoError(t, err)
 
-	consumer, _, err := builtin.NewConsumer(context.TODO(), db, sdk.RandomString(10), "", 0, localConsumer, nil,
-		sdk.NewAuthConsumerScopeDetails(sdk.AuthConsumerScopeUser))
+	consumerOptions := builtin.NewConsumerOptions{
+		Name:        sdk.RandomString(10),
+		Description: sdk.RandomString(10),
+		Duration:    0,
+		Scopes:      sdk.NewAuthConsumerScopeDetails(sdk.AuthConsumerScopeUser),
+	}
+	consumer, _, err := builtin.NewConsumer(context.TODO(), db, consumerOptions, localConsumer)
 	require.NoError(t, err)
 
 	uri := api.Router.GetRoute(http.MethodGet, api.getConsumersByUserHandler, map[string]string{
@@ -112,8 +117,13 @@ func Test_deleteConsumerByUserHandler(t *testing.T) {
 	localConsumer, err := authentication.LoadConsumerByTypeAndUserID(context.TODO(), db, sdk.ConsumerLocal, u.ID,
 		authentication.LoadConsumerOptions.WithAuthentifiedUser)
 	require.NoError(t, err)
-	newConsumer, _, err := builtin.NewConsumer(context.TODO(), db, sdk.RandomString(10), "", 0, localConsumer, nil,
-		sdk.NewAuthConsumerScopeDetails(sdk.AuthConsumerScopeAccessToken))
+	consumerOptions := builtin.NewConsumerOptions{
+		Name:        sdk.RandomString(10),
+		Description: sdk.RandomString(10),
+		Duration:    0,
+		Scopes:      sdk.NewAuthConsumerScopeDetails(sdk.AuthConsumerScopeAccessToken),
+	}
+	newConsumer, _, err := builtin.NewConsumer(context.TODO(), db, consumerOptions, localConsumer)
 	require.NoError(t, err)
 	cs, err := authentication.LoadConsumersByUserID(context.TODO(), db, u.ID)
 	require.NoError(t, err)
@@ -152,8 +162,14 @@ func Test_postConsumerRegenByUserHandler(t *testing.T) {
 	api.Router.Mux.ServeHTTP(rec, req)
 	require.Equal(t, http.StatusForbidden, rec.Code)
 
-	builtinConsumer, signinToken1, err := builtin.NewConsumer(context.TODO(), db, sdk.RandomString(10), "", 0, localConsumer, nil,
-		sdk.NewAuthConsumerScopeDetails(sdk.AuthConsumerScopeUser, sdk.AuthConsumerScopeAccessToken))
+	consumerOptions := builtin.NewConsumerOptions{
+		Name:        sdk.RandomString(10),
+		Description: sdk.RandomString(10),
+		Duration:    0,
+		Scopes:      sdk.NewAuthConsumerScopeDetails(sdk.AuthConsumerScopeUser, sdk.AuthConsumerScopeAccessToken),
+	}
+
+	builtinConsumer, signinToken1, err := builtin.NewConsumer(context.TODO(), db, consumerOptions, localConsumer)
 	require.NoError(t, err)
 	session, err := authentication.NewSession(context.TODO(), db, builtinConsumer, 5*time.Minute)
 	require.NoError(t, err, "cannot create session")
@@ -297,8 +313,11 @@ func Test_getSessionsByUserHandler(t *testing.T) {
 		authentication.LoadConsumerOptions.WithAuthentifiedUser)
 	require.NoError(t, err)
 
-	consumer, _, err := builtin.NewConsumer(context.TODO(), db, sdk.RandomString(10), "", 0, localConsumer, nil,
-		sdk.NewAuthConsumerScopeDetails(sdk.AuthConsumerScopeUser))
+	consumerOptions := builtin.NewConsumerOptions{
+		Name:   sdk.RandomString(10),
+		Scopes: sdk.NewAuthConsumerScopeDetails(sdk.AuthConsumerScopeUser),
+	}
+	consumer, _, err := builtin.NewConsumer(context.TODO(), db, consumerOptions, localConsumer)
 	require.NoError(t, err)
 	s2, err := authentication.NewSession(context.TODO(), db, consumer, time.Second)
 	require.NoError(t, err)
@@ -330,8 +349,11 @@ func Test_deleteSessionByUserHandler(t *testing.T) {
 		authentication.LoadConsumerOptions.WithAuthentifiedUser)
 	require.NoError(t, err)
 
-	consumer, _, err := builtin.NewConsumer(context.TODO(), db, sdk.RandomString(10), "", 0, localConsumer, nil,
-		sdk.NewAuthConsumerScopeDetails(sdk.AuthConsumerScopeUser))
+	consumerOptions := builtin.NewConsumerOptions{
+		Name:   sdk.RandomString(10),
+		Scopes: sdk.NewAuthConsumerScopeDetails(sdk.AuthConsumerScopeUser),
+	}
+	consumer, _, err := builtin.NewConsumer(context.TODO(), db, consumerOptions, localConsumer)
 	require.NoError(t, err)
 	s2, err := authentication.NewSession(context.TODO(), db, consumer, time.Second)
 	require.NoError(t, err)