From 2302aa28fe836f829fd963970d2f4ea8440262c6 Mon Sep 17 00:00:00 2001 From: Tolga Ozen Date: Thu, 30 May 2024 10:49:45 +0300 Subject: [PATCH 1/5] chore: update Go version to 1.22.3 --- .github/workflows/coverage.yml | 2 +- .github/workflows/nightly.yaml | 2 +- .github/workflows/release.yml | 2 +- go.mod | 4 ++-- tools/go.mod | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 1c1286fa1..ee9f349b2 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -16,7 +16,7 @@ jobs: - name: Set up Go uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: - go-version: '1.21' + go-version: '1.22' - name: Check out code uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Install dependencies diff --git a/.github/workflows/nightly.yaml b/.github/workflows/nightly.yaml index a161fffd0..176e23ea3 100644 --- a/.github/workflows/nightly.yaml +++ b/.github/workflows/nightly.yaml @@ -23,7 +23,7 @@ jobs: - name: Set up Go uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: - go-version: ~1.21.3 + go-version: ~1.22.3 - name: Log in to GHCR uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 26b843144..0ae634d14 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -23,7 +23,7 @@ jobs: - name: Set up Go uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: - go-version: ~1.21.3 + go-version: ~1.22.3 - name: Log in to GHCR uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 with: diff --git a/go.mod b/go.mod index 5a91050a9..60a6b0499 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/Permify/permify -go 1.21 +go 1.22 require ( github.com/Masterminds/squirrel v1.5.4 @@ -66,6 +66,7 @@ require ( ) require ( + github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 // indirect github.com/distribution/reference v0.5.0 // indirect github.com/felixge/httpsnoop v1.0.3 // indirect @@ -95,7 +96,6 @@ require ( github.com/containerd/containerd v1.7.12 // indirect github.com/containerd/log v0.1.0 // indirect github.com/cpuguy83/dockercfg v0.3.1 // indirect - github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/docker/docker v25.0.5+incompatible // indirect github.com/docker/go-connections v0.5.0 // indirect github.com/docker/go-units v0.5.0 // indirect diff --git a/tools/go.mod b/tools/go.mod index b45edcd82..d97f87a6a 100644 --- a/tools/go.mod +++ b/tools/go.mod @@ -1,3 +1,3 @@ module github.com/Permify/permify/tools -go 1.21 +go 1.22 From 05e96bd72c341d890072f77bf979cc711c62853a Mon Sep 17 00:00:00 2001 From: Tolga Ozen Date: Thu, 30 May 2024 10:49:55 +0300 Subject: [PATCH 2/5] build: version info update --- docs/api-reference/apidocs.swagger.json | 2 +- internal/info.go | 2 +- pkg/pb/base/v1/openapi.pb.go | 2 +- proto/base/v1/openapi.proto | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/api-reference/apidocs.swagger.json b/docs/api-reference/apidocs.swagger.json index c7e894389..693a546dd 100644 --- a/docs/api-reference/apidocs.swagger.json +++ b/docs/api-reference/apidocs.swagger.json @@ -3,7 +3,7 @@ "info": { "title": "Permify API", "description": "Permify is an open source authorization service for creating fine-grained and scalable authorization systems.", - "version": "v0.8.8", + "version": "v0.9.0", "contact": { "name": "API Support", "url": "https://github.com/Permify/permify/issues", diff --git a/internal/info.go b/internal/info.go index b3ed9b33a..19ebae3ea 100644 --- a/internal/info.go +++ b/internal/info.go @@ -23,7 +23,7 @@ var Identifier = "" */ const ( // Version is the last release of the Permify (e.g. v0.1.0) - Version = "v0.8.8" + Version = "v0.9.0" ) // Function to create a single line of the ASCII art with centered content and color diff --git a/pkg/pb/base/v1/openapi.pb.go b/pkg/pb/base/v1/openapi.pb.go index 0ced39723..0ddd045da 100644 --- a/pkg/pb/base/v1/openapi.pb.go +++ b/pkg/pb/base/v1/openapi.pb.go @@ -46,7 +46,7 @@ var file_base_v1_openapi_proto_rawDesc = []byte{ 0x2f, 0x2f, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x66, 0x79, 0x2f, 0x70, 0x65, 0x72, 0x6d, 0x69, 0x66, 0x79, 0x2f, 0x62, 0x6c, 0x6f, 0x62, 0x2f, 0x6d, 0x61, 0x73, 0x74, 0x65, 0x72, 0x2f, 0x4c, 0x49, 0x43, 0x45, 0x4e, 0x53, 0x45, - 0x32, 0x06, 0x76, 0x30, 0x2e, 0x38, 0x2e, 0x38, 0x2a, 0x01, 0x02, 0x32, 0x10, 0x61, 0x70, 0x70, + 0x32, 0x06, 0x76, 0x30, 0x2e, 0x39, 0x2e, 0x30, 0x2a, 0x01, 0x02, 0x32, 0x10, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x6a, 0x73, 0x6f, 0x6e, 0x3a, 0x10, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x6a, 0x73, 0x6f, 0x6e, 0x5a, 0x23, 0x0a, 0x21, 0x0a, 0x0a, 0x41, 0x70, 0x69, 0x4b, 0x65, 0x79, 0x41, 0x75, 0x74, 0x68, 0x12, diff --git a/proto/base/v1/openapi.proto b/proto/base/v1/openapi.proto index a50ad54a7..a10903ac6 100644 --- a/proto/base/v1/openapi.proto +++ b/proto/base/v1/openapi.proto @@ -9,7 +9,7 @@ option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_swagger) = { info: { title: "Permify API"; description: "Permify is an open source authorization service for creating fine-grained and scalable authorization systems."; - version: "v0.8.8"; + version: "v0.9.0"; contact: { name: "API Support"; url: "https://github.com/Permify/permify/issues"; From 303edae6c25687f73ac52c521ac7f7bfafaeea25 Mon Sep 17 00:00:00 2001 From: Tolga Ozen Date: Thu, 30 May 2024 11:05:55 +0300 Subject: [PATCH 3/5] Revert "chore: update Go version to 1.22.3" This reverts commit 2302aa28fe836f829fd963970d2f4ea8440262c6. --- .github/workflows/coverage.yml | 2 +- .github/workflows/nightly.yaml | 2 +- .github/workflows/release.yml | 2 +- go.mod | 4 ++-- tools/go.mod | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index ee9f349b2..1c1286fa1 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -16,7 +16,7 @@ jobs: - name: Set up Go uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: - go-version: '1.22' + go-version: '1.21' - name: Check out code uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Install dependencies diff --git a/.github/workflows/nightly.yaml b/.github/workflows/nightly.yaml index 176e23ea3..a161fffd0 100644 --- a/.github/workflows/nightly.yaml +++ b/.github/workflows/nightly.yaml @@ -23,7 +23,7 @@ jobs: - name: Set up Go uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: - go-version: ~1.22.3 + go-version: ~1.21.3 - name: Log in to GHCR uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0ae634d14..26b843144 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -23,7 +23,7 @@ jobs: - name: Set up Go uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: - go-version: ~1.22.3 + go-version: ~1.21.3 - name: Log in to GHCR uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 with: diff --git a/go.mod b/go.mod index 60a6b0499..5a91050a9 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/Permify/permify -go 1.22 +go 1.21 require ( github.com/Masterminds/squirrel v1.5.4 @@ -66,7 +66,6 @@ require ( ) require ( - github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 // indirect github.com/distribution/reference v0.5.0 // indirect github.com/felixge/httpsnoop v1.0.3 // indirect @@ -96,6 +95,7 @@ require ( github.com/containerd/containerd v1.7.12 // indirect github.com/containerd/log v0.1.0 // indirect github.com/cpuguy83/dockercfg v0.3.1 // indirect + github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/docker/docker v25.0.5+incompatible // indirect github.com/docker/go-connections v0.5.0 // indirect github.com/docker/go-units v0.5.0 // indirect diff --git a/tools/go.mod b/tools/go.mod index d97f87a6a..b45edcd82 100644 --- a/tools/go.mod +++ b/tools/go.mod @@ -1,3 +1,3 @@ module github.com/Permify/permify/tools -go 1.22 +go 1.21 From 55f35f46d782b5b8ede6d33f6e1e83d7a57d95a1 Mon Sep 17 00:00:00 2001 From: Tolga Ozen Date: Thu, 30 May 2024 11:53:28 +0300 Subject: [PATCH 4/5] test: add EnsureDBVersion tests for Postgres version validation --- internal/storage/postgres/postgres_test.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/internal/storage/postgres/postgres_test.go b/internal/storage/postgres/postgres_test.go index f6c16be48..1ccda56e8 100644 --- a/internal/storage/postgres/postgres_test.go +++ b/internal/storage/postgres/postgres_test.go @@ -14,6 +14,7 @@ import ( "github.com/Permify/permify/internal/config" "github.com/Permify/permify/internal/storage" + "github.com/Permify/permify/internal/storage/postgres/utils" "github.com/Permify/permify/pkg/database" PQDatabase "github.com/Permify/permify/pkg/database/postgres" ) @@ -85,6 +86,9 @@ func postgresDB(postgresVersion string) database.Database { PQDatabase.MaxConnectionLifeTime(cfg.MaxConnectionLifetime), ) + _, err = utils.EnsureDBVersion(db.(*PQDatabase.Postgres).WritePool) + Expect(err).ShouldNot(HaveOccurred()) + return db } From d00629ccfbd9d59f4bbff3b5f03fe20f62d6123f Mon Sep 17 00:00:00 2001 From: Tolga Ozen Date: Thu, 30 May 2024 12:15:25 +0300 Subject: [PATCH 5/5] test: add Authenticate Id Token test cases for OIDC authentication --- internal/authn/oidc/authn_test.go | 50 +++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) diff --git a/internal/authn/oidc/authn_test.go b/internal/authn/oidc/authn_test.go index 22b39cd74..269bc7c2d 100644 --- a/internal/authn/oidc/authn_test.go +++ b/internal/authn/oidc/authn_test.go @@ -12,6 +12,7 @@ import ( . "github.com/onsi/gomega" "github.com/Permify/permify/internal/config" + base `github.com/Permify/permify/pkg/pb/base/v1` ) var _ = Describe("authn-oidc", func() { @@ -240,6 +241,55 @@ var _ = Describe("authn-oidc", func() { Expect(err).ShouldNot(Equal(BeNil())) }) }) + + Context("Authenticate Id Token", func() { + It("Case 1", func() { + // create authenticator + ctx := context.Background() + auth, err := NewOidcAuthn(ctx, config.Oidc{ + Audience: audience, + Issuer: issuerURL, + }) + Expect(err).To(BeNil()) + + // authenticate + niceMd := make(metautils.NiceMD) + niceMd.Set("authorization", "Bearer ") + err = auth.Authenticate(niceMd.ToIncoming(ctx)) + Expect(err.Error()).Should(Equal(base.ErrorCode_ERROR_CODE_INVALID_BEARER_TOKEN.String())) + }) + + It("Case 2", func() { + // create authenticator + ctx := context.Background() + auth, err := NewOidcAuthn(ctx, config.Oidc{ + Audience: audience, + Issuer: issuerURL, + }) + Expect(err).To(BeNil()) + + // authenticate + niceMd := make(metautils.NiceMD) + err = auth.Authenticate(niceMd.ToIncoming(ctx)) + Expect(err.Error()).Should(Equal(base.ErrorCode_ERROR_CODE_MISSING_BEARER_TOKEN.String())) + }) + + It("Case 3", func() { + // create authenticator + ctx := context.Background() + auth, err := NewOidcAuthn(ctx, config.Oidc{ + Audience: audience, + Issuer: issuerURL, + }) + Expect(err).To(BeNil()) + + // authenticate + niceMd := make(metautils.NiceMD) + niceMd.Set("authorization", "Bearer asd") + err = auth.Authenticate(niceMd.ToIncoming(ctx)) + Expect(err.Error()).Should(Equal(base.ErrorCode_ERROR_CODE_INVALID_BEARER_TOKEN.String())) + }) + }) }) func claimOverride(current, overrider *jwt.RegisteredClaims) {