[CLOUDTRUST-4658] Add client for bearer auth according to realm

fperot74 · web-flow · commit 79c7c4e50ac0 · 2023-01-31T10:47:27.000+01:00
diff --git a/advanced_auth_client.go b/advanced_auth_client.go
@@ -0,0 +1,95 @@
+package httpclient
+
+import (
+	"context"
+	"time"
+
+	"gopkg.in/h2non/gentleman.v2/plugin"
+	"gopkg.in/h2non/gentleman.v2/plugins/headers"
+)
+
+// OidcTokenProvider provides OIDC tokens
+type OidcTokenProvider interface {
+	ProvideToken(ctx context.Context) (string, error)
+	ProvideTokenForRealm(ctx context.Context, realm string) (string, error)
+}
+
+// RestClient interface
+type RestClient interface {
+	Get(data interface{}, plugins ...plugin.Plugin) error
+	Post(data interface{}, plugins ...plugin.Plugin) (string, error)
+	Delete(plugins ...plugin.Plugin) error
+	Put(plugins ...plugin.Plugin) error
+}
+
+type MultiRealmTokenClient struct {
+	client        *Client
+	tokenProvider OidcTokenProvider
+	realm         string
+}
+
+func NewMultiRealmTokenClient(addrAPI string, reqTimeout time.Duration, tokenProvider OidcTokenProvider) (*MultiRealmTokenClient, error) {
+	var client, err = New(addrAPI, reqTimeout)
+	if err != nil {
+		return nil, err
+	}
+	return &MultiRealmTokenClient{
+		client:        client,
+		tokenProvider: tokenProvider,
+		realm:         "",
+	}, nil
+}
+
+func (mrtc *MultiRealmTokenClient) ForRealm(realm string) RestClient {
+	return &MultiRealmTokenClient{
+		client:        mrtc.client,
+		tokenProvider: mrtc.tokenProvider,
+		realm:         realm,
+	}
+}
+
+func (mrtc *MultiRealmTokenClient) withRealmAuth(next func(pluginsWithAuth ...plugin.Plugin) (string, error), plugins ...plugin.Plugin) (string, error) {
+	var token string
+	var err error
+	if mrtc.realm != "" {
+		token, err = mrtc.tokenProvider.ProvideTokenForRealm(context.Background(), mrtc.realm)
+	} else {
+		token, err = mrtc.tokenProvider.ProvideToken(context.Background())
+	}
+	if err != nil {
+		return "", err
+	}
+	plugins = append(plugins, headers.Set("Authorization", "Bearer "+token))
+	return next(plugins...)
+}
+
+// Get is a HTTP GET method.
+func (mrtc *MultiRealmTokenClient) Get(data interface{}, plugins ...plugin.Plugin) error {
+	var _, err = mrtc.withRealmAuth(func(pluginsWithAuth ...plugin.Plugin) (string, error) {
+		return "", mrtc.client.Get(data, pluginsWithAuth...)
+	}, plugins...)
+	return err
+}
+
+// Post is a HTTP POST method
+func (mrtc *MultiRealmTokenClient) Post(data interface{}, plugins ...plugin.Plugin) (string, error) {
+	return mrtc.withRealmAuth(func(pluginsWithAuth ...plugin.Plugin) (string, error) {
+		return mrtc.client.Post(data, pluginsWithAuth...)
+	}, plugins...)
+}
+
+// Delete is a HTTP DELETE method
+func (mrtc *MultiRealmTokenClient) Delete(plugins ...plugin.Plugin) error {
+	var _, err = mrtc.withRealmAuth(func(pluginsWithAuth ...plugin.Plugin) (string, error) {
+		return "", mrtc.client.Delete(pluginsWithAuth...)
+	}, plugins...)
+	return err
+}
+
+// Put is a HTTP PUT method
+func (mrtc *MultiRealmTokenClient) Put(plugins ...plugin.Plugin) error {
+	var _, err = mrtc.withRealmAuth(func(pluginsWithAuth ...plugin.Plugin) (string, error) {
+		return "", mrtc.client.Put(pluginsWithAuth...)
+	}, plugins...)
+	return err
+}
diff --git a/advanced_auth_client_test.go b/advanced_auth_client_test.go
@@ -0,0 +1,77 @@
+package httpclient
+
+import (
+	"errors"
+	"testing"
+	"time"
+
+	"github.com/cloudtrust/httpclient/mock"
+	"github.com/golang/mock/gomock"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestNewMultiRealmTokenClient(t *testing.T) {
+	var mockCtrl = gomock.NewController(t)
+	defer mockCtrl.Finish()
+
+	var mockTokenProvider = mock.NewOidcTokenProvider((mockCtrl))
+	var tokenError = errors.New("token error")
+	var realm = "my-realm"
+
+	t.Run("Invalid URL", func(t *testing.T) {
+		var _, err = NewMultiRealmTokenClient(":/\000/", time.Minute, mockTokenProvider)
+		assert.NotNil(t, err)
+	})
+
+	var client, err = NewMultiRealmTokenClient("http://localhost", time.Minute, mockTokenProvider)
+	assert.Nil(t, err)
+
+	t.Run("GET", func(t *testing.T) {
+		t.Run("can't get token", func(t *testing.T) {
+			mockTokenProvider.EXPECT().ProvideToken(gomock.Any()).Return("", tokenError)
+			var err = client.Get(nil)
+			assert.Equal(t, tokenError, err)
+		})
+		t.Run("success", func(t *testing.T) {
+			mockTokenProvider.EXPECT().ProvideToken(gomock.Any()).Return("default-token", nil)
+			var err = client.Get(nil)
+			assert.NotEqual(t, tokenError, err)
+		})
+	})
+	t.Run("POST", func(t *testing.T) {
+		t.Run("can't get token", func(t *testing.T) {
+			mockTokenProvider.EXPECT().ProvideTokenForRealm(gomock.Any(), realm).Return("", tokenError)
+			var _, err = client.ForRealm(realm).Post(nil)
+			assert.Equal(t, tokenError, err)
+		})
+		t.Run("success", func(t *testing.T) {
+			mockTokenProvider.EXPECT().ProvideTokenForRealm(gomock.Any(), realm).Return("token-for-"+realm, nil)
+			var _, err = client.ForRealm(realm).Post(nil)
+			assert.NotEqual(t, tokenError, err)
+		})
+	})
+	t.Run("DELETE", func(t *testing.T) {
+		t.Run("can't get token", func(t *testing.T) {
+			mockTokenProvider.EXPECT().ProvideTokenForRealm(gomock.Any(), realm).Return("", tokenError)
+			var err = client.ForRealm(realm).Delete()
+			assert.Equal(t, tokenError, err)
+		})
+		t.Run("success", func(t *testing.T) {
+			mockTokenProvider.EXPECT().ProvideTokenForRealm(gomock.Any(), realm).Return("token-for-"+realm, nil)
+			var err = client.ForRealm(realm).Delete()
+			assert.NotEqual(t, tokenError, err)
+		})
+	})
+	t.Run("PUT", func(t *testing.T) {
+		t.Run("can't get token", func(t *testing.T) {
+			mockTokenProvider.EXPECT().ProvideTokenForRealm(gomock.Any(), realm).Return("", tokenError)
+			var err = client.ForRealm(realm).Put()
+			assert.Equal(t, tokenError, err)
+		})
+		t.Run("success", func(t *testing.T) {
+			mockTokenProvider.EXPECT().ProvideTokenForRealm(gomock.Any(), realm).Return("token-for-"+realm, nil)
+			var err = client.ForRealm(realm).Put()
+			assert.NotEqual(t, tokenError, err)
+		})
+	})
+}
diff --git a/mock_test.go b/mock_test.go
@@ -3,3 +3,4 @@ package httpclient
 import _ "github.com/golang/mock/mockgen/model"
 
 //go:generate mockgen --build_flags=--mod=mod -destination=./mock/http.go -package=mock -mock_names=Handler=Handler net/http Handler
+//go:generate mockgen --build_flags=--mod=mod -destination=./mock/token.go -package=mock -mock_names=OidcTokenProvider=OidcTokenProvider github.com/cloudtrust/httpclient OidcTokenProvider

Original file line number	Diff line number	Diff line change
`@@ -3,3 +3,4 @@ package httpclient`
`3`	`3`	`import _ "github.com/golang/mock/mockgen/model"`
`4`	`4`
`5`	`5`	`//go:generate mockgen --build_flags=--mod=mod -destination=./mock/http.go -package=mock -mock_names=Handler=Handler net/http Handler`
	`6`	`+//go:generate mockgen --build_flags=--mod=mod -destination=./mock/token.go -package=mock -mock_names=OidcTokenProvider=OidcTokenProvider github.com/cloudtrust/httpclient OidcTokenProvider`