Merge branch 'main' into PPF-477-credentials-polling

.env.ci

@@ -75,6 +75,7 @@ AUTH0_LOGIN_CLIENT_SECRET=***
 AUTH0_LOGIN_REDIRECT_URI=http://localhost/auth/callback
 
 AUTH0_CLIENT_CREATION_ENABLED=true
+
 # MUST always be set to DEV tenant config except for the .env for the production app!
 # Otherwise local/staging/acceptance/testing environments of publiq platform will create real clients on acc/test/prod.
 AUTH0_ACC_TENANT_DOMAIN=publiq-dev.eu.auth0.com
@@ -131,6 +132,11 @@ INSIGHTLY_ENABLED=true
 INSIGHTLY_HOST=https://api.insight.ly/v3.1/
 INSIGHTLY_API_KEY=
 
+SLACK_BOT_TOKEN=***
+SLACK_BASE_URI=https://slack.com/api/
+SLACK_TECHNICAL_SUPPORT_CHANNEL_ID=***
+SLACK_PUBLIQ_PLATFORM_CHANNEL_ID=***
+
 SENTRY_LARAVEL_ENABLED=true
 SENTRY_LARAVEL_DSN=
 
@@ -141,5 +147,41 @@ E2E_TEST_PASSWORD=
 E2E_TEST_ADMIN_EMAIL=[email protected]
 E2E_TEST_ADMIN_PASSWORD=
 
-UITPAS_INTEGRATION_TYPE_ENABLED=true
+UITPAS_INTEGRATION_TYPE_ENABLED=false
+UITPAS_INTEGRATION_TYPE_ENABLED=false
 VITE_UITPAS_INTEGRATION_TYPE_ENABLED=${UITPAS_INTEGRATION_TYPE_ENABLED}
+
+KEYCLOAK_ENABLED=true
+
+KEYCLOAK_ACC_BASE_URL='https://account.kcpoc.lodgon.com/'
+KEYCLOAK_ACC_REALM_NAME='myrealm'
+KEYCLOAK_ACC_CLIENT_ID='php_client'
+KEYCLOAK_ACC_CLIENT_SECRET='super-secret'
+
+# Incorrect values, but need to contain a valid UUID formatted string
+KEYCLOAK_ACC_SCOPE_SEARCH_API_ID='06059529-74b5-422a-a499-ffcaf065d437' #publiq-api-sapi-scope
+KEYCLOAK_ACC_SCOPE_ENTRY_API_ID='d8a54568-26da-412b-a441-d5e2fad84478' #publiq-api-entry-scope
+KEYCLOAK_ACC_SCOPE_UITPAS_ID='bcfb28cc-454f-488a-b080-6a29d9c0158e'#uitpas-scope
+
+KEYCLOAK_TEST_BASE_URL='https://account.kcpoc.lodgon.com/'
+KEYCLOAK_TEST_REALM_NAME='myrealm'
+KEYCLOAK_TEST_CLIENT_ID='php_client'
+KEYCLOAK_TEST_CLIENT_SECRET='super-secret'
+
+# Incorrect values, but need to contain a valid UUID formatted string
+KEYCLOAK_TEST_SCOPE_SEARCH_API_ID='06059529-74b5-422a-a499-ffcaf065d437' #publiq-api-sapi-scope
+KEYCLOAK_TEST_SCOPE_ENTRY_API_ID='d8a54568-26da-412b-a441-d5e2fad84478' #publiq-api-entry-scope
+KEYCLOAK_TEST_SCOPE_UITPAS_ID='bcfb28cc-454f-488a-b080-6a29d9c0158e'#uitpas-scope
+
+KEYCLOAK_PROD_BASE_URL='https://account.kcpoc.lodgon.com/'
+KEYCLOAK_PROD_REALM_NAME='myrealm'
+KEYCLOAK_PROD_CLIENT_ID='php_client'
+KEYCLOAK_PROD_CLIENT_SECRET='super-secret'
+
+# Incorrect values, but need to contain a valid UUID formatted string
+KEYCLOAK_PROD_SCOPE_SEARCH_API_ID='06059529-74b5-422a-a499-ffcaf065d437' #publiq-api-sapi-scope
+KEYCLOAK_PROD_SCOPE_ENTRY_API_ID='d8a54568-26da-412b-a441-d5e2fad84478' #publiq-api-entry-scope
+KEYCLOAK_PROD_SCOPE_UITPAS_ID='bcfb28cc-454f-488a-b080-6a29d9c0158e'#uitpas-scope
+
+SEARCH_BASE_URI=https://search-acc.uitdatabank.be/
+SEARCH_API_KEY=

.env.example

@@ -142,6 +142,8 @@ GTAG_MEASUREMENT_ID=
 
 SLACK_BOT_TOKEN=
 SLACK_CHANNEL_ID=
+SLACK_TECHNICAL_SUPPORT_CHANNEL_ID=***
+SLACK_PUBLIQ_PLATFORM_CHANNEL_ID=***
 
 GTM_ID=
 

Jenkinsfile

@@ -90,7 +90,7 @@ pipeline {
             }
         }
 
-        stage('Acceptance tests') {
+        /* stage('Acceptance tests') {
             agent { label 'ubuntu && 20.04 && nodejs18' }
             environment {
                 E2E_TEST_BASE_URL = 'https://platform-acc.publiq.be'
@@ -131,7 +131,7 @@ pipeline {
                     cleanWs()
                 }
             }
-        }
+        } */
 
         stage('Deploy to testing') {
             input { message "Deploy to Testing?" }

Makefile

@@ -47,7 +47,7 @@ test-filter:
 	vendor/bin/sail composer test -- --filter=$(filter)
 
 test-insightly:
-	vendor/bin/sail composer test tests/Insightly/InsightlyClientTest.php
+	vendor/bin/sail composer test tests/Insightly/HttpInsightlyClientTest.php
 
 ci: lint stan test
 

app/Auth0/Auth0ClusterSDK.php

@@ -61,10 +61,10 @@ public function blockClients(Auth0Client ...$auth0Clients): void
         }
     }
 
-    public function activateClients(Auth0Client ...$auth0Clients): void
+    public function unblockClients(Auth0Client ...$auth0Clients): void
     {
         foreach ($auth0Clients as $auth0Client) {
-            $this->auth0TenantSDKs[$auth0Client->tenant->value]->activateClient($auth0Client);
+            $this->auth0TenantSDKs[$auth0Client->tenant->value]->unblockClient($auth0Client);
         }
     }
 

app/Auth0/Auth0Config.php

@@ -0,0 +1,10 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Auth0;
+
+final class Auth0Config
+{
+    public const IS_ENABLED = 'auth0.enabled';
+}

app/Auth0/Auth0ServiceProvider.php

@@ -4,25 +4,29 @@
 
 namespace App\Auth0;
 
-use App\Auth0\Jobs\ActivateClient;
-use App\Auth0\Jobs\ActivateClientHandler;
+use App\Auth0\Jobs\UnblockClient;
+use App\Auth0\Jobs\UnblockClientHandler;
 use App\Auth0\Jobs\BlockClient;
 use App\Auth0\Jobs\BlockClientHandler;
 use App\Auth0\Jobs\CreateMissingClients;
 use App\Auth0\Jobs\CreateMissingClientsHandler;
 use App\Auth0\Listeners\BlockClients;
 use App\Auth0\Listeners\CreateClients;
+use App\Auth0\Listeners\UnblockClients;
 use App\Auth0\Listeners\UpdateClients;
 use App\Auth0\Repositories\Auth0ClientRepository;
 use App\Auth0\Repositories\Auth0ManagementUserRepository;
 use App\Auth0\Repositories\Auth0UserRepository;
 use App\Auth0\Repositories\EloquentAuth0ClientRepository;
 use App\Domain\Integrations\Events\IntegrationBlocked;
 use App\Domain\Integrations\Events\IntegrationCreated;
+use App\Domain\Integrations\Events\IntegrationDeleted;
+use App\Domain\Integrations\Events\IntegrationUnblocked;
 use App\Domain\Integrations\Events\IntegrationUpdated;
 use App\Domain\Integrations\Events\IntegrationUrlCreated;
 use App\Domain\Integrations\Events\IntegrationUrlDeleted;
 use App\Domain\Integrations\Events\IntegrationUrlUpdated;
+use App\Keycloak\KeycloakConfig;
 use Auth0\SDK\Configuration\SdkConfiguration;
 use Illuminate\Support\Facades\App;
 use Illuminate\Support\Facades\Event;
@@ -89,22 +93,25 @@ public function register(): void
             );
         });
 
-        if (config('auth0.enabled')) {
+        if (config(KeycloakConfig::IS_ENABLED)) {
             // By default, the Auth0 integration is enabled. For testing purposes this can be disabled inside the .env file.
 
             // May always be registered even if there are no configured tenants, because in that case the cluster SDK will
             // just not have any tenant SDKs to loop over and so it simply won't do anything. But it won't crash either.
             Event::listen(IntegrationCreated::class, [CreateClients::class, 'handle']);
-            Event::listen(CreateMissingClients::class, [CreateMissingClientsHandler::class, 'handle']);
             Event::listen(IntegrationUpdated::class, [UpdateClients::class, 'handle']);
             Event::listen(IntegrationBlocked::class, [BlockClients::class, 'handle']);
+            Event::listen(IntegrationUnblocked::class, [UnblockClients::class, 'handle']);
+            Event::listen(IntegrationDeleted::class, [BlockClients::class, 'handle']);
 
             Event::listen(IntegrationUrlCreated::class, [UpdateClients::class, 'handle']);
             Event::listen(IntegrationUrlUpdated::class, [UpdateClients::class, 'handle']);
             Event::listen(IntegrationUrlDeleted::class, [UpdateClients::class, 'handle']);
 
-            Event::listen(ActivateClient::class, [ActivateClientHandler::class, 'handle']);
+            Event::listen(UnblockClient::class, [UnblockClientHandler::class, 'handle']);
             Event::listen(BlockClient::class, [BlockClientHandler::class, 'handle']);
+
+            Event::listen(CreateMissingClients::class, [CreateMissingClientsHandler::class, 'handle']);
         }
     }
 }

app/Auth0/Auth0TenantSDK.php

@@ -125,7 +125,7 @@ public function blockClient(Auth0Client $auth0Client): void
         );
     }
 
-    public function activateClient(Auth0Client $auth0Client): void
+    public function unblockClient(Auth0Client $auth0Client): void
     {
         $this->callApiWithTokenRefresh(
             fn () => $this->management->clients()->update(

app/Auth0/Events/ClientActivated.php → app/Auth0/Events/ClientUnblocked.php

@@ -7,7 +7,7 @@
 use Illuminate\Foundation\Events\Dispatchable;
 use Ramsey\Uuid\UuidInterface;
 
-final class ClientActivated
+final class ClientUnblocked
 {
     use Dispatchable;
 

app/Auth0/Jobs/ActivateClient.php → app/Auth0/Jobs/UnblockClient.php

@@ -7,7 +7,7 @@
 use Illuminate\Foundation\Events\Dispatchable;
 use Ramsey\Uuid\UuidInterface;
 
-final class ActivateClient
+final class UnblockClient
 {
     use Dispatchable;
 

app/Auth0/Jobs/ActivateClientHandler.php → app/Auth0/Jobs/UnblockClientHandler.php

@@ -5,13 +5,13 @@
 namespace App\Auth0\Jobs;
 
 use App\Auth0\Auth0ClusterSDK;
-use App\Auth0\Events\ClientActivated;
+use App\Auth0\Events\ClientUnblocked;
 use App\Auth0\Repositories\Auth0ClientRepository;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Database\Eloquent\ModelNotFoundException;
 use Psr\Log\LoggerInterface;
 
-final class ActivateClientHandler implements ShouldQueue
+final class UnblockClientHandler implements ShouldQueue
 {
     public function __construct(
         private readonly Auth0ClusterSDK $clusterSDK,
@@ -21,13 +21,13 @@ public function __construct(
     }
 
     public function handle(
-        ActivateClient $event
+        UnblockClient $event
     ): void {
         try {
-            $this->clusterSDK->activateClients($this->auth0ClientRepository->getById($event->id));
+            $this->clusterSDK->unblockClients($this->auth0ClientRepository->getById($event->id));
         } catch (ModelNotFoundException $e) {
             $this->logger->error(
-                'Failed to activate Auth0 client: ' . $e->getMessage(),
+                'Failed to unblock Auth0 client: ' . $e->getMessage(),
                 [
                     'domain' => 'auth0',
                     'id' => $event->id,
@@ -36,13 +36,13 @@ public function handle(
             return;
         }
         $this->logger->info(
-            'Auth0 client activated',
+            'Auth0 client unblocked',
             [
                 'domain' => 'auth0',
                 'id' => $event->id,
             ]
         );
 
-        ClientActivated::dispatch($event->id);
+        ClientUnblocked::dispatch($event->id);
     }
 }

app/Auth0/Listeners/BlockClients.php

@@ -7,6 +7,7 @@
 use App\Auth0\Auth0ClusterSDK;
 use App\Auth0\Repositories\Auth0ClientRepository;
 use App\Domain\Integrations\Events\IntegrationBlocked;
+use App\Domain\Integrations\Events\IntegrationDeleted;
 use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Psr\Log\LoggerInterface;
@@ -23,25 +24,25 @@ public function __construct(
     ) {
     }
 
-    public function handle(IntegrationBlocked $integrationBlocked): void
+    public function handle(IntegrationBlocked|IntegrationDeleted $event): void
     {
-        $auth0Clients = $this->auth0ClientRepository->getByIntegrationId($integrationBlocked->id);
+        $auth0Clients = $this->auth0ClientRepository->getByIntegrationId($event->id);
 
         $this->clusterSDK->blockClients(...$auth0Clients);
 
         $this->logger->info(
             'Auth0 client(s) blocked',
             [
                 'domain' => 'auth0',
-                'integration_id' => $integrationBlocked->id->toString(),
+                'integration_id' => $event->id->toString(),
             ]
         );
     }
 
-    public function failed(IntegrationBlocked $integrationBlocked, Throwable $throwable): void
+    public function failed(IntegrationBlocked|IntegrationDeleted $event, Throwable $throwable): void
     {
         $this->logger->error('Failed to block Auth0 client(s)', [
-            'integration_id' => $integrationBlocked->id->toString(),
+            'integration_id' => $event->id->toString(),
             'exception' => $throwable,
         ]);
     }

app/Auth0/Listeners/UnblockClients.php

@@ -0,0 +1,48 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Auth0\Listeners;
+
+use App\Auth0\Auth0ClusterSDK;
+use App\Auth0\Repositories\Auth0ClientRepository;
+use App\Domain\Integrations\Events\IntegrationUnblocked;
+use Illuminate\Bus\Queueable;
+use Illuminate\Contracts\Queue\ShouldQueue;
+use Psr\Log\LoggerInterface;
+use Throwable;
+
+final class UnblockClients implements ShouldQueue
+{
+    use Queueable;
+
+    public function __construct(
+        private readonly Auth0ClusterSDK $clusterSDK,
+        private readonly Auth0ClientRepository $auth0ClientRepository,
+        private readonly LoggerInterface $logger,
+    ) {
+    }
+
+    public function handle(IntegrationUnblocked $integrationUnblocked): void
+    {
+        $auth0Clients = $this->auth0ClientRepository->getByIntegrationId($integrationUnblocked->id);
+
+        $this->clusterSDK->unblockClients(...$auth0Clients);
+
+        $this->logger->info(
+            'Auth0 client(s) unblocked',
+            [
+                'domain' => 'auth0',
+                'integration_id' => $integrationUnblocked->id->toString(),
+            ]
+        );
+    }
+
+    public function failed(IntegrationUnblocked $integrationUnblocked, Throwable $throwable): void
+    {
+        $this->logger->error('Failed to unblock Auth0 client(s)', [
+            'integration_id' => $integrationUnblocked->id->toString(),
+            'exception' => $throwable,
+        ]);
+    }
+}