From d178c8835af77ec8c61884854ba76e4c20502a88 Mon Sep 17 00:00:00 2001 From: Akshith Madhur Date: Wed, 13 Mar 2024 12:24:23 +0530 Subject: [PATCH 1/2] feat: add new validation routes --- docker-compose.yml | 3 +- .../action/organisation/application/route.go | 1 + .../organisation/application/space/route.go | 4 +- .../application/space/validate_token.go | 46 +++++++++++++ .../application/validate_token.go | 68 +++++++++++++++++++ server/action/organisation/route.go | 7 +- server/action/organisation/validate_token.go | 67 ++++++++++++++++++ 7 files changed, 191 insertions(+), 5 deletions(-) create mode 100644 server/action/organisation/application/space/validate_token.go create mode 100644 server/action/organisation/application/validate_token.go create mode 100644 server/action/organisation/validate_token.go diff --git a/docker-compose.yml b/docker-compose.yml index e9bedade..4ea62330 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -194,9 +194,8 @@ services: restart: on-failure networks: - kavach - ########################################################################### - ####### KAVACH ####### + ####### KAVACH ####### ########################################################################### kavach-server: depends_on: diff --git a/server/action/organisation/application/route.go b/server/action/organisation/application/route.go index 63215033..bef43ba6 100644 --- a/server/action/organisation/application/route.go +++ b/server/action/organisation/application/route.go @@ -31,6 +31,7 @@ func Router() chi.Router { r.Post("/", create) r.Get("/", list) r.Get("/default", listDefault) + r.Post("/token/validate", validate_token) r.Get("/{application_slug}/access", access) r.Route("/{application_id}", func(r chi.Router) { r.Get("/", details) diff --git a/server/action/organisation/application/space/route.go b/server/action/organisation/application/space/route.go index fd33763f..3ae7fab4 100644 --- a/server/action/organisation/application/space/route.go +++ b/server/action/organisation/application/space/route.go @@ -1,21 +1,23 @@ package space import ( + "github.com/factly/kavach-server/action/organisation/application/space/policy" "github.com/factly/kavach-server/action/organisation/application/space/roles" "github.com/factly/kavach-server/action/organisation/application/space/token" "github.com/factly/kavach-server/action/organisation/application/space/user" - "github.com/factly/kavach-server/action/organisation/application/space/policy" "github.com/go-chi/chi" ) const namespace string = "spaces" const appNamespace string = "applications" + // Router organisation func Router() chi.Router { r := chi.NewRouter() r.Post("/", create) r.Get("/", list) + r.Post("/token/validate", validate_token) r.Route("/{space_id}", func(r chi.Router) { r.Mount("/users", user.Router()) r.Delete("/", delete) diff --git a/server/action/organisation/application/space/validate_token.go b/server/action/organisation/application/space/validate_token.go new file mode 100644 index 00000000..ecbce9d0 --- /dev/null +++ b/server/action/organisation/application/space/validate_token.go @@ -0,0 +1,46 @@ +package space + +import ( + "encoding/json" + "errors" + "fmt" + "net/http" + + "github.com/factly/kavach-server/model" + "github.com/factly/x/errorx" + "github.com/factly/x/loggerx" + "github.com/factly/x/renderx" + "github.com/factly/x/validationx" +) + +func validate_token(w http.ResponseWriter, r *http.Request) { + + tokenBody := model.ValidationBody{} + err := json.NewDecoder(r.Body).Decode(&tokenBody) + if err != nil { + loggerx.Error(err) + errorx.Render(w, errorx.Parser(errorx.DecodeError())) + return + } + + validationError := validationx.Check(tokenBody) + if validationError != nil { + loggerx.Error(errors.New("validation error")) + errorx.Render(w, validationError) + return + } + fmt.Println(tokenBody.Token) + + spaceToken := model.SpaceToken{} + err = model.DB.Model(&model.SpaceToken{}).Where(&model.SpaceToken{ + Token: tokenBody.Token, + }).First(&spaceToken).Error + + if err != nil { + loggerx.Error(err) + errorx.Render(w, errorx.Parser(errorx.GetMessage("invalid space token", 403))) + return + } + + renderx.JSON(w, http.StatusOK, map[string]interface{}{"valid": true}) +} diff --git a/server/action/organisation/application/validate_token.go b/server/action/organisation/application/validate_token.go new file mode 100644 index 00000000..c285f557 --- /dev/null +++ b/server/action/organisation/application/validate_token.go @@ -0,0 +1,68 @@ +package application + +import ( + "encoding/json" + "errors" + "net/http" + + "github.com/factly/kavach-server/model" + "github.com/factly/x/errorx" + "github.com/factly/x/loggerx" + "github.com/factly/x/renderx" + "github.com/factly/x/validationx" + "gorm.io/gorm" +) + +// validationBody request body +type validationBody struct { + Token string `json:"token" validate:"required"` +} + +// Validate - validate_token application token +// @Summary Show a application token +// @Description validate_token application token +// @Tags OrganisationApplicationsTokens +// @ID validate_token-organisation-application-token +// @Produce json +// @Param X-Organisation header string true "Organisation ID" +// @Param application_slug path string true "Application Slug" +// @Param ValidationBody body ValidationBody true "Validation Body" +// @Success 200 {object} model.Application +// @Router /applications/{application_id}/tokens/validate_token [post] +func validate_token(w http.ResponseWriter, r *http.Request) { + //parse applicaion_id + + tokenBody := validationBody{} + err := json.NewDecoder(r.Body).Decode(&tokenBody) + if err != nil { + loggerx.Error(err) + errorx.Render(w, errorx.Parser(errorx.DecodeError())) + return + } + + validationError := validationx.Check(tokenBody) + if validationError != nil { + loggerx.Error(errors.New("validation error")) + errorx.Render(w, validationError) + return + } + + appToken := model.ApplicationToken{} + // Fetch all tokens for a application + // to need to specify the organisation id as token itself is unique + err = model.DB.Model(&model.ApplicationToken{}).Where(&model.ApplicationToken{ + Token: tokenBody.Token, + }).First(&appToken).Error + + if err != nil { + loggerx.Error(err) + if err == gorm.ErrRecordNotFound { + renderx.JSON(w, http.StatusUnauthorized, map[string]interface{}{"valid": false}) + return + } + errorx.Render(w, errorx.Parser(errorx.InternalServerError())) + return + } + + renderx.JSON(w, http.StatusOK, map[string]interface{}{"valid": true}) +} diff --git a/server/action/organisation/route.go b/server/action/organisation/route.go index 6c2f022d..85e94ad9 100644 --- a/server/action/organisation/route.go +++ b/server/action/organisation/route.go @@ -11,19 +11,22 @@ import ( ) type orgWithRole struct { - Organisation model.Organisation `json:"organisation"` - Permission model.OrganisationUser `json:"permission"` + Organisation model.Organisation `json:"organisation"` + Permission model.OrganisationUser `json:"permission"` AllApplications []model.Application `json:"applications,omitempty"` } var userContext model.ContextKey = "organisation_user" + const namespace string = "organisations" + // Router organisation func Router() chi.Router { r := chi.NewRouter() r.Get("/my", list) r.Post("/", create) + r.Post("/token/validate", validate_token) // r.Get("/", all) r.Route("/{organisation_id}", func(r chi.Router) { r.Get("/", details) diff --git a/server/action/organisation/validate_token.go b/server/action/organisation/validate_token.go new file mode 100644 index 00000000..e77a027e --- /dev/null +++ b/server/action/organisation/validate_token.go @@ -0,0 +1,67 @@ +package organisation + +import ( + "encoding/json" + "errors" + "net/http" + + "github.com/factly/kavach-server/model" + "github.com/factly/x/errorx" + "github.com/factly/x/loggerx" + "github.com/factly/x/renderx" + "github.com/factly/x/validationx" + "gorm.io/gorm" +) + +// validationBody request body +type validationBody struct { + Token string `json:"token" validate:"required"` +} + +// Validate - validate_token organisation token +// @Summary Show a organisation token +// @Description validate_token organisation token +// @Tags OrganisationorganisationsTokens +// @ID validate_token-organisation-organisation-token +// @Produce json +// @Param X-Organisation header string true "Organisation ID" +// @Param organisation_slug path string true "Application Slug" +// @Param ValidationBody body ValidationBody true "Validation Body" +// @Success 200 {object} model.organisation +// @Router /organisations/{application_id}/tokens/validate_token [post] +func validate_token(w http.ResponseWriter, r *http.Request) { + //parse applicaion_id + + tokenBody := validationBody{} + err := json.NewDecoder(r.Body).Decode(&tokenBody) + if err != nil { + loggerx.Error(err) + errorx.Render(w, errorx.Parser(errorx.DecodeError())) + return + } + + validationError := validationx.Check(tokenBody) + if validationError != nil { + loggerx.Error(errors.New("validation error")) + errorx.Render(w, validationError) + return + } + + orgToken := model.OrganisationToken{} + // to need to specify the organisation id as token itself is unique + err = model.DB.Model(&model.OrganisationToken{}).Preload("Organisation").Where(&model.OrganisationToken{ + Token: tokenBody.Token, + }).First(&orgToken).Error + + if err != nil { + loggerx.Error(err) + if err == gorm.ErrRecordNotFound { + renderx.JSON(w, http.StatusUnauthorized, map[string]interface{}{"valid": false}) + return + } + errorx.Render(w, errorx.Parser(errorx.InternalServerError())) + return + } + + renderx.JSON(w, http.StatusOK, map[string]interface{}{"valid": true}) +} From 420408797020ef5fd7ac452a6dbcc554de1fec3d Mon Sep 17 00:00:00 2001 From: Akshith Madhur Date: Wed, 13 Mar 2024 12:26:38 +0530 Subject: [PATCH 2/2] fix space token validation issue --- server/action/organisation/application/space/token/validate.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server/action/organisation/application/space/token/validate.go b/server/action/organisation/application/space/token/validate.go index 5c4f522c..8ca23795 100644 --- a/server/action/organisation/application/space/token/validate.go +++ b/server/action/organisation/application/space/token/validate.go @@ -32,7 +32,7 @@ func Validate(w http.ResponseWriter, r *http.Request) { spaceToken := model.SpaceToken{} err = model.DB.Model(&model.SpaceToken{}).Where(&model.SpaceToken{ Token: tokenBody.Token, - }).Find(&spaceToken).Error + }).First(&spaceToken).Error if err != nil { loggerx.Error(err) errorx.Render(w, errorx.Parser(errorx.Unauthorized()))