Adds an API to refresh User access token

This adds an API to refresh access token for user. This requires user refresh token to be passed to get a new access token. Signed-off-by: Shivam Mukhade <[email protected]>
tektoncd · Jan 4, 2021 · e0e89ad · e0e89ad
1 parent 4f36cfc
commit e0e89ad
Show file tree

Hide file tree

Showing 29 changed files with 2,201 additions and 186 deletions.
diff --git a/api/cmd/api/http.go b/api/cmd/api/http.go
@@ -38,10 +38,12 @@ import (
 	resourcesvr "github.com/tektoncd/hub/api/gen/http/resource/server"
 	statussvr "github.com/tektoncd/hub/api/gen/http/status/server"
 	swaggersvr "github.com/tektoncd/hub/api/gen/http/swagger/server"
+	usersvr "github.com/tektoncd/hub/api/gen/http/user/server"
 	"github.com/tektoncd/hub/api/gen/log"
 	rating "github.com/tektoncd/hub/api/gen/rating"
 	resource "github.com/tektoncd/hub/api/gen/resource"
 	status "github.com/tektoncd/hub/api/gen/status"
+	user "github.com/tektoncd/hub/api/gen/user"
 )
 
 // handleHTTPServer starts configures and starts a HTTP server on the given
@@ -55,6 +57,7 @@ func handleHTTPServer(
 	ratingEndpoints *rating.Endpoints,
 	resourceEndpoints *resource.Endpoints,
 	statusEndpoints *status.Endpoints,
+	userEndpoints *user.Endpoints,
 	wg *sync.WaitGroup, errc chan error, logger *log.Logger, debug bool) {
 
 	// Setup goa log adapter.
@@ -94,6 +97,7 @@ func handleHTTPServer(
 		resourceServer *resourcesvr.Server
 		statusServer   *statussvr.Server
 		swaggerServer  *swaggersvr.Server
+		userServer     *usersvr.Server
 	)
 	{
 		eh := errorHandler(logger)
@@ -105,6 +109,7 @@ func handleHTTPServer(
 		resourceServer = resourcesvr.New(resourceEndpoints, mux, dec, enc, eh, nil)
 		statusServer = statussvr.New(statusEndpoints, mux, dec, enc, eh, nil)
 		swaggerServer = swaggersvr.New(nil, mux, dec, enc, eh, nil)
+		userServer = usersvr.New(userEndpoints, mux, dec, enc, eh, nil)
 
 		if debug {
 			servers := goahttp.Servers{
@@ -116,6 +121,7 @@ func handleHTTPServer(
 				resourceServer,
 				statusServer,
 				swaggerServer,
+				userServer,
 			}
 			servers.Use(httpmdlwr.Debug(mux, os.Stdout))
 		}
@@ -129,6 +135,7 @@ func handleHTTPServer(
 	resourcesvr.Mount(mux, resourceServer)
 	statussvr.Mount(mux, statusServer)
 	swaggersvr.Mount(mux, swaggerServer)
+	usersvr.Mount(mux, userServer)
 
 	// Wrap the multiplexer with additional middlewares. Middlewares mounted
 	// here apply to all the service endpoints.
@@ -165,6 +172,9 @@ func handleHTTPServer(
 	for _, m := range swaggerServer.Mounts {
 		logger.Infof("HTTP %q mounted on %s %s", m.Method, m.Verb, m.Pattern)
 	}
+	for _, m := range userServer.Mounts {
+		logger.Infof("HTTP %q mounted on %s %s", m.Method, m.Verb, m.Pattern)
+	}
 
 	(*wg).Add(1)
 	go func() {

diff --git a/api/cmd/api/main.go b/api/cmd/api/main.go
@@ -32,6 +32,7 @@ import (
 	rating "github.com/tektoncd/hub/api/gen/rating"
 	resource "github.com/tektoncd/hub/api/gen/resource"
 	status "github.com/tektoncd/hub/api/gen/status"
+	user "github.com/tektoncd/hub/api/gen/user"
 	"github.com/tektoncd/hub/api/pkg/app"
 	"github.com/tektoncd/hub/api/pkg/db/initializer"
 	adminsvc "github.com/tektoncd/hub/api/pkg/service/admin"
@@ -41,6 +42,7 @@ import (
 	ratingsvc "github.com/tektoncd/hub/api/pkg/service/rating"
 	resourcesvc "github.com/tektoncd/hub/api/pkg/service/resource"
 	statussvc "github.com/tektoncd/hub/api/pkg/service/status"
+	usersvc "github.com/tektoncd/hub/api/pkg/service/user"
 )
 
 func main() {
@@ -86,6 +88,7 @@ func main() {
 		ratingSvc   rating.Service
 		resourceSvc resource.Service
 		statusSvc   status.Service
+		userSvc     user.Service
 	)
 	{
 		adminSvc = adminsvc.New(api)
@@ -95,6 +98,7 @@ func main() {
 		ratingSvc = ratingsvc.New(api)
 		resourceSvc = resourcesvc.New(api)
 		statusSvc = statussvc.New(api)
+		userSvc = usersvc.New(api)
 	}
 
 	// Wrap the services in endpoints that can be invoked from other services
@@ -107,6 +111,7 @@ func main() {
 		ratingEndpoints   *rating.Endpoints
 		resourceEndpoints *resource.Endpoints
 		statusEndpoints   *status.Endpoints
+		userEndpoints     *user.Endpoints
 	)
 	{
 		adminEndpoints = admin.NewEndpoints(adminSvc)
@@ -116,6 +121,7 @@ func main() {
 		ratingEndpoints = rating.NewEndpoints(ratingSvc)
 		resourceEndpoints = resource.NewEndpoints(resourceSvc)
 		statusEndpoints = status.NewEndpoints(statusSvc)
+		userEndpoints = user.NewEndpoints(userSvc)
 	}
 
 	// Create channel used by both the signal handler and server goroutines
@@ -164,6 +170,7 @@ func main() {
 				ratingEndpoints,
 				resourceEndpoints,
 				statusEndpoints,
+				userEndpoints,
 				&wg, errc, api.Logger("http"), *dbgF,
 			)
 		}

diff --git a/api/design/api.go b/api/design/api.go
@@ -41,6 +41,7 @@ var _ = API("hub", func() {
 			"resource",
 			"status",
 			"swagger",
+			"user",
 		)
 	})
 

diff --git a/api/design/auser.go b/api/design/auser.go
@@ -0,0 +1,57 @@
+// Copyright © 2020 The Tekton Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package design
+
+import (
+	. "goa.design/goa/v3/dsl"
+)
+
+var _ = Service("user", func() {
+	Description("The user service exposes endpoint to get user specific specs")
+
+	Error("invalid-code", ErrorResult, "Invalid Authorization code")
+	Error("invalid-token", ErrorResult, "Invalid User token")
+	Error("invalid-scopes", ErrorResult, "Invalid User scope")
+	Error("internal-error", ErrorResult, "Internal Server Error")
+
+	Method("RefreshAccessToken", func() {
+		Description("Refresh the access token of User")
+		Security(JWTAuth, func() {
+			Scope("refresh:token")
+		})
+		Payload(func() {
+			Token("refreshToken", String, "Refresh Token of User", func() {
+				Example("refreshToken", "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9."+
+					"eyJleHAiOjE1Nzc4ODM2MDAsImlhdCI6MTU3Nzg4MDAwMCwiaWQiOjExLCJpc3MiOiJUZWt0b24gSHViIiwic2NvcGVzIjpbInJlZnJlc2g6dG9rZW4iXSwidHlwZSI6InJlZnJlc2gtdG9rZW4ifQ."+
+					"4RdUk5ttHdDiymurlZ_f7Uy5Pas3Lq9w04BjKQKRiCE")
+			})
+			Required("refreshToken")
+		})
+		Result(func() {
+			Attribute("data", accessToken, "User Access JWT")
+			Required("data")
+		})
+
+		HTTP(func() {
+			POST("/user/refresh/accesstoken")
+			Header("refreshToken:Authorization")
+
+			Response(StatusOK)
+			Response("internal-error", StatusInternalServerError)
+			Response("invalid-token", StatusUnauthorized)
+			Response("invalid-scopes", StatusForbidden)
+		})
+	})
+})
diff --git a/api/design/type.go b/api/design/type.go
@@ -284,6 +284,7 @@ var JWTAuth = JWTSecurity("jwt", func() {
 	Scope("agent:create", "Access to create or update an agent")
 	Scope("catalog:refresh", "Access to refresh catalog")
 	Scope("config:refresh", "Access to refresh config file")
+	Scope("refresh:token", "Access to refresh user access token")
 })
 
 var HubService = Type("HubService", func() {
@@ -357,3 +358,8 @@ var AuthTokens = Type("AuthTokens", func() {
 	Attribute("access", Token, "Access Token")
 	Attribute("refresh", Token, "Refresh Token")
 })
+
+var accessToken = Type("AccessToken", func() {
+	Description("Access Token for User")
+	Attribute("access", Token, "Access Token for user")
+})
diff --git a/api/gen/admin/endpoints.go b/api/gen/admin/endpoints.go
diff --git a/api/gen/catalog/endpoints.go b/api/gen/catalog/endpoints.go
diff --git a/api/gen/http/cli/hub/cli.go b/api/gen/http/cli/hub/cli.go
diff --git a/api/gen/http/openapi.json b/api/gen/http/openapi.json