Merge branch 'device-code'

azutoolkit · Oct 6, 2024 · da2b449 · da2b449
2 parents d0b8fe8 + c4f6df0
commit da2b449
Show file tree

Hide file tree

Showing 21 changed files with 180 additions and 171 deletions.
diff --git a/README.md b/README.md
@@ -32,11 +32,9 @@ The following RFCs are implemented:
 - [RFC7519 "JSON Web Token (JWT)"](https://tools.ietf.org/html/rfc7519)
 - [RFC7636 "Proof Key for Code Exchange by OAuth Public Clients"](https://tools.ietf.org/html/rfc7636)
 
-
 Please refer to the project documentation to get started
 
-[![documentation](https://img.shields.io/badge/documentation-authority-brightgreen?style=for-the-badge)](https://azutopia.gitbook.io/authority) 
-
+[![documentation](https://img.shields.io/badge/documentation-authority-brightgreen?style=for-the-badge)](https://azutopia.gitbook.io/authority)
 
 ## Contributing
 

diff --git a/db/migrations/1637251606_create_device_code.cr b/db/migrations/1637251606_create_device_code.cr
diff --git a/shard.lock b/shard.lock
@@ -7,47 +7,47 @@ shards:
 
   ameba:
     git: https://github.com/crystal-ameba/ameba.git
-    version: 1.3.1
+    version: 1.6.1
 
   authly:
     git: https://github.com/azutoolkit/authly.git
-    version: 1.1.1
+    version: 1.2
 
   azu:
     git: https://github.com/azutoolkit/azu.git
-    version: 0.4.6
+    version: 0.4.11
 
   backtracer:
     git: https://github.com/sija/backtracer.cr.git
     version: 1.2.2
 
   bindata:
     git: https://github.com/spider-gazelle/bindata.git
-    version: 1.11.1
+    version: 2.0.0
 
   clear:
     git: https://github.com/anykeyh/clear.git
     version: 0.9+git.commit.480289555c833793fa6964398fefec6b7e25168d
 
   crinja:
     git: https://github.com/straight-shoota/crinja.git
-    version: 0.8.0
+    version: 0.8.1
 
   datadog:
     git: https://github.com/jgaskins/datadog.git
-    version: 0.1.0+git.commit.d68ff5dd17ee93476700aba1eb1c25d6c577ddd2
+    version: 0.1.0+git.commit.9808f7ceb663f4b87f321eb909469f46e5bf1663
 
   db:
     git: https://github.com/crystal-lang/crystal-db.git
     version: 0.10.1
 
   exception_page:
     git: https://github.com/crystal-loot/exception_page.git
-    version: 0.3.0
+    version: 0.4.1
 
   faker:
     git: https://github.com/askn/faker.git
-    version: 0.8.0
+    version: 0.9.0
 
   flux:
     git: https://github.com/azutoolkit/flux.git
@@ -63,19 +63,19 @@ shards:
 
   jwt:
     git: https://github.com/crystal-community/jwt.git
-    version: 1.6.0
+    version: 1.6.1
 
   marionette: # Overridden
     git: https://github.com/eliasjpr/marionette.git
     version: 0.3.0+git.commit.e62088de613a7f5002b5381478bc9e15c754d419
 
   msgpack:
     git: https://github.com/crystal-community/msgpack-crystal.git
-    version: 1.3.3
+    version: 1.3.4
 
   openssl_ext:
     git: https://github.com/spider-gazelle/openssl_ext.git
-    version: 2.2.0
+    version: 2.4.4
 
   pg: # Overridden
     git: https://github.com/will/crystal-pg.git
@@ -91,17 +91,17 @@ shards:
 
   redis:
     git: https://github.com/stefanwille/crystal-redis.git
-    version: 2.8.3
+    version: 2.9.1
 
   schema:
     git: https://github.com/azutoolkit/schema.git
-    version: 0.2.2
+    version: 0.2.7
 
   session:
     git: https://github.com/azutoolkit/session.git
-    version: 1.0.4
+    version: 1.0.8
 
   statsd:
     git: https://github.com/miketheman/statsd.cr.git
-    version: 0.5.0+git.commit.6065b3635304d0e80ea05cb5030a576b0b55195b
+    version: 0.5.0+git.commit.f0820fac6d1f8d45ab36361573ad23d740146c47
 
diff --git a/shard.yml b/shard.yml
@@ -1,6 +1,5 @@
 name: authority
 version: 1.4.5
-crystal: 1.6.2
 license: MIT
 authors:
   - Elias Perez <eliasjpr@gmail.com>
@@ -17,7 +16,7 @@ dependencies:
     branch: master
   authly:
     github: azutoolkit/authly
-    version: 1.1.1
+    version: 1.2.0
   datadog:
     github: jgaskins/datadog
 development_dependencies:

diff --git a/spec/flows/authorization_code_flux.cr b/spec/flows/authorization_code_flux.cr
@@ -7,27 +7,47 @@ class AuthorizationCodeFlux < Flux
   end
 
   def initialize(@url : String, @username : String, @password : String)
-    options = Marionette.firefox_options(args: ["-headless"])
+    options = Marionette.firefox_options(args: [""])
     super(Marionette::Browser::Firefox, options)
   end
 
   def call
-    redirect = step do
+    redirect, all_cookies = step do
       visit @url
 
       sleep 1.seconds
 
       fill "#username", @username, by: :css
       fill "#password", @password, by: :css
       submit "#signin", by: :css
+      session_cookies = execute("GetAllCookies")
 
       sleep 1.seconds
-
       submit "#approve", by: :css
+      sleep 2.seconds
+      {URI.parse(current_url).query_params, session_cookies}
+    end
+
+    {redirect["code"].to_s, redirect["state"].to_s, parse_cookies(all_cookies)}
+  end
 
-      URI.parse(current_url).query_params
+  def parse_cookies(all_cookies)
+    cookies = HTTP::Cookies.new
+    headers = HTTP::Headers.new
+
+    all_cookies.as_a.each do |c|
+      cookies << HTTP::Cookie.new(
+        name: c["name"].as_s,
+        value: c["value"].as_s,
+        path: c["path"].as_s,
+        expires: c["expiry"].as_i64.minutes.from_now,
+        domain: c["domain"].as_s,
+        secure: c["secure"].as_bool,
+        http_only: c["secure"].as_bool,
+        samesite: HTTP::Cookie::SameSite.parse(c["sameSite"].as_s)
+      )
     end
 
-    {redirect["code"].to_s, redirect["state"].to_s}
+    cookies.add_request_headers(headers)
   end
 end
diff --git a/spec/spec_helper.cr b/spec/spec_helper.cr
@@ -28,16 +28,16 @@ Clear::SQL.truncate("owners", cascade: true)
 Clear::SQL.truncate("clients", cascade: true)
 create_client(CLIENT_ID, CLIENT_SECRET, REDIRECT_URI)
 
-process = Process.new(
-  "./bin/authority",
-  env: ENV.to_h,
-  output: Process::Redirect::Inherit,
-  error: Process::Redirect::Inherit)
-# Wait for process to start
-sleep 1.seconds
+# process = Process.new(
+#   "./bin/authority",
+#   env: ENV.to_h,
+#   output: Process::Redirect::Inherit,
+#   error: Process::Redirect::Inherit)
+# # Wait for process to start
+# sleep 1.seconds
 
 Spec.after_suite do
-  process.not_nil!.signal Signal::KILL
+  # process.not_nil!.signal Signal::KILL
 end
 
 Spec.before_each do

diff --git a/src/authority.cr b/src/authority.cr
@@ -3,12 +3,12 @@ require "digest"
 require "schema"
 require "./config/**"
 require "./helpers/**"
-require "./entities/**"
-require "./repositories/**"
 require "./validators/**"
-require "./services/**"
+require "./entities/**"
 require "./requests/**"
+require "./repositories/**"
 require "./providers/**"
+require "./services/**"
 require "./responses/**"
 require "./endpoints/**"
 require "../db/migrations/**"
diff --git a/src/config/authority.cr b/src/config/authority.cr
@@ -1,19 +1,18 @@
 require "azu"
 Log.setup_from_env
 
-# Docs - https://azutopia.gitbook.io/azu/defining-your-app
 module Authority
-  # Defines Azu Framework
   include Azu
 
   SESSION_KEY     = ENV.fetch "SESSION_KEY", "session_id"
   BASE_URL        = ENV.fetch "BASE_URL", "http://localhost:4000"
   ACTIVATE_URL    = "#{BASE_URL}/activate"
   DEVICE_CODE_TTL = ENV.fetch("DEVICE_CODE_TTL", "300").to_i
   SESSION         = Session::CookieStore(UserSession).provider
-  HANDLERS        = [
-    Azu::Handler::RequestID.new,
+
+  HANDLERS = [
     Azu::Handler::Rescuer.new,
+    Azu::Handler::RequestID.new,
     Azu::Handler::Logger.new,
     Session::SessionHandler.new(Authority.session),
   ]
@@ -22,9 +21,12 @@ module Authority
     SESSION
   end
 
+  def self.current_session
+    SESSION.current_session
+  end
+
   configure do |c|
     c.templates.path = ENV["TEMPLATE_PATH"]
-    # Static Assets Handler
     c.router.get "/*", Handler::Static.new
   end
 end
diff --git a/src/config/datadog.cr b/src/config/datadog.cr
diff --git a/src/endpoints/authorize/new_endpoint.cr b/src/endpoints/authorize/new_endpoint.cr
@@ -7,7 +7,7 @@ module Authority::Authorize
     get "/authorize"
 
     def call : Response | FormResponse
-      return signin unless current_session.authenticated?
+      return redirect_to_signin unless authenticated?
 
       header "Content-Type", "text/html; charset=UTF-8"
       header "Cache-Control", "no-store"

diff --git a/src/endpoints/device/activate_endpoint.cr b/src/endpoints/device/activate_endpoint.cr
@@ -6,7 +6,7 @@ module Authority::Device
     get "/activate"
 
     def call : DeviceActivationForm | Response
-      return signin unless current_session.authenticated?
+      return redirect_to_signin unless authenticated?
       status 200
 
       header "Content-Type", "text/html; charset=UTF-8"

diff --git a/src/endpoints/health_check.cr b/src/endpoints/health_check.cr
@@ -0,0 +1,19 @@
+module Authority
+  struct HealthCheckResponse
+    include Response
+
+    def render
+      {status: "ok"}.to_json
+    end
+  end
+
+  struct HealthCheck
+    include Endpoint(Request, HealthCheckResponse)
+
+    get "/health_check"
+
+    def call : Response
+      HealthCheckResponse.new
+    end
+  end
+end
diff --git a/src/endpoints/owner/user_info_endpoint.cr b/src/endpoints/owner/user_info_endpoint.cr
@@ -1,18 +1,25 @@
 module Authority::Owner
+  alias UserInfoRes = UserInfoResponse | Azu::Response::Error
+
   class UserInfoEndpoint
-    include Endpoint(UserInfoRequest, UserInfoResponse | Azu::Response::Error)
+    include Endpoint(UserInfoRequest, UserInfoRes)
 
     get "/oauth2/userinfo"
 
     AUTH = "Authorization"
 
-    def call : UserInfoResponse | Azu::Response::Error
+    def call : UserInfoRes
       header "Content-Type", "application/json;"
       header "Cache-Control", "no-store"
       header "Pragma", "no-cache"
 
-      res = GetUserInfo.claims(header[AUTH]?)
-      res
+      user_claims = GetUserInfo.claims(auth_header)
+
+      UserInfoResponse.new user_claims
+    end
+
+    private def auth_header : String?
+      header[AUTH]?
     end
   end
 end