Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MG-2048 - Implement Personal Access Tokens (PATs) #2492

Open
wants to merge 25 commits into
base: auth-refactor
Choose a base branch
from
Open

MG-2048 - Implement Personal Access Tokens (PATs) #2492

wants to merge 25 commits into from

Conversation

nyagamunene
Copy link
Contributor

@nyagamunene nyagamunene commented Oct 28, 2024
edited by dborovcanin
Loading

What type of PR is this?

This is a feature because it adds the following functionality: It add personal access token.

What does this do?

It adds personal access token.

Which issue(s) does this PR fix/relate to?

Have you included tests for your changes?

Yes

Did you document any new/modified feature?

No

Notes

@nyagamunene nyagamunene self-assigned this Oct 28, 2024
@dborovcanin dborovcanin mentioned this pull request Oct 28, 2024
Closed
@dborovcanin dborovcanin changed the title MG-2048 - Personal Access Tokens MG-2048 - implement Personal Access Tokens (PATs) Oct 28, 2024
@nyagamunene nyagamunene changed the base branch from main to auth-refactor November 7, 2024 09:50
@nyagamunene nyagamunene marked this pull request as ready for review November 10, 2024 20:11
arvindh123
arvindh123 requested changes Nov 12, 2024
View reviewed changes
auth/api/grpc/auth/client.go
@@ -109,3 +109,4 @@ func encodeAuthorizeRequest(_ context.Context, grpcReq interface{}) (interface{}
Object: req.Object,
}, nil
}

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove this line

auth/api/grpc/auth/requests.go Outdated
Comment on lines 52 to 67

type authPATReq struct {
paToken string
platformEntityType string
optionalDomainID string
optionalDomainEntityType string
operation string
entityIDs []string
}

func (req authPATReq) validate() error {
if req.paToken == "" {
return apiutil.ErrBearerToken
}
return nil
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This was not used anywhere

pkg/authn/authsvc/authn.go Outdated
@@ -42,5 +42,5 @@ func (a authentication) Authenticate(ctx context.Context, token string) (authn.S
if err != nil {
return authn.Session{}, errors.Wrap(errors.ErrAuthentication, err)
}
return authn.Session{DomainUserID: res.GetId(), UserID: res.GetUserId(), DomainID: res.GetDomainId()}, nil
return authn.Session{ID: res.GetId(), UserID: res.GetUserId(), DomainID: res.GetDomainId()}, nil
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please revert to DomainUserID,This affect everywhere, since we are using DomainUserID in all places

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since domain was removed from token this will be empty

@arvindh123 arvindh123 force-pushed the auth-refactor branch 2 times, most recently from 3f43476 to 4323d34 Compare November 12, 2024 18:21
@dborovcanin dborovcanin force-pushed the auth-refactor branch 2 times, most recently from 33a88f8 to c1faa58 Compare November 26, 2024 11:41
@dborovcanin dborovcanin changed the title MG-2048 - implement Personal Access Tokens (PATs) MG-2048 - Implement Personal Access Tokens (PATs) Nov 26, 2024
arvindh123 and others added 7 commits November 27, 2024 13:34
@arvindh123 @dborovcanin
MG-2456 - Refactor auth (absmach#2409)
6681cc0 
- Set/Unset parent Group for Things and Channels (absmach#2486)
- Move groups out of pkg (absmach#2493)
- Separate Things authn and Channels authz (absmach#2496)

Signed-off-by: Arvindh <[email protected]>

NOISSUE - Add Publish/Subscribe to channels (absmach#2497)

Signed-off-by: Arvindh <[email protected]>

MG-2457 - Update auth tests (absmach#2503)

Signed-off-by: Felix Gateru <[email protected]>

MG-2477 - Replace Things with Clients (absmach#2508)

Signed-off-by: Dusan Borovcanin <[email protected]>

NOISSUE - Rename Things to Clients

Signed-off-by: Felix Gateru <[email protected]>
Signed-off-by: Arvindh <[email protected]>
@felixgateru @dborovcanin
MG-2457 - Update domains tests (absmach#2504)
74c2272 
Signed-off-by: Felix Gateru <[email protected]>
@arvindh123 @dborovcanin
NOISSUE - Get group role actions from Spicedb schema & list groups by…
958ecdb 
… user, clients, channels (absmach#2506)

Signed-off-by: Arvindh <[email protected]>
@felixgateru @arvindh123 @dborovcanin
MG-2457 - Update groups tests (absmach#2509)
f7852e5 
Signed-off-by: Arvindh <[email protected]>
Signed-off-by: Felix Gateru <[email protected]>
Co-authored-by: Arvindh <[email protected]>
@arvindh123 @dborovcanin
NOISSUE - Update Proto file version, fix protolint (absmach#2552)
82837a7 
Signed-off-by: Arvindh <[email protected]>
@felixgateru @dborovcanin
MG-2457 - Update channels tests (absmach#2511)
f69ed78 
Signed-off-by: Felix Gateru <[email protected]>
@felixgateru @dborovcanin
MG-2457 - Update clients tests (absmach#2543)
a774a51 
Signed-off-by: Felix Gateru <[email protected]>
felixgateru and others added 2 commits November 27, 2024 13:34
@felixgateru @dborovcanin
MG-2457 - Update adapter tests (absmach#2529)
6d3c785 
Signed-off-by: Felix Gateru <[email protected]>
@felixgateru @arvindh123 @dborovcanin
MG-2457 - Update readers tests (absmach#2544)
4abbbdf 
Signed-off-by: Felix Gateru <[email protected]>
Signed-off-by: Arvindh <[email protected]>
Co-authored-by: Arvindh <[email protected]>
@nyagamunene
First implementation
51655d2 
Signed-off-by: nyagamunene <[email protected]>
@nyagamunene
Update middleware, service and api
9817268 
Signed-off-by: nyagamunene <[email protected]>
@nyagamunene
Add grpc authorizePAT
17289c3 
Signed-off-by: nyagamunene <[email protected]>
@nyagamunene
Move pat to auth
787fa67 
Signed-off-by: nyagamunene <[email protected]>
@nyagamunene
Update grpc api
211240d 
Signed-off-by: nyagamunene <[email protected]>
@nyagamunene
Update cmd file
4e0562d 
Signed-off-by: nyagamunene <[email protected]>
@nyagamunene
Update pat service
dc25efe 
Signed-off-by: nyagamunene <[email protected]>
@nyagamunene
Update nginx variables
86fae32 
Signed-off-by: nyagamunene <[email protected]>
@nyagamunene
Update scope documentation
0c3cee3 
Signed-off-by: nyagamunene <[email protected]>
@nyagamunene
Increase scope coverage
29495d6 
Signed-off-by: nyagamunene <[email protected]>
@nyagamunene
fix failing linter
d0a132c 
Signed-off-by: nyagamunene <[email protected]>
@nyagamunene
Update protoc version
5a18386 
Signed-off-by: nyagamunene <[email protected]>
@nyagamunene
Add authenticate PAT grpc endpoint
3c2dd7b 
Signed-off-by: nyagamunene <[email protected]>
@nyagamunene
Revert Authenticate method
939a979 
Signed-off-by: nyagamunene <[email protected]>
@nyagamunene
Update middleware, service and api
9895bf6 
Signed-off-by: nyagamunene <[email protected]>
@nyagamunene
Add grpc authorizePAT
0ef2fa8 
Signed-off-by: nyagamunene <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@arvindh123 arvindh123 arvindh123 requested changes

Requested changes must be addressed to merge this pull request.

Assignees

@nyagamunene nyagamunene

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Implement Personal Access Tokens (PATs)
3 participants
@nyagamunene @arvindh123 @felixgateru