Feature/horusec auth

development-kit/pkg/entities/auth/authorization_data.go

@@ -0,0 +1,29 @@
+// Copyright 2020 ZUP IT SERVICOS EM TECNOLOGIA E INOVACAO SA
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package auth
+
+import validation "github.com/go-ozzo/ozzo-validation/v4"
+
+type AuthorizationData struct {
+	Token  string
+	Groups []string
+}
+
+func (a *AuthorizationData) Validate() error {
+	return validation.ValidateStruct(a,
+		validation.Field(&a.Token, validation.Required, validation.Length(1, 500), validation.Required),
+		validation.Field(&a.Groups, validation.NotNil, validation.Required),
+	)
+}

development-kit/pkg/entities/auth/authorization_data_test.go

@@ -0,0 +1,48 @@
+// Copyright 2020 ZUP IT SERVICOS EM TECNOLOGIA E INOVACAO SA
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package auth
+
+import (
+	accountEntities "github.com/ZupIT/horusec/development-kit/pkg/entities/account"
+	"github.com/ZupIT/horusec/development-kit/pkg/services/jwt"
+	"github.com/google/uuid"
+	"github.com/stretchr/testify/assert"
+	"testing"
+)
+
+func TestAuthorizationDataValidate(t *testing.T) {
+	t.Run("should return no error when valid data", func(t *testing.T) {
+		token, _, _ := jwt.CreateToken(&accountEntities.Account{
+			AccountID:   uuid.New(),
+			Email:       "test@test.com",
+			Password:    "safePassword!123",
+			Username:    "test",
+			IsConfirmed: false,
+		}, map[string]string{"role": "admin"})
+
+		authorizationData := &AuthorizationData{
+			Token:  token,
+			Groups: []string{"admin"},
+		}
+
+		assert.NoError(t, authorizationData.Validate())
+	})
+
+	t.Run("should return error when invalid data", func(t *testing.T) {
+		authorizationData := &AuthorizationData{}
+
+		assert.Error(t, authorizationData.Validate())
+	})
+}

development-kit/pkg/entities/auth/credentials.go

@@ -0,0 +1,32 @@
+// Copyright 2020 ZUP IT SERVICOS EM TECNOLOGIA E INOVACAO SA
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package auth
+
+import (
+	validation "github.com/go-ozzo/ozzo-validation/v4"
+)
+
+type Credentials struct {
+	Username string `json:"username"`
+	Password string `json:"password"`
+	Otp      string `json:"otp"`
+}
+
+func (c *Credentials) Validate() error {
+	return validation.ValidateStruct(c,
+		validation.Field(&c.Username, validation.Required, validation.Length(1, 255), validation.Required),
+		validation.Field(&c.Password, validation.Length(1, 255), validation.Required),
+	)
+}

vendor/github.com/go-openapi/swag/net.go → development-kit/pkg/entities/auth/credentials_test.go

@@ -1,38 +1,37 @@
-// Copyright 2015 go-swagger maintainers
+// Copyright 2020 ZUP IT SERVICOS EM TECNOLOGIA E INOVACAO SA
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
-//    http://www.apache.org/licenses/LICENSE-2.0
+//     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package swag
+package auth
 
 import (
-	"net"
-	"strconv"
+	"github.com/stretchr/testify/assert"
+	"testing"
 )
 
-// SplitHostPort splits a network address into a host and a port.
-// The port is -1 when there is no port to be found
-func SplitHostPort(addr string) (host string, port int, err error) {
-	h, p, err := net.SplitHostPort(addr)
-	if err != nil {
-		return "", -1, err
-	}
-	if p == "" {
-		return "", -1, &net.AddrError{Err: "missing port in address", Addr: addr}
-	}
+func TestValidateCredentials(t *testing.T) {
+	t.Run("should return no error when valid data", func(t *testing.T) {
+		credentials := &Credentials{
+			Username: "horus@test.com",
+			Password: "UltraSafePass",
+		}
 
-	pi, err := strconv.Atoi(p)
-	if err != nil {
-		return "", -1, err
-	}
-	return h, pi, nil
+		assert.NoError(t, credentials.Validate())
+	})
+
+	t.Run("should return error when invalid data", func(t *testing.T) {
+		credentials := &Credentials{}
+
+		assert.Error(t, credentials.Validate())
+	})
 }

development-kit/pkg/enums/auth/horus_roles.go

@@ -0,0 +1,43 @@
+package auth
+
+type HorusRoles string
+
+const (
+	CompanyMember        HorusRoles = "companyMember"
+	CompanyAdmin         HorusRoles = "companyAdmin"
+	RepositoryMember     HorusRoles = "repositoryMember"
+	RepositorySupervisor HorusRoles = "repositorySupervisor"
+	RepositoryAdmin      HorusRoles = "repositoryAdmin"
+)
+
+func (h HorusRoles) IsInvalid() bool {
+	for _, v := range h.Values() {
+		if v == h {
+			return false
+		}
+	}
+
+	return true
+}
+
+func (h HorusRoles) Values() []HorusRoles {
+	return []HorusRoles{
+		CompanyMember,
+		CompanyAdmin,
+		RepositoryMember,
+		RepositorySupervisor,
+		RepositoryAdmin,
+	}
+}
+
+func (h HorusRoles) IsEqual(value string) bool {
+	if value == h.ToString() {
+		return true
+	}
+
+	return false
+}
+
+func (h HorusRoles) ToString() string {
+	return string(h)
+}

development-kit/pkg/enums/auth/horus_roles_test.go

@@ -0,0 +1,49 @@
+package auth
+
+import (
+	"github.com/stretchr/testify/assert"
+	"testing"
+)
+
+func TestIsInvalidRoles(t *testing.T) {
+	t.Run("should true when invalid role", func(t *testing.T) {
+		testType := HorusRoles("test")
+		assert.True(t, testType.IsInvalid())
+	})
+
+	t.Run("should false when valid role", func(t *testing.T) {
+		testType := HorusRoles("companyMember")
+		assert.False(t, testType.IsInvalid())
+
+		testType = "companyAdmin"
+		assert.False(t, testType.IsInvalid())
+
+		testType = "repositoryMember"
+		assert.False(t, testType.IsInvalid())
+
+		testType = "repositorySupervisor"
+		assert.False(t, testType.IsInvalid())
+
+		testType = "repositoryAdmin"
+		assert.False(t, testType.IsInvalid())
+	})
+}
+
+func TestValuesRoles(t *testing.T) {
+	t.Run("should 5 valid horus roles", func(t *testing.T) {
+		testRole := RepositoryAdmin
+		assert.Len(t, testRole.Values(), 5)
+	})
+}
+
+func TestIsEqual(t *testing.T) {
+	t.Run("should return true when equal", func(t *testing.T) {
+		testRole := RepositoryAdmin
+		assert.True(t, testRole.IsEqual(testRole.ToString()))
+	})
+
+	t.Run("should return false when equal", func(t *testing.T) {
+		testRole := RepositoryAdmin
+		assert.False(t, testRole.IsEqual("test"))
+	})
+}

development-kit/pkg/enums/auth/type.go

@@ -0,0 +1,41 @@
+// Copyright 2020 ZUP IT SERVICOS EM TECNOLOGIA E INOVACAO SA
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package auth
+
+type AuthorizationType string
+
+const (
+	Keycloak AuthorizationType = "keycloak"
+	Ldap     AuthorizationType = "ldap"
+	Horus    AuthorizationType = "horus"
+)
+
+func (a AuthorizationType) IsInvalid() bool {
+	for _, v := range a.Values() {
+		if v == a {
+			return false
+		}
+	}
+
+	return true
+}
+
+func (a AuthorizationType) Values() []AuthorizationType {
+	return []AuthorizationType{
+		Keycloak,
+		Ldap,
+		Horus,
+	}
+}

development-kit/pkg/enums/auth/type_test.go

@@ -0,0 +1,45 @@
+// Copyright 2020 ZUP IT SERVICOS EM TECNOLOGIA E INOVACAO SA
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package auth
+
+import (
+	"github.com/stretchr/testify/assert"
+	"testing"
+)
+
+func TestIsInvalid(t *testing.T) {
+	t.Run("should true when invalid type", func(t *testing.T) {
+		testType := AuthorizationType("test")
+		assert.True(t, testType.IsInvalid())
+	})
+
+	t.Run("should false when valid type", func(t *testing.T) {
+		testType := AuthorizationType("keycloak")
+		assert.False(t, testType.IsInvalid())
+
+		testType = "ldap"
+		assert.False(t, testType.IsInvalid())
+
+		testType = "horus"
+		assert.False(t, testType.IsInvalid())
+	})
+}
+
+func TestValues(t *testing.T) {
+	t.Run("should 3 valid auth types", func(t *testing.T) {
+		testType := Ldap
+		assert.Len(t, testType.Values(), 3)
+	})
+}

development-kit/pkg/enums/errors/auth.go

@@ -0,0 +1,5 @@
+package errors
+
+import "errors"
+
+var ErrorInvalidAuthType = errors.New("{ACCOUNT} invalid auth type, should be ldap, keycloak or horus")