Skip to content

Commit

Permalink
Release v3.0.1 (#90)
Browse files Browse the repository at this point in the history
  • Loading branch information
@shurwit
shurwit committed Mar 16, 2023
2 parents 05fc0af + 8e28fac commit 02b0ec8
Show file tree
Hide file tree
Showing 17 changed files with 200 additions and 120 deletions.
3 changes: 2 additions & 1 deletion .github/workflows/build.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,8 @@ jobs:
- name: Set up Go
uses: actions/setup-go@v3
with:
go-version: '1.20.2'
go-version: '1.20'
check-latest: true

- name: Build
run: make
6 changes: 5 additions & 1 deletion .secrets.baseline
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,10 @@
{
"path": "detect_secrets.filters.allowlist.is_line_allowlisted"
},
{
"path": "detect_secrets.filters.common.is_baseline_file",
"filename": ".secrets.baseline"
},
{
"path": "detect_secrets.filters.common.is_ignored_due_to_verification_policies",
"min_level": 2
Expand Down Expand Up @@ -263,5 +267,5 @@
}
]
},
"generated_at": "2023-03-06T22:19:30Z"
"generated_at": "2023-03-15T19:24:06Z"
}
9 changes: 7 additions & 2 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## Unreleased
## [3.0.1] - 2023-03-16
### Fixed
- Mismatching token signing algorithms do not trigger service reg refresh [#88](https://github.com/rokwire/core-auth-library-go/issues/88)

## [3.0.0] - 2023-03-09
### Added
- BREAKING: Encapsulate key management [#76](https://github.com/rokwire/core-auth-library-go/issues/76)
Expand Down Expand Up @@ -96,8 +100,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
### Added
- Initial release

[Unreleased]: https://github.com/rokwire/core-auth-library-go/compare/v3.0.0....HEAD
[3.0.0](https://github.com/rokwire/core-auth-library-go/compare/v2.2.0...v3.0.0)
[Unreleased]: https://github.com/rokwire/core-auth-library-go/compare/v3.0.1....HEAD
[3.0.1]: https://github.com/rokwire/core-auth-library-go/compare/v3.0.0...v3.0.1
[3.0.0]: https://github.com/rokwire/core-auth-library-go/compare/v2.2.0...v3.0.0
[2.2.0]: https://github.com/rokwire/core-auth-library-go/compare/v2.1.0...v2.2.0
[2.1.0]: https://github.com/rokwire/core-auth-library-go/compare/v2.0.3...v2.1.0
[2.0.3]: https://github.com/rokwire/core-auth-library-go/compare/v2.0.2...v2.0.3
Expand Down
14 changes: 7 additions & 7 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ MAJOR_VERSION=$(shell echo $(BASE_VERSION) | cut -f1 -d'.' | cut -f2 -d'v')
MINOR_VERSION=$(shell echo $(BASE_VERSION) | cut -f2 -d'.')
PATCH_VERSION=$(shell echo $(BASE_VERSION) | cut -f3 -d'.' || echo 0)
COMMIT_OFFSET=$(shell echo $(GIT_VERSION) | cut -s -f2 -d'-')
# COMMIT_HASH=$(shell echo $(GIT_VERSION) | cut -s -f3 -d'-')
COMMIT_HASH=$(shell echo $(GIT_VERSION) | cut -s -f3 -d'-')
VERSION=${MAJOR_VERSION}.${MINOR_VERSION}.${PATCH_VERSION}$(if $(COMMIT_OFFSET),+$(COMMIT_OFFSET),)

export -n GOBIN
Expand All @@ -26,7 +26,7 @@ V = 0
Q = $(if $(filter 1,$V),,@)
M = $(shell printf "\033[34;1m▶\033[0m")

SHELL=bash
SHELL=sh

.PHONY: all
all: vendor log-variables checkfmt lint vet vuln test
Expand Down Expand Up @@ -59,7 +59,7 @@ vet: ; $(info $(M) running go vet...) @ ## Run go vet
$Q cd $(CURDIR) && $(GOVET) $(PKGS)

.PHONY: checkfmt
checkfmt: ; $(info $(M) Checking formatting...) @ ## Run gofmt to cehck formatting on all source files
checkfmt: ; $(info $(M) checking formatting...) @ ## Run gofmt to cehck formatting on all source files
@ret=0 && for d in $$($(GO) list -f '{{.Dir}}' ./...); do \
if [ $$($(GOFMT) -l $$d/*.go | wc -l | sed 's| ||g') -ne "0" ] ; then \
$(GOFMT) -l $$d/*.go ; \
Expand All @@ -68,7 +68,7 @@ checkfmt: ; $(info $(M) Checking formatting...) @ ## Run gofmt to cehck formatti
done ; exit $$ret

.PHONY: fixfmt
fixfmt: vendor ; $(info $(M) Fixing formatting...) @ ## Run gofmt to fix formatting on all source files
fixfmt: vendor ; $(info $(M) fixing formatting...) @ ## Run gofmt to fix formatting on all source files
@ret=0 && for d in $$($(GO) list -f '{{.Dir}}' ./...); do \
$(GOFMT) -l -w $$d/*.go || ret=$$? ; \
done ; exit $$ret
Expand Down Expand Up @@ -109,7 +109,7 @@ oapi-gen-docs: ;
swagger-cli bundle driver/web/docs/index.yaml --outfile driver/web/docs/gen/def.yaml --type yaml

.PHONY: log-variables
log-variables: ; $(info $(M) Log info...) @ ## Log the variables values
log-variables: ; $(info $(M) logging variables...) @ ## Log the variables values
@echo "DATE:"$(DATE)
@echo "GOBIN:"$(GOBIN)
@echo "BASE:"$(BASE)
Expand All @@ -128,7 +128,7 @@ log-variables: ; $(info $(M) Log info...) @ ## Log the variables values
# Tools

.PHONY: tools
tools: ; $(info $(M) Installing tools...) @ ## Install tools
tools: ; $(info $(M) installing tools...) @ ## Install tools
go install golang.org/x/tools/cmd/cover@latest
go install golang.org/x/lint/golint@latest
go install golang.org/x/vuln/cmd/govulncheck@latest
go install golang.org/x/vuln/cmd/govulncheck@latest
7 changes: 7 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,13 @@ To update core-auth-library-go to the latest version, use `go get -u github.com/
Follow the steps below to upgrade to the associated version of this library. Note that the steps for each version are cumulative, so if you are attempting to upgrade by several versions, be sure to make the changes described for each version between your current version and the latest.

#### Unreleased
#### [3.0.1](https://github.com/rokwire/core-auth-library-go/compare/v3.0.0...v3.0.1)
##### Breaking changes
###### handlers
* All `tokenauth.Handler` types are now expected to be pointers.

###### authservice
* `NewServiceRegManager` now takes a `validate bool` argument that determines whether or not the service registration for the caller should be automatically validated.

#### [3.0.0](https://github.com/rokwire/core-auth-library-go/compare/v2.2.0...v3.0.0)
##### Breaking changes
Expand Down
4 changes: 2 additions & 2 deletions SECURITY.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@
Patches for **Core Auth Library** in this repository will only be applied to the following versions:
| Version | Supported |
| ------- | ------------------ |
| 3.0.0 | :white_check_mark: |
| < 3.0.0 | :x: |
| 3.0.1 | :white_check_mark: |
| < 3.0.1 | :x: |

## Reporting a Bug or Vulnerability

Expand Down
37 changes: 14 additions & 23 deletions authservice/auth_service.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -268,7 +268,7 @@ func (s *ServiceRegManager) setServices(services []ServiceReg) {
}

// NewServiceRegManager creates and configures a new ServiceRegManager instance
func NewServiceRegManager(authService *AuthService, serviceRegLoader ServiceRegLoader) (*ServiceRegManager, error) {
func NewServiceRegManager(authService *AuthService, serviceRegLoader ServiceRegLoader, validate bool) (*ServiceRegManager, error) {
err := checkAuthService(authService, false)
if err != nil {
return nil, fmt.Errorf("error checking auth service: %v", err)
Expand All @@ -292,37 +292,28 @@ func NewServiceRegManager(authService *AuthService, serviceRegLoader ServiceRegL
return nil, fmt.Errorf("error loading services: %v", err)
}

err = manager.ValidateServiceRegistration()
if err != nil {
return nil, fmt.Errorf("unable to validate service registration: please contact the service registration system admin to register your service - %v", err)
if validate {
err = manager.ValidateServiceRegistration()
if err != nil {
return nil, fmt.Errorf("unable to validate service registration: please contact the service registration system admin to register your service - %v", err)
}
}

return manager, nil
}

// NewTestServiceRegManager creates and configures a test ServiceRegManager instance
func NewTestServiceRegManager(authService *AuthService, serviceRegLoader ServiceRegLoader) (*ServiceRegManager, error) {
err := checkAuthService(authService, false)
func NewTestServiceRegManager(authService *AuthService, serviceRegLoader ServiceRegLoader, allowImmediateRefresh bool) (*ServiceRegManager, error) {
manager, err := NewServiceRegManager(authService, serviceRegLoader, false)
if err != nil {
return nil, fmt.Errorf("error checking auth service: %v", err)
return nil, err
}

if serviceRegLoader == nil {
return nil, errors.New("service registration loader is missing")
}

lock := &sync.RWMutex{}
services := &syncmap.Map{}

manager := &ServiceRegManager{AuthService: authService, services: services, servicesLock: lock, minRefreshCacheFreq: 1, maxRefreshCacheFreq: 60,
loader: serviceRegLoader}

// Subscribe to the implementing service to validate registration
serviceRegLoader.SubscribeService(authService.ServiceID)

err = manager.LoadServices()
if err != nil {
return nil, fmt.Errorf("error loading services: %v", err)
if allowImmediateRefresh {
manager.servicesLock.Lock()
updated := time.Now().Add(-time.Duration(manager.minRefreshCacheFreq+1) * time.Minute)
manager.servicesUpdated = &updated
manager.servicesLock.Unlock()
}

return manager, nil
Expand Down
10 changes: 5 additions & 5 deletions authservice/auth_service_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ func TestServiceRegManager_GetServiceReg(t *testing.T) {
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
m, err := testutils.SetupTestServiceRegManager(authService, testutils.SetupMockServiceRegLoader(authService, subscribed, serviceRegs, nil))
m, err := testutils.SetupTestServiceRegManager(authService, testutils.SetupMockServiceRegLoader(authService, subscribed, serviceRegs, nil, false))
if err != nil || m == nil {
t.Errorf("Error initializing test auth service: %v", err)
return
Expand Down Expand Up @@ -105,7 +105,7 @@ func TestServiceRegManager_GetServiceRegWithPubKey(t *testing.T) {
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
m, err := testutils.SetupTestServiceRegManager(authService, testutils.SetupMockServiceRegLoader(authService, subscribed, serviceRegs, nil))
m, err := testutils.SetupTestServiceRegManager(authService, testutils.SetupMockServiceRegLoader(authService, subscribed, serviceRegs, nil, false))
if err != nil || m == nil {
t.Errorf("Error initializing test auth service: %v", err)
return
Expand Down Expand Up @@ -144,7 +144,7 @@ func TestServiceRegManager_SubscribeServices(t *testing.T) {
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
mockLoader := testutils.SetupMockServiceRegLoader(authService, subscribed, serviceRegs, nil)
mockLoader := testutils.SetupMockServiceRegLoader(authService, subscribed, serviceRegs, nil, false)
m, err := testutils.SetupTestServiceRegManager(authService, mockLoader)
if err != nil || m == nil {
t.Errorf("Error initializing test auth service: %v", err)
Expand Down Expand Up @@ -189,7 +189,7 @@ func TestServiceRegManager_ValidateServiceRegistration(t *testing.T) {
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
mockLoader := testutils.SetupMockServiceRegLoader(authService, subscribed, tt.loadServicesResp, nil)
mockLoader := testutils.SetupMockServiceRegLoader(authService, subscribed, tt.loadServicesResp, nil, false)
m, err := testutils.SetupTestServiceRegManager(authService, mockLoader)
if err != nil || m == nil {
t.Errorf("Error initializing test auth service: %v", err)
Expand Down Expand Up @@ -250,7 +250,7 @@ func TestAuthService_ValidateServiceRegistrationKey(t *testing.T) {
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
mockLoader := testutils.SetupMockServiceRegLoader(authService, subscribed, tt.loadServicesResp, nil)
mockLoader := testutils.SetupMockServiceRegLoader(authService, subscribed, tt.loadServicesResp, nil, false)
m, err := testutils.SetupTestServiceRegManager(authService, mockLoader)
if err != nil || m == nil {
t.Errorf("Error initializing test auth service: %v", err)
Expand Down
2 changes: 1 addition & 1 deletion example/signature/app.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -141,7 +141,7 @@ func main() {
}

// Instantiate a ServiceRegManager to manage service registration records
serviceRegManager, err := authservice.NewServiceRegManager(&authService, serviceRegLoader)
serviceRegManager, err := authservice.NewServiceRegManager(&authService, serviceRegLoader, true)
if err != nil {
log.Fatalf("Error initializing service registration manager: %v", err)
}
Expand Down
4 changes: 2 additions & 2 deletions example/token/app.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,7 @@ func main() {
}

// Instantiate a ServiceRegManager to manage service registration records
serviceRegManager, err := authservice.NewServiceRegManager(&authService, serviceRegLoader)
serviceRegManager, err := authservice.NewServiceRegManager(&authService, serviceRegLoader, true)
if err != nil {
log.Fatalf("Error initializing service registration manager: %v", err)
}
Expand All @@ -102,7 +102,7 @@ func main() {
if err != nil || tokenAuth == nil {
log.Fatalf("Error initializing token auth: %v", err)
}
authHandlers := tokenauth.NewHandlers(tokenauth.NewScopeHandler(*tokenAuth, nil))
authHandlers := tokenauth.NewHandlers(tokenauth.NewScopeHandler(tokenAuth, nil))

fmt.Println("Setup complete")

Expand Down
4 changes: 2 additions & 2 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@ module github.com/rokwire/core-auth-library-go/v3
go 1.20

require (
github.com/aws/aws-sdk-go v1.44.218
github.com/casbin/casbin/v2 v2.65.1
github.com/aws/aws-sdk-go v1.44.221
github.com/casbin/casbin/v2 v2.65.2
github.com/golang-jwt/jwt v3.2.2+incompatible
github.com/rokwire/logging-library-go/v2 v2.2.0
github.com/rs/cors v1.8.3
Expand Down
8 changes: 4 additions & 4 deletions go.sum
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible h1:1G1pk05UrOh0NlF1oeaaix1x8XzrfjIDK47TY0Zehcw=
github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0=
github.com/aws/aws-sdk-go v1.44.218 h1:p707+xOCazWhkSpZOeyhtTcg7Z+asxxvueGgYPSitn4=
github.com/aws/aws-sdk-go v1.44.218/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
github.com/casbin/casbin/v2 v2.65.1 h1:T4vuP+rQvaBcGM/FqvwnJKvVz6N4nLKmLsvk8E+ZTF4=
github.com/casbin/casbin/v2 v2.65.1/go.mod h1:vByNa/Fchek0KZUgG5wEsl7iFsiviAYKRtgrQfcJqHg=
github.com/aws/aws-sdk-go v1.44.221 h1:yndn4uvLolKXPoXIwKHhO5XtwlTnJfXLBKXs84C5+hQ=
github.com/aws/aws-sdk-go v1.44.221/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
github.com/casbin/casbin/v2 v2.65.2 h1:a8XUm1Xls9sXc4RISPFEDQZrqpsv5y1KwwB174W7i74=
github.com/casbin/casbin/v2 v2.65.2/go.mod h1:vByNa/Fchek0KZUgG5wEsl7iFsiviAYKRtgrQfcJqHg=
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
Expand Down
9 changes: 6 additions & 3 deletions internal/testutils/test_utils.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -173,15 +173,18 @@ func SetupTestAuthService(serviceID string, serviceHost string) *authservice.Aut
}

// SetupMockServiceRegLoader returns a mock ServiceRegLoader
func SetupMockServiceRegLoader(authService *authservice.AuthService, subscribed []string, result []authservice.ServiceReg, err error) *mocks.ServiceRegLoader {
func SetupMockServiceRegLoader(authService *authservice.AuthService, subscribed []string, result []authservice.ServiceReg, err error, once bool) *mocks.ServiceRegLoader {
mockLoader := mocks.NewServiceRegLoader(authService, subscribed)
mockLoader.On("LoadServices").Return(result, err)
loadServicesCall := mockLoader.On("LoadServices").Return(result, err)
if once {
loadServicesCall.Once()
}
return mockLoader
}

// SetupTestServiceRegManager returns a test ServiceRegManager
func SetupTestServiceRegManager(authService *authservice.AuthService, mockDataLoader *mocks.ServiceRegLoader) (*authservice.ServiceRegManager, error) {
return authservice.NewTestServiceRegManager(authService, mockDataLoader)
return authservice.NewTestServiceRegManager(authService, mockDataLoader, true)
}

// SetupMockServiceAccountTokenLoader returns a mock ServiceAccountLoader which loads a single access token
Expand Down
10 changes: 5 additions & 5 deletions sigauth/signature_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ func TestSignatureAuth_CheckServiceSignature(t *testing.T) {
testServiceReg := authservice.ServiceReg{ServiceID: authService.ServiceID, Host: authService.ServiceHost, PubKey: pubKey}
serviceRegsValid := []authservice.ServiceReg{testServiceReg}

mockLoader := testutils.SetupMockServiceRegLoader(authService, nil, serviceRegsValid, nil)
mockLoader := testutils.SetupMockServiceRegLoader(authService, nil, serviceRegsValid, nil, false)
s, err := setupTestSignatureAuth(authService, mockLoader)
if err != nil || s == nil {
t.Errorf("Error initializing test signature auth: %v", err)
Expand Down Expand Up @@ -112,7 +112,7 @@ func TestSignatureAuth_CheckSignature(t *testing.T) {
testServiceReg := authservice.ServiceReg{ServiceID: authService.ServiceID, Host: authService.ServiceHost, PubKey: pubKey}
serviceRegsValid := []authservice.ServiceReg{testServiceReg}

mockLoader := testutils.SetupMockServiceRegLoader(authService, nil, serviceRegsValid, nil)
mockLoader := testutils.SetupMockServiceRegLoader(authService, nil, serviceRegsValid, nil, false)

privKey, err := testutils.GetSamplePrivKey(keys.RS256)
if err != nil {
Expand Down Expand Up @@ -164,7 +164,7 @@ func TestSignatureAuth_CheckRequestServiceSignature(t *testing.T) {
testServiceReg := authservice.ServiceReg{ServiceID: authService.ServiceID, Host: authService.ServiceHost, PubKey: pubKey}
serviceRegsValid := []authservice.ServiceReg{testServiceReg}

mockLoader := testutils.SetupMockServiceRegLoader(authService, nil, serviceRegsValid, nil)
mockLoader := testutils.SetupMockServiceRegLoader(authService, nil, serviceRegsValid, nil, false)
s, err := setupTestSignatureAuth(authService, mockLoader)
if err != nil || s == nil {
t.Errorf("Error initializing test signature auth: %v", err)
Expand Down Expand Up @@ -237,7 +237,7 @@ func TestSignatureAuth_CheckRequestSignature(t *testing.T) {
testServiceReg := authservice.ServiceReg{ServiceID: authService.ServiceID, Host: authService.ServiceHost, PubKey: pubKey}
serviceRegsValid := []authservice.ServiceReg{testServiceReg}

mockLoader := testutils.SetupMockServiceRegLoader(authService, nil, serviceRegsValid, nil)
mockLoader := testutils.SetupMockServiceRegLoader(authService, nil, serviceRegsValid, nil, false)

privKey, err := testutils.GetSamplePrivKey(keys.RS256)
if err != nil {
Expand Down Expand Up @@ -311,7 +311,7 @@ func TestSignatureAuth_CheckParsedRequestSignature(t *testing.T) {
testServiceReg := authservice.ServiceReg{ServiceID: authService.ServiceID, Host: authService.ServiceHost, PubKey: pubKey}
serviceRegsValid := []authservice.ServiceReg{testServiceReg}

mockLoader := testutils.SetupMockServiceRegLoader(authService, nil, serviceRegsValid, nil)
mockLoader := testutils.SetupMockServiceRegLoader(authService, nil, serviceRegsValid, nil, false)
s, err := setupTestSignatureAuth(authService, mockLoader)
if err != nil || s == nil {
t.Errorf("Error initializing test signature auth: %v", err)
Expand Down

0 comments on commit 02b0ec8

Please sign in to comment.