Merge branch 'opa' into 'main'
Opa See merge request v3/services/auth!6
This commit is contained in:
commit
d75ab7f82a
|
@ -10,3 +10,7 @@ RMQ_URI=amqp://v3-broker:5672
|
|||
|
||||
# POSTGRES
|
||||
POSTGRES_IMAGE=postgres:15.0
|
||||
|
||||
# OPA
|
||||
OPA_IMAGE=openpolicyagent/opa:0.48.0-rootless
|
||||
OPA_URL=http://v3-opa:8181/v1/data/
|
||||
|
|
|
@ -10,3 +10,7 @@ RMQ_URI=amqp://v3-broker:5672
|
|||
|
||||
# POSTGRES
|
||||
POSTGRES_IMAGE=postgres:15.0
|
||||
|
||||
# OPA
|
||||
OPA_IMAGE=openpolicyagent/opa:0.48.0-rootless
|
||||
OPA_URL=http://v3-opa:8181/v1/data/
|
||||
|
|
|
@ -14,6 +14,7 @@ COPY --chown=node:node package*.json ./
|
|||
|
||||
# Install app dependencies using the `npm ci` command instead of `npm install`
|
||||
RUN npm ci
|
||||
RUN npx prisma generate
|
||||
|
||||
# Bundle app source
|
||||
COPY --chown=node:node . .
|
||||
|
|
39
README.md
39
README.md
|
@ -46,7 +46,9 @@ npm run migrate
|
|||
|
||||
## Usage
|
||||
|
||||
The app is used for authentication (aka AuthN) and authorization (aka AuthZ : _to be developped_).
|
||||
The app is used for authentication (aka AuthN) and authorization (aka AuthZ).
|
||||
|
||||
### AuthN
|
||||
|
||||
AuthN consists in verifying a username / password couple. A user can have multiple usernames (representing multiple identifiers), all of them sharing the same password. In the app, all the authentication information about a user is called an _auth_. As of 2022/10/23, the possible identifiers are :
|
||||
|
||||
|
@ -122,6 +124,41 @@ For AuthN, the app exposes the following [gRPC](https://grpc.io/) services :
|
|||
}
|
||||
```
|
||||
|
||||
### AuthZ
|
||||
|
||||
AuthZ consists in verifying if a given **user** has the right permission to execute a given **action** within a given **domain**. Some context-dependant information can be given as well.
|
||||
|
||||
For AuthZ, the app exposes the following [gRPC](https://grpc.io/) services :
|
||||
|
||||
- **Decide** : asks the authorization service if a user has the right permission
|
||||
|
||||
```json
|
||||
{
|
||||
"uuid": "96d99d44-e0a6-458e-a656-de2a400d60a9",
|
||||
"domain": "user",
|
||||
"action": "read",
|
||||
"context": [
|
||||
{
|
||||
"name": "owner",
|
||||
"value": "96d99d44-e0a6-458e-a656-de2a400d60a8"
|
||||
},
|
||||
{
|
||||
"name": "role",
|
||||
"value": "admin"
|
||||
}
|
||||
]
|
||||
}
|
||||
```
|
||||
|
||||
In return, the service gives an authorization response :
|
||||
|
||||
```json
|
||||
{
|
||||
"allow": true
|
||||
}
|
||||
```
|
||||
|
||||
|
||||
## Messages
|
||||
|
||||
Various RabbitMQ messages are sent for logging purpose.
|
||||
|
|
|
@ -51,6 +51,24 @@ services:
|
|||
aliases:
|
||||
- v3-auth-db-test
|
||||
|
||||
opa:
|
||||
container_name: v3-opa
|
||||
image: ${OPA_IMAGE}
|
||||
ports:
|
||||
- 8181:8181
|
||||
command:
|
||||
- "run"
|
||||
- "--server"
|
||||
- "--log-format=json-pretty"
|
||||
- "--set=decision_logs.console=true"
|
||||
- "./policies/"
|
||||
volumes:
|
||||
- ./opa:/policies
|
||||
networks:
|
||||
v3-network:
|
||||
aliases:
|
||||
- v3-opa
|
||||
|
||||
networks:
|
||||
v3-network:
|
||||
name: v3-network
|
||||
|
|
|
@ -0,0 +1,7 @@
|
|||
package user.list
|
||||
|
||||
default allow := false
|
||||
|
||||
allow := true {
|
||||
input.role == "admin"
|
||||
}
|
|
@ -0,0 +1,11 @@
|
|||
package user.read
|
||||
|
||||
default allow := false
|
||||
|
||||
allow := true {
|
||||
input.uuid == input.owner
|
||||
}
|
||||
|
||||
allow := true {
|
||||
input.role == "admin"
|
||||
}
|
|
@ -1,13 +1,13 @@
|
|||
{
|
||||
"name": "auth",
|
||||
"name": "mobicoop-v3-auth",
|
||||
"version": "0.0.1",
|
||||
"lockfileVersion": 2,
|
||||
"requires": true,
|
||||
"packages": {
|
||||
"": {
|
||||
"name": "auth",
|
||||
"name": "mobicoop-v3-auth",
|
||||
"version": "0.0.1",
|
||||
"license": "UNLICENSED",
|
||||
"license": "AGPL",
|
||||
"dependencies": {
|
||||
"@automapper/classes": "^8.7.7",
|
||||
"@automapper/core": "^8.7.7",
|
||||
|
@ -15,6 +15,7 @@
|
|||
"@golevelup/nestjs-rabbitmq": "^3.4.0",
|
||||
"@grpc/grpc-js": "^1.8.0",
|
||||
"@grpc/proto-loader": "^0.7.4",
|
||||
"@nestjs/axios": "^1.0.1",
|
||||
"@nestjs/common": "^9.0.0",
|
||||
"@nestjs/config": "^2.2.0",
|
||||
"@nestjs/core": "^9.0.0",
|
||||
|
@ -22,6 +23,7 @@
|
|||
"@nestjs/microservices": "^9.2.1",
|
||||
"@nestjs/platform-express": "^9.0.0",
|
||||
"@prisma/client": "^4.7.1",
|
||||
"axios": "^1.2.2",
|
||||
"bcrypt": "^5.1.0",
|
||||
"class-transformer": "^0.5.1",
|
||||
"class-validator": "^0.14.0",
|
||||
|
@ -1642,6 +1644,29 @@
|
|||
"node-pre-gyp": "bin/node-pre-gyp"
|
||||
}
|
||||
},
|
||||
"node_modules/@nestjs/axios": {
|
||||
"version": "1.0.1",
|
||||
"resolved": "https://registry.npmjs.org/@nestjs/axios/-/axios-1.0.1.tgz",
|
||||
"integrity": "sha512-TpoZM/0ZJ9xiC04qkRDFod93LCZ12TQARRU3ejDvBK2E8emvzM4HThOs5ePklVxce4Q1ZsnrIWqnImvoDmJYnQ==",
|
||||
"dependencies": {
|
||||
"axios": "1.2.1"
|
||||
},
|
||||
"peerDependencies": {
|
||||
"@nestjs/common": "^7.0.0 || ^8.0.0 || ^9.0.0",
|
||||
"reflect-metadata": "^0.1.12",
|
||||
"rxjs": "^6.0.0 || ^7.0.0"
|
||||
}
|
||||
},
|
||||
"node_modules/@nestjs/axios/node_modules/axios": {
|
||||
"version": "1.2.1",
|
||||
"resolved": "https://registry.npmjs.org/axios/-/axios-1.2.1.tgz",
|
||||
"integrity": "sha512-I88cFiGu9ryt/tfVEi4kX2SITsvDddTajXTOFmt2uK1ZVA8LytjtdeyefdQWEf5PU8w+4SSJDoYnggflB5tW4A==",
|
||||
"dependencies": {
|
||||
"follow-redirects": "^1.15.0",
|
||||
"form-data": "^4.0.0",
|
||||
"proxy-from-env": "^1.1.0"
|
||||
}
|
||||
},
|
||||
"node_modules/@nestjs/cli": {
|
||||
"version": "9.1.5",
|
||||
"resolved": "https://registry.npmjs.org/@nestjs/cli/-/cli-9.1.5.tgz",
|
||||
|
@ -3173,8 +3198,17 @@
|
|||
"node_modules/asynckit": {
|
||||
"version": "0.4.0",
|
||||
"resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz",
|
||||
"integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==",
|
||||
"dev": true
|
||||
"integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q=="
|
||||
},
|
||||
"node_modules/axios": {
|
||||
"version": "1.2.2",
|
||||
"resolved": "https://registry.npmjs.org/axios/-/axios-1.2.2.tgz",
|
||||
"integrity": "sha512-bz/J4gS2S3I7mpN/YZfGFTqhXTYzRho8Ay38w2otuuDR322KzFIWm/4W2K6gIwvWaws5n+mnb7D1lN9uD+QH6Q==",
|
||||
"dependencies": {
|
||||
"follow-redirects": "^1.15.0",
|
||||
"form-data": "^4.0.0",
|
||||
"proxy-from-env": "^1.1.0"
|
||||
}
|
||||
},
|
||||
"node_modules/babel-jest": {
|
||||
"version": "28.1.3",
|
||||
|
@ -3813,7 +3847,6 @@
|
|||
"version": "1.0.8",
|
||||
"resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz",
|
||||
"integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"delayed-stream": "~1.0.0"
|
||||
},
|
||||
|
@ -4015,7 +4048,6 @@
|
|||
"version": "1.0.0",
|
||||
"resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz",
|
||||
"integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==",
|
||||
"dev": true,
|
||||
"engines": {
|
||||
"node": ">=0.4.0"
|
||||
}
|
||||
|
@ -4854,6 +4886,25 @@
|
|||
"integrity": "sha512-5nqDSxl8nn5BSNxyR3n4I6eDmbolI6WT+QqR547RwxQapgjQBmtktdP+HTBb/a/zLsbzERTONyUB5pefh5TtjQ==",
|
||||
"dev": true
|
||||
},
|
||||
"node_modules/follow-redirects": {
|
||||
"version": "1.15.2",
|
||||
"resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.2.tgz",
|
||||
"integrity": "sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA==",
|
||||
"funding": [
|
||||
{
|
||||
"type": "individual",
|
||||
"url": "https://github.com/sponsors/RubenVerborgh"
|
||||
}
|
||||
],
|
||||
"engines": {
|
||||
"node": ">=4.0"
|
||||
},
|
||||
"peerDependenciesMeta": {
|
||||
"debug": {
|
||||
"optional": true
|
||||
}
|
||||
}
|
||||
},
|
||||
"node_modules/fork-ts-checker-webpack-plugin": {
|
||||
"version": "7.2.13",
|
||||
"resolved": "https://registry.npmjs.org/fork-ts-checker-webpack-plugin/-/fork-ts-checker-webpack-plugin-7.2.13.tgz",
|
||||
|
@ -4908,7 +4959,6 @@
|
|||
"version": "4.0.0",
|
||||
"resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz",
|
||||
"integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"asynckit": "^0.4.0",
|
||||
"combined-stream": "^1.0.8",
|
||||
|
@ -7548,6 +7598,11 @@
|
|||
"node": ">= 0.10"
|
||||
}
|
||||
},
|
||||
"node_modules/proxy-from-env": {
|
||||
"version": "1.1.0",
|
||||
"resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz",
|
||||
"integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg=="
|
||||
},
|
||||
"node_modules/pump": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/pump/-/pump-3.0.0.tgz",
|
||||
|
@ -10487,6 +10542,26 @@
|
|||
"tar": "^6.1.11"
|
||||
}
|
||||
},
|
||||
"@nestjs/axios": {
|
||||
"version": "1.0.1",
|
||||
"resolved": "https://registry.npmjs.org/@nestjs/axios/-/axios-1.0.1.tgz",
|
||||
"integrity": "sha512-TpoZM/0ZJ9xiC04qkRDFod93LCZ12TQARRU3ejDvBK2E8emvzM4HThOs5ePklVxce4Q1ZsnrIWqnImvoDmJYnQ==",
|
||||
"requires": {
|
||||
"axios": "1.2.1"
|
||||
},
|
||||
"dependencies": {
|
||||
"axios": {
|
||||
"version": "1.2.1",
|
||||
"resolved": "https://registry.npmjs.org/axios/-/axios-1.2.1.tgz",
|
||||
"integrity": "sha512-I88cFiGu9ryt/tfVEi4kX2SITsvDddTajXTOFmt2uK1ZVA8LytjtdeyefdQWEf5PU8w+4SSJDoYnggflB5tW4A==",
|
||||
"requires": {
|
||||
"follow-redirects": "^1.15.0",
|
||||
"form-data": "^4.0.0",
|
||||
"proxy-from-env": "^1.1.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"@nestjs/cli": {
|
||||
"version": "9.1.5",
|
||||
"resolved": "https://registry.npmjs.org/@nestjs/cli/-/cli-9.1.5.tgz",
|
||||
|
@ -11648,8 +11723,17 @@
|
|||
"asynckit": {
|
||||
"version": "0.4.0",
|
||||
"resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz",
|
||||
"integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==",
|
||||
"dev": true
|
||||
"integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q=="
|
||||
},
|
||||
"axios": {
|
||||
"version": "1.2.2",
|
||||
"resolved": "https://registry.npmjs.org/axios/-/axios-1.2.2.tgz",
|
||||
"integrity": "sha512-bz/J4gS2S3I7mpN/YZfGFTqhXTYzRho8Ay38w2otuuDR322KzFIWm/4W2K6gIwvWaws5n+mnb7D1lN9uD+QH6Q==",
|
||||
"requires": {
|
||||
"follow-redirects": "^1.15.0",
|
||||
"form-data": "^4.0.0",
|
||||
"proxy-from-env": "^1.1.0"
|
||||
}
|
||||
},
|
||||
"babel-jest": {
|
||||
"version": "28.1.3",
|
||||
|
@ -12118,7 +12202,6 @@
|
|||
"version": "1.0.8",
|
||||
"resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz",
|
||||
"integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"delayed-stream": "~1.0.0"
|
||||
}
|
||||
|
@ -12278,8 +12361,7 @@
|
|||
"delayed-stream": {
|
||||
"version": "1.0.0",
|
||||
"resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz",
|
||||
"integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==",
|
||||
"dev": true
|
||||
"integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ=="
|
||||
},
|
||||
"delegates": {
|
||||
"version": "1.0.0",
|
||||
|
@ -12926,6 +13008,11 @@
|
|||
"integrity": "sha512-5nqDSxl8nn5BSNxyR3n4I6eDmbolI6WT+QqR547RwxQapgjQBmtktdP+HTBb/a/zLsbzERTONyUB5pefh5TtjQ==",
|
||||
"dev": true
|
||||
},
|
||||
"follow-redirects": {
|
||||
"version": "1.15.2",
|
||||
"resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.2.tgz",
|
||||
"integrity": "sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA=="
|
||||
},
|
||||
"fork-ts-checker-webpack-plugin": {
|
||||
"version": "7.2.13",
|
||||
"resolved": "https://registry.npmjs.org/fork-ts-checker-webpack-plugin/-/fork-ts-checker-webpack-plugin-7.2.13.tgz",
|
||||
|
@ -12962,7 +13049,6 @@
|
|||
"version": "4.0.0",
|
||||
"resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz",
|
||||
"integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"asynckit": "^0.4.0",
|
||||
"combined-stream": "^1.0.8",
|
||||
|
@ -14917,6 +15003,11 @@
|
|||
"ipaddr.js": "1.9.1"
|
||||
}
|
||||
},
|
||||
"proxy-from-env": {
|
||||
"version": "1.1.0",
|
||||
"resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz",
|
||||
"integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg=="
|
||||
},
|
||||
"pump": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/pump/-/pump-3.0.0.tgz",
|
||||
|
|
|
@ -32,6 +32,7 @@
|
|||
"@golevelup/nestjs-rabbitmq": "^3.4.0",
|
||||
"@grpc/grpc-js": "^1.8.0",
|
||||
"@grpc/proto-loader": "^0.7.4",
|
||||
"@nestjs/axios": "^1.0.1",
|
||||
"@nestjs/common": "^9.0.0",
|
||||
"@nestjs/config": "^2.2.0",
|
||||
"@nestjs/core": "^9.0.0",
|
||||
|
@ -39,6 +40,7 @@
|
|||
"@nestjs/microservices": "^9.2.1",
|
||||
"@nestjs/platform-express": "^9.0.0",
|
||||
"@prisma/client": "^4.7.1",
|
||||
"axios": "^1.2.2",
|
||||
"bcrypt": "^5.1.0",
|
||||
"class-transformer": "^0.5.1",
|
||||
"class-validator": "^0.14.0",
|
||||
|
@ -80,7 +82,11 @@
|
|||
"json",
|
||||
"ts"
|
||||
],
|
||||
"modulePathIgnorePatterns": [".controller.ts",".module.ts","main.ts"],
|
||||
"modulePathIgnorePatterns": [
|
||||
".controller.ts",
|
||||
".module.ts",
|
||||
"main.ts"
|
||||
],
|
||||
"rootDir": "src",
|
||||
"testRegex": ".*\\.spec\\.ts$",
|
||||
"transform": {
|
||||
|
|
|
@ -2,13 +2,15 @@ import { classes } from '@automapper/classes';
|
|||
import { AutomapperModule } from '@automapper/nestjs';
|
||||
import { Module } from '@nestjs/common';
|
||||
import { ConfigModule } from '@nestjs/config';
|
||||
import { AuthModule } from './modules/auth/auth.module';
|
||||
import { AuthenticationModule } from './modules/authentication/authentication.module';
|
||||
import { AuthorizationModule } from './modules/authorization/authorization.module';
|
||||
|
||||
@Module({
|
||||
imports: [
|
||||
ConfigModule.forRoot({ isGlobal: true }),
|
||||
AutomapperModule.forRoot({ strategyInitializer: classes() }),
|
||||
AuthModule,
|
||||
AuthenticationModule,
|
||||
AuthorizationModule,
|
||||
],
|
||||
controllers: [],
|
||||
providers: [],
|
||||
|
|
16
src/main.ts
16
src/main.ts
|
@ -9,11 +9,17 @@ async function bootstrap() {
|
|||
{
|
||||
transport: Transport.GRPC,
|
||||
options: {
|
||||
package: 'auth',
|
||||
protoPath: join(
|
||||
__dirname,
|
||||
'modules/auth/adapters/primaries/auth.proto',
|
||||
),
|
||||
package: ['authentication', 'authorization'],
|
||||
protoPath: [
|
||||
join(
|
||||
__dirname,
|
||||
'modules/authentication/adapters/primaries/authentication.proto',
|
||||
),
|
||||
join(
|
||||
__dirname,
|
||||
'modules/authorization/adapters/primaries/authorization.proto',
|
||||
),
|
||||
],
|
||||
url: process.env.SERVICE_URL + ':' + process.env.SERVICE_PORT,
|
||||
loader: { keepCase: true, enums: String },
|
||||
},
|
||||
|
|
|
@ -1,8 +0,0 @@
|
|||
import { Injectable } from '@nestjs/common';
|
||||
import { AuthNZRepository } from '../../../database/src/domain/authnz-repository';
|
||||
import { Auth } from '../../domain/entities/auth';
|
||||
|
||||
@Injectable()
|
||||
export class AuthRepository extends AuthNZRepository<Auth> {
|
||||
protected _model = 'auth';
|
||||
}
|
|
@ -1,9 +0,0 @@
|
|||
import { CreateAuthRequest } from '../domain/dtos/create-auth.request';
|
||||
|
||||
export class CreateAuthCommand {
|
||||
readonly createAuthRequest: CreateAuthRequest;
|
||||
|
||||
constructor(request: CreateAuthRequest) {
|
||||
this.createAuthRequest = request;
|
||||
}
|
||||
}
|
|
@ -1,9 +0,0 @@
|
|||
import { DeleteAuthRequest } from '../domain/dtos/delete-auth.request';
|
||||
|
||||
export class DeleteAuthCommand {
|
||||
readonly deleteAuthRequest: DeleteAuthRequest;
|
||||
|
||||
constructor(request: DeleteAuthRequest) {
|
||||
this.deleteAuthRequest = request;
|
||||
}
|
||||
}
|
|
@ -1,91 +0,0 @@
|
|||
import { classes } from '@automapper/classes';
|
||||
import { AutomapperModule } from '@automapper/nestjs';
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { AuthRepository } from '../../adapters/secondaries/auth.repository';
|
||||
import { CreateAuthCommand } from '../../commands/create-auth.command';
|
||||
import { CreateAuthRequest } from '../../domain/dtos/create-auth.request';
|
||||
import { Auth } from '../../domain/entities/auth';
|
||||
import { CreateAuthUseCase } from '../../domain/usecases/create-auth.usecase';
|
||||
import * as bcrypt from 'bcrypt';
|
||||
import { UsernameRepository } from '../../adapters/secondaries/username.repository';
|
||||
import { Type } from '../../domain/dtos/type.enum';
|
||||
import { LoggingMessager } from '../../adapters/secondaries/logging.messager';
|
||||
|
||||
const newAuthRequest: CreateAuthRequest = new CreateAuthRequest();
|
||||
newAuthRequest.uuid = 'bb281075-1b98-4456-89d6-c643d3044a91';
|
||||
newAuthRequest.username = 'john.doe@email.com';
|
||||
newAuthRequest.password = 'John123';
|
||||
newAuthRequest.type = Type.EMAIL;
|
||||
const newAuthCommand: CreateAuthCommand = new CreateAuthCommand(newAuthRequest);
|
||||
|
||||
const mockAuthRepository = {
|
||||
create: jest
|
||||
.fn()
|
||||
.mockImplementationOnce(() => {
|
||||
return Promise.resolve({
|
||||
uuid: newAuthRequest.uuid,
|
||||
password: bcrypt.hashSync(newAuthRequest.password, 10),
|
||||
});
|
||||
})
|
||||
.mockImplementation(() => {
|
||||
throw new Error('Already exists');
|
||||
}),
|
||||
};
|
||||
|
||||
const mockUsernameRepository = {
|
||||
create: jest.fn().mockResolvedValue({
|
||||
uuid: newAuthRequest.uuid,
|
||||
username: newAuthRequest.username,
|
||||
type: newAuthRequest.type,
|
||||
}),
|
||||
};
|
||||
|
||||
const mockMessager = {
|
||||
publish: jest.fn().mockImplementation(),
|
||||
};
|
||||
|
||||
describe('CreateAuthUseCase', () => {
|
||||
let createAuthUseCase: CreateAuthUseCase;
|
||||
|
||||
beforeAll(async () => {
|
||||
const module: TestingModule = await Test.createTestingModule({
|
||||
imports: [AutomapperModule.forRoot({ strategyInitializer: classes() })],
|
||||
providers: [
|
||||
{
|
||||
provide: AuthRepository,
|
||||
useValue: mockAuthRepository,
|
||||
},
|
||||
{
|
||||
provide: UsernameRepository,
|
||||
useValue: mockUsernameRepository,
|
||||
},
|
||||
{
|
||||
provide: LoggingMessager,
|
||||
useValue: mockMessager,
|
||||
},
|
||||
CreateAuthUseCase,
|
||||
],
|
||||
}).compile();
|
||||
|
||||
createAuthUseCase = module.get<CreateAuthUseCase>(CreateAuthUseCase);
|
||||
});
|
||||
|
||||
it('should be defined', () => {
|
||||
expect(createAuthUseCase).toBeDefined();
|
||||
});
|
||||
|
||||
describe('execute', () => {
|
||||
it('should create an auth with an encrypted password', async () => {
|
||||
const newAuth: Auth = await createAuthUseCase.execute(newAuthCommand);
|
||||
|
||||
expect(
|
||||
bcrypt.compareSync(newAuthRequest.password, newAuth.password),
|
||||
).toBeTruthy();
|
||||
});
|
||||
it('should throw an error if user already exists', async () => {
|
||||
await expect(
|
||||
createAuthUseCase.execute(newAuthCommand),
|
||||
).rejects.toBeInstanceOf(Error);
|
||||
});
|
||||
});
|
||||
});
|
|
@ -1,104 +0,0 @@
|
|||
import { classes } from '@automapper/classes';
|
||||
import { AutomapperModule } from '@automapper/nestjs';
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { AuthRepository } from '../../adapters/secondaries/auth.repository';
|
||||
import { Auth } from '../../domain/entities/auth';
|
||||
import * as bcrypt from 'bcrypt';
|
||||
import { ValidateAuthUseCase } from '../../domain/usecases/validate-auth.usecase';
|
||||
import { ValidateAuthQuery } from '../../queries/validate-auth.query';
|
||||
import { UsernameRepository } from '../../adapters/secondaries/username.repository';
|
||||
import { Type } from '../../domain/dtos/type.enum';
|
||||
import { NotFoundException, UnauthorizedException } from '@nestjs/common';
|
||||
import { DatabaseException } from '../../../database/src/exceptions/DatabaseException';
|
||||
import { ValidateAuthRequest } from '../../domain/dtos/validate-auth.request';
|
||||
|
||||
const mockAuthRepository = {
|
||||
findOne: jest
|
||||
.fn()
|
||||
.mockImplementationOnce(() => ({
|
||||
uuid: 'bb281075-1b98-4456-89d6-c643d3044a91',
|
||||
password: bcrypt.hashSync('John123', 10),
|
||||
}))
|
||||
.mockImplementationOnce(() => ({
|
||||
uuid: 'bb281075-1b98-4456-89d6-c643d3044a91',
|
||||
password: bcrypt.hashSync('John123', 10),
|
||||
})),
|
||||
};
|
||||
|
||||
const mockUsernameRepository = {
|
||||
findOne: jest
|
||||
.fn()
|
||||
.mockImplementationOnce(() => ({
|
||||
uuid: 'bb281075-1b98-4456-89d6-c643d3044a91',
|
||||
username: 'john.doe@email.com',
|
||||
type: Type.EMAIL,
|
||||
}))
|
||||
.mockImplementationOnce(() => {
|
||||
throw new DatabaseException();
|
||||
})
|
||||
.mockImplementationOnce(() => ({
|
||||
uuid: 'bb281075-1b98-4456-89d6-c643d3044a91',
|
||||
username: 'john.doe@email.com',
|
||||
type: Type.EMAIL,
|
||||
})),
|
||||
};
|
||||
|
||||
describe('ValidateAuthUseCase', () => {
|
||||
let validateAuthUseCase: ValidateAuthUseCase;
|
||||
|
||||
beforeAll(async () => {
|
||||
const module: TestingModule = await Test.createTestingModule({
|
||||
imports: [AutomapperModule.forRoot({ strategyInitializer: classes() })],
|
||||
providers: [
|
||||
{
|
||||
provide: AuthRepository,
|
||||
useValue: mockAuthRepository,
|
||||
},
|
||||
{
|
||||
provide: UsernameRepository,
|
||||
useValue: mockUsernameRepository,
|
||||
},
|
||||
ValidateAuthUseCase,
|
||||
],
|
||||
}).compile();
|
||||
|
||||
validateAuthUseCase = module.get<ValidateAuthUseCase>(ValidateAuthUseCase);
|
||||
});
|
||||
|
||||
it('should be defined', () => {
|
||||
expect(validateAuthUseCase).toBeDefined();
|
||||
});
|
||||
|
||||
describe('execute', () => {
|
||||
it('should validate an auth and returns entity object', async () => {
|
||||
const validateAuthRequest: ValidateAuthRequest =
|
||||
new ValidateAuthRequest();
|
||||
validateAuthRequest.username = 'john.doe@email.com';
|
||||
validateAuthRequest.password = 'John123';
|
||||
const auth: Auth = await validateAuthUseCase.execute(
|
||||
new ValidateAuthQuery(
|
||||
validateAuthRequest.username,
|
||||
validateAuthRequest.password,
|
||||
),
|
||||
);
|
||||
|
||||
expect(auth.uuid).toBe('bb281075-1b98-4456-89d6-c643d3044a91');
|
||||
});
|
||||
|
||||
it('should not validate an auth with unknown username and returns not found exception', async () => {
|
||||
await expect(
|
||||
validateAuthUseCase.execute(
|
||||
new ValidateAuthQuery('jane.doe@email.com', 'Jane123'),
|
||||
),
|
||||
).rejects.toBeInstanceOf(NotFoundException);
|
||||
});
|
||||
|
||||
it('should not validate an auth with wrong password and returns unauthorized exception', async () => {
|
||||
await expect(
|
||||
validateAuthUseCase.execute(
|
||||
new ValidateAuthQuery('john.doe@email.com', 'John1234'),
|
||||
),
|
||||
).rejects.toBeInstanceOf(UnauthorizedException);
|
||||
});
|
||||
});
|
||||
});
|
|
@ -4,17 +4,17 @@ import { CommandBus } from '@nestjs/cqrs';
|
|||
import { UpdateUsernameCommand } from '../../commands/update-username.command';
|
||||
import { Type } from '../../domain/dtos/type.enum';
|
||||
import { UpdateUsernameRequest } from '../../domain/dtos/update-username.request';
|
||||
import { DeleteAuthRequest } from '../../domain/dtos/delete-auth.request';
|
||||
import { DeleteAuthCommand } from '../../commands/delete-auth.command';
|
||||
import { DeleteAuthenticationRequest } from '../../domain/dtos/delete-authentication.request';
|
||||
import { DeleteAuthenticationCommand } from '../../commands/delete-authentication.command';
|
||||
|
||||
@Controller()
|
||||
export class AuthMessagerController {
|
||||
export class AuthenticationMessagerController {
|
||||
constructor(private readonly _commandBus: CommandBus) {}
|
||||
|
||||
@RabbitSubscribe({
|
||||
exchange: 'user',
|
||||
routingKey: 'update',
|
||||
queue: 'auth-user-update',
|
||||
queue: 'authentication-user-update',
|
||||
})
|
||||
public async userUpdatedHandler(message: string) {
|
||||
const updatedUser = JSON.parse(message);
|
||||
|
@ -42,13 +42,15 @@ export class AuthMessagerController {
|
|||
@RabbitSubscribe({
|
||||
exchange: 'user',
|
||||
routingKey: 'delete',
|
||||
queue: 'auth-user-delete',
|
||||
queue: 'authentication-user-delete',
|
||||
})
|
||||
public async userDeletedHandler(message: string) {
|
||||
const deletedUser = JSON.parse(message);
|
||||
if (!deletedUser.hasOwnProperty('uuid')) throw new Error();
|
||||
const deleteAuthRequest = new DeleteAuthRequest();
|
||||
deleteAuthRequest.uuid = deletedUser.uuid;
|
||||
await this._commandBus.execute(new DeleteAuthCommand(deleteAuthRequest));
|
||||
const deleteAuthenticationRequest = new DeleteAuthenticationRequest();
|
||||
deleteAuthenticationRequest.uuid = deletedUser.uuid;
|
||||
await this._commandBus.execute(
|
||||
new DeleteAuthenticationCommand(deleteAuthenticationRequest),
|
||||
);
|
||||
}
|
||||
}
|
|
@ -5,23 +5,23 @@ import { CommandBus, QueryBus } from '@nestjs/cqrs';
|
|||
import { GrpcMethod, RpcException } from '@nestjs/microservices';
|
||||
import { DatabaseException } from 'src/modules/database/src/exceptions/DatabaseException';
|
||||
import { AddUsernameCommand } from '../../commands/add-username.command';
|
||||
import { CreateAuthCommand } from '../../commands/create-auth.command';
|
||||
import { DeleteAuthCommand } from '../../commands/delete-auth.command';
|
||||
import { CreateAuthenticationCommand } from '../../commands/create-authentication.command';
|
||||
import { DeleteAuthenticationCommand } from '../../commands/delete-authentication.command';
|
||||
import { DeleteUsernameCommand } from '../../commands/delete-username.command';
|
||||
import { UpdatePasswordCommand } from '../../commands/update-password.command';
|
||||
import { UpdateUsernameCommand } from '../../commands/update-username.command';
|
||||
import { AddUsernameRequest } from '../../domain/dtos/add-username.request';
|
||||
import { CreateAuthRequest } from '../../domain/dtos/create-auth.request';
|
||||
import { DeleteAuthRequest } from '../../domain/dtos/delete-auth.request';
|
||||
import { CreateAuthenticationRequest } from '../../domain/dtos/create-authentication.request';
|
||||
import { DeleteAuthenticationRequest } from '../../domain/dtos/delete-authentication.request';
|
||||
import { DeleteUsernameRequest } from '../../domain/dtos/delete-username.request';
|
||||
import { UpdatePasswordRequest } from '../../domain/dtos/update-password.request';
|
||||
import { UpdateUsernameRequest } from '../../domain/dtos/update-username.request';
|
||||
import { ValidateAuthRequest } from '../../domain/dtos/validate-auth.request';
|
||||
import { Auth } from '../../domain/entities/auth';
|
||||
import { ValidateAuthenticationRequest } from '../../domain/dtos/validate-authentication.request';
|
||||
import { Authentication } from '../../domain/entities/authentication';
|
||||
import { Username } from '../../domain/entities/username';
|
||||
import { ValidateAuthQuery } from '../../queries/validate-auth.query';
|
||||
import { AuthPresenter } from './auth.presenter';
|
||||
import { RpcValidationPipe } from './rpc.validation-pipe';
|
||||
import { ValidateAuthenticationQuery } from '../../queries/validate-authentication.query';
|
||||
import { AuthenticationPresenter } from './authentication.presenter';
|
||||
import { RpcValidationPipe } from '../../../../utils/pipes/rpc.validation-pipe';
|
||||
import { UsernamePresenter } from './username.presenter';
|
||||
|
||||
@UsePipes(
|
||||
|
@ -31,20 +31,26 @@ import { UsernamePresenter } from './username.presenter';
|
|||
}),
|
||||
)
|
||||
@Controller()
|
||||
export class AuthController {
|
||||
export class AuthenticationController {
|
||||
constructor(
|
||||
private readonly _commandBus: CommandBus,
|
||||
private readonly _queryBus: QueryBus,
|
||||
@InjectMapper() private readonly _mapper: Mapper,
|
||||
) {}
|
||||
|
||||
@GrpcMethod('AuthService', 'Validate')
|
||||
async validate(data: ValidateAuthRequest): Promise<AuthPresenter> {
|
||||
@GrpcMethod('AuthenticationService', 'Validate')
|
||||
async validate(
|
||||
data: ValidateAuthenticationRequest,
|
||||
): Promise<AuthenticationPresenter> {
|
||||
try {
|
||||
const auth: Auth = await this._queryBus.execute(
|
||||
new ValidateAuthQuery(data.username, data.password),
|
||||
const authentication: Authentication = await this._queryBus.execute(
|
||||
new ValidateAuthenticationQuery(data.username, data.password),
|
||||
);
|
||||
return this._mapper.map(
|
||||
authentication,
|
||||
Authentication,
|
||||
AuthenticationPresenter,
|
||||
);
|
||||
return this._mapper.map(auth, Auth, AuthPresenter);
|
||||
} catch (e) {
|
||||
throw new RpcException({
|
||||
code: 7,
|
||||
|
@ -53,13 +59,19 @@ export class AuthController {
|
|||
}
|
||||
}
|
||||
|
||||
@GrpcMethod('AuthService', 'Create')
|
||||
async createUser(data: CreateAuthRequest): Promise<AuthPresenter> {
|
||||
@GrpcMethod('AuthenticationService', 'Create')
|
||||
async createUser(
|
||||
data: CreateAuthenticationRequest,
|
||||
): Promise<AuthenticationPresenter> {
|
||||
try {
|
||||
const auth: Auth = await this._commandBus.execute(
|
||||
new CreateAuthCommand(data),
|
||||
const authentication: Authentication = await this._commandBus.execute(
|
||||
new CreateAuthenticationCommand(data),
|
||||
);
|
||||
return this._mapper.map(
|
||||
authentication,
|
||||
Authentication,
|
||||
AuthenticationPresenter,
|
||||
);
|
||||
return this._mapper.map(auth, Auth, AuthPresenter);
|
||||
} catch (e) {
|
||||
if (e instanceof DatabaseException) {
|
||||
if (e.message.includes('Already exists')) {
|
||||
|
@ -76,7 +88,7 @@ export class AuthController {
|
|||
}
|
||||
}
|
||||
|
||||
@GrpcMethod('AuthService', 'AddUsername')
|
||||
@GrpcMethod('AuthenticationService', 'AddUsername')
|
||||
async addUsername(data: AddUsernameRequest): Promise<UsernamePresenter> {
|
||||
try {
|
||||
const username: Username = await this._commandBus.execute(
|
||||
|
@ -100,7 +112,7 @@ export class AuthController {
|
|||
}
|
||||
}
|
||||
|
||||
@GrpcMethod('AuthService', 'UpdateUsername')
|
||||
@GrpcMethod('AuthenticationService', 'UpdateUsername')
|
||||
async updateUsername(
|
||||
data: UpdateUsernameRequest,
|
||||
): Promise<UsernamePresenter> {
|
||||
|
@ -126,14 +138,20 @@ export class AuthController {
|
|||
}
|
||||
}
|
||||
|
||||
@GrpcMethod('AuthService', 'UpdatePassword')
|
||||
async updatePassword(data: UpdatePasswordRequest): Promise<AuthPresenter> {
|
||||
@GrpcMethod('AuthenticationService', 'UpdatePassword')
|
||||
async updatePassword(
|
||||
data: UpdatePasswordRequest,
|
||||
): Promise<AuthenticationPresenter> {
|
||||
try {
|
||||
const auth: Auth = await this._commandBus.execute(
|
||||
const authentication: Authentication = await this._commandBus.execute(
|
||||
new UpdatePasswordCommand(data),
|
||||
);
|
||||
|
||||
return this._mapper.map(auth, Auth, AuthPresenter);
|
||||
return this._mapper.map(
|
||||
authentication,
|
||||
Authentication,
|
||||
AuthenticationPresenter,
|
||||
);
|
||||
} catch (e) {
|
||||
throw new RpcException({
|
||||
code: 7,
|
||||
|
@ -142,7 +160,7 @@ export class AuthController {
|
|||
}
|
||||
}
|
||||
|
||||
@GrpcMethod('AuthService', 'DeleteUsername')
|
||||
@GrpcMethod('AuthenticationService', 'DeleteUsername')
|
||||
async deleteUsername(data: DeleteUsernameRequest) {
|
||||
try {
|
||||
return await this._commandBus.execute(new DeleteUsernameCommand(data));
|
||||
|
@ -154,10 +172,12 @@ export class AuthController {
|
|||
}
|
||||
}
|
||||
|
||||
@GrpcMethod('AuthService', 'Delete')
|
||||
async deleteAuth(data: DeleteAuthRequest) {
|
||||
@GrpcMethod('AuthenticationService', 'Delete')
|
||||
async deleteAuthentication(data: DeleteAuthenticationRequest) {
|
||||
try {
|
||||
return await this._commandBus.execute(new DeleteAuthCommand(data));
|
||||
return await this._commandBus.execute(
|
||||
new DeleteAuthenticationCommand(data),
|
||||
);
|
||||
} catch (e) {
|
||||
throw new RpcException({
|
||||
code: 7,
|
|
@ -1,6 +1,6 @@
|
|||
import { AutoMap } from '@automapper/classes';
|
||||
|
||||
export class AuthPresenter {
|
||||
export class AuthenticationPresenter {
|
||||
@AutoMap()
|
||||
uuid: string;
|
||||
}
|
|
@ -1,10 +1,10 @@
|
|||
syntax = "proto3";
|
||||
|
||||
package auth;
|
||||
package authentication;
|
||||
|
||||
service AuthService {
|
||||
rpc Validate(AuthByUsernamePassword) returns (Uuid);
|
||||
rpc Create(Auth) returns (Uuid);
|
||||
service AuthenticationService {
|
||||
rpc Validate(AuthenticationByUsernamePassword) returns (Uuid);
|
||||
rpc Create(Authentication) returns (Uuid);
|
||||
rpc AddUsername(Username) returns (Uuid);
|
||||
rpc UpdatePassword(Password) returns (Uuid);
|
||||
rpc UpdateUsername(Username) returns (Uuid);
|
||||
|
@ -12,7 +12,7 @@ service AuthService {
|
|||
rpc Delete(Uuid) returns (Empty);
|
||||
}
|
||||
|
||||
message AuthByUsernamePassword {
|
||||
message AuthenticationByUsernamePassword {
|
||||
string username = 1;
|
||||
string password = 2;
|
||||
}
|
||||
|
@ -22,7 +22,7 @@ enum Type {
|
|||
PHONE = 1;
|
||||
}
|
||||
|
||||
message Auth {
|
||||
message Authentication {
|
||||
string uuid = 1;
|
||||
string username = 2;
|
||||
string password = 3;
|
|
@ -3,7 +3,7 @@ import { Injectable } from '@nestjs/common';
|
|||
import { IMessageBroker } from '../../domain/interfaces/message-broker';
|
||||
|
||||
@Injectable()
|
||||
export class AuthMessager extends IMessageBroker {
|
||||
export class AuthenticationMessager extends IMessageBroker {
|
||||
constructor(private readonly _amqpConnection: AmqpConnection) {
|
||||
super('auth');
|
||||
}
|
|
@ -0,0 +1,8 @@
|
|||
import { Injectable } from '@nestjs/common';
|
||||
import { AuthRepository } from '../../../database/src/domain/auth-repository';
|
||||
import { Authentication } from '../../domain/entities/authentication';
|
||||
|
||||
@Injectable()
|
||||
export class AuthenticationRepository extends AuthRepository<Authentication> {
|
||||
protected _model = 'auth';
|
||||
}
|
|
@ -1,8 +1,8 @@
|
|||
import { Injectable } from '@nestjs/common';
|
||||
import { AuthNZRepository } from '../../../database/src/domain/authnz-repository';
|
||||
import { AuthRepository } from '../../../database/src/domain/auth-repository';
|
||||
import { Username } from '../../domain/entities/username';
|
||||
|
||||
@Injectable()
|
||||
export class UsernameRepository extends AuthNZRepository<Username> {
|
||||
export class UsernameRepository extends AuthRepository<Username> {
|
||||
protected _model = 'username';
|
||||
}
|
|
@ -1,20 +1,20 @@
|
|||
import { Module } from '@nestjs/common';
|
||||
import { CqrsModule } from '@nestjs/cqrs';
|
||||
import { DatabaseModule } from '../database/database.module';
|
||||
import { AuthController } from './adapters/primaries/auth.controller';
|
||||
import { CreateAuthUseCase } from './domain/usecases/create-auth.usecase';
|
||||
import { ValidateAuthUseCase } from './domain/usecases/validate-auth.usecase';
|
||||
import { AuthProfile } from './mappers/auth.profile';
|
||||
import { AuthRepository } from './adapters/secondaries/auth.repository';
|
||||
import { AuthenticationController } from './adapters/primaries/authentication.controller';
|
||||
import { CreateAuthenticationUseCase } from './domain/usecases/create-authentication.usecase';
|
||||
import { ValidateAuthenticationUseCase } from './domain/usecases/validate-authentication.usecase';
|
||||
import { AuthenticationProfile } from './mappers/authentication.profile';
|
||||
import { AuthenticationRepository } from './adapters/secondaries/authentication.repository';
|
||||
import { UpdateUsernameUseCase } from './domain/usecases/update-username.usecase';
|
||||
import { UsernameProfile } from './mappers/username.profile';
|
||||
import { AddUsernameUseCase } from './domain/usecases/add-username.usecase';
|
||||
import { UpdatePasswordUseCase } from './domain/usecases/update-password.usecase';
|
||||
import { DeleteUsernameUseCase } from './domain/usecases/delete-username.usecase';
|
||||
import { DeleteAuthUseCase } from './domain/usecases/delete-auth.usecase';
|
||||
import { DeleteAuthenticationUseCase } from './domain/usecases/delete-authentication.usecase';
|
||||
import { RabbitMQModule } from '@golevelup/nestjs-rabbitmq';
|
||||
import { ConfigModule, ConfigService } from '@nestjs/config';
|
||||
import { AuthMessagerController } from './adapters/primaries/auth-messager.controller';
|
||||
import { AuthenticationMessagerController } from './adapters/primaries/authentication-messager.controller';
|
||||
import { LoggingMessager } from './adapters/secondaries/logging.messager';
|
||||
|
||||
@Module({
|
||||
|
@ -41,20 +41,20 @@ import { LoggingMessager } from './adapters/secondaries/logging.messager';
|
|||
inject: [ConfigService],
|
||||
}),
|
||||
],
|
||||
controllers: [AuthController, AuthMessagerController],
|
||||
controllers: [AuthenticationController, AuthenticationMessagerController],
|
||||
providers: [
|
||||
AuthProfile,
|
||||
AuthenticationProfile,
|
||||
UsernameProfile,
|
||||
AuthRepository,
|
||||
AuthenticationRepository,
|
||||
LoggingMessager,
|
||||
ValidateAuthUseCase,
|
||||
CreateAuthUseCase,
|
||||
ValidateAuthenticationUseCase,
|
||||
CreateAuthenticationUseCase,
|
||||
AddUsernameUseCase,
|
||||
UpdateUsernameUseCase,
|
||||
UpdatePasswordUseCase,
|
||||
DeleteUsernameUseCase,
|
||||
DeleteAuthUseCase,
|
||||
DeleteAuthenticationUseCase,
|
||||
],
|
||||
exports: [],
|
||||
})
|
||||
export class AuthModule {}
|
||||
export class AuthenticationModule {}
|
|
@ -0,0 +1,9 @@
|
|||
import { CreateAuthenticationRequest } from '../domain/dtos/create-authentication.request';
|
||||
|
||||
export class CreateAuthenticationCommand {
|
||||
readonly createAuthenticationRequest: CreateAuthenticationRequest;
|
||||
|
||||
constructor(request: CreateAuthenticationRequest) {
|
||||
this.createAuthenticationRequest = request;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,9 @@
|
|||
import { DeleteAuthenticationRequest } from '../domain/dtos/delete-authentication.request';
|
||||
|
||||
export class DeleteAuthenticationCommand {
|
||||
readonly deleteAuthenticationRequest: DeleteAuthenticationRequest;
|
||||
|
||||
constructor(request: DeleteAuthenticationRequest) {
|
||||
this.deleteAuthenticationRequest = request;
|
||||
}
|
||||
}
|
|
@ -2,7 +2,7 @@ import { AutoMap } from '@automapper/classes';
|
|||
import { IsEnum, IsNotEmpty, IsString } from 'class-validator';
|
||||
import { Type } from './type.enum';
|
||||
|
||||
export class CreateAuthRequest {
|
||||
export class CreateAuthenticationRequest {
|
||||
@IsString()
|
||||
@IsNotEmpty()
|
||||
@AutoMap()
|
|
@ -1,7 +1,7 @@
|
|||
import { AutoMap } from '@automapper/classes';
|
||||
import { IsNotEmpty, IsString } from 'class-validator';
|
||||
|
||||
export class DeleteAuthRequest {
|
||||
export class DeleteAuthenticationRequest {
|
||||
@IsString()
|
||||
@IsNotEmpty()
|
||||
@AutoMap()
|
|
@ -1,6 +1,6 @@
|
|||
import { IsNotEmpty, IsString } from 'class-validator';
|
||||
|
||||
export class ValidateAuthRequest {
|
||||
export class ValidateAuthenticationRequest {
|
||||
@IsString()
|
||||
@IsNotEmpty()
|
||||
username: string;
|
|
@ -1,6 +1,6 @@
|
|||
import { AutoMap } from '@automapper/classes';
|
||||
|
||||
export class Auth {
|
||||
export class Authentication {
|
||||
@AutoMap()
|
||||
uuid: string;
|
||||
|
|
@ -1,25 +1,25 @@
|
|||
import { CommandHandler } from '@nestjs/cqrs';
|
||||
import { AuthRepository } from '../../adapters/secondaries/auth.repository';
|
||||
import { CreateAuthCommand } from '../../commands/create-auth.command';
|
||||
import { Auth } from '../entities/auth';
|
||||
import { AuthenticationRepository } from '../../adapters/secondaries/authentication.repository';
|
||||
import { CreateAuthenticationCommand } from '../../commands/create-authentication.command';
|
||||
import { Authentication } from '../entities/authentication';
|
||||
import * as bcrypt from 'bcrypt';
|
||||
import { UsernameRepository } from '../../adapters/secondaries/username.repository';
|
||||
import { LoggingMessager } from '../../adapters/secondaries/logging.messager';
|
||||
|
||||
@CommandHandler(CreateAuthCommand)
|
||||
export class CreateAuthUseCase {
|
||||
@CommandHandler(CreateAuthenticationCommand)
|
||||
export class CreateAuthenticationUseCase {
|
||||
constructor(
|
||||
private readonly _authRepository: AuthRepository,
|
||||
private readonly _authenticationRepository: AuthenticationRepository,
|
||||
private readonly _usernameRepository: UsernameRepository,
|
||||
private readonly _loggingMessager: LoggingMessager,
|
||||
) {}
|
||||
|
||||
async execute(command: CreateAuthCommand): Promise<Auth> {
|
||||
const { uuid, password, ...username } = command.createAuthRequest;
|
||||
async execute(command: CreateAuthenticationCommand): Promise<Authentication> {
|
||||
const { uuid, password, ...username } = command.createAuthenticationRequest;
|
||||
const hash = await bcrypt.hash(password, 10);
|
||||
|
||||
try {
|
||||
const auth = await this._authRepository.create({
|
||||
const auth = await this._authenticationRepository.create({
|
||||
uuid,
|
||||
password: hash,
|
||||
});
|
|
@ -1,23 +1,25 @@
|
|||
import { CommandHandler } from '@nestjs/cqrs';
|
||||
import { AuthRepository } from '../../adapters/secondaries/auth.repository';
|
||||
import { AuthenticationRepository } from '../../adapters/secondaries/authentication.repository';
|
||||
import { LoggingMessager } from '../../adapters/secondaries/logging.messager';
|
||||
import { UsernameRepository } from '../../adapters/secondaries/username.repository';
|
||||
import { DeleteAuthCommand } from '../../commands/delete-auth.command';
|
||||
import { DeleteAuthenticationCommand } from '../../commands/delete-authentication.command';
|
||||
|
||||
@CommandHandler(DeleteAuthCommand)
|
||||
export class DeleteAuthUseCase {
|
||||
@CommandHandler(DeleteAuthenticationCommand)
|
||||
export class DeleteAuthenticationUseCase {
|
||||
constructor(
|
||||
private readonly _authRepository: AuthRepository,
|
||||
private readonly _authenticationRepository: AuthenticationRepository,
|
||||
private readonly _usernameRepository: UsernameRepository,
|
||||
private readonly _loggingMessager: LoggingMessager,
|
||||
) {}
|
||||
|
||||
async execute(command: DeleteAuthCommand) {
|
||||
async execute(command: DeleteAuthenticationCommand) {
|
||||
try {
|
||||
await this._usernameRepository.deleteMany({
|
||||
uuid: command.deleteAuthRequest.uuid,
|
||||
uuid: command.deleteAuthenticationRequest.uuid,
|
||||
});
|
||||
return await this._authRepository.delete(command.deleteAuthRequest.uuid);
|
||||
return await this._authenticationRepository.delete(
|
||||
command.deleteAuthenticationRequest.uuid,
|
||||
);
|
||||
} catch (error) {
|
||||
this._loggingMessager.publish(
|
||||
'auth.delete.crit',
|
|
@ -1,6 +1,6 @@
|
|||
import { CommandHandler } from '@nestjs/cqrs';
|
||||
import { AuthRepository } from '../../adapters/secondaries/auth.repository';
|
||||
import { Auth } from '../entities/auth';
|
||||
import { AuthenticationRepository } from '../../adapters/secondaries/authentication.repository';
|
||||
import { Authentication } from '../entities/authentication';
|
||||
import * as bcrypt from 'bcrypt';
|
||||
import { UpdatePasswordCommand } from '../../commands/update-password.command';
|
||||
import { LoggingMessager } from '../../adapters/secondaries/logging.messager';
|
||||
|
@ -8,16 +8,16 @@ import { LoggingMessager } from '../../adapters/secondaries/logging.messager';
|
|||
@CommandHandler(UpdatePasswordCommand)
|
||||
export class UpdatePasswordUseCase {
|
||||
constructor(
|
||||
private readonly _authRepository: AuthRepository,
|
||||
private readonly _authenticationRepository: AuthenticationRepository,
|
||||
private readonly _loggingMessager: LoggingMessager,
|
||||
) {}
|
||||
|
||||
async execute(command: UpdatePasswordCommand): Promise<Auth> {
|
||||
async execute(command: UpdatePasswordCommand): Promise<Authentication> {
|
||||
const { uuid, password } = command.updatePasswordRequest;
|
||||
const hash = await bcrypt.hash(password, 10);
|
||||
|
||||
try {
|
||||
return await this._authRepository.update(uuid, {
|
||||
return await this._authenticationRepository.update(uuid, {
|
||||
password: hash,
|
||||
});
|
||||
} catch (error) {
|
|
@ -1,20 +1,22 @@
|
|||
import { QueryHandler } from '@nestjs/cqrs';
|
||||
import { AuthRepository } from '../../adapters/secondaries/auth.repository';
|
||||
import { ValidateAuthQuery } from '../../queries/validate-auth.query';
|
||||
import { Auth } from '../entities/auth';
|
||||
import { AuthenticationRepository } from '../../adapters/secondaries/authentication.repository';
|
||||
import { ValidateAuthenticationQuery as ValidateAuthenticationQuery } from '../../queries/validate-authentication.query';
|
||||
import { Authentication } from '../entities/authentication';
|
||||
import * as bcrypt from 'bcrypt';
|
||||
import { NotFoundException, UnauthorizedException } from '@nestjs/common';
|
||||
import { UsernameRepository } from '../../adapters/secondaries/username.repository';
|
||||
import { Username } from '../entities/username';
|
||||
|
||||
@QueryHandler(ValidateAuthQuery)
|
||||
export class ValidateAuthUseCase {
|
||||
@QueryHandler(ValidateAuthenticationQuery)
|
||||
export class ValidateAuthenticationUseCase {
|
||||
constructor(
|
||||
private readonly _authRepository: AuthRepository,
|
||||
private readonly _authenticationRepository: AuthenticationRepository,
|
||||
private readonly _usernameRepository: UsernameRepository,
|
||||
) {}
|
||||
|
||||
async execute(validate: ValidateAuthQuery): Promise<Auth> {
|
||||
async execute(
|
||||
validate: ValidateAuthenticationQuery,
|
||||
): Promise<Authentication> {
|
||||
let username = new Username();
|
||||
try {
|
||||
username = await this._usernameRepository.findOne({
|
||||
|
@ -24,7 +26,7 @@ export class ValidateAuthUseCase {
|
|||
throw new NotFoundException();
|
||||
}
|
||||
try {
|
||||
const auth = await this._authRepository.findOne({
|
||||
const auth = await this._authenticationRepository.findOne({
|
||||
uuid: username.uuid,
|
||||
});
|
||||
if (auth) {
|
|
@ -0,0 +1,18 @@
|
|||
import { createMap, Mapper } from '@automapper/core';
|
||||
import { AutomapperProfile, InjectMapper } from '@automapper/nestjs';
|
||||
import { Injectable } from '@nestjs/common';
|
||||
import { AuthenticationPresenter } from '../adapters/primaries/authentication.presenter';
|
||||
import { Authentication } from '../domain/entities/authentication';
|
||||
|
||||
@Injectable()
|
||||
export class AuthenticationProfile extends AutomapperProfile {
|
||||
constructor(@InjectMapper() mapper: Mapper) {
|
||||
super(mapper);
|
||||
}
|
||||
|
||||
override get profile() {
|
||||
return (mapper: any) => {
|
||||
createMap(mapper, Authentication, AuthenticationPresenter);
|
||||
};
|
||||
}
|
||||
}
|
|
@ -1,4 +1,4 @@
|
|||
export class ValidateAuthQuery {
|
||||
export class ValidateAuthenticationQuery {
|
||||
readonly username: string;
|
||||
readonly password: string;
|
||||
|
|
@ -2,16 +2,16 @@ import { TestingModule, Test } from '@nestjs/testing';
|
|||
import { DatabaseModule } from '../../../database/database.module';
|
||||
import { PrismaService } from '../../../database/src/adapters/secondaries/prisma-service';
|
||||
import { DatabaseException } from '../../../database/src/exceptions/DatabaseException';
|
||||
import { AuthRepository } from '../../adapters/secondaries/auth.repository';
|
||||
import { AuthenticationRepository } from '../../adapters/secondaries/authentication.repository';
|
||||
import { v4 } from 'uuid';
|
||||
import * as bcrypt from 'bcrypt';
|
||||
import { Auth } from '../../domain/entities/auth';
|
||||
import { Authentication } from '../../domain/entities/authentication';
|
||||
|
||||
describe('AuthRepository', () => {
|
||||
describe('AuthenticationRepository', () => {
|
||||
let prismaService: PrismaService;
|
||||
let authRepository: AuthRepository;
|
||||
let authenticationRepository: AuthenticationRepository;
|
||||
|
||||
const createAuths = async (nbToCreate = 10) => {
|
||||
const createAuthentications = async (nbToCreate = 10) => {
|
||||
for (let i = 0; i < nbToCreate; i++) {
|
||||
await prismaService.auth.create({
|
||||
data: {
|
||||
|
@ -25,11 +25,13 @@ describe('AuthRepository', () => {
|
|||
beforeAll(async () => {
|
||||
const module: TestingModule = await Test.createTestingModule({
|
||||
imports: [DatabaseModule],
|
||||
providers: [AuthRepository, PrismaService],
|
||||
providers: [AuthenticationRepository, PrismaService],
|
||||
}).compile();
|
||||
|
||||
prismaService = module.get<PrismaService>(PrismaService);
|
||||
authRepository = module.get<AuthRepository>(AuthRepository);
|
||||
authenticationRepository = module.get<AuthenticationRepository>(
|
||||
AuthenticationRepository,
|
||||
);
|
||||
});
|
||||
|
||||
afterAll(async () => {
|
||||
|
@ -42,7 +44,7 @@ describe('AuthRepository', () => {
|
|||
|
||||
describe('findAll', () => {
|
||||
it('should return an empty data array', async () => {
|
||||
const res = await authRepository.findAll();
|
||||
const res = await authenticationRepository.findAll();
|
||||
expect(res).toEqual({
|
||||
data: [],
|
||||
total: 0,
|
||||
|
@ -50,22 +52,22 @@ describe('AuthRepository', () => {
|
|||
});
|
||||
|
||||
it('should return a data array with 8 auths', async () => {
|
||||
await createAuths(8);
|
||||
const auths = await authRepository.findAll();
|
||||
await createAuthentications(8);
|
||||
const auths = await authenticationRepository.findAll();
|
||||
expect(auths.data.length).toBe(8);
|
||||
expect(auths.total).toBe(8);
|
||||
});
|
||||
|
||||
it('should return a data array limited to 10 auths', async () => {
|
||||
await createAuths(20);
|
||||
const auths = await authRepository.findAll();
|
||||
it('should return a data array limited to 10 authentications', async () => {
|
||||
await createAuthentications(20);
|
||||
const auths = await authenticationRepository.findAll();
|
||||
expect(auths.data.length).toBe(10);
|
||||
expect(auths.total).toBe(20);
|
||||
});
|
||||
});
|
||||
|
||||
describe('findOneByUuid', () => {
|
||||
it('should return an auth', async () => {
|
||||
it('should return an authentication', async () => {
|
||||
const authToFind = await prismaService.auth.create({
|
||||
data: {
|
||||
uuid: v4(),
|
||||
|
@ -73,12 +75,14 @@ describe('AuthRepository', () => {
|
|||
},
|
||||
});
|
||||
|
||||
const auth = await authRepository.findOneByUuid(authToFind.uuid);
|
||||
const auth = await authenticationRepository.findOneByUuid(
|
||||
authToFind.uuid,
|
||||
);
|
||||
expect(auth.uuid).toBe(authToFind.uuid);
|
||||
});
|
||||
|
||||
it('should return null', async () => {
|
||||
const auth = await authRepository.findOneByUuid(
|
||||
const auth = await authenticationRepository.findOneByUuid(
|
||||
'544572be-11fb-4244-8235-587221fc9104',
|
||||
);
|
||||
expect(auth).toBeNull();
|
||||
|
@ -86,59 +90,64 @@ describe('AuthRepository', () => {
|
|||
});
|
||||
|
||||
describe('create', () => {
|
||||
it('should create an auth', async () => {
|
||||
it('should create an authentication', async () => {
|
||||
const beforeCount = await prismaService.auth.count();
|
||||
|
||||
const authToCreate: Auth = new Auth();
|
||||
authToCreate.uuid = v4();
|
||||
authToCreate.password = bcrypt.hashSync(`password`, 10);
|
||||
const auth = await authRepository.create(authToCreate);
|
||||
const authenticationToCreate: Authentication = new Authentication();
|
||||
authenticationToCreate.uuid = v4();
|
||||
authenticationToCreate.password = bcrypt.hashSync(`password`, 10);
|
||||
const authentication = await authenticationRepository.create(
|
||||
authenticationToCreate,
|
||||
);
|
||||
|
||||
const afterCount = await prismaService.auth.count();
|
||||
|
||||
expect(afterCount - beforeCount).toBe(1);
|
||||
expect(auth.uuid).toBeDefined();
|
||||
expect(authentication.uuid).toBeDefined();
|
||||
});
|
||||
});
|
||||
|
||||
describe('update', () => {
|
||||
it('should update auth password', async () => {
|
||||
const authToUpdate = await prismaService.auth.create({
|
||||
it('should update authentication password', async () => {
|
||||
const authenticationToUpdate = await prismaService.auth.create({
|
||||
data: {
|
||||
uuid: v4(),
|
||||
password: bcrypt.hashSync(`password`, 10),
|
||||
},
|
||||
});
|
||||
|
||||
const toUpdate: Auth = new Auth();
|
||||
const toUpdate: Authentication = new Authentication();
|
||||
toUpdate.password = bcrypt.hashSync(`newPassword`, 10);
|
||||
const updatedAuth = await authRepository.update(
|
||||
authToUpdate.uuid,
|
||||
const updatedAuthentication = await authenticationRepository.update(
|
||||
authenticationToUpdate.uuid,
|
||||
toUpdate,
|
||||
);
|
||||
|
||||
expect(updatedAuth.uuid).toBe(authToUpdate.uuid);
|
||||
expect(updatedAuthentication.uuid).toBe(authenticationToUpdate.uuid);
|
||||
});
|
||||
|
||||
it('should throw DatabaseException', async () => {
|
||||
const toUpdate: Auth = new Auth();
|
||||
const toUpdate: Authentication = new Authentication();
|
||||
toUpdate.password = bcrypt.hashSync(`newPassword`, 10);
|
||||
|
||||
await expect(
|
||||
authRepository.update('544572be-11fb-4244-8235-587221fc9104', toUpdate),
|
||||
authenticationRepository.update(
|
||||
'544572be-11fb-4244-8235-587221fc9104',
|
||||
toUpdate,
|
||||
),
|
||||
).rejects.toBeInstanceOf(DatabaseException);
|
||||
});
|
||||
});
|
||||
|
||||
describe('delete', () => {
|
||||
it('should delete an auth', async () => {
|
||||
const authToRemove = await prismaService.auth.create({
|
||||
it('should delete an authentication', async () => {
|
||||
const authenticationToRemove = await prismaService.auth.create({
|
||||
data: {
|
||||
uuid: v4(),
|
||||
password: bcrypt.hashSync(`password`, 10),
|
||||
},
|
||||
});
|
||||
await authRepository.delete(authToRemove.uuid);
|
||||
await authenticationRepository.delete(authenticationToRemove.uuid);
|
||||
|
||||
const count = await prismaService.auth.count();
|
||||
expect(count).toBe(0);
|
||||
|
@ -146,7 +155,7 @@ describe('AuthRepository', () => {
|
|||
|
||||
it('should throw DatabaseException', async () => {
|
||||
await expect(
|
||||
authRepository.delete('544572be-11fb-4244-8235-587221fc9104'),
|
||||
authenticationRepository.delete('544572be-11fb-4244-8235-587221fc9104'),
|
||||
).rejects.toBeInstanceOf(DatabaseException);
|
||||
});
|
||||
});
|
|
@ -1,7 +1,7 @@
|
|||
import { classes } from '@automapper/classes';
|
||||
import { AutomapperModule } from '@automapper/nestjs';
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { AuthProfile } from '../../mappers/auth.profile';
|
||||
import { AuthenticationProfile } from '../../mappers/authentication.profile';
|
||||
import { UsernameRepository } from '../../adapters/secondaries/username.repository';
|
||||
import { Username } from '../../domain/entities/username';
|
||||
import { Type } from '../../domain/dtos/type.enum';
|
||||
|
@ -50,7 +50,7 @@ describe('AddUsernameUseCase', () => {
|
|||
useValue: mockMessager,
|
||||
},
|
||||
AddUsernameUseCase,
|
||||
AuthProfile,
|
||||
AuthenticationProfile,
|
||||
],
|
||||
}).compile();
|
||||
|
|
@ -0,0 +1,99 @@
|
|||
import { classes } from '@automapper/classes';
|
||||
import { AutomapperModule } from '@automapper/nestjs';
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { AuthenticationRepository } from '../../adapters/secondaries/authentication.repository';
|
||||
import { CreateAuthenticationCommand } from '../../commands/create-authentication.command';
|
||||
import { CreateAuthenticationRequest } from '../../domain/dtos/create-authentication.request';
|
||||
import { Authentication } from '../../domain/entities/authentication';
|
||||
import { CreateAuthenticationUseCase } from '../../domain/usecases/create-authentication.usecase';
|
||||
import * as bcrypt from 'bcrypt';
|
||||
import { UsernameRepository } from '../../adapters/secondaries/username.repository';
|
||||
import { Type } from '../../domain/dtos/type.enum';
|
||||
import { LoggingMessager } from '../../adapters/secondaries/logging.messager';
|
||||
|
||||
const newAuthenticationRequest: CreateAuthenticationRequest =
|
||||
new CreateAuthenticationRequest();
|
||||
newAuthenticationRequest.uuid = 'bb281075-1b98-4456-89d6-c643d3044a91';
|
||||
newAuthenticationRequest.username = 'john.doe@email.com';
|
||||
newAuthenticationRequest.password = 'John123';
|
||||
newAuthenticationRequest.type = Type.EMAIL;
|
||||
const newAuthCommand: CreateAuthenticationCommand =
|
||||
new CreateAuthenticationCommand(newAuthenticationRequest);
|
||||
|
||||
const mockAuthenticationRepository = {
|
||||
create: jest
|
||||
.fn()
|
||||
.mockImplementationOnce(() => {
|
||||
return Promise.resolve({
|
||||
uuid: newAuthenticationRequest.uuid,
|
||||
password: bcrypt.hashSync(newAuthenticationRequest.password, 10),
|
||||
});
|
||||
})
|
||||
.mockImplementation(() => {
|
||||
throw new Error('Already exists');
|
||||
}),
|
||||
};
|
||||
|
||||
const mockUsernameRepository = {
|
||||
create: jest.fn().mockResolvedValue({
|
||||
uuid: newAuthenticationRequest.uuid,
|
||||
username: newAuthenticationRequest.username,
|
||||
type: newAuthenticationRequest.type,
|
||||
}),
|
||||
};
|
||||
|
||||
const mockMessager = {
|
||||
publish: jest.fn().mockImplementation(),
|
||||
};
|
||||
|
||||
describe('CreateAuthenticationUseCase', () => {
|
||||
let createAuthenticationUseCase: CreateAuthenticationUseCase;
|
||||
|
||||
beforeAll(async () => {
|
||||
const module: TestingModule = await Test.createTestingModule({
|
||||
imports: [AutomapperModule.forRoot({ strategyInitializer: classes() })],
|
||||
providers: [
|
||||
{
|
||||
provide: AuthenticationRepository,
|
||||
useValue: mockAuthenticationRepository,
|
||||
},
|
||||
{
|
||||
provide: UsernameRepository,
|
||||
useValue: mockUsernameRepository,
|
||||
},
|
||||
{
|
||||
provide: LoggingMessager,
|
||||
useValue: mockMessager,
|
||||
},
|
||||
CreateAuthenticationUseCase,
|
||||
],
|
||||
}).compile();
|
||||
|
||||
createAuthenticationUseCase = module.get<CreateAuthenticationUseCase>(
|
||||
CreateAuthenticationUseCase,
|
||||
);
|
||||
});
|
||||
|
||||
it('should be defined', () => {
|
||||
expect(createAuthenticationUseCase).toBeDefined();
|
||||
});
|
||||
|
||||
describe('execute', () => {
|
||||
it('should create an authentication with an encrypted password', async () => {
|
||||
const newAuthentication: Authentication =
|
||||
await createAuthenticationUseCase.execute(newAuthCommand);
|
||||
|
||||
expect(
|
||||
bcrypt.compareSync(
|
||||
newAuthenticationRequest.password,
|
||||
newAuthentication.password,
|
||||
),
|
||||
).toBeTruthy();
|
||||
});
|
||||
it('should throw an error if user already exists', async () => {
|
||||
await expect(
|
||||
createAuthenticationUseCase.execute(newAuthCommand),
|
||||
).rejects.toBeInstanceOf(Error);
|
||||
});
|
||||
});
|
||||
});
|
|
@ -1,13 +1,13 @@
|
|||
import { classes } from '@automapper/classes';
|
||||
import { AutomapperModule } from '@automapper/nestjs';
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { AuthRepository } from '../../adapters/secondaries/auth.repository';
|
||||
import { AuthenticationRepository } from '../../adapters/secondaries/authentication.repository';
|
||||
import { LoggingMessager } from '../../adapters/secondaries/logging.messager';
|
||||
import { UsernameRepository } from '../../adapters/secondaries/username.repository';
|
||||
import { DeleteAuthCommand } from '../../commands/delete-auth.command';
|
||||
import { DeleteAuthRequest } from '../../domain/dtos/delete-auth.request';
|
||||
import { DeleteAuthenticationCommand } from '../../commands/delete-authentication.command';
|
||||
import { DeleteAuthenticationRequest } from '../../domain/dtos/delete-authentication.request';
|
||||
import { Type } from '../../domain/dtos/type.enum';
|
||||
import { DeleteAuthUseCase } from '../../domain/usecases/delete-auth.usecase';
|
||||
import { DeleteAuthenticationUseCase } from '../../domain/usecases/delete-authentication.usecase';
|
||||
|
||||
const usernames = {
|
||||
data: [
|
||||
|
@ -25,13 +25,13 @@ const usernames = {
|
|||
total: 2,
|
||||
};
|
||||
|
||||
const deleteAuthRequest: DeleteAuthRequest = new DeleteAuthRequest();
|
||||
deleteAuthRequest.uuid = 'bb281075-1b98-4456-89d6-c643d3044a91';
|
||||
const deleteAuthCommand: DeleteAuthCommand = new DeleteAuthCommand(
|
||||
deleteAuthRequest,
|
||||
);
|
||||
const deleteAuthenticationRequest: DeleteAuthenticationRequest =
|
||||
new DeleteAuthenticationRequest();
|
||||
deleteAuthenticationRequest.uuid = 'bb281075-1b98-4456-89d6-c643d3044a91';
|
||||
const deleteAuthenticationCommand: DeleteAuthenticationCommand =
|
||||
new DeleteAuthenticationCommand(deleteAuthenticationRequest);
|
||||
|
||||
const mockAuthRepository = {
|
||||
const mockAuthenticationRepository = {
|
||||
delete: jest
|
||||
.fn()
|
||||
.mockResolvedValueOnce(undefined)
|
||||
|
@ -53,16 +53,16 @@ const mockMessager = {
|
|||
publish: jest.fn().mockImplementation(),
|
||||
};
|
||||
|
||||
describe('DeleteAuthUseCase', () => {
|
||||
let deleteAuthUseCase: DeleteAuthUseCase;
|
||||
describe('DeleteAuthenticationUseCase', () => {
|
||||
let deleteAuthenticationUseCase: DeleteAuthenticationUseCase;
|
||||
|
||||
beforeAll(async () => {
|
||||
const module: TestingModule = await Test.createTestingModule({
|
||||
imports: [AutomapperModule.forRoot({ strategyInitializer: classes() })],
|
||||
providers: [
|
||||
{
|
||||
provide: AuthRepository,
|
||||
useValue: mockAuthRepository,
|
||||
provide: AuthenticationRepository,
|
||||
useValue: mockAuthenticationRepository,
|
||||
},
|
||||
{
|
||||
provide: UsernameRepository,
|
||||
|
@ -72,26 +72,30 @@ describe('DeleteAuthUseCase', () => {
|
|||
provide: LoggingMessager,
|
||||
useValue: mockMessager,
|
||||
},
|
||||
DeleteAuthUseCase,
|
||||
DeleteAuthenticationUseCase,
|
||||
],
|
||||
}).compile();
|
||||
|
||||
deleteAuthUseCase = module.get<DeleteAuthUseCase>(DeleteAuthUseCase);
|
||||
deleteAuthenticationUseCase = module.get<DeleteAuthenticationUseCase>(
|
||||
DeleteAuthenticationUseCase,
|
||||
);
|
||||
});
|
||||
|
||||
it('should be defined', () => {
|
||||
expect(deleteAuthUseCase).toBeDefined();
|
||||
expect(deleteAuthenticationUseCase).toBeDefined();
|
||||
});
|
||||
|
||||
describe('execute', () => {
|
||||
it('should delete an auth and its usernames', async () => {
|
||||
const deletedAuth = await deleteAuthUseCase.execute(deleteAuthCommand);
|
||||
it('should delete an authentication and its usernames', async () => {
|
||||
const deletedAuthentication = await deleteAuthenticationUseCase.execute(
|
||||
deleteAuthenticationCommand,
|
||||
);
|
||||
|
||||
expect(deletedAuth).toBe(undefined);
|
||||
expect(deletedAuthentication).toBe(undefined);
|
||||
});
|
||||
it('should throw an error if auth does not exist', async () => {
|
||||
it('should throw an error if authentication does not exist', async () => {
|
||||
await expect(
|
||||
deleteAuthUseCase.execute(deleteAuthCommand),
|
||||
deleteAuthenticationUseCase.execute(deleteAuthenticationCommand),
|
||||
).rejects.toBeInstanceOf(Error);
|
||||
});
|
||||
});
|
|
@ -1,8 +1,8 @@
|
|||
import { classes } from '@automapper/classes';
|
||||
import { AutomapperModule } from '@automapper/nestjs';
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { AuthRepository } from '../../adapters/secondaries/auth.repository';
|
||||
import { Auth } from '../../domain/entities/auth';
|
||||
import { AuthenticationRepository } from '../../adapters/secondaries/authentication.repository';
|
||||
import { Authentication } from '../../domain/entities/authentication';
|
||||
import * as bcrypt from 'bcrypt';
|
||||
import { UpdatePasswordRequest } from '../../domain/dtos/update-password.request';
|
||||
import { UpdatePasswordCommand } from '../../commands/update-password.command';
|
||||
|
@ -18,7 +18,7 @@ const updatePasswordCommand: UpdatePasswordCommand = new UpdatePasswordCommand(
|
|||
updatePasswordRequest,
|
||||
);
|
||||
|
||||
const mockAuthRepository = {
|
||||
const mockAuthenticationRepository = {
|
||||
update: jest
|
||||
.fn()
|
||||
.mockResolvedValueOnce({
|
||||
|
@ -42,8 +42,8 @@ describe('UpdatePasswordUseCase', () => {
|
|||
imports: [AutomapperModule.forRoot({ strategyInitializer: classes() })],
|
||||
providers: [
|
||||
{
|
||||
provide: AuthRepository,
|
||||
useValue: mockAuthRepository,
|
||||
provide: AuthenticationRepository,
|
||||
useValue: mockAuthenticationRepository,
|
||||
},
|
||||
{
|
||||
provide: LoggingMessager,
|
||||
|
@ -64,7 +64,7 @@ describe('UpdatePasswordUseCase', () => {
|
|||
|
||||
describe('execute', () => {
|
||||
it('should update an auth with an new encrypted password', async () => {
|
||||
const newAuth: Auth = await updatePasswordUseCase.execute(
|
||||
const newAuth: Authentication = await updatePasswordUseCase.execute(
|
||||
updatePasswordCommand,
|
||||
);
|
||||
|
|
@ -18,37 +18,37 @@ const existingUsername = {
|
|||
type: Type.EMAIL,
|
||||
};
|
||||
|
||||
const newUsernameRequest: UpdateUsernameRequest = new UpdateUsernameRequest();
|
||||
newUsernameRequest.uuid = 'bb281075-1b98-4456-89d6-c643d3044a90';
|
||||
newUsernameRequest.username = '+33611223344';
|
||||
newUsernameRequest.type = Type.PHONE;
|
||||
|
||||
const updateUsernameRequest: UpdateUsernameRequest =
|
||||
new UpdateUsernameRequest();
|
||||
updateUsernameRequest.uuid = 'bb281075-1b98-4456-89d6-c643d3044a91';
|
||||
updateUsernameRequest.username = 'johnny.doe@email.com';
|
||||
updateUsernameRequest.type = Type.EMAIL;
|
||||
|
||||
const newUsernameRequest: UpdateUsernameRequest = new UpdateUsernameRequest();
|
||||
newUsernameRequest.uuid = 'bb281075-1b98-4456-89d6-c643d3044a91';
|
||||
newUsernameRequest.username = '+33611223344';
|
||||
newUsernameRequest.type = Type.PHONE;
|
||||
|
||||
const invalidUpdateUsernameRequest: UpdateUsernameRequest =
|
||||
new UpdateUsernameRequest();
|
||||
invalidUpdateUsernameRequest.uuid = 'bb281075-1b98-4456-89d6-c643d3044a91';
|
||||
invalidUpdateUsernameRequest.username = '';
|
||||
invalidUpdateUsernameRequest.type = Type.EMAIL;
|
||||
|
||||
const unknownUsernameRequest: UpdateUsernameRequest =
|
||||
new UpdateUsernameRequest();
|
||||
unknownUsernameRequest.uuid = 'bb281075-1b98-4456-89d6-c643d3044a91';
|
||||
unknownUsernameRequest.uuid = 'bb281075-1b98-4456-89d6-c643d3044a92';
|
||||
unknownUsernameRequest.username = 'unknown@email.com';
|
||||
unknownUsernameRequest.type = Type.EMAIL;
|
||||
|
||||
const updateUsernameCommand: UpdateUsernameCommand = new UpdateUsernameCommand(
|
||||
updateUsernameRequest,
|
||||
);
|
||||
const invalidUpdateUsernameRequest: UpdateUsernameRequest =
|
||||
new UpdateUsernameRequest();
|
||||
invalidUpdateUsernameRequest.uuid = 'bb281075-1b98-4456-89d6-c643d3044a93';
|
||||
invalidUpdateUsernameRequest.username = '';
|
||||
invalidUpdateUsernameRequest.type = Type.EMAIL;
|
||||
|
||||
const newUsernameCommand: UpdateUsernameCommand = new UpdateUsernameCommand(
|
||||
newUsernameRequest,
|
||||
);
|
||||
|
||||
const updateUsernameCommand: UpdateUsernameCommand = new UpdateUsernameCommand(
|
||||
updateUsernameRequest,
|
||||
);
|
||||
|
||||
const invalidUpdateUsernameCommand: UpdateUsernameCommand =
|
||||
new UpdateUsernameCommand(invalidUpdateUsernameRequest);
|
||||
|
||||
|
@ -56,21 +56,24 @@ const unknownUpdateUsernameCommand: UpdateUsernameCommand =
|
|||
new UpdateUsernameCommand(unknownUsernameRequest);
|
||||
|
||||
const mockUsernameRepository = {
|
||||
findOne: jest.fn().mockResolvedValue(existingUsername),
|
||||
updateWhere: jest
|
||||
.fn()
|
||||
.mockImplementationOnce(() => {
|
||||
return Promise.resolve(updateUsernameRequest);
|
||||
})
|
||||
.mockImplementationOnce(() => {
|
||||
findOne: jest.fn().mockImplementation((request) => {
|
||||
if (request.uuid == 'bb281075-1b98-4456-89d6-c643d3044a90') {
|
||||
return Promise.resolve(null);
|
||||
}
|
||||
return Promise.resolve(existingUsername);
|
||||
}),
|
||||
updateWhere: jest.fn().mockImplementation((request) => {
|
||||
if (request.uuid_type.uuid == 'bb281075-1b98-4456-89d6-c643d3044a90') {
|
||||
return Promise.resolve(newUsernameRequest);
|
||||
})
|
||||
.mockImplementationOnce(() => {
|
||||
}
|
||||
if (request.uuid_type.uuid == 'bb281075-1b98-4456-89d6-c643d3044a91') {
|
||||
return Promise.resolve(updateUsernameRequest);
|
||||
}
|
||||
if (request.uuid_type.uuid == 'bb281075-1b98-4456-89d6-c643d3044a92') {
|
||||
throw new Error('Error');
|
||||
})
|
||||
.mockImplementationOnce(() => {
|
||||
return Promise.resolve(invalidUpdateUsernameRequest);
|
||||
}),
|
||||
}
|
||||
return Promise.resolve(invalidUpdateUsernameRequest);
|
||||
}),
|
||||
};
|
||||
|
||||
const mockAddUsernameCommand = {
|
||||
|
@ -115,15 +118,6 @@ describe('UpdateUsernameUseCase', () => {
|
|||
});
|
||||
|
||||
describe('execute', () => {
|
||||
it('should update a username for email type', async () => {
|
||||
const updatedUsername: Username = await updateUsernameUseCase.execute(
|
||||
updateUsernameCommand,
|
||||
);
|
||||
|
||||
expect(updatedUsername.username).toBe(updateUsernameRequest.username);
|
||||
expect(updatedUsername.type).toBe(updateUsernameRequest.type);
|
||||
});
|
||||
|
||||
it('should create a new username', async () => {
|
||||
const newUsername: Username = await updateUsernameUseCase.execute(
|
||||
newUsernameCommand,
|
||||
|
@ -133,6 +127,15 @@ describe('UpdateUsernameUseCase', () => {
|
|||
expect(newUsername.type).toBe(newUsernameRequest.type);
|
||||
});
|
||||
|
||||
it('should update a username for email type', async () => {
|
||||
const updatedUsername: Username = await updateUsernameUseCase.execute(
|
||||
updateUsernameCommand,
|
||||
);
|
||||
|
||||
expect(updatedUsername.username).toBe(updateUsernameRequest.username);
|
||||
expect(updatedUsername.type).toBe(updateUsernameRequest.type);
|
||||
});
|
||||
|
||||
it('should throw an error if username does not exist', async () => {
|
||||
await expect(
|
||||
updateUsernameUseCase.execute(unknownUpdateUsernameCommand),
|
|
@ -0,0 +1,107 @@
|
|||
import { classes } from '@automapper/classes';
|
||||
import { AutomapperModule } from '@automapper/nestjs';
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { AuthenticationRepository } from '../../adapters/secondaries/authentication.repository';
|
||||
import { Authentication } from '../../domain/entities/authentication';
|
||||
import * as bcrypt from 'bcrypt';
|
||||
import { ValidateAuthenticationUseCase } from '../../domain/usecases/validate-authentication.usecase';
|
||||
import { ValidateAuthenticationQuery } from '../../queries/validate-authentication.query';
|
||||
import { UsernameRepository } from '../../adapters/secondaries/username.repository';
|
||||
import { Type } from '../../domain/dtos/type.enum';
|
||||
import { NotFoundException, UnauthorizedException } from '@nestjs/common';
|
||||
import { DatabaseException } from '../../../database/src/exceptions/DatabaseException';
|
||||
import { ValidateAuthenticationRequest } from '../../domain/dtos/validate-authentication.request';
|
||||
|
||||
const mockAuthenticationRepository = {
|
||||
findOne: jest
|
||||
.fn()
|
||||
.mockImplementationOnce(() => ({
|
||||
uuid: 'bb281075-1b98-4456-89d6-c643d3044a91',
|
||||
password: bcrypt.hashSync('John123', 10),
|
||||
}))
|
||||
.mockImplementationOnce(() => ({
|
||||
uuid: 'bb281075-1b98-4456-89d6-c643d3044a91',
|
||||
password: bcrypt.hashSync('John123', 10),
|
||||
})),
|
||||
};
|
||||
|
||||
const mockUsernameRepository = {
|
||||
findOne: jest
|
||||
.fn()
|
||||
.mockImplementationOnce(() => ({
|
||||
uuid: 'bb281075-1b98-4456-89d6-c643d3044a91',
|
||||
username: 'john.doe@email.com',
|
||||
type: Type.EMAIL,
|
||||
}))
|
||||
.mockImplementationOnce(() => {
|
||||
throw new DatabaseException();
|
||||
})
|
||||
.mockImplementationOnce(() => ({
|
||||
uuid: 'bb281075-1b98-4456-89d6-c643d3044a91',
|
||||
username: 'john.doe@email.com',
|
||||
type: Type.EMAIL,
|
||||
})),
|
||||
};
|
||||
|
||||
describe('ValidateAuthenticationUseCase', () => {
|
||||
let validateAuthenticationUseCase: ValidateAuthenticationUseCase;
|
||||
|
||||
beforeAll(async () => {
|
||||
const module: TestingModule = await Test.createTestingModule({
|
||||
imports: [AutomapperModule.forRoot({ strategyInitializer: classes() })],
|
||||
providers: [
|
||||
{
|
||||
provide: AuthenticationRepository,
|
||||
useValue: mockAuthenticationRepository,
|
||||
},
|
||||
{
|
||||
provide: UsernameRepository,
|
||||
useValue: mockUsernameRepository,
|
||||
},
|
||||
ValidateAuthenticationUseCase,
|
||||
],
|
||||
}).compile();
|
||||
|
||||
validateAuthenticationUseCase = module.get<ValidateAuthenticationUseCase>(
|
||||
ValidateAuthenticationUseCase,
|
||||
);
|
||||
});
|
||||
|
||||
it('should be defined', () => {
|
||||
expect(validateAuthenticationUseCase).toBeDefined();
|
||||
});
|
||||
|
||||
describe('execute', () => {
|
||||
it('should validate an authentication and returns entity object', async () => {
|
||||
const validateAuthenticationRequest: ValidateAuthenticationRequest =
|
||||
new ValidateAuthenticationRequest();
|
||||
validateAuthenticationRequest.username = 'john.doe@email.com';
|
||||
validateAuthenticationRequest.password = 'John123';
|
||||
const authentication: Authentication =
|
||||
await validateAuthenticationUseCase.execute(
|
||||
new ValidateAuthenticationQuery(
|
||||
validateAuthenticationRequest.username,
|
||||
validateAuthenticationRequest.password,
|
||||
),
|
||||
);
|
||||
|
||||
expect(authentication.uuid).toBe('bb281075-1b98-4456-89d6-c643d3044a91');
|
||||
});
|
||||
|
||||
it('should not validate an authentication with unknown username and returns not found exception', async () => {
|
||||
await expect(
|
||||
validateAuthenticationUseCase.execute(
|
||||
new ValidateAuthenticationQuery('jane.doe@email.com', 'Jane123'),
|
||||
),
|
||||
).rejects.toBeInstanceOf(NotFoundException);
|
||||
});
|
||||
|
||||
it('should not validate an authentication with wrong password and returns unauthorized exception', async () => {
|
||||
await expect(
|
||||
validateAuthenticationUseCase.execute(
|
||||
new ValidateAuthenticationQuery('john.doe@email.com', 'John1234'),
|
||||
),
|
||||
).rejects.toBeInstanceOf(UnauthorizedException);
|
||||
});
|
||||
});
|
||||
});
|
|
@ -0,0 +1,43 @@
|
|||
import { Mapper } from '@automapper/core';
|
||||
import { InjectMapper } from '@automapper/nestjs';
|
||||
import { Controller, UsePipes } from '@nestjs/common';
|
||||
import { QueryBus } from '@nestjs/cqrs';
|
||||
import { GrpcMethod, RpcException } from '@nestjs/microservices';
|
||||
import { RpcValidationPipe } from 'src/utils/pipes/rpc.validation-pipe';
|
||||
import { DecisionRequest } from '../../domain/dtos/decision.request';
|
||||
import { Authorization } from '../../domain/entities/authorization';
|
||||
import { DecisionQuery } from '../../queries/decision.query';
|
||||
import { AuthorizationPresenter } from './authorization.presenter';
|
||||
|
||||
@UsePipes(
|
||||
new RpcValidationPipe({
|
||||
whitelist: true,
|
||||
forbidUnknownValues: false,
|
||||
}),
|
||||
)
|
||||
@Controller()
|
||||
export class AuthorizationController {
|
||||
constructor(
|
||||
private readonly _queryBus: QueryBus,
|
||||
@InjectMapper() private readonly _mapper: Mapper,
|
||||
) {}
|
||||
|
||||
@GrpcMethod('AuthorizationService', 'Decide')
|
||||
async decide(data: DecisionRequest): Promise<AuthorizationPresenter> {
|
||||
try {
|
||||
const authorization: Authorization = await this._queryBus.execute(
|
||||
new DecisionQuery(data.uuid, data.domain, data.action, data.context),
|
||||
);
|
||||
return this._mapper.map(
|
||||
authorization,
|
||||
Authorization,
|
||||
AuthorizationPresenter,
|
||||
);
|
||||
} catch (e) {
|
||||
throw new RpcException({
|
||||
code: 7,
|
||||
message: 'Permission denied',
|
||||
});
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,6 @@
|
|||
import { AutoMap } from '@automapper/classes';
|
||||
|
||||
export class AuthorizationPresenter {
|
||||
@AutoMap()
|
||||
allow: boolean;
|
||||
}
|
|
@ -0,0 +1,35 @@
|
|||
syntax = "proto3";
|
||||
|
||||
package authorization;
|
||||
|
||||
service AuthorizationService {
|
||||
rpc Decide(AuthorizationRequest) returns (Decision);
|
||||
}
|
||||
|
||||
message AuthorizationRequest {
|
||||
string uuid = 1;
|
||||
Domain domain = 2;
|
||||
Action action = 3;
|
||||
repeated Item context = 4;
|
||||
}
|
||||
|
||||
enum Domain {
|
||||
user = 0;
|
||||
}
|
||||
|
||||
enum Action {
|
||||
create = 0;
|
||||
read = 1;
|
||||
update = 2;
|
||||
delete = 3;
|
||||
list = 4;
|
||||
}
|
||||
|
||||
message Item {
|
||||
string name = 1;
|
||||
string value = 2;
|
||||
}
|
||||
|
||||
message Decision {
|
||||
bool allow = 1;
|
||||
}
|
|
@ -0,0 +1,3 @@
|
|||
export class DecisionResult {
|
||||
allow: boolean;
|
||||
}
|
|
@ -0,0 +1,6 @@
|
|||
import { DecisionResult } from './decision-result';
|
||||
|
||||
export class Decision {
|
||||
decision_id: string;
|
||||
result: DecisionResult;
|
||||
}
|
|
@ -0,0 +1,48 @@
|
|||
import { HttpService } from '@nestjs/axios';
|
||||
import { Injectable } from '@nestjs/common';
|
||||
import { ConfigService } from '@nestjs/config';
|
||||
import { lastValueFrom } from 'rxjs';
|
||||
import { Action } from '../../domain/dtos/action.enum';
|
||||
import { Domain } from '../../domain/dtos/domain.enum';
|
||||
import { IMakeDecision } from '../../domain/interfaces/decision-maker';
|
||||
import { ContextItem } from '../../domain/dtos/context-item';
|
||||
import { Decision } from './decision';
|
||||
import { Authorization } from '../../domain/entities/authorization';
|
||||
|
||||
@Injectable()
|
||||
export class OpaDecisionMaker extends IMakeDecision {
|
||||
constructor(
|
||||
private readonly _configService: ConfigService,
|
||||
private readonly _httpService: HttpService,
|
||||
) {
|
||||
super();
|
||||
}
|
||||
|
||||
async decide(
|
||||
uuid: string,
|
||||
domain: Domain,
|
||||
action: Action,
|
||||
context: Array<ContextItem>,
|
||||
): Promise<Authorization> {
|
||||
const reducedContext = context.reduce(
|
||||
(obj, item) => Object.assign(obj, { [item.name]: item.value }),
|
||||
{},
|
||||
);
|
||||
try {
|
||||
const { data } = await lastValueFrom(
|
||||
this._httpService.post<Decision>(
|
||||
this._configService.get<string>('OPA_URL') + domain + '/' + action,
|
||||
{
|
||||
input: {
|
||||
uuid,
|
||||
...reducedContext,
|
||||
},
|
||||
},
|
||||
),
|
||||
);
|
||||
return new Authorization(data.result.allow);
|
||||
} catch (e) {
|
||||
return new Authorization(false);
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,16 @@
|
|||
import { HttpModule } from '@nestjs/axios';
|
||||
import { Module } from '@nestjs/common';
|
||||
import { CqrsModule } from '@nestjs/cqrs';
|
||||
import { DatabaseModule } from '../database/database.module';
|
||||
import { AuthorizationController } from './adapters/primaries/authorization.controller';
|
||||
import { OpaDecisionMaker } from './adapters/secondaries/opa.decision-maker';
|
||||
import { DecisionUseCase } from './domain/usecases/decision.usecase';
|
||||
import { AuthorizationProfile } from './mappers/authorization.profile';
|
||||
|
||||
@Module({
|
||||
imports: [DatabaseModule, CqrsModule, HttpModule],
|
||||
exports: [],
|
||||
controllers: [AuthorizationController],
|
||||
providers: [OpaDecisionMaker, DecisionUseCase, AuthorizationProfile],
|
||||
})
|
||||
export class AuthorizationModule {}
|
|
@ -0,0 +1,7 @@
|
|||
export enum Action {
|
||||
create = 'create',
|
||||
read = 'read',
|
||||
update = 'update',
|
||||
delete = 'delete',
|
||||
list = 'list',
|
||||
}
|
|
@ -0,0 +1,9 @@
|
|||
export class ContextItem {
|
||||
name: string;
|
||||
value: any;
|
||||
|
||||
constructor(name: string, value: any) {
|
||||
this.name = name;
|
||||
this.value = value;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,21 @@
|
|||
import { IsArray, IsNotEmpty, IsString } from 'class-validator';
|
||||
import { ContextItem } from './context-item';
|
||||
import { Action } from './action.enum';
|
||||
import { Domain } from './domain.enum';
|
||||
|
||||
export class DecisionRequest {
|
||||
@IsString()
|
||||
@IsNotEmpty()
|
||||
uuid: string;
|
||||
|
||||
@IsString()
|
||||
@IsNotEmpty()
|
||||
domain: Domain;
|
||||
|
||||
@IsString()
|
||||
@IsNotEmpty()
|
||||
action: Action;
|
||||
|
||||
@IsArray()
|
||||
context?: Array<ContextItem>;
|
||||
}
|
|
@ -0,0 +1,3 @@
|
|||
export enum Domain {
|
||||
user = 'user',
|
||||
}
|
|
@ -0,0 +1,10 @@
|
|||
import { AutoMap } from '@automapper/classes';
|
||||
|
||||
export class Authorization {
|
||||
@AutoMap()
|
||||
allow: boolean;
|
||||
|
||||
constructor(allow: boolean) {
|
||||
this.allow = allow;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,14 @@
|
|||
import { Injectable } from '@nestjs/common';
|
||||
import { Action } from '../dtos/action.enum';
|
||||
import { Domain } from '../dtos/domain.enum';
|
||||
import { Authorization } from '../entities/authorization';
|
||||
|
||||
@Injectable()
|
||||
export abstract class IMakeDecision {
|
||||
abstract decide(
|
||||
uuid: string,
|
||||
domain: Domain,
|
||||
action: Action,
|
||||
context: Array<{ name: string; value: string }>,
|
||||
): Promise<Authorization>;
|
||||
}
|
|
@ -0,0 +1,18 @@
|
|||
import { QueryHandler } from '@nestjs/cqrs';
|
||||
import { OpaDecisionMaker } from '../../adapters/secondaries/opa.decision-maker';
|
||||
import { DecisionQuery } from '../../queries/decision.query';
|
||||
import { Authorization } from '../entities/authorization';
|
||||
|
||||
@QueryHandler(DecisionQuery)
|
||||
export class DecisionUseCase {
|
||||
constructor(private readonly _decisionMaker: OpaDecisionMaker) {}
|
||||
|
||||
async execute(decisionQuery: DecisionQuery): Promise<Authorization> {
|
||||
return this._decisionMaker.decide(
|
||||
decisionQuery.uuid,
|
||||
decisionQuery.domain,
|
||||
decisionQuery.action,
|
||||
decisionQuery.context,
|
||||
);
|
||||
}
|
||||
}
|
|
@ -1,18 +1,18 @@
|
|||
import { createMap, Mapper } from '@automapper/core';
|
||||
import { AutomapperProfile, InjectMapper } from '@automapper/nestjs';
|
||||
import { Injectable } from '@nestjs/common';
|
||||
import { AuthPresenter } from '../adapters/primaries/auth.presenter';
|
||||
import { Auth } from '../domain/entities/auth';
|
||||
import { AuthorizationPresenter } from '../adapters/primaries/authorization.presenter';
|
||||
import { Authorization } from '../domain/entities/authorization';
|
||||
|
||||
@Injectable()
|
||||
export class AuthProfile extends AutomapperProfile {
|
||||
export class AuthorizationProfile extends AutomapperProfile {
|
||||
constructor(@InjectMapper() mapper: Mapper) {
|
||||
super(mapper);
|
||||
}
|
||||
|
||||
override get profile() {
|
||||
return (mapper: any) => {
|
||||
createMap(mapper, Auth, AuthPresenter);
|
||||
createMap(mapper, Authorization, AuthorizationPresenter);
|
||||
};
|
||||
}
|
||||
}
|
|
@ -0,0 +1,22 @@
|
|||
import { ContextItem } from '../domain/dtos/context-item';
|
||||
import { Action } from '../domain/dtos/action.enum';
|
||||
import { Domain } from '../domain/dtos/domain.enum';
|
||||
|
||||
export class DecisionQuery {
|
||||
readonly uuid: string;
|
||||
readonly domain: Domain;
|
||||
readonly action: Action;
|
||||
readonly context: Array<ContextItem>;
|
||||
|
||||
constructor(
|
||||
uuid: string,
|
||||
domain: Domain,
|
||||
action: Action,
|
||||
context?: Array<ContextItem>,
|
||||
) {
|
||||
this.uuid = uuid;
|
||||
this.domain = domain;
|
||||
this.action = action;
|
||||
this.context = context;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,59 @@
|
|||
import { classes } from '@automapper/classes';
|
||||
import { AutomapperModule } from '@automapper/nestjs';
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { OpaDecisionMaker } from '../../adapters/secondaries/opa.decision-maker';
|
||||
import { Action } from '../../domain/dtos/action.enum';
|
||||
import { ContextItem } from '../../domain/dtos/context-item';
|
||||
import { DecisionRequest } from '../../domain/dtos/decision.request';
|
||||
import { Domain } from '../../domain/dtos/domain.enum';
|
||||
import { DecisionUseCase } from '../../domain/usecases/decision.usecase';
|
||||
import { AuthorizationProfile } from '../../mappers/authorization.profile';
|
||||
import { DecisionQuery } from '../../queries/decision.query';
|
||||
|
||||
const mockOpaDecisionMaker = {
|
||||
decide: jest.fn().mockResolvedValue(Promise.resolve(true)),
|
||||
};
|
||||
|
||||
describe('DecisionUseCase', () => {
|
||||
let decisionUseCase: DecisionUseCase;
|
||||
|
||||
beforeAll(async () => {
|
||||
const module: TestingModule = await Test.createTestingModule({
|
||||
imports: [AutomapperModule.forRoot({ strategyInitializer: classes() })],
|
||||
providers: [
|
||||
{
|
||||
provide: OpaDecisionMaker,
|
||||
useValue: mockOpaDecisionMaker,
|
||||
},
|
||||
DecisionUseCase,
|
||||
AuthorizationProfile,
|
||||
],
|
||||
}).compile();
|
||||
|
||||
decisionUseCase = module.get<DecisionUseCase>(DecisionUseCase);
|
||||
});
|
||||
|
||||
it('should be defined', () => {
|
||||
expect(decisionUseCase).toBeDefined();
|
||||
});
|
||||
|
||||
describe('execute', () => {
|
||||
it('should validate an authorization', async () => {
|
||||
const decisionRequest: DecisionRequest = new DecisionRequest();
|
||||
decisionRequest.uuid = 'bb281075-1b98-4456-89d6-c643d3044a91';
|
||||
decisionRequest.domain = Domain.user;
|
||||
decisionRequest.action = Action.create;
|
||||
decisionRequest.context = [new ContextItem('context1', 'value1')];
|
||||
expect(
|
||||
decisionUseCase.execute(
|
||||
new DecisionQuery(
|
||||
decisionRequest.uuid,
|
||||
decisionRequest.domain,
|
||||
decisionRequest.action,
|
||||
decisionRequest.context,
|
||||
),
|
||||
),
|
||||
).toBeTruthy();
|
||||
});
|
||||
});
|
||||
});
|
|
@ -0,0 +1,100 @@
|
|||
import { HttpService } from '@nestjs/axios';
|
||||
import { ConfigService } from '@nestjs/config';
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { of } from 'rxjs';
|
||||
import { OpaDecisionMaker } from '../../adapters/secondaries/opa.decision-maker';
|
||||
import { Action } from '../../domain/dtos/action.enum';
|
||||
import { Domain } from '../../domain/dtos/domain.enum';
|
||||
|
||||
const mockHttpService = {
|
||||
post: jest
|
||||
.fn()
|
||||
.mockImplementationOnce(() => {
|
||||
return of({
|
||||
status: 200,
|
||||
data: {
|
||||
decision_id: '96d99d44-e0a6-458e-a656-de2a400d60a8',
|
||||
result: {
|
||||
allow: true,
|
||||
},
|
||||
},
|
||||
});
|
||||
})
|
||||
.mockImplementationOnce(() => {
|
||||
return of({
|
||||
status: 200,
|
||||
data: {
|
||||
decision_id: '96d99d44-e0a6-458e-a656-de2a400d60a9',
|
||||
result: {
|
||||
allow: false,
|
||||
},
|
||||
},
|
||||
});
|
||||
})
|
||||
.mockImplementationOnce(() => {
|
||||
throw new Error();
|
||||
}),
|
||||
};
|
||||
|
||||
const mockConfigService = {
|
||||
get: jest.fn().mockResolvedValue({
|
||||
OPA_URL: 'http://url/',
|
||||
}),
|
||||
};
|
||||
|
||||
describe('OpaDecisionMaker', () => {
|
||||
let opaDecisionMaker: OpaDecisionMaker;
|
||||
|
||||
beforeAll(async () => {
|
||||
const module: TestingModule = await Test.createTestingModule({
|
||||
imports: [],
|
||||
providers: [
|
||||
{
|
||||
provide: HttpService,
|
||||
useValue: mockHttpService,
|
||||
},
|
||||
{
|
||||
provide: ConfigService,
|
||||
useValue: mockConfigService,
|
||||
},
|
||||
OpaDecisionMaker,
|
||||
],
|
||||
}).compile();
|
||||
|
||||
opaDecisionMaker = module.get<OpaDecisionMaker>(OpaDecisionMaker);
|
||||
});
|
||||
|
||||
it('should be defined', () => {
|
||||
expect(opaDecisionMaker).toBeDefined();
|
||||
});
|
||||
|
||||
describe('execute', () => {
|
||||
it('should return a truthy authorization', async () => {
|
||||
const authorization = await opaDecisionMaker.decide(
|
||||
'bb281075-1b98-4456-89d6-c643d3044a91',
|
||||
Domain.user,
|
||||
Action.read,
|
||||
[],
|
||||
);
|
||||
expect(authorization.allow).toBeTruthy();
|
||||
});
|
||||
it('should return a falsy authorization', async () => {
|
||||
const authorization = await opaDecisionMaker.decide(
|
||||
'bb281075-1b98-4456-89d6-c643d3044a91',
|
||||
Domain.user,
|
||||
Action.read,
|
||||
[],
|
||||
);
|
||||
expect(authorization.allow).toBeFalsy();
|
||||
});
|
||||
it('should return a falsy authorization when an error happens', async () => {
|
||||
const authorization = await opaDecisionMaker.decide(
|
||||
'bb281075-1b98-4456-89d6-c643d3044a91',
|
||||
Domain.user,
|
||||
Action.read,
|
||||
[],
|
||||
);
|
||||
expect(authorization.allow).toBeFalsy();
|
||||
});
|
||||
});
|
||||
});
|
|
@ -1,10 +1,10 @@
|
|||
import { Module } from '@nestjs/common';
|
||||
import { AuthRepository } from '../auth/adapters/secondaries/auth.repository';
|
||||
import { UsernameRepository } from '../auth/adapters/secondaries/username.repository';
|
||||
import { AuthenticationRepository } from '../authentication/adapters/secondaries/authentication.repository';
|
||||
import { UsernameRepository } from '../authentication/adapters/secondaries/username.repository';
|
||||
import { PrismaService } from './src/adapters/secondaries/prisma-service';
|
||||
|
||||
@Module({
|
||||
providers: [PrismaService, AuthRepository, UsernameRepository],
|
||||
exports: [PrismaService, AuthRepository, UsernameRepository],
|
||||
providers: [PrismaService, AuthenticationRepository, UsernameRepository],
|
||||
exports: [PrismaService, AuthenticationRepository, UsernameRepository],
|
||||
})
|
||||
export class DatabaseModule {}
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
import { PrismaRepository } from '../adapters/secondaries/prisma-repository.abstract';
|
||||
|
||||
export class AuthNZRepository<T> extends PrismaRepository<T> {}
|
||||
export class AuthRepository<T> extends PrismaRepository<T> {}
|
Loading…
Reference in New Issue