bff

package
v1.5.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 24, 2022 License: MIT Imports: 39 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	StartRegistration    = "" /* 160-byte string literal not displayed */
	CompleteRegistration = "" /* 171-byte string literal not displayed */
	SubmitTestnet        = "Review and submit your " + testnetName + " registration."
	SubmitMainnet        = "Review and submit your " + mainnetName + " registration."
	VerifyEmails         = "Your organization's %s registration has been submitted and verification emails have been sent to the contacts specified in the form. Contacts and email addresses must be verified as the first step in the approval process. Please request that contacts verify their email addresses promptly so that the TRISA Validation Team can proceed with the validation process. Please contact TRISA support at " + supportEmail + " if contacts have not received the verification email and link."
	RegistrationPending  = "" /* 139-byte string literal not displayed */
	RegistrationRejected = "Your organization's %s registration has been rejected by the TRISA Validation Team. This means your organization is not a verified member of the TRISA network and cannot communicate with other members. Please contact TRISA support at " + supportEmail + " for additional details and next steps."
	RegistrationApproved = "" /* 198-byte string literal not displayed */
	RenewCertificate     = "" /* 188-byte string literal not displayed */
	CertificateRevoked   = "Your organization's %s X.509 Identity Certificate has been revoked by TRISA. This means your organization is no longer a verified member of the TRISA network and can no longer communicate with other members. Please contact TRISA support at " + supportEmail + " for additional details and next steps."
)
View Source 
const (
	// TODO: do not hard code this value but make it a configuration
	DefaultRole        = "Organization Collaborator"
	DoubleCookieMaxAge = 24 * time.Hour
	OrgIDKey           = "orgid"
	VASPsKey           = "vasps"
)

Variables

This section is empty.

Functions

func FlattenErrs 

func FlattenErrs(in []error) (out []error)

FlattenErrs removes nil errors from the slice (exported for testing purposes).

func FlattenResults 

func FlattenResults(in []interface{}) (out []interface{})

FlattenResults removes nil values from the slice (exported for testing purposes).

Types

type AdminRPC added in v1.5.0 

type AdminRPC func(ctx context.Context, client admin.DirectoryAdministrationClient, network string) (interface{}, error)

type GDSClient added in v1.5.0 

type GDSClient struct {
	// contains filtered or unexported fields
}

GDSClient is a unified client which contains sub-clients for interacting with the various GDS services. This helps reduce common client code when making parallel requests to both testnet and mainnet.

func (*GDSClient) Close added in v1.5.0 

func (c *GDSClient) Close() (err error)

Close the connection to both the TRISA directory service and the Members service.

func (*GDSClient) ConnectGDS added in v1.5.0 

func (c *GDSClient) ConnectGDS(conf config.DirectoryConfig, opts ...grpc.DialOption) error

ConnectGDS creates a gRPC client to the TRISA Directory Service specified in the configuration using the provided dial options.

func (*GDSClient) ConnectMembers added in v1.5.0 

func (c *GDSClient) ConnectMembers(conf config.MembersConfig, opts ...grpc.DialOption) error

ConnectMembers creates a gRPC client to the TRISA Members Service specified in the configuration using the provided dial options.

func (*GDSClient) Details added in v1.5.0 

func (c *GDSClient) Details(ctx context.Context, in *members.DetailsRequest, opts ...grpc.CallOption) (*members.MemberDetails, error)

func (*GDSClient) List added in v1.5.0 

func (c *GDSClient) List(ctx context.Context, in *members.ListRequest, opts ...grpc.CallOption) (*members.ListReply, error)

Members methods

func (*GDSClient) Lookup added in v1.5.0 

func (c *GDSClient) Lookup(ctx context.Context, in *gds.LookupRequest, opts ...grpc.CallOption) (*gds.LookupReply, error)

GDS methods

func (*GDSClient) Register added in v1.5.0 

func (c *GDSClient) Register(ctx context.Context, in *gds.RegisterRequest, opts ...grpc.CallOption) (*gds.RegisterReply, error)

func (*GDSClient) Search added in v1.5.0 

func (c *GDSClient) Search(ctx context.Context, in *gds.SearchRequest, opts ...grpc.CallOption) (*gds.SearchReply, error)

func (*GDSClient) Status added in v1.5.0 

func (c *GDSClient) Status(ctx context.Context, in *gds.HealthCheck, opts ...grpc.CallOption) (*gds.ServiceState, error)

func (*GDSClient) Summary added in v1.5.0 

func (c *GDSClient) Summary(ctx context.Context, in *members.SummaryRequest, opts ...grpc.CallOption) (*members.SummaryReply, error)

func (*GDSClient) Verification added in v1.5.0 

func (c *GDSClient) Verification(ctx context.Context, in *gds.VerificationRequest, opts ...grpc.CallOption) (*gds.VerificationReply, error)

func (*GDSClient) VerifyContact added in v1.5.0 

func (c *GDSClient) VerifyContact(ctx context.Context, in *gds.VerifyContactRequest, opts ...grpc.CallOption) (*gds.VerifyContactReply, error)

type GlobalDirectoryClient added in v1.5.0 

type GlobalDirectoryClient interface {
	gds.TRISADirectoryClient
	members.TRISAMembersClient
}

GlobalDirectoryClient is a unified interface to access multiple GDS services across multiple connections with different client interfaces.

func ConnectGDS 

func ConnectGDS(conf config.NetworkConfig) (_ GlobalDirectoryClient, err error)

ConnectGDS creates a unified client to the TRISA Directory Service and TRISA members service specified in the configuration. This method is used to connect to both the TestNet and the MainNet so we can maintain separate clients for each.

type RPC added in v1.5.0 

type RPC func(ctx context.Context, client GlobalDirectoryClient, network string) (proto.Message, error)

RPC allows the BFF to issue arbitrary client methods in parallel to both the testnet and the mainnet. The combined client object, which contains separate sub-clients for the GDS and members services, and network name are passed into the function, allowing the RPC to make any directory service or members service RPC call and log with the associated network.

type Server 

type Server struct {
	sync.RWMutex
	// contains filtered or unexported fields
}

func New 

func New(conf config.Config) (s *Server, err error)

New creates a new BFF server from the specified configuration.

func (*Server) AddCollaborator added in v1.5.2 

func (s *Server) AddCollaborator(c *gin.Context)

AddCollaborator creates a new collaborator with the email address in the request. The endpoint adds the collaborator to the organization record associated with the user and sends a verification email to the provided email address, so the user must have the update:collaborators permission.

func (*Server) Announcements added in v1.5.0 

func (s *Server) Announcements(c *gin.Context)

func (*Server) Attention added in v1.5.0 

func (s *Server) Attention(c *gin.Context)

Attention returns the current attention messages for the authenticated user.

func (*Server) Available 

func (s *Server) Available() gin.HandlerFunc

Available is middleware that uses the healthy boolean to return a service unavailable http status code if the server is shutting down. This middleware must be first in the chain to ensure that complex handling to slow the shutdown of the server.

func (*Server) Certificates added in v1.5.0 

func (s *Server) Certificates(c *gin.Context)

Certificates returns the list of certificates for the authenticated user.

func (*Server) FindRoleByName added in v1.5.0 

func (s *Server) FindRoleByName(name string) (*management.Role, error)

func (*Server) GetCertificates added in v1.5.0 

func (s *Server) GetCertificates(ctx context.Context, testnetID, mainnetID string) (testnetCerts, mainnetCerts *admin.ListCertificatesReply, testnetErr, mainnetErr error)

GetCertificates makes parallel calls to the admin services to get the certificate information for both testnet and mainnet. If testnetID or mainnetID are empty strings, this will simply return a nil response for the corresponding network so the caller can distinguish between a non registration and an error.

func (*Server) GetConf 

func (s *Server) GetConf() config.Config

GetConf returns a copy of the current configuration.

func (*Server) GetRouter 

func (s *Server) GetRouter() http.Handler

GetRouter returns the Gin API router for testing purposes.

func (*Server) GetStatuses added in v1.5.0 

func (s *Server) GetStatuses(ctx context.Context) (testnet, mainnet *gds.ServiceState, err error)

GetStatuses makes parallel calls to the directory service to get the status information for both testnet and mainnet.

func (*Server) GetSummaries added in v1.5.0 

func (s *Server) GetSummaries(ctx context.Context, testnetID, mainnetID string) (testnetSummary, mainnetSummary *members.SummaryReply, testnetErr, mainnetErr error)

GetSummaries makes parallel calls to the members service to get the summary information for both testnet and mainnet. If an endpoint returned an error, then a nil value is returned from this function for that endpoint instead of an error.

func (*Server) GetURL 

func (s *Server) GetURL() string

GetURL returns the URL that the server can be reached if it has been started. This accessor is primarily used to create a test client.

func (*Server) GetVASPs added in v1.5.0 

func (s *Server) GetVASPs(ctx context.Context, testnetID, mainnetID string) (testnetVASP, mainnetVASP *pb.VASP, testnetErr, mainnetErr error)

GetVASPs makes parallel calls to the admin APIs to retrieve VASP records from testnet and mainnet. If testnet or mainnet are empty strings, this will simply return a nil response for the corresponding network so the caller can distinguish between a non registration and an error.

func (*Server) LoadRegisterForm added in v1.5.0 

func (s *Server) LoadRegisterForm(c *gin.Context)

Returns the user's current registration form if it's available

func (*Server) Login added in v1.5.0 

func (s *Server) Login(c *gin.Context)

Login performs post-authentication checks and ensures that the user has the proper permissions and roles after they sign in with Auth0. The front-end should call the BFF login endpoint after the user signs in, providing the access_token in the request. If there is no access token a 401 is returned. This endpoint verifies that the user has a role and organization assigned to it and that the organization is up to date with the auth0 app_data. If the user does not have an organization, it is assumed that this is the first time the user has logged in and an organization is created for the user and they are assigned the organization leader role. If they have an organization but no role, they are assigned the organization collaborator role. If the auth0 app data was changed, this returns a response with the refresh_token field set to true, indicating that the frontend should refresh the access token to ensure that the user claims are up to date.

func (*Server) Lookup 

func (s *Server) Lookup(c *gin.Context)

Lookup makes a request on behalf of the user to both the TestNet and MainNet GDS servers, returning 1-2 results (e.g. either or both GDS responses). If no results are returned, Lookup returns a 404 not found error. If one of the GDS requests fails, the error is logged, but the valid response is returned. If both GDS requests fail, a 500 error is returned. This endpoint passes through the response from GDS as JSON, the result should contain a registered_directory field that identifies which network the record is associated with.

func (*Server) MakeAnnouncement added in v1.5.0 

func (s *Server) MakeAnnouncement(c *gin.Context)

func (*Server) MemberDetails added in v1.5.0 

func (s *Server) MemberDetails(c *gin.Context)

MemberDetails endpoint is an authenticated endpoint that requires the read:vasp permission and returns details about a VASP member.

func (*Server) OrganizationFromClaims added in v1.5.0 

func (s *Server) OrganizationFromClaims(c *gin.Context) (org *models.Organization, err error)

OrganizationFromClaims is a helper method to retrieve the organization for a particular request by fetching the orgID from the claims and querying the database. If there is an error fetching the organization, the appropriate error response is made on the gin writer and logged. The caller should check for error and return.

func (*Server) Overview added in v1.5.0 

func (s *Server) Overview(c *gin.Context)

Overview endpoint is an authenticated endpoint that requires the read:vasp permission.

func (*Server) ParallelAdminRequests added in v1.5.0 

func (s *Server) ParallelAdminRequests(ctx context.Context, rpc AdminRPC, flatten bool) (results []interface{}, errs []error)

ParallelAdminRequests makes concurrent requests to both the testnet and the mainnet, storing the results and errors in a slice of length 2 ([testnet, mainnet]). If the flatten bool is true, then nil values are removed from the slice (though this will make which network returned the result ambiguous).

func (*Server) ParallelGDSRequests 

func (s *Server) ParallelGDSRequests(ctx context.Context, rpc RPC, flatten bool) (results []interface{}, errs []error)

ParallelGDSRequests makes concurrent requests to both the testnet and the mainnet, storing the results and errors in a slice of length 2 ([testnet, mainnet]). If the flatten bool is true, then nil values are removed from the slice (though this will make which network returned the result ambiguous).

func (*Server) RegistrationStatus added in v1.5.0 

func (s *Server) RegistrationStatus(c *gin.Context)

RegistrationStatus returns the registration status for both testnet and mainnet for the user.

func (*Server) ReplaceCollaborator added in v1.5.2 

func (s *Server) ReplaceCollaborator(c *gin.Context)

ReplaceCollaborator completely replaces a collaborator on the user's organization with the collaborator in the request. The collaborator object in the request must be valid and the user must have the update:collaborators permission.

func (*Server) SaveAuth0AppMetadata added in v1.5.0 

func (s *Server) SaveAuth0AppMetadata(uid string, appdata auth.AppMetadata) (err error)

func (*Server) SaveRegisterForm added in v1.5.0 

func (s *Server) SaveRegisterForm(c *gin.Context)

Saves the registration form on the BFF to allow multiple users to edit the registration form before it is submitted to the directory service.

func (*Server) Serve 

func (s *Server) Serve() (err error)

Serve API requests on the specified address.

func (*Server) SetAdminClients added in v1.5.0 

func (s *Server) SetAdminClients(testnet, mainnet apiv2.DirectoryAdministrationClient)

SetAdminClients allows tests to set the admin clients to the mocked clients.

func (*Server) SetDB 

func (s *Server) SetDB(db *db.DB)

SetDB allows tests to set a bufconn client to a mock trtl server.

func (*Server) SetGDSClients added in v1.5.0 

func (s *Server) SetGDSClients(testnet, mainnet *GDSClient)

SetGDSClients allows tests to set a bufconn client to a mock GDS server.

func (*Server) SetHealth 

func (s *Server) SetHealth(health bool)

func (*Server) SetURL 

func (s *Server) SetURL(url string)

func (*Server) Shutdown 

func (s *Server) Shutdown() (err error)

func (*Server) Status 

func (s *Server) Status(c *gin.Context)

func (*Server) SubmitRegistration added in v1.5.0 

func (s *Server) SubmitRegistration(c *gin.Context)

SubmitRegistration makes a request on behalf of the user to either the TestNet or the MainNet GDS server based on the URL endpoint. The endpoint will first load the saved registration form from the front-end and will parse it for some basic validity constraints - it will then submit the form and return any response from the directory.

func (*Server) VerifyContact 

func (s *Server) VerifyContact(c *gin.Context)

VerifyContact is currently a passthrough helper that forwards the verify contact request from the user interface to the GDS that needs contact verification.

Source Files

View all Source files

Directories

Path Synopsis
mock
api
v1
authtest
Package authtest provides a wrapped httptest.Server that will respond to auth0 requests.
 Package authtest provides a wrapped httptest.Server that will respond to auth0 requests.
clive
Package clive provides CLI-Live interactions with Auth0 by running a local server for OAuth challenges and handling them on behalf of the user.
 Package clive provides CLI-Live interactions with Auth0 by running a local server for OAuth challenges and handling them on behalf of the user.
db
models/v1

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.