0

fabric8-auth

Identity and Access Management for fabric8 services

Official Site
Github repo
Main metrics
  • Owner: fabric8-services/fabric8-auth
  • Platform:
  • License:: Apache License 2.0
  • Category::
  • Topic:
  • Like:
    0
      Compare:

Github stars Tracking Chart

= Fabric8 Auth
:toc:
:toc-placement: preamble
:sectnums:
:experimental:

image:https://ci.centos.org/buildStatus/icon?job=devtools-fabric8-auth-build-master-push-client[Jenkins,link="https://ci.centos.org/job/devtools-fabric8-auth-build-master-push-client/lastBuild/"]
image:https://goreportcard.com/badge/github.com/fabric8-services/fabric8-auth[Go Report Card, link="https://goreportcard.com/report/github.com/fabric8-services/fabric8-auth"]
image:https://godoc.org/github.com/fabric8-services/fabric8-auth?status.png[GoDoc,link="https://godoc.org/github.com/fabric8-services/fabric8-auth"]
image:https://codecov.io/gh/fabric8-services/fabric8-auth/branch/master/graph/badge.svg[Codecov.io,link="https://codecov.io/gh/fabric8-services/fabric8-auth"]

== Documentation

You can find both reference documentation and developer documentation in the following location:

link:https://fabric8-services.github.io/fabric8-auth/index.html[fabric8-auth docs].

== Building from source

The following guide is mainly targeted towards a Linux or Mac OSX development
machine. If you are on Windows, we recommend to take a look at
link:docs/source/getting-started-win.adoc[Getting started with fabric8-auth development on Windows].

=== Prerequisites

You need to install:

  • go (>= v1.8)
  • git
  • mercurial
  • make

==== Check your Go version

Run the following command to find out your Go version.

$ go version

You must at least have Go version 1.8.

See <> to see an explanaition on how we deal with
dependencies.

==== Install dep

This project uses https://github.com/golang/dep[dep] as a package manager for Go.
Running the make deps command will install dep in $GOPATH/bin if it's not already available on your system.

=== Get the code

Assuming you have Go installed and configured (have $GOPATH setup) here is
how to build.

Check out the code

$ git clone https://github.com/fabric8-services/fabric8-auth $GOPATH/src/github.com/fabric8-services/fabric8-auth

=== Build

Like most other projects, this one depends on various other projects that need
to be downloaded.

We also generate some code from design files that shall make it into our
final artifacts.

To fetch the dependencies, generate code and finally build the project you can
type make in a freshly clone repository of this project.

$ cd $GOPATH/src/github.com/fabric8-services/fabric8-auth
$ make

If you are getting the following error

[ERROR] Failed to set references: Unable to update checked out version (Skip to cleanup)
make: *** [vendor] Error 1

Try out this

$ glide cache-clear
$ make clean deps
$ make build

==== Special make targets

There is no need to fetch the dependencies, or re-generate code every time you
want to compile. That's why we offer special make targets for these topics:

  • <>
  • <>
  • <>
  • <>
  • <>
  • <>

===== Fetch dependencies

This will download all the dependencies for this project inside a directory
called vendor. This way we can ensure that every developer and our CI system
is using the same version.

$ cd $GOPATH/src/github.com/fabric8-services/fabric8-auth
$ make deps

For dependency management of go packages we use https://github.com/golang/dep[`dep`].

The file Gopkg.toml contains all dependencies. If you want to understand the format for this file, look link:https://golang.github.io/dep/docs/Gopkg.toml.html[here].

===== Generate GOA sources

You need to run this command if you just checked out the code and later if
you've modified the designs.

$ cd $GOPATH/src/github.com/fabric8-services/fabric8-auth
$ make generate

===== Build

If you want to just build the Auth server and client, run make build.

$ cd $GOPATH/src/github.com/fabric8-services/fabric8-auth
$ make build

===== Clean

This removes all downloaded dependencies, all generated code and compiled
artifacts.

$ cd $GOPATH/src/github.com/fabric8-services/fabric8-auth
$ make clean

===== Tests

Here's how to run all available tests. All tests will check all Go packages
except those in the vendor/ directory.
Make sure you have docker and docker-compose available.

Setting up test environment - make integration-test-env-prepare

Tear test environment down - make integration-test-env-tear-down

[horizontal]
unit-tests::
Unit tests have the minimum requirement on time and environment setup.
+

$ cd $GOPATH/src/github.com/fabric8-services/fabric8-auth
$ make test-unit

integration-tests::
Integration tests demand more setup (i.e. the PostgreSQL DB must be already
running) and probably time. We recommend that you use docker-compose up -d db.
+

$ cd $GOPATH/src/github.com/fabric8-services/fabric8-auth
$ make test-integration

e2e-tests::
End-to-End tests uses DB (i.e. the PostgreSQL DB must be already
running). We recommend that you use docker-compose up -d db.
+

$ cd $GOPATH/src/github.com/fabric8-services/fabric8-auth
$ make test-e2e

all::
To run both, the unit and the integration tests you can run
+

$ cd $GOPATH/src/github.com/fabric8-services/fabric8-auth
$ make test-all

By default, test data is removed from the database after each test, unless the AUTH_CLEAN_TEST_DATA environment variable is set to false. This can be particularily useful to run queries on the test data after a test failure, in order to understand why the result did not match the expectations.

Also, all SQL queries can be displayed in the output if the AUTH_ENABLE_DB_LOGS environment variable is set to `true. Beware that this can be very verbose, though ;)

===== Coverage

To visualize the coverage of unit, integration, or all tests you can run these
commands:

  • $ make coverage-unit
  • $ make coverage-integration
  • $ make coverage-all

NOTE: If the tests (see <>) have not yet run, or if the sources have changed
since the last time the tests ran, they will be re-run to produce up to date
coverage profiles.

Each of the above tests (see <>) produces a coverage profile by default.
Those coverage files are available under

tmp/coverage//coverage..mode-

Here's how the expand

[horizontal]
<package>::
something like github.com/fabric8-services/fabric8-auth/models

<test>::
unit or integration

<mode>::
Sets the mode for coverage analysis for the packages being tested.
Possible values for <mode> are set (the default), count, or atomic and
they directly relate to the output of go test --help.

  • set: bool: does this statement run?
  • count: int: how many times does this statement run?
  • atomic: int: count, but correct in multithreaded tests; significantly more
    expensive.

In addition to all individual coverage information for each package, we also
create three more files:

[horizontal]
tmp/coverage.unit.mode-<mode>::
This file collects all the coverage profiles for all unit tests.

tmp/coverage.integration.mode-<mode>::
This file collects all the coverage profiles for all integration tests.

tmp/coverage.mode-<mode>::
This file is the merge result of the two afore mentioned files and thus gives
coverage information for all tests.

==== Development

These files and directories are generated and should not be edited:

  • ./app/
  • ./client/
  • ./swagger/
  • ./tool/cli/

== Developer setup

Start up dependent docker services using docker-compose and runs auto reload on source change tool fresh.

$ cd $GOPATH/src/github.com/fabric8-services/fabric8-auth
$ make dev

The above steps start the API Server on port 8089.

Test out the build by executing CLI commands in a different terminal.

NOTE: The CLI needs the API Server which was started on executing make dev to be up and running. Please do not kill the process. Alternatively if you haven't run make dev you could just start the server by running ./bin/auth.

Generate a token for future use.

./bin/auth-cli generate token -H localhost:8089 --pp

You should get Token in response, save this token in your favourite editor as you need to use this token for POST API calls

=== Creating User using Service Account token in DB.
==== Creating Service Account token for online registration.
We need Service Account token to create user in AUTH. Now to create SA token in development mode, we can use following api

curl -X POST http://localhost:8089/api/token -H 'Content-Type: application/json' -d '{
  "client_id": "f867ec72-3171-4b8f-8eec-90a32eab6e0b",
  "client_secret": "secret",
  "grant_type": "client_credentials"
}'

You will receive response like follow:

{"access_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6IjlNTG5WaWFSa2hWajFHVDlrcFdVa3dISXdVRC13WmZVeFItM0Nwa0UtWHMiLCJ0eXAiOiJKV1QifQ.eyJpYXQiOjE1Mzg2NTYwMTYsImlzcyI6Imh0dHA6Ly9sb2NhbGhvc3QiLCJqdGkiOiI0MjA1NGE4MS1jNjdlLTQ0MGQtYjQ1My1kNzkwNmM3ZjE5MDQiLCJzY29wZXMiOlsidW1hX3Byb3RlY3Rpb24iXSwic2VydmljZV9hY2NvdW50bmFtZSI6Im9ubGluZS1yZWdpc3RyYXRpb24iLCJzdWIiOiJmODY3ZWM3Mi0zMTcxLTRiOGYtOGVlYy05MGEzMmVhYjZlMGIifQ.esAmoXFhkHq02-ABf22FHZtO7ytfNzmMHPoAYwsDYYVQ5thPyXPNTWXnhHu4bV0rACnf7R5oa3oIl14DhyPSTMjAN_qZZlWQC2qjhMEOBSbss_hW5BkYwU67YBhkHt_eYgfVuoAgi7SuMu5KucaBIMNBEpYrDXR6G9Q2qk3jq4tV4qbTaQ6P078pdfYKT2ue_eGbSEvUN4G33tTzI-TX6UrR3mi-jsavLkRGAPUZmvdIVigHMi-KM1oilw7IB24FB6rd4AMuD1OVhgV-r9qrA3MDdLP6mS_t09D30ROAoymJEy44OvbmdVo0XAQRD6_JyzHhK-YrAGN-39C5BDBeFw",
 "token_type":"Bearer"
}

==== Approving User in Auth DB and Creating user in WIT

Once you have RHD account and auth service running locally, you can use above created service account token to create user like following

curl -X POST  http://localhost:8089/api/users   -H "authorization: Bearer $SERVICE_ACCOUNT_TOKEN"   -H 'content-type: application/json'   -d '{
  "data": {
    "attributes": {
      "email": "dipakpawar@gmail.com",
      "rhd_username": "dipakpawar",
      "username": "dipakpawar",
      "cluster": "https://cluster-url.com",
      "rhd_user_id":"3383826c-51e4-401b-9ccd-b898f7e2397d"
    },
    "type": "identities"
  }
}'

You don't have to find rhd_user_id from RHD as it is random UUID and you can put any random number there.

This will create identity and user in the auth DB and user in WIT. Make sure to give correct email and username with your identity provider(RHD).

Note: If you haven't not created user, you will get user dipakpawar is not approved error during logging. You need to follow above mentioned steps to approve user.

==== Running above steps using shell script
If you are too lazy to do above steps just run following command with your server, username, email parameters.

 curl -sSL https://git.io/fxY5T, bash -s -- -s http://localhost:8089/api/token -u username -e email  -c mycluster.url.com

=== Reset Database

The database are kept in a docker container that gets reused between restarts. Thus restarts will not clear out the database.

To clear out the database kill the database like this:

$ docker kill fabric8auth_db_1 && docker rm fabric8auth_db_1

In case you have mulitple fabric8* running use docker ps to locate the container name.

== Rapid development on Minishift

See the following README in the minishift directory for instructions on running fabric8-auth in minishift:

link:minishift/README.md[Minishift README].

Main metrics

Overview
Name With Ownerfabric8-services/fabric8-auth
Primary LanguageGo
Program languageGo (Language Count: 6)
Platform
License:Apache License 2.0
所有者活动
Created At2017-07-10 23:57:55
Pushed At2020-05-13 09:47:06
Last Commit At2020-05-13 11:47:05
Release Count0
用户参与
Stargazers Count14
Watchers Count7
Fork Count25
Commits Count1.1k
Has Issues Enabled
Issues Count391
Issue Open Count36
Pull Requests Count440
Pull Requests Open Count2
Pull Requests Close Count36
项目设置
Has Wiki Enabled
Is Archived
Is Fork
Is Locked
Is Mirror
Is Private