Skip to content

Commit

Permalink
Make the first test pass
Browse files Browse the repository at this point in the history
  • Loading branch information
@queil
queil committed Jan 10, 2022
1 parent c05164f commit e43a74d
Show file tree
Hide file tree
Showing 15 changed files with 77 additions and 587 deletions.
12 changes: 12 additions & 0 deletions src/HotChocolate/AspNetCore/src/AspNetCore.Authorization.Opa/DefaultOpaDecision.cs
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
namespace HotChocolate.AspNetCore.Authorization;

public class DefaultOpaDecision : IOpaDecision
{
public AuthorizeResult Map(ResponseBase? response) => response switch
{
QueryResponse { Result: true } => AuthorizeResult.Allowed,
NoDefaultPolicy => AuthorizeResult.NoDefaultPolicy,
PolicyNotFound => AuthorizeResult.PolicyNotFound,
_ => AuthorizeResult.NotAllowed
};
}
8 changes: 4 additions & 4 deletions ...e.Authorization.Opa/QueryRequestMapper.cs → ...ization.Opa/DefaultQueryRequestFactory.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,9 @@

namespace HotChocolate.AspNetCore.Authorization;

public static class QueryRequestMapper
public class DefaultQueryRequestFactory : IOpaQueryRequestFactory
{
public static QueryRequest MapFrom(IMiddlewareContext context, AuthorizeDirective directive)
public QueryRequest CreateRequest(IMiddlewareContext context, AuthorizeDirective directive)
{
IHttpContextAccessor? accessor = context.Services.GetService<IHttpContextAccessor>();
HttpContext? http = accessor.HttpContext;
Expand All @@ -16,9 +16,9 @@ public static QueryRequest MapFrom(IMiddlewareContext context, AuthorizeDirectiv
{
Input = new Input
{
GraphQL = new GraphQl
Policy = new Policy
{
Policy = directive.Policy ?? string.Empty,
Path = directive.Policy ?? string.Empty,
Roles = directive.Roles is null ? Array.Empty<string>() : directive.Roles.ToArray()
},
Request = new OriginalRequest
Expand Down
3 changes: 2 additions & 1 deletion ...spNetCore/src/AspNetCore.Authorization.Opa/HotChocolateAuthorizeRequestExecutorBuilder.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,8 @@ public static IRequestExecutorBuilder AddOpaAuthorizationHandler(
this IRequestExecutorBuilder builder, Action<IConfiguration, OpaOptions>? configure = null)
{
builder.AddAuthorizationHandler<OpaAuthorizationHandler>();
builder.Services.AddSingleton<IOpaDecision, OpaDecision>();
builder.Services.AddSingleton<IOpaQueryRequestFactory, DefaultQueryRequestFactory>();
builder.Services.AddSingleton<IOpaDecision, DefaultOpaDecision>();
builder.Services.AddHttpClient<IOpaService, OpaService>((f, c) =>
{
OpaOptions? options = f.GetRequiredService<OpaOptions>();
Expand Down
3 changes: 2 additions & 1 deletion src/HotChocolate/AspNetCore/src/AspNetCore.Authorization.Opa/OpaAuthorizationHandler.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,8 +23,9 @@ public async ValueTask<AuthorizeResult> AuthorizeAsync(
{
IOpaService? opaService = context.Services.GetRequiredService<IOpaService>();
IOpaDecision? opaDecision = context.Services.GetRequiredService<IOpaDecision>();
IOpaQueryRequestFactory? factory = context.Services.GetRequiredService<IOpaQueryRequestFactory>();

QueryResponse? response = await opaService.QueryAsync(directive.Policy ?? string.Empty, QueryRequestMapper.MapFrom(context, directive), context.RequestAborted);
ResponseBase? response = await opaService.QueryAsync(directive.Policy ?? string.Empty, factory.CreateRequest(context, directive), context.RequestAborted);
return opaDecision.Map(response);
}
}
13 changes: 0 additions & 13 deletions src/HotChocolate/AspNetCore/src/AspNetCore.Authorization.Opa/OpaDecision.cs
View file

This file was deleted.

6 changes: 3 additions & 3 deletions src/HotChocolate/AspNetCore/src/AspNetCore.Authorization.Opa/OpaOptions.cs
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
using System.Text.Json;
using System.Text.Json;

namespace HotChocolate.AspNetCore.Authorization;

public sealed class OpaOptions
{
public Uri BaseAddress { get; set; } = new Uri("http://127.0.0.1:8181");
public Uri BaseAddress { get; set; } = new("http://127.0.0.1:8181");
public TimeSpan ConnectionTimeout { get; set; } = TimeSpan.FromMilliseconds(250);
public JsonSerializerOptions JsonSerializerOptions { get; set; } = new JsonSerializerOptions();
public JsonSerializerOptions JsonSerializerOptions { get; set; } = new();
}
8 changes: 5 additions & 3 deletions src/HotChocolate/AspNetCore/src/AspNetCore.Authorization.Opa/OpaService.cs
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
using System.Net;

namespace HotChocolate.AspNetCore.Authorization;

public sealed class OpaService : IOpaService
Expand All @@ -11,13 +13,13 @@ public OpaService(HttpClient httpClient, OpaOptions options)
_options = options ?? throw new ArgumentNullException(nameof(options));
}

public async Task<QueryResponse?> QueryAsync(string policyPath, QueryRequest request, CancellationToken token)
public async Task<ResponseBase?> QueryAsync(string policyPath, QueryRequest request, CancellationToken token)
{
if (policyPath is null) throw new ArgumentNullException(nameof(policyPath));
if (request is null) throw new ArgumentNullException(nameof(request));

HttpResponseMessage? response = await _httpClient.PostAsync(policyPath, request.ToJsonContent(_options.JsonSerializerOptions), token);
response.EnsureSuccessStatusCode();
HttpResponseMessage response = await _httpClient.PostAsync(policyPath, request.ToJsonContent(_options.JsonSerializerOptions), token);
if (policyPath.Equals(string.Empty) && response.StatusCode == HttpStatusCode.NotFound) return NoDefaultPolicy.Response;
return await response.Content.QueryResponseFromJsonAsync(_options.JsonSerializerOptions, token);
}
}
4 changes: 2 additions & 2 deletions src/HotChocolate/AspNetCore/src/AspNetCore.Authorization.Opa/Types/IOpaDecision.cs
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
namespace HotChocolate.AspNetCore.Authorization;
namespace HotChocolate.AspNetCore.Authorization;

public interface IOpaDecision
{
AuthorizeResult Map(QueryResponse? response);
AuthorizeResult Map(ResponseBase? response);
}
8 changes: 8 additions & 0 deletions ...HotChocolate/AspNetCore/src/AspNetCore.Authorization.Opa/Types/IOpaQueryRequestFactory.cs
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
using HotChocolate.Resolvers;

namespace HotChocolate.AspNetCore.Authorization;

public interface IOpaQueryRequestFactory
{
QueryRequest CreateRequest(IMiddlewareContext context, AuthorizeDirective directive);
}
2 changes: 1 addition & 1 deletion src/HotChocolate/AspNetCore/src/AspNetCore.Authorization.Opa/Types/IOpaService.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,5 @@ namespace HotChocolate.AspNetCore.Authorization;

public interface IOpaService
{
Task<QueryResponse?> QueryAsync(string policyPath, QueryRequest request, CancellationToken token);
Task<ResponseBase?> QueryAsync(string policyPath, QueryRequest request, CancellationToken token);
}
3 changes: 2 additions & 1 deletion src/HotChocolate/AspNetCore/src/AspNetCore.Authorization.Opa/Types/Input.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,10 @@ namespace HotChocolate.AspNetCore.Authorization;

public sealed class Input
{
public GraphQl GraphQL { get; set; } = new GraphQl();
public Policy Policy { get; set; } = new();
public OriginalRequest Request { get; set; } = new();
public IPAndPort Source { get; set; } = IPAndPort.Empty;
public IPAndPort Destination { get; set; } = IPAndPort.Empty;
public object? Extensions { get; set; }
public static readonly Input Empty = new();
}
4 changes: 2 additions & 2 deletions ...etCore.Authorization.Opa/Types/GraphQl.cs → ...NetCore.Authorization.Opa/Types/Policy.cs
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
namespace HotChocolate.AspNetCore.Authorization;

public sealed class GraphQl
public sealed class Policy
{
public string Policy { get; set; } = string.Empty;
public string Path { get; set; } = string.Empty;
public string[] Roles { get; set; } = Array.Empty<string>();
}
19 changes: 17 additions & 2 deletions src/HotChocolate/AspNetCore/src/AspNetCore.Authorization.Opa/Types/QueryResponse.cs
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,22 @@
namespace HotChocolate.AspNetCore.Authorization;
namespace HotChocolate.AspNetCore.Authorization;

public sealed class QueryResponse
public abstract class ResponseBase { }

public sealed class QueryResponse : ResponseBase
{
public Guid? DecisionId { get; set; }
public bool Result { get; set; }
}

public sealed class PolicyNotFound : ResponseBase
{
private PolicyNotFound() {}
public static readonly PolicyNotFound Response = new();
}


public sealed class NoDefaultPolicy : ResponseBase
{
private NoDefaultPolicy() { }
public static readonly NoDefaultPolicy Response = new();
}
Loading

0 comments on commit e43a74d

Please sign in to comment.