V3: Fix user profile when deployed with Ingress (Helm) (#4110)

* Fix 404 dues to nginx forwarded headers

* Fix for user profile error with gzip response

* Fix merge issue

* Fix for db pod being recreated with two instances

* Fix broken edit user profile

deploy/kubernetes/console/templates/deployment.yaml

@@ -330,6 +330,12 @@ metadata:
     app.kubernetes.io/component: "stratos-db"
     helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
 spec:
+  replicas: 1
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxSurge: 0
+      maxUnavailable: 1
   selector:
     matchLabels:
       app.kubernetes.io/name: "stratos"

src/jetstream/plugins/userinfo/local_user.go

@@ -6,8 +6,8 @@ import (
 
 	"golang.org/x/crypto/bcrypt"
 
-	"github.com/cloudfoundry-incubator/stratos/src/jetstream/repository/localusers"
 	"github.com/cloudfoundry-incubator/stratos/src/jetstream/repository/interfaces"
+	"github.com/cloudfoundry-incubator/stratos/src/jetstream/repository/localusers"
 )
 
 // LocalUserInfo is a plugin to fetch user info
@@ -21,21 +21,21 @@ func InitLocalUserInfo(portalProxy interfaces.PortalProxy) Provider {
 }
 
 // GetUserInfo gets info for the specified user
-func (userInfo *LocalUserInfo) GetUserInfo(id string) (int, []byte, error) {
+func (userInfo *LocalUserInfo) GetUserInfo(id string) (int, []byte, *http.Header, error) {
 
 	localUsersRepo, err := localusers.NewPgsqlLocalUsersRepository(userInfo.portalProxy.GetDatabaseConnection())
 	if err != nil {
-		return 500, nil, err
+		return 500, nil, nil, err
 	}
 
 	user, err := localUsersRepo.FindUser(id)
 	if err != nil {
-		return 500, nil, err
+		return 500, nil, nil, err
 	}
 
 	uaaUser := &uaaUser{
-		ID: id,
-		Origin: "local",
+		ID:       id,
+		Origin:   "local",
 		Username: user.Username,
 	}
 
@@ -55,37 +55,37 @@ func (userInfo *LocalUserInfo) GetUserInfo(id string) (int, []byte, error) {
 
 	jsonString, err := json.Marshal(uaaUser)
 	if err != nil {
-		return 500, nil, err
+		return 500, nil, nil, err
 	}
 
-	return 200, jsonString, nil
+	return 200, jsonString, nil, nil
 }
 
 // UpdateUserInfo updates the user's info
-func (userInfo *LocalUserInfo) UpdateUserInfo(profile *uaaUser) (error) {
+func (userInfo *LocalUserInfo) UpdateUserInfo(profile *uaaUser) (int, error) {
 
 	// Fetch the user, make updates and save
 	id := profile.ID
 	localUsersRepo, err := localusers.NewPgsqlLocalUsersRepository(userInfo.portalProxy.GetDatabaseConnection())
 	if err != nil {
-		return err
+		return 500, err
 	}
 
 	user, err := localUsersRepo.FindUser(id)
 	if err != nil {
-		return err
+		return 500, err
 	}
 
 	hash, err := localUsersRepo.FindPasswordHash(id)
 	if err != nil {
-		return err
+		return 500, err
 	}
 
 	user.PasswordHash = hash
 
 	if len(profile.Emails) == 1 {
 		email := profile.Emails[0]
-		if len(email.Value) >0 {
+		if len(email.Value) > 0 {
 			user.Email = email.Value
 		}
 	}
@@ -95,36 +95,36 @@ func (userInfo *LocalUserInfo) UpdateUserInfo(profile *uaaUser) (error) {
 
 	err = localUsersRepo.UpdateLocalUser(user)
 	if err != nil {
-		return err
+		return 500, err
 	}
 
-	return nil
+	return 200, nil
 }
 
 // UpdatePassword updates the user's password
-func (userInfo *LocalUserInfo) UpdatePassword(id string, passwordInfo *passwordChangeInfo) (error) {
+func (userInfo *LocalUserInfo) UpdatePassword(id string, passwordInfo *passwordChangeInfo) (int, error) {
 
 	// Fetch the user, make updates and save
 	localUsersRepo, err := localusers.NewPgsqlLocalUsersRepository(userInfo.portalProxy.GetDatabaseConnection())
 	if err != nil {
-		return err
+		return 500, err
 	}
 
 	user, err := localUsersRepo.FindUser(id)
 	if err != nil {
-		return err
+		return 500, err
 	}
 
 	hash, err := localUsersRepo.FindPasswordHash(id)
 	if err != nil {
-		return err
+		return 500, err
 	}
 
 	// Check old password is correct
 	err = bcrypt.CompareHashAndPassword(hash, []byte(passwordInfo.OldPassword))
 	if err != nil {
 		// Old password is incorrect
-		return interfaces.NewHTTPShadowError(
+		return 500, interfaces.NewHTTPShadowError(
 			http.StatusBadRequest,
 			"Current password is incorrect",
 			"Current password is incorrect: %v", err,
@@ -133,20 +133,20 @@ func (userInfo *LocalUserInfo) UpdatePassword(id string, passwordInfo *passwordC
 
 	passwordHash, err := HashPassword(passwordInfo.NewPassword)
 	if err != nil {
-		return err
+		return 500, err
 	}
 
 	user.PasswordHash = passwordHash
 
 	err = localUsersRepo.UpdateLocalUser(user)
 	if err != nil {
-		return err
+		return 500, err
 	}
-	return nil
+	return 200, nil
 }
 
 //HashPassword accepts a plaintext password string and generates a salted hash
 func HashPassword(password string) ([]byte, error) {
 	bytes, err := bcrypt.GenerateFromPassword([]byte(password), 14)
 	return bytes, err
-}
+}

src/jetstream/plugins/userinfo/main.go

@@ -100,11 +100,13 @@ func (userInfo *UserInfo) userInfo(c echo.Context) error {
 	}
 
 	provider := userInfo.getProvider(c)
-	statusCode, body, err := provider.GetUserInfo(id)
+	statusCode, body, headers, err := provider.GetUserInfo(id)
 	if err != nil {
 		return err
 	}
 
+	fwdResponseHeaders(headers, c.Response().Header())
+
 	c.Response().WriteHeader(statusCode)
 	_, _ = c.Response().Write(body)
 
@@ -133,7 +135,7 @@ func (userInfo *UserInfo) updateUserInfo(c echo.Context) error {
 		return echo.NewHTTPError(http.StatusBadRequest, "Invalid message body")
 	}
 
-	err = provider.UpdateUserInfo(updatedProfile)
+	statusCode, err := provider.UpdateUserInfo(updatedProfile)
 	if err != nil {
 		if httpError, ok := err.(interfaces.ErrHTTPShadow); ok {
 			return httpError
@@ -146,7 +148,7 @@ func (userInfo *UserInfo) updateUserInfo(c echo.Context) error {
 		)
 	}
 
-	c.Response().WriteHeader(http.StatusOK)
+	c.Response().WriteHeader(statusCode)
 
 	return nil
 }
@@ -173,7 +175,7 @@ func (userInfo *UserInfo) updateUserPassword(c echo.Context) error {
 		return echo.NewHTTPError(http.StatusBadRequest, "Invalid message body")
 	}
 
-	err = provider.UpdatePassword(id, passwordInfo)
+	statusCode, err := provider.UpdatePassword(id, passwordInfo)
 	if err != nil {
 		if httpError, ok := err.(interfaces.ErrHTTPShadow); ok {
 			return httpError
@@ -186,7 +188,7 @@ func (userInfo *UserInfo) updateUserPassword(c echo.Context) error {
 		)
 	}
 
-	c.Response().WriteHeader(http.StatusOK)
+	c.Response().WriteHeader(statusCode)
 
 	return nil
 }

src/jetstream/plugins/userinfo/types.go

@@ -1,10 +1,14 @@
 package userinfo
 
+import (
+	"net/http"
+)
+
 // Provider manages user info for a provider
 type Provider interface {
-	GetUserInfo(id string) (int, []byte, error)
-	UpdateUserInfo(*uaaUser) error
-	UpdatePassword(id string, info *passwordChangeInfo) error
+	GetUserInfo(id string) (int, []byte, *http.Header, error)
+	UpdateUserInfo(*uaaUser) (int, error)
+	UpdatePassword(id string, info *passwordChangeInfo) (int, error)
 }
 
 type uaaUserEmail struct {
@@ -13,28 +17,28 @@ type uaaUserEmail struct {
 
 type uaaUserName struct {
 	FamilyName string `json:"familyName"`
-	GivenName string `json:"givenName"`
+	GivenName  string `json:"givenName"`
 }
 
 type uaaUserGroup struct {
 	Display string `json:"display"`
 }
 
 type uaaUser struct {
-	Raw []byte
-	ID string `json:"id"`
-	Username string `json:"userName"`
-	Emails []uaaUserEmail `json:"emails"`
-	Name uaaUserName `json:"name"`
-	Origin string `json:"origin"`
-	Groups []uaaUserGroup `json:"groups"`
-	Meta struct {
+	Raw      []byte
+	ID       string         `json:"id"`
+	Username string         `json:"userName"`
+	Emails   []uaaUserEmail `json:"emails"`
+	Name     uaaUserName    `json:"name"`
+	Origin   string         `json:"origin"`
+	Groups   []uaaUserGroup `json:"groups"`
+	Meta     struct {
 		Version int `json:"version"`
 	} `json:"meta"`
 }
 
 type passwordChangeInfo struct {
-	Raw []byte
+	Raw         []byte
 	OldPassword string `json:"oldPassword"`
 	NewPassword string `json:"password"`
-}
+}