Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(backend): start of handling grant token rotation more gracefully #2887

Merged
merged 9 commits into from
Aug 23, 2024

Conversation

mkurapov
Copy link
Contributor

@mkurapov mkurapov commented Aug 22, 2024

Changes proposed in this pull request

  • Adding getOrCreate and delete methods to backend grant service:
    • getOrCreate method:
      • soft deletes a grant if token rotation fails
      • uses the open payments client to request grant and store it instead of having it be the responsibility of the caller
    • delete method
      • allows callers to soft delete a grant if necessary
    • these methods are still unused at this point, I will be updating callers to use them in a later PR, so we can break up the changes
  • Adding deletedAt field to the grants table to allow soft deletion, as well as dropping the unique constraint on authServerId accessType and accessActions such that we can properly soft delete problematic grants

Context

Checklist

  • Related issues linked using fixes #number
  • Tests added/updated
  • Documentation added
  • Make sure that all checks pass
  • Bruno collection updated

@github-actions github-actions bot added pkg: backend Changes in the backend package. type: source Changes business logic labels Aug 22, 2024
Copy link

netlify bot commented Aug 22, 2024

Deploy Preview for brilliant-pasca-3e80ec canceled.

Name Link
🔨 Latest commit 4bff426
🔍 Latest deploy log https://app.netlify.com/sites/brilliant-pasca-3e80ec/deploys/66c88f7043f9a3000747598b

@mkurapov mkurapov changed the title feat(backend): adding grantService.getOrCreate method feat(backend): adding additional methods in grantService Aug 22, 2024
@mkurapov mkurapov changed the title feat(backend): adding additional methods in grantService feat(backend): start of handling grant token rotation more gracefully Aug 22, 2024
@github-actions github-actions bot added the type: tests Testing related label Aug 22, 2024
*/
exports.up = function (knex) {
return knex.schema.alterTable('grants', function (table) {
table.dropUnique(['authServerId', 'accessType', 'accessActions'])
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dropping the unique constraint on authServerId accessType and accessActions such that we can properly soft delete grants (see migration below)

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

seems similar to this case? #2863 (comment)

So could we use a partial unique index (where deletedAt is not null)?

Copy link
Contributor Author

@mkurapov mkurapov Aug 23, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think this unique constraint is very useful to begin with, particularly because order matters in accessActions array, meaning [Create, Read] is different from [Read, Create], even though they are the same in terms of how we deal with them in code

Comment on lines +237 to +238
grantService: Promise<GrantService>
authServerService: Promise<AuthServerService>
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

weren't included before, adding here so we get proper types

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

easy to miss this

Comment on lines +17 to +18
getOrCreate(options: GrantOptions): Promise<Grant | GrantError>
delete(id: string): Promise<Grant>
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

still unused

})
.whereNull('deletedAt')
.andWhere('authServer.url', options.authServer)
.andWhere('accessActions', '@>', options.accessActions) // all options.accessActions are a subset of saved accessActions
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

e.g. if we have [AccessActions.Create, AccessActions.Complete, AccessActions.Read] and we are trying to getOrCreate a grant with [AccessActions.Create] we will properly return it, but if one of the elements in the requested list doesnt exist, we will not be able to fetch it

Copy link
Contributor

@BlairCurrey BlairCurrey Aug 22, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It looks like this differs slightly from the getGrant which finds one that has strictly equal accessActions. Its not quite clear what the ramifications of this will be. Can you speak to this difference? ie that its intentional, working as intended, etc.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

before, if we already had a grant for [Read, Create] and then we were trying to getOrCreate a grant with [Read], it would fail to get the existing one, even though the existing grant has the sufficient access requirements

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I suppose we're getting rid of the getGrant here then (in subsequent PR)? looks like its unused but if we keep it for some reason I guess we should update to filter out by deletedAt (and maybe this same accessActions where clause). But I imagine we can just remove it.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes exactly, will be removing the unused methods

@mkurapov mkurapov force-pushed the 2852/mk/get-or-create-ip-grants branch from 20c21b2 to 9dcbf78 Compare August 22, 2024 19:44
@mkurapov mkurapov force-pushed the 2852/mk/get-or-create-ip-grants branch from 9dcbf78 to b21d89e Compare August 22, 2024 19:45
@mkurapov mkurapov marked this pull request as ready for review August 22, 2024 19:45
@@ -0,0 +1,19 @@
/**
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: why not combine this migration with drop_unique_grants?

Copy link
Contributor Author

@mkurapov mkurapov Aug 23, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yup, makes sense for this one, let me do that

@mkurapov mkurapov requested review from BlairCurrey and njlie August 23, 2024 12:13
).resolves.toEqual({ ...existingGrant, authServer })
})

test('gets existing grant (requested actions are a subset of saved actions)', async () => {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would be necessary to create another test (or modify this one) to ensure that it can retrieve existing grants that have (Read/List)-All rights when (Read/List) is requested?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

good point, maybe during create if ReadAll/ListAll is requested, we can also manually add the corresponding Read/List as well

@mkurapov mkurapov requested a review from njlie August 23, 2024 13:24
@mkurapov mkurapov force-pushed the 2852/mk/get-or-create-ip-grants branch from 5a69214 to 4bff426 Compare August 23, 2024 13:32
Copy link
Contributor

@njlie njlie left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@mkurapov mkurapov merged commit 175a7cf into main Aug 23, 2024
42 checks passed
@mkurapov mkurapov deleted the 2852/mk/get-or-create-ip-grants branch August 23, 2024 15:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
pkg: backend Changes in the backend package. type: source Changes business logic type: tests Testing related
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants