Merge branch 'master' into feat/add_show_admin_endpoint

Author: yashin5

.github/workflows/main.yml

@@ -109,13 +109,13 @@ jobs:
         uses: actions/cache@v2
         id: plt-cache
         with:
-          path: _build/plts
+          path: dializer/
           key: ${{ runner.os }}-${{ matrix.otp }}-${{ matrix.elixir }}-plts-${{ hashFiles(format('{0}{1}', github.workspace, '/mix.lock')) }}
 
       - name: Generate PLT
         if: steps.plt-cache.outputs.cache-hit != 'true'
         run: |
-          mkdir -p _build/plts
+          mkdir -p dialyzer/
           mix dialyzer --plt
 
       - name: Run dialyzer

.gitignore

@@ -7,6 +7,9 @@
 # The directory Mix downloads your dependencies sources to.
 /deps/
 
+# The directory where the files will be saved on every build.
+/dialyzer/
+
 # Where third-party dependencies like ExDoc output generated docs.
 /doc/
 

README.md

@@ -2,24 +2,14 @@
 
 **This is a work in progress and every contribution is welcome :)**
 
-**TODO: Add description**
-
 ## Requirements
 
-- Elixir `1.11` using `OTP-23`;
+- Elixir `1.11`;
 - Erlang `23.1`;
 - Docker-compose (Just when running in dev enviroment);
 
 ## Running it locally
 
-First you should install all requirement, we recommend you to use [asdf](https://github.com/asdf-vm/asdf).
-
-If you are using `asdf` just run:
-
-- `asdf plugin-add elixir`;
-- `asdf plugin-add erlang`;
-- `asdf install`;
-
 In order to prepare the application run:
 
 - `docker-compose up` to get your containers running;
@@ -47,7 +37,7 @@ ResourceManager.Repo.all(ResourceManager.Identities.Schemas.ClientApplication) |
 
 Check out the [rest api guide](https://github.com/lcpojr/watcher_ex/blob/master/apps/rest_api/README.md) on the specific application `README.md`.
 
-## Testing
+### Testing
 
 Before you can run the tests you should setup the test dabatase by using `mix test_setup`. After that just call `mix test` or `mix coveralls` if you want to check code coverage.
 

apps/authenticator/test/authenticator/sign_in/commands/client_credentials_test.exs

@@ -106,9 +106,9 @@ defmodule Authenticator.SignIn.Commands.ClientCredentialsTest do
     test "succeeds using client_assertions and generates an access_token" do
       scopes = RF.insert_list!(:scope, 3)
       app = RF.insert!(:client_application, grant_flows: ["client_credentials"])
-      public_key = RF.insert!(:public_key, client_application: app, value: get_priv_public_key())
+      public_key = RF.insert!(:public_key, client_application: app, value: get_public_key())
 
-      signer = Joken.Signer.create("RS256", %{"pem" => get_priv_private_key()})
+      signer = Joken.Signer.create("RS256", %{"pem" => get_private_key()})
 
       client_assertion =
         ClientAssertion.generate_and_sign!(
@@ -144,9 +144,9 @@ defmodule Authenticator.SignIn.Commands.ClientCredentialsTest do
     test "succeeds using client_assertions and generates a refresh_token" do
       scopes = RF.insert_list!(:scope, 3)
       app = RF.insert!(:client_application, grant_flows: ["client_credentials", "refresh_token"])
-      public_key = RF.insert!(:public_key, client_application: app, value: get_priv_public_key())
+      public_key = RF.insert!(:public_key, client_application: app, value: get_public_key())
 
-      signer = Joken.Signer.create("RS256", %{"pem" => get_priv_private_key()})
+      signer = Joken.Signer.create("RS256", %{"pem" => get_private_key()})
 
       client_assertion =
         ClientAssertion.generate_and_sign!(

apps/authenticator/test/authenticator/sign_in/commands/resource_owner_test.exs

@@ -129,11 +129,11 @@ defmodule Authenticator.SignIn.Commands.ResourceOwnerTest do
       scopes = RF.insert_list!(:scope, 3)
       user = RF.insert!(:user)
       app = RF.insert!(:client_application)
-      public_key = RF.insert!(:public_key, client_application: app, value: get_priv_public_key())
+      public_key = RF.insert!(:public_key, client_application: app, value: get_public_key())
       hash = RF.gen_hashed_password("MyPassw@rd234")
       password = RF.insert!(:password, user: user, password_hash: hash)
 
-      signer = Joken.Signer.create("RS256", %{"pem" => get_priv_private_key()})
+      signer = Joken.Signer.create("RS256", %{"pem" => get_private_key()})
 
       client_assertion =
         ClientAssertion.generate_and_sign!(
@@ -177,11 +177,11 @@ defmodule Authenticator.SignIn.Commands.ResourceOwnerTest do
       scopes = RF.insert_list!(:scope, 3)
       user = RF.insert!(:user)
       app = RF.insert!(:client_application, grant_flows: ["resource_owner", "refresh_token"])
-      public_key = RF.insert!(:public_key, client_application: app, value: get_priv_public_key())
+      public_key = RF.insert!(:public_key, client_application: app, value: get_public_key())
       hash = RF.gen_hashed_password("MyPassw@rd234")
       password = RF.insert!(:password, user: user, password_hash: hash)
 
-      signer = Joken.Signer.create("RS256", %{"pem" => get_priv_private_key()})
+      signer = Joken.Signer.create("RS256", %{"pem" => get_private_key()})
 
       client_assertion =
         ClientAssertion.generate_and_sign!(

apps/authenticator/test/support/factory.ex

@@ -6,7 +6,8 @@ defmodule Authenticator.Factory do
   alias Authenticator.Sessions.Tokens.{AccessToken, RefreshToken}
   alias Authenticator.SignIn.Schemas.{ApplicationAttempt, UserAttempt}
 
-  @doc false
+  @doc "Builds a default struct from the requested model"
+  @spec build(model :: atom()) :: struct()
   def build(:session) do
     jti = Ecto.UUID.generate()
 
@@ -51,50 +52,60 @@ defmodule Authenticator.Factory do
     }
   end
 
-  @doc false
+  @doc "Returns the a model struct with the given attributes"
+  @spec build(factory_name :: atom(), attributes :: Keyword.t()) :: struct()
   def build(factory_name, attributes) when is_atom(factory_name) and is_list(attributes) do
     factory_name
     |> build()
     |> struct!(attributes)
   end
 
-  @doc false
+  @doc "Inserts a model with the given attributes on database"
+  @spec insert!(factory_name :: atom(), attributes :: Keyword.t()) :: struct()
   def insert!(factory_name, attributes \\ []) when is_atom(factory_name) do
     factory_name
     |> build(attributes)
     |> Repo.insert!()
   end
 
-  @doc false
+  @doc "Inserts a list of the given model on database"
+  @spec insert_list!(
+          factory_name :: atom(),
+          count :: integer(),
+          attributes :: Keyword.t()
+        ) :: list(struct())
   def insert_list!(factory_name, count \\ 10, attributes \\ []) when is_atom(factory_name),
     do: Enum.map(0..count, fn _ -> insert!(factory_name, attributes) end)
 
-  @doc false
-  def build_access_token(claims), do: AccessToken.generate_and_sign(claims)
+  @doc "Returns an mocked access token using the given claims"
+  @spec build_access_token(claims :: map()) :: {:ok, token :: String.t(), claims :: map()}
+  def build_access_token(claims) when is_map(claims), do: AccessToken.generate_and_sign(claims)
 
-  @doc false
-  def build_refresh_token(claims), do: RefreshToken.generate_and_sign(claims)
+  @doc "Returns an mocked refresh token using the given claims"
+  @spec build_refresh_token(claims :: map()) :: {:ok, token :: String.t(), claims :: map()}
+  def build_refresh_token(claims) when is_map(claims), do: RefreshToken.generate_and_sign(claims)
 
-  @doc false
+  @doc "Returns an default token expiration"
+  @spec default_expiration() :: NaiveDateTime.t()
   def default_expiration do
     NaiveDateTime.utc_now()
     |> NaiveDateTime.truncate(:second)
     |> NaiveDateTime.add(60 * 60 * 24, :second)
   end
 
-  @doc false
-  def get_priv_public_key do
-    :authenticator
-    |> :code.priv_dir()
-    |> Path.join("/keys/authenticator_key.pub")
+  @doc "Returns the mocked public key"
+  @spec get_public_key() :: String.t()
+  def get_public_key do
+    File.cwd!()
+    |> Path.join("/test/support/mocks/keys/public_key.pub")
     |> File.read!()
   end
 
-  @doc false
-  def get_priv_private_key do
-    :authenticator
-    |> :code.priv_dir()
-    |> Path.join("/keys/authenticator_key.pem")
+  @doc "Returns the mocked private key"
+  @spec get_private_key() :: String.t()
+  def get_private_key do
+    File.cwd!()
+    |> Path.join("/test/support/mocks/keys/private_key.pem")
     |> File.read!()
   end
 end

apps/authenticator/priv/keys/authenticator_key.pem apps/authenticator/test/support/mocks/keys/private_key.pem

@@ -17,7 +17,7 @@ defmodule ResourceManager.Credentials.PublicKeysTest do
 
       params = %{
         client_application_id: client_application.id,
-        value: get_priv_public_key()
+        value: get_public_key()
       }
 
       assert {:ok, %PublicKey{id: id} = public_key} = PublicKeys.create(params)
@@ -32,7 +32,7 @@ defmodule ResourceManager.Credentials.PublicKeysTest do
 
   describe "#{PublicKeys}.update/2" do
     test "succeed if params are valid", ctx do
-      value = get_priv_public_key()
+      value = get_public_key()
 
       assert {:ok, %PublicKey{id: id, value: ^value} = public_key} =
                PublicKeys.update(ctx.public_key, %{value: value})
@@ -47,7 +47,7 @@ defmodule ResourceManager.Credentials.PublicKeysTest do
 
     test "raises if public_key does not exist" do
       assert_raise Ecto.NoPrimaryKeyValueError, fn ->
-        PublicKeys.update(%PublicKey{}, %{value: get_priv_public_key()})
+        PublicKeys.update(%PublicKey{}, %{value: get_public_key()})
       end
     end
   end

apps/authenticator/priv/keys/authenticator_key.pub apps/authenticator/test/support/mocks/keys/public_key.pub

@@ -26,7 +26,7 @@ defmodule ResourceManager.Identities.Commands.CreateIdentityTest do
       input = %{
         name: "my-client-application",
         description: "App for tests",
-        public_key: get_priv_public_key(),
+        public_key: get_public_key(),
         scopes: ctx.scopes
       }
 

apps/resource_manager/test/resource_manager/credentials/public_key_test.exs

@@ -8,7 +8,8 @@ defmodule ResourceManager.Factory do
 
   @default_password "My-passw@rd123"
 
-  @doc false
+  @doc "Builds a default struct from the requested model"
+  @spec build(model :: atom()) :: struct()
   def build(:user) do
     %User{
       username: "my-test-username#{System.unique_integer()}",
@@ -37,7 +38,7 @@ defmodule ResourceManager.Factory do
 
   def build(:public_key) do
     %PublicKey{
-      value: get_priv_public_key()
+      value: get_public_key()
     }
   end
 
@@ -62,43 +63,60 @@ defmodule ResourceManager.Factory do
     }
   end
 
-  @doc false
+  @doc "Returns the a model struct with the given attributes"
+  @spec build(factory_name :: atom(), attributes :: Keyword.t()) :: struct()
   def build(factory_name, attributes) when is_atom(factory_name) and is_list(attributes) do
     factory_name
     |> build()
     |> struct!(attributes)
   end
 
-  @doc false
+  @doc "Inserts a model with the given attributes on database"
+  @spec insert!(factory_name :: atom(), attributes :: Keyword.t()) :: struct()
   def insert!(factory_name, attributes \\ []) when is_atom(factory_name) do
     factory_name
     |> build(attributes)
     |> Repo.insert!()
   end
 
-  @doc false
+  @doc "Inserts a list of the given model on database"
+  @spec insert_list!(
+          factory_name :: atom(),
+          count :: integer(),
+          attributes :: Keyword.t()
+        ) :: list(struct())
   def insert_list!(factory_name, count \\ 10, attributes \\ []) when is_atom(factory_name),
     do: Enum.map(0..count, fn _ -> insert!(factory_name, attributes) end)
 
-  @doc false
+  @doc "Returns the given password hashed using the selected algorithm"
+  @spec gen_hashed_password(
+          password :: String.t(),
+          algorithm :: :argon2 | :bcrypt | :pbkdf2
+        ) :: String.t()
   def gen_hashed_password(password \\ @default_password, alg \\ :argon2)
-  def gen_hashed_password(password, :argon2), do: Argon2.hash_pwd_salt(password)
-  def gen_hashed_password(password, :bcrypt), do: Bcrypt.hash_pwd_salt(password)
-  def gen_hashed_password(password, :pbkdf2), do: Pbkdf2.hash_pwd_salt(password)
-
-  @doc false
-  def get_priv_public_key do
-    :resource_manager
-    |> :code.priv_dir()
-    |> Path.join("/keys/resource_manager_key.pub")
+
+  def gen_hashed_password(password, :argon2) when is_binary(password),
+    do: Argon2.hash_pwd_salt(password)
+
+  def gen_hashed_password(password, :bcrypt) when is_binary(password),
+    do: Bcrypt.hash_pwd_salt(password)
+
+  def gen_hashed_password(password, :pbkdf2) when is_binary(password),
+    do: Pbkdf2.hash_pwd_salt(password)
+
+  @doc "Returns the mocked public key"
+  @spec get_public_key() :: String.t()
+  def get_public_key do
+    File.cwd!()
+    |> Path.join("/test/support/mocks/keys/public_key.pub")
     |> File.read!()
   end
 
-  @doc false
-  def get_priv_private_key do
-    :resource_manager
-    |> :code.priv_dir()
-    |> Path.join("/keys/resource_manager_key.pem")
+  @doc "Returns the mocked private key"
+  @spec get_private_key() :: String.t()
+  def get_private_key do
+    File.cwd!()
+    |> Path.join("/test/support/mocks/keys/private_key.pem")
     |> File.read!()
   end
 end

apps/resource_manager/test/resource_manager/identity/commands/create_identity_test.exs

@@ -27,9 +27,9 @@ defmodule RestAPI.Controller.Admin.User do
     end
   end
 
-  def show(conn, %{"id" => username} = params) do
+  def show(conn, %{"id" => _} = params) do
     params
-    |> Map.put(:username, username)
+    |> Map.put(:username, nil)
     |> ResourceManager.get_identity()
     |> case do
       {:ok, identity} when is_map(identity) ->

apps/resource_manager/test/support/factory.ex

@@ -1,5 +1,5 @@
 defmodule RestAPI.Controllers.Admin.User do
-  use RestAPI.ConnCase, async: true
+  use RestAPI.ConnCase, async: false
 
   alias ResourceManager.Identities.Commands.Inputs.CreateUser
   alias RestAPI.Ports.{AuthenticatorMock, AuthorizerMock, ResourceManagerMock}
@@ -216,7 +216,7 @@ defmodule RestAPI.Controllers.Admin.User do
              } =
                conn
                |> put_req_header("authorization", "Bearer #{access_token}")
-               |> get(@show_endpoint <> "username")
+               |> get(@show_endpoint <> username)
                |> json_response(201)
     end
   end

apps/resource_manager/priv/keys/resource_manager_key.pem apps/resource_manager/test/support/mocks/keys/private_key.pem

@@ -17,14 +17,16 @@ defmodule RestAPI.ConnCase do
 
   use ExUnit.CaseTemplate
 
+  alias Ecto.Adapters.SQL.Sandbox
+
   using do
     quote do
       # Import conveniences for testing with connections
       import Plug.Conn
       import Phoenix.ConnTest
       import RestAPI.ConnCase
       import Mox
-      import ResourceManager.Factory
+      import RestAPI.{ConnCase, Factory}
 
       alias RestAPI.Router.Helpers, as: Routes
 
@@ -33,7 +35,13 @@ defmodule RestAPI.ConnCase do
     end
   end
 
-  setup _tags do
+  setup tags do
+    :ok = Sandbox.checkout(ResourceManager.Repo)
+
+    unless tags[:async] do
+      Sandbox.mode(ResourceManager.Repo, {:shared, self()})
+    end
+
     {:ok, conn: Phoenix.ConnTest.build_conn()}
   end
 end