application sharing

src/auth/auth-tsoa.ts

@@ -39,6 +39,23 @@ export function expressAuthentication(
   securityName: string,
   scopes?: string[]
 ): Promise<any> {
+  if (securityName === 'pat') {
+    return new Promise((resolve: any, reject: any) => {
+      logger.info('Headers %j', Object.keys(request.headers));
+      if (request.headers && request.get('X-Consumer-Username')) {
+        resolve({
+          preferred_username: request.get('X-Consumer-Username'),
+          scope: '',
+        });
+      } else {
+        reject(
+          new UnauthorizedError('invalid_token', {
+            message: 'Denied access to resource',
+          })
+        );
+      }
+    });
+  }
   return new Promise((resolve: any, reject: any) => {
     verifyJWT(request, null, (err: any) => {
       if (err) {

src/controllers/v2/ConsumerAppAccessController.ts

@@ -0,0 +1,66 @@
+import {
+  Body,
+  Controller,
+  OperationId,
+  Request,
+  Put,
+  Path,
+  Route,
+  Security,
+  Tags,
+  Get,
+} from 'tsoa';
+import { KeystoneService } from '../ioc/keystoneInjector';
+import { inject, injectable } from 'tsyringe';
+
+import { Application, ServiceAccess } from './types';
+import { getRecords, removeEmpty } from '../../batch/feed-worker';
+import { Logger } from '../../logger';
+import { BatchWhereClause } from '@/services/keystone/batch-service';
+
+const logger = Logger('controllers.AppAccess');
+
+@injectable()
+@Route('/access')
+@Tags('Consumers')
+export class ApplicationAccessController extends Controller {
+  private keystone: KeystoneService;
+  constructor(@inject('KeystoneService') private _keystone: KeystoneService) {
+    super();
+    this.keystone = _keystone;
+  }
+
+  /**
+   * Get a list of application Access
+   *
+   * @summary List of Access
+   */
+  @Get()
+  @OperationId('get-application-access')
+  @Security('jwt')
+  @Security('pat')
+  public async list(@Request() request: any): Promise<ServiceAccess[]> {
+    // skip access control - since this API will be adding explicit where clause filtering
+    const ctx = this.keystone.createContext(request, true);
+
+    const where: BatchWhereClause = {
+      query: '$owner: String',
+      clause: '{ application: { owner: { username: $owner }}}',
+      variables: {
+        owner: ctx['authedItem']['username'],
+      },
+    };
+
+    const records: ServiceAccess[] = await getRecords(
+      ctx,
+      'ServiceAccess',
+      'myServiceAccesses',
+      [],
+      where
+    );
+
+    logger.info('Service Access %j', records);
+
+    return records.map((o) => removeEmpty(o));
+  }
+}

src/controllers/v2/ConsumerApplicationController.ts

@@ -0,0 +1,90 @@
+import {
+  Body,
+  Controller,
+  OperationId,
+  Request,
+  Put,
+  Path,
+  Route,
+  Security,
+  Tags,
+  Get,
+} from 'tsoa';
+import { KeystoneService } from '../ioc/keystoneInjector';
+import { inject, injectable } from 'tsyringe';
+
+import { Application } from './types';
+import { getRecords, removeEmpty } from '../../batch/feed-worker';
+import { Logger } from '../../logger';
+import { BatchWhereClause } from '@/services/keystone/batch-service';
+
+const logger = Logger('controllers.Application');
+
+@injectable()
+@Route('/applications')
+@Tags('Consumers')
+export class ApplicationController extends Controller {
+  private keystone: KeystoneService;
+  constructor(@inject('KeystoneService') private _keystone: KeystoneService) {
+    super();
+    this.keystone = _keystone;
+  }
+
+  /**
+   * Update metadata about a Application
+   * > `Required Scope:` Application.Manage
+   *
+   * @summary Update Application
+   */
+  @Put('/{app}')
+  @OperationId('put-application')
+  @Security('jwt')
+  @Security('pat')
+  public async put(
+    @Path() app: string,
+    @Body() body: Application,
+    @Request() request: any
+  ): Promise<any> {
+    return {
+      put: true,
+      app,
+      body,
+    };
+  }
+
+  /**
+   * Get a list of your Applications
+   *
+   * @summary List of Applications
+   */
+  @Get()
+  @OperationId('get-applications')
+  @Security('jwt')
+  @Security('pat')
+  public async list(@Request() request: any): Promise<Application[]> {
+    // skip access control - since this API will be adding explicit where clause filtering
+    const ctx = this.keystone.createContext(request, true);
+
+    const where: BatchWhereClause = {
+      query: '$owner: String',
+      clause: '{ owner: { username: $owner }}',
+      variables: {
+        owner: ctx['authedItem']['username'],
+      },
+    };
+
+    const records: Application[] = await getRecords(
+      ctx,
+      'Application',
+      'allApplications',
+      [],
+      where
+    );
+
+    logger.info('Applications %j', records);
+
+    return records.map((o) => removeEmpty(o));
+  }
+
+  // Update application owners
+}

src/controllers/v2/ConsumerPATController.ts

@@ -0,0 +1,55 @@
+import {
+  Body,
+  Controller,
+  OperationId,
+  Request,
+  Put,
+  Path,
+  Route,
+  Security,
+  Tags,
+  Get,
+  Post,
+} from 'tsoa';
+import { KeystoneService } from '../ioc/keystoneInjector';
+import { inject, injectable } from 'tsyringe';
+import { Application } from './types';
+import { Logger } from '../../logger';
+import { replaceApiKey } from '@/services/workflow/kong-api-key-replace';
+
+const logger = Logger('controllers.ConsumerPAT');
+
+@injectable()
+@Route('/personalaccesstokens')
+@Tags('Consumers')
+export class PATController extends Controller {
+  private keystone: KeystoneService;
+  constructor(@inject('KeystoneService') private _keystone: KeystoneService) {
+    super();
+    this.keystone = _keystone;
+  }
+
+  /**
+   * Create PAT
+   *
+   * @summary Token
+   */
+  @Post()
+  @OperationId('create-pat')
+  @Security('jwt')
+  public async createPersonalAccessToken(
+    @Body() body: Application,
+    @Request() request: any
+  ): Promise<any> {
+    logger.info('Create Personal Access Token');
+    // Create an API Key for the particular user
+    // /src/services/workflow/kong-api-key-replace.ts
+    //await replaceApiKey();
+    // keyAuthPK: response['id'],
+    // apiKey: response['key'],
+    return {
+      put: true,
+      body,
+    };
+  }
+}