// Refresh obtain a new access token using the refresh token.
func (c *LoginController) Refresh(ctx *app.RefreshLoginContext) error {
refreshToken := ctx.Payload.RefreshToken
if refreshToken == nil {
return jsonapi.JSONErrorResponse(ctx, errors.NewBadParameterError("refresh_token", nil).Expected("not nil"))
}
client := &http.Client{Timeout: 10 * time.Second}
res, err := client.PostForm(configuration.GetKeycloakEndpointToken(), url.Values{
"client_id": {configuration.GetKeycloakClientID()},
"client_secret": {configuration.GetKeycloakSecret()},
"refresh_token": {*refreshToken},
"grant_type": {"refresh_token"},
})
if err != nil {
return jsonapi.JSONErrorResponse(ctx, errors.NewInternalError("Error when obtaining token "+err.Error()))
}
switch res.StatusCode {
case 200:
// OK
case 401:
return jsonapi.JSONErrorResponse(ctx, errors.NewUnauthorizedError(res.Status+" "+readBody(res.Body)))
case 400:
return jsonapi.JSONErrorResponse(ctx, errors.NewBadParameterError(readBody(res.Body), nil))
default:
return jsonapi.JSONErrorResponse(ctx, errors.NewInternalError(res.Status+" "+readBody(res.Body)))
}
token, err := readToken(res, ctx)
if err != nil {
return err
}
return ctx.OK(&app.AuthToken{Token: token})
}
// Generate obtain the access token from Keycloak for the test user
func (c *LoginController) Generate(ctx *app.GenerateLoginContext) error {
if !configuration.IsPostgresDeveloperModeEnabled() {
log.Error(ctx, map[string]interface{}{
"method": "Generate",
}, "Postgres developer mode not enabled")
jerrors, _ := jsonapi.ErrorToJSONAPIErrors(goa.ErrUnauthorized("Postgres developer mode not enabled"))
return ctx.Unauthorized(jerrors)
}
var scopes []account.Identity
scopes = append(scopes, test.TestIdentity)
scopes = append(scopes, test.TestObserverIdentity)
client := &http.Client{Timeout: 10 * time.Second}
username := configuration.GetKeycloakTestUserName()
res, err := client.PostForm(configuration.GetKeycloakEndpointToken(), url.Values{
"client_id": {configuration.GetKeycloakClientID()},
"client_secret": {configuration.GetKeycloakSecret()},
"username": {username},
"password": {configuration.GetKeycloakTestUserSecret()},
"grant_type": {"password"},
})
if err != nil {
return jsonapi.JSONErrorResponse(ctx, errors.NewInternalError("error when obtaining token "+err.Error()))
}
token, err := readToken(res, ctx)
if err != nil {
log.Error(ctx, map[string]interface{}{
"tokenEndpoint": res,
"err": err,
}, "Error when unmarshal json with access token")
return jsonapi.JSONErrorResponse(ctx, e.Wrap(err, "Error when unmarshal json with access token"))
}
var tokens app.AuthTokenCollection
tokens = append(tokens, &app.AuthToken{Token: token})
// Creates the testuser user and identity if they don't yet exist
c.auth.CreateKeycloakUser(*token.AccessToken, ctx)
return ctx.OK(tokens)
}
func main() {
// --------------------------------------------------------------------
// Parse flags
// --------------------------------------------------------------------
var configFilePath string
var printConfig bool
var migrateDB bool
var scheduler *remoteworkitem.Scheduler
flag.StringVar(&configFilePath, "config", "", "Path to the config file to read")
flag.BoolVar(&printConfig, "printConfig", false, "Prints the config (including merged environment variables) and exits")
flag.BoolVar(&migrateDB, "migrateDatabase", false, "Migrates the database to the newest version and exits.")
flag.Parse()
// Override default -config switch with environment variable only if -config switch was
// not explicitly given via the command line.
configSwitchIsSet := false
flag.Visit(func(f *flag.Flag) {
if f.Name == "config" {
configSwitchIsSet = true
}
})
if !configSwitchIsSet {
if envConfigPath, ok := os.LookupEnv("ALMIGHTY_CONFIG_FILE_PATH"); ok {
configFilePath = envConfigPath
}
}
var err error
if err = configuration.Setup(configFilePath); err != nil {
logrus.Panic(nil, map[string]interface{}{
"configFilePath": configFilePath,
"err": err,
}, "failed to setup the configuration")
}
if printConfig {
os.Exit(0)
}
// Initialized developer mode flag for the logger
log.InitializeLogger(configuration.IsPostgresDeveloperModeEnabled())
printUserInfo()
var db *gorm.DB
for {
db, err = gorm.Open("postgres", configuration.GetPostgresConfigString())
if err != nil {
db.Close()
log.Logger().Errorf("ERROR: Unable to open connection to database %v\n", err)
log.Logger().Infof("Retrying to connect in %v...\n", configuration.GetPostgresConnectionRetrySleep())
time.Sleep(configuration.GetPostgresConnectionRetrySleep())
} else {
defer db.Close()
break
}
}
if configuration.IsPostgresDeveloperModeEnabled() {
db = db.Debug()
}
// Migrate the schema
err = migration.Migrate(db.DB())
if err != nil {
log.Panic(nil, map[string]interface{}{
"err": fmt.Sprintf("%+v", err),
}, "failed migration")
}
// Nothing to here except exit, since the migration is already performed.
if migrateDB {
os.Exit(0)
}
// Make sure the database is populated with the correct types (e.g. bug etc.)
if configuration.GetPopulateCommonTypes() {
// set a random request ID for the context
ctx, req_id := client.ContextWithRequestID(context.Background())
log.Debug(ctx, nil, "Initializing the population of the database... Request ID: %v", req_id)
if err := models.Transactional(db, func(tx *gorm.DB) error {
return migration.PopulateCommonTypes(ctx, tx, workitem.NewWorkItemTypeRepository(tx))
}); err != nil {
log.Panic(ctx, map[string]interface{}{
"err": fmt.Sprintf("%+v", err),
}, "failed to populate common types")
}
if err := models.Transactional(db, func(tx *gorm.DB) error {
return migration.BootstrapWorkItemLinking(ctx, link.NewWorkItemLinkCategoryRepository(tx), link.NewWorkItemLinkTypeRepository(tx))
}); err != nil {
log.Panic(ctx, map[string]interface{}{
"err": fmt.Sprintf("%+v", err),
}, "failed to bootstap work item linking")
}
}
// Scheduler to fetch and import remote tracker items
scheduler = remoteworkitem.NewScheduler(db)
defer scheduler.Stop()
scheduler.ScheduleAllQueries()
// Create service
service := goa.New("alm")
// Mount middleware
service.Use(middleware.RequestID())
service.Use(middleware.LogRequest(configuration.IsPostgresDeveloperModeEnabled()))
service.Use(gzip.Middleware(9))
service.Use(jsonapi.ErrorHandler(service, true))
service.Use(middleware.Recover())
service.WithLogger(goalogrus.New(log.Logger()))
publicKey, err := token.ParsePublicKey(configuration.GetTokenPublicKey())
if err != nil {
log.Panic(nil, map[string]interface{}{
"err": fmt.Sprintf("%+v", err),
}, "failed to parse public token")
}
// Setup Account/Login/Security
identityRepository := account.NewIdentityRepository(db)
userRepository := account.NewUserRepository(db)
tokenManager := token.NewManager(publicKey)
app.UseJWTMiddleware(service, jwt.New(publicKey, nil, app.NewJWTSecurity()))
service.Use(login.InjectTokenManager(tokenManager))
// Mount "login" controller
oauth := &oauth2.Config{
ClientID: configuration.GetKeycloakClientID(),
ClientSecret: configuration.GetKeycloakSecret(),
Scopes: []string{"user:email"},
Endpoint: oauth2.Endpoint{
AuthURL: configuration.GetKeycloakEndpointAuth(),
TokenURL: configuration.GetKeycloakEndpointToken(),
},
}
appDB := gormapplication.NewGormDB(db)
loginService := login.NewKeycloakOAuthProvider(oauth, identityRepository, userRepository, tokenManager, appDB)
loginCtrl := NewLoginController(service, loginService, tokenManager)
app.MountLoginController(service, loginCtrl)
// Mount "status" controller
statusCtrl := NewStatusController(service, db)
app.MountStatusController(service, statusCtrl)
// Mount "workitem" controller
workitemCtrl := NewWorkitemController(service, appDB)
app.MountWorkitemController(service, workitemCtrl)
// Mount "workitemtype" controller
workitemtypeCtrl := NewWorkitemtypeController(service, appDB)
app.MountWorkitemtypeController(service, workitemtypeCtrl)
// Mount "work item link category" controller
workItemLinkCategoryCtrl := NewWorkItemLinkCategoryController(service, appDB)
app.MountWorkItemLinkCategoryController(service, workItemLinkCategoryCtrl)
// Mount "work item link type" controller
workItemLinkTypeCtrl := NewWorkItemLinkTypeController(service, appDB)
app.MountWorkItemLinkTypeController(service, workItemLinkTypeCtrl)
// Mount "work item link" controller
workItemLinkCtrl := NewWorkItemLinkController(service, appDB)
app.MountWorkItemLinkController(service, workItemLinkCtrl)
// Mount "work item comments" controller
workItemCommentsCtrl := NewWorkItemCommentsController(service, appDB)
app.MountWorkItemCommentsController(service, workItemCommentsCtrl)
// Mount "work item relationships links" controller
workItemRelationshipsLinksCtrl := NewWorkItemRelationshipsLinksController(service, appDB)
app.MountWorkItemRelationshipsLinksController(service, workItemRelationshipsLinksCtrl)
// Mount "comments" controller
commentsCtrl := NewCommentsController(service, appDB)
app.MountCommentsController(service, commentsCtrl)
// Mount "tracker" controller
c5 := NewTrackerController(service, appDB, scheduler)
app.MountTrackerController(service, c5)
// Mount "trackerquery" controller
c6 := NewTrackerqueryController(service, appDB, scheduler)
app.MountTrackerqueryController(service, c6)
// Mount "space" controller
spaceCtrl := NewSpaceController(service, appDB)
app.MountSpaceController(service, spaceCtrl)
// Mount "user" controller
userCtrl := NewUserController(service, appDB, tokenManager)
app.MountUserController(service, userCtrl)
// Mount "search" controller
searchCtrl := NewSearchController(service, appDB)
app.MountSearchController(service, searchCtrl)
// Mount "indentity" controller
identityCtrl := NewIdentityController(service, appDB)
app.MountIdentityController(service, identityCtrl)
// Mount "users" controller
usersCtrl := NewUsersController(service, appDB)
app.MountUsersController(service, usersCtrl)
// Mount "iterations" controller
iterationCtrl := NewIterationController(service, appDB)
app.MountIterationController(service, iterationCtrl)
// Mount "spaceiterations" controller
spaceIterationCtrl := NewSpaceIterationsController(service, appDB)
app.MountSpaceIterationsController(service, spaceIterationCtrl)
// Mount "userspace" controller
userspaceCtrl := NewUserspaceController(service, db)
app.MountUserspaceController(service, userspaceCtrl)
// Mount "render" controller
renderCtrl := NewRenderController(service)
app.MountRenderController(service, renderCtrl)
// Mount "areas" controller
areaCtrl := NewAreaController(service, appDB)
app.MountAreaController(service, areaCtrl)
spaceAreaCtrl := NewSpaceAreasController(service, appDB)
app.MountSpaceAreasController(service, spaceAreaCtrl)
log.Logger().Infoln("Git Commit SHA: ", Commit)
log.Logger().Infoln("UTC Build Time: ", BuildTime)
log.Logger().Infoln("UTC Start Time: ", StartTime)
log.Logger().Infoln("Dev mode: ", configuration.IsPostgresDeveloperModeEnabled())
http.Handle("/api/", service.Mux)
http.Handle("/", http.FileServer(assetFS()))
http.Handle("/favicon.ico", http.NotFoundHandler())
// Start http
if err := http.ListenAndServe(configuration.GetHTTPAddress(), nil); err != nil {
log.Error(nil, map[string]interface{}{
"addr": configuration.GetHTTPAddress(),
"err": err,
}, "unable to connect to server")
service.LogError("startup", "err", err)
}
}