func TestAddAndRetrieveApp(t *testing.T) {
app := new(roll.Application)
app.ApplicationName = "an app"
app.ClientID = "123"
app.ClientSecret = "hush"
app.DeveloperEmail = "*****@*****.**"
app.DeveloperID = "foo"
app.LoginProvider = "auth0"
app.RedirectURI = "neither here nor there"
appRepo := NewMBDAppRepo()
err := appRepo.CreateApplication(app)
if assert.Nil(t, err) {
defer appRepo.delete(app)
}
retapp, err := appRepo.RetrieveAppByNameAndDevEmail("an app", "*****@*****.**")
assert.Nil(t, err)
if assert.NotNil(t, app) {
assert.Equal(t, app.ApplicationName, retapp.ApplicationName)
assert.Equal(t, app.ClientID, retapp.ClientID)
assert.Equal(t, app.ClientSecret, retapp.ClientSecret)
assert.Equal(t, app.DeveloperEmail, retapp.DeveloperEmail)
assert.Equal(t, app.DeveloperID, retapp.DeveloperID)
assert.Equal(t, app.LoginProvider, retapp.LoginProvider)
assert.Equal(t, app.RedirectURI, retapp.RedirectURI)
}
retapp, err = appRepo.RetrieveApplication(app.ClientID, app.DeveloperID, false)
assert.Nil(t, err)
if assert.NotNil(t, app) {
assert.Equal(t, app.ApplicationName, retapp.ApplicationName)
assert.Equal(t, app.ClientID, retapp.ClientID)
assert.Equal(t, app.ClientSecret, retapp.ClientSecret)
assert.Equal(t, app.DeveloperEmail, retapp.DeveloperEmail)
assert.Equal(t, app.DeveloperID, retapp.DeveloperID)
assert.Equal(t, app.LoginProvider, retapp.LoginProvider)
assert.Equal(t, app.RedirectURI, retapp.RedirectURI)
}
retapp, err = appRepo.RetrieveApplication(app.ClientID, "huh", true)
assert.Nil(t, err)
if assert.NotNil(t, app) {
assert.Equal(t, app.ApplicationName, retapp.ApplicationName)
assert.Equal(t, app.ClientID, retapp.ClientID)
assert.Equal(t, app.ClientSecret, retapp.ClientSecret)
assert.Equal(t, app.DeveloperEmail, retapp.DeveloperEmail)
assert.Equal(t, app.DeveloperID, retapp.DeveloperID)
assert.Equal(t, app.LoginProvider, retapp.LoginProvider)
assert.Equal(t, app.RedirectURI, retapp.RedirectURI)
}
retapp, err = appRepo.SystemRetrieveApplication(app.ClientID)
assert.Nil(t, err)
assert.Equal(t, app.ClientID, retapp.ClientID)
retapp, err = appRepo.RetrieveApplication(app.ClientID, "huh", false)
assert.NotNil(t, err)
assert.Nil(t, retapp)
}
func (ar *MariaDBAppRepo) CreateApplication(app *roll.Application) error {
//Generate a client secret as needed
if app.ClientSecret == "" {
clientSecret, err := secrets.GenerateClientSecret()
if err != nil {
return err
}
app.ClientSecret = clientSecret
}
//Check JWT flow parts are ok
if err := repos.CheckJWTCertParts(app); err != nil {
return err
}
//Insert the app
const appSql = `insert into rolldb.application(applicationName, clientId, clientSecret, developerEmail, developerId, loginProvider,
redirectUri,jwtFlowAudience, jwtFlowIssuer, jwtFlowPublicKey) values(?,?,?,?,?,?,?,?,?,?)
`
stmt, err := ar.db.Prepare(appSql)
if err != nil {
return err
}
defer stmt.Close()
_, err = stmt.Exec(
app.ApplicationName,
app.ClientID,
app.ClientSecret,
app.DeveloperEmail,
app.DeveloperID,
app.LoginProvider,
app.RedirectURI,
app.JWTFlowAudience,
app.JWTFlowIssuer,
app.JWTFlowPublicKey,
)
if err != nil {
log.Info(err)
sqlErr := err.(*mysql.MySQLError)
switch sqlErr.Number {
case 1062:
log.Info("Duplicate app definition found")
return repos.NewDuplicationAppdefError(app.ApplicationName, app.DeveloperEmail)
default:
return err
}
}
return nil
}
//CreateApplication stores an application definition in DynamoDB
func (dar *DynamoAppRepo) CreateApplication(app *roll.Application) error {
log.Info("create application")
//Make sure we are not creating a new application definition for an existing
//application name/developer email combination
existing, err := dar.RetrieveAppByNameAndDevEmail(app.ApplicationName, app.DeveloperEmail)
if err != nil {
log.Info("Internal error attempting to check for duplicate app: ", err.Error())
return err
}
if existing != nil {
log.Info("Duplicate app definition found")
return NewDuplicationAppdefError(app.ApplicationName, app.DeveloperEmail)
}
if app.ClientSecret == "" {
clientSecret, err := secrets.GenerateClientSecret()
if err != nil {
return err
}
app.ClientSecret = clientSecret
}
appAttrs := map[string]*dynamodb.AttributeValue{
ClientID: {S: aws.String(app.ClientID)},
ApplicationName: {S: aws.String(app.ApplicationName)},
ClientSecret: {S: aws.String(app.ClientSecret)},
DeveloperEmail: {S: aws.String(app.DeveloperEmail)},
DeveloperID: {S: aws.String(app.DeveloperID)},
RedirectUri: {S: aws.String(app.RedirectURI)},
LoginProvider: {S: aws.String(app.LoginProvider)},
}
if err := CheckJWTCertParts(app); err != nil {
return err
}
if app.JWTFlowPublicKey != "" {
appAttrs[JWTFlowPublicKey] = &dynamodb.AttributeValue{
S: aws.String(app.JWTFlowPublicKey),
}
appAttrs[JWTFlowIssuer] = &dynamodb.AttributeValue{
S: aws.String(app.JWTFlowIssuer),
}
appAttrs[JWTFlowAudience] = &dynamodb.AttributeValue{
S: aws.String(app.JWTFlowAudience),
}
}
params := &dynamodb.PutItemInput{
TableName: aws.String("Application"),
ConditionExpression: aws.String("attribute_not_exists(ClientID)"),
Item: appAttrs,
}
_, err = dar.client.PutItem(params)
return err
}
