init commmit (#1385)

Signed-off-by: Ivan Milosevic <iva@blokovi.com>
2021-03-10 11:52:33 +01:00 · 2021-03-10 11:52:33 +01:00 · a1e18a770a
parent 259950b009
commit a1e18a770a
8 changed files with 21 additions and 8 deletions
--- a/cmd/things/main.go
+++ b/cmd/things/main.go
@ -61,7 +61,7 @@ const (
 	defESPass          = ""
 	defESDB            = "0"
 	defHTTPPort        = "8182"
-	defAuthHTTPPort    = "8180"
+	defAuthHTTPPort    = "8989"
 	defAuthGRPCPort    = "8181"
 	defServerCert      = ""
 	defServerKey       = ""
--- a/docker/nginx/entrypoint.sh
+++ b/docker/nginx/entrypoint.sh
@ -12,6 +12,7 @@ fi
 envsubst '
    ${MF_USERS_HTTP_PORT}
    ${MF_THINGS_HTTP_PORT}
+    ${MF_THINGS_AUTH_HTTP_PORT}
    ${MF_HTTP_ADAPTER_PORT}
    ${MF_NGINX_MQTT_PORT}
    ${MF_NGINX_MQTTS_PORT}
--- a/docker/nginx/nginx-key.conf
+++ b/docker/nginx/nginx-key.conf
@ -76,6 +76,12 @@ http {
            proxy_pass http://things:${MF_THINGS_HTTP_PORT};
        }

+        location ~ ^/(identify){
+            include snippets/proxy-headers.conf;
+            add_header Access-Control-Expose-Headers Location;
+            proxy_pass http://things:${MF_THINGS_AUTH_HTTP_PORT};
+        }
+
        location ~ ^/(groups|members|keys) {
            include snippets/proxy-headers.conf;
            add_header Access-Control-Expose-Headers Location;
--- a/docker/nginx/nginx-x509.conf
+++ b/docker/nginx/nginx-x509.conf
@ -83,6 +83,12 @@ http {
            proxy_pass http://things:${MF_THINGS_HTTP_PORT};
        }

+        location ~ ^/(identify){
+            include snippets/proxy-headers.conf;
+            add_header Access-Control-Expose-Headers Location;
+            proxy_pass http://things:${MF_THINGS_AUTH_HTTP_PORT};
+        }
+
        location ~ ^/(groups|members|keys) {
            include snippets/proxy-headers.conf;
            add_header Access-Control-Expose-Headers Location;
--- a/things/README.md
+++ b/things/README.md
@ -37,7 +37,7 @@ default values.
 | MF_THINGS_ES_PASS           | Event store password                                                   |                |
 | MF_THINGS_ES_DB             | Event store instance name                                              | 0              |
 | MF_THINGS_HTTP_PORT         | Things service HTTP port                                               | 8182           |
-| MF_THINGS_AUTH_HTTP_PORT    | Things service Auth HTTP port                                          | 8180           |
+| MF_THINGS_AUTH_HTTP_PORT    | Things service Auth HTTP port                                          | 8989           |
 | MF_THINGS_AUTH_GRPC_PORT    | Things service Auth gRPC port                                          | 8181           |
 | MF_THINGS_SERVER_CERT       | Path to server certificate in pem format                               |                |
 | MF_THINGS_SERVER_KEY        | Path to server key in pem format                                       |                |
--- a/things/api/auth/http/endpoint_test.go
+++ b/things/api/auth/http/endpoint_test.go
@ -210,7 +210,7 @@ func TestCanAccessByKey(t *testing.T) {
 		req := testRequest{
 			client:      ts.Client(),
 			method:      http.MethodPost,
-			url:         fmt.Sprintf("%s/channels/%s/access-by-key", ts.URL, tc.chanID),
+			url:         fmt.Sprintf("%s/identify/channels/%s/access-by-key", ts.URL, tc.chanID),
 			contentType: tc.contentType,
 			body:        strings.NewReader(tc.req),
 		}
@ -288,7 +288,7 @@ func TestCanAccessByID(t *testing.T) {
 		req := testRequest{
 			client:      ts.Client(),
 			method:      http.MethodPost,
-			url:         fmt.Sprintf("%s/channels/%s/access-by-id", ts.URL, tc.chanID),
+			url:         fmt.Sprintf("%s/identify/channels/%s/access-by-id", ts.URL, tc.chanID),
 			contentType: tc.contentType,
 			body:        strings.NewReader(tc.req),
 		}
--- a/things/api/auth/http/transport.go
+++ b/things/api/auth/http/transport.go
@ -39,14 +39,14 @@ func MakeHandler(tracer opentracing.Tracer, svc things.Service) http.Handler {
 		opts...,
 	))

-	r.Post("/channels/:chanId/access-by-key", kithttp.NewServer(
+	r.Post("/identify/channels/:chanId/access-by-key", kithttp.NewServer(
 		kitot.TraceServer(tracer, "can_access_by_key")(canAccessByKeyEndpoint(svc)),
 		decodeCanAccessByKey,
 		encodeResponse,
 		opts...,
 	))

-	r.Post("/channels/:chanId/access-by-id", kithttp.NewServer(
+	r.Post("/identify/channels/:chanId/access-by-id", kithttp.NewServer(
 		kitot.TraceServer(tracer, "can_access_by_id")(canAccessByIDEndpoint(svc)),
 		decodeCanAccessByID,
 		encodeResponse,
--- a/things/openapi.yml
+++ b/things/openapi.yml
@ -446,7 +446,7 @@ paths:
          description: Channel or thing does not exist.
        '500':
          $ref: "#/components/responses/ServiceError"
-  /channels/{chanId}/access-by-key:
+  /identify/channels/{chanId}/access-by-key:
    post:
      summary: Checks if thing has access to a channel.
      description: |
@ -469,7 +469,7 @@ paths:
          description: Missing or invalid content type.
        '500':
          $ref: "#/components/responses/ServiceError"
-  /channels/{chanId}/access-by-id:
+  /identify/channels/{chanId}/access-by-id:
    post:
      summary: Checks if thing has access to a channel.
      description: |