Commit Graph

19 Commits

Author SHA1 Message Date
hurui200320 bed3de76dd Implement query user endpoint for RabbitMQ (#35)
Unit test coverage / gradle-test (pull_request) Successful in 7m21s
Unit test coverage / gradle-test (push) Successful in 7m26s
CI for publishing docker image / build-and-publish (push) Successful in 7m2s
This PR implemented ticket clevermicro/user-management#34 for the user-service-v1 endpoint, along with all the infrastructures required to support the endpoints.

The changes are:
+ switch build tool to gradle for easier access to the private artifacts of clevermicro (although later Brian change the artifacts to public)
+ set up clevermicro amqp client
+ switched to official keycloak admin client instead of implementing it with webflux
+ implement the message formats for the RPC protocol, for now they are exclusive to auth-service, but in the future we will reuse (might with some changes) them for all RPC calls inside clevermicro (need a server lib for handling the message parsing and convertion)
+ implement the user query endpoint
+ implement unit test so the overall coverage is above 85%
+ fixed all issues found during the testing phase with shared env

Currently the latest docker image has been deployed to the shared env, see https://docs.cleverthis.com/en/architecture/microservices/shared-env#multi-user-support

Reviewed-on: #35
2025-07-31 12:56:14 +08:00
Abed 465c7fd8ec Implement Intra-Organization Group Management APIs in auth-service #25
Unit test coverage / gradle-test (pull_request) Failing after 3m27s
Unit test coverage / gradle-test (push) Failing after 1m55s
CI for publishing docker image / build-and-publish (push) Successful in 2m33s
2025-07-01 11:24:51 +08:00
Abed 6f0af690f2 feat #24 Implement Tenant (Organization) Management APIs in auth-service 2025-07-01 11:24:50 +08:00
hurui200320 0fc59eef0e Implement UMA ticket for forward-auth (#31)
Unit test coverage / gradle-test (push) Failing after 1m48s
CI for publishing docker image / build-and-publish (push) Successful in 2m30s
According to design https://docs.cleverthis.com/en/architecture/microservices/feature-discussion/service-specific-permission-system, this PR replaced the role-based forward auth with UMA ticket to allow keycloak to verify permission based on client authorization rules, which supports roles, with extra features like resource access control and group/organization.

Other than that, this PR also:

+ add config properties objects, which allows easier unit test
+ adapt setup from clevermicro/identity-management#9, now the auth-service works with the dev realm created in identity management repo
+ add pass-through config, allow clients to configure a list of rules to skip the token checking. Use case: CleverBRAG's token for its API access

This PR bumps the coverage rate to 73%, which is still below 85%. Thus the pipeline is failing.

Reviewed-on: #31
Reviewed-by: Stanislav Hejny <stanislav.hejny@cleverthis.com>
Co-authored-by: Rui Hu <rui.hu@cleverthis.com>
Co-committed-by: Rui Hu <rui.hu@cleverthis.com>
2025-06-30 09:05:14 +00:00
hurui200320 eaa14e7101 feat(General): implement consul config permission mapping resolving with fallback to application yam
Unit test coverage / gradle-test (pull_request) Failing after 2m36s
Unit test coverage / gradle-test (push) Failing after 1m40s
CI for publishing docker image / build-and-publish (push) Successful in 2m20s
Pull config from consul to resolve permission mapping dynamically

if consul is not available or the

value is corrupted, use settings from local value in application.yaml

ISSUES CLOSED: clevermicro/user-management#23
2025-06-13 12:17:06 +08:00
abed.alrahman b764c6f12b feat#3_implement_access_control (#22)
Unit test coverage / gradle-test (push) Failing after 1m44s
CI for publishing docker image / build-and-publish (push) Successful in 2m31s
Co-authored-by: Abed <alrbeei@yahoo.com>
Reviewed-on: #22
Reviewed-by: Rui Hu <rui.hu@cleverthis.com>
Reviewed-by: Stanislav Hejny <stanislav.hejny@cleverthis.com>
Co-authored-by: Abed Alrahman <abed.alrahman@cleverthis.com>
Co-committed-by: Abed Alrahman <abed.alrahman@cleverthis.com>
2025-06-12 11:15:42 +00:00
abed.alrahman 2ff5930e86 Implement New User Registration in auth-service #8 (#21)
Unit test coverage / gradle-test (push) Failing after 1m50s
CI for publishing docker image / build-and-publish (push) Successful in 2m20s
Co-authored-by: Abed <alrbeei@yahoo.com>
Reviewed-on: #21
Reviewed-by: Rui Hu <rui.hu@cleverthis.com>
Co-authored-by: Abed Alrahman <abed.alrahman@cleverthis.com>
Co-committed-by: Abed Alrahman <abed.alrahman@cleverthis.com>
2025-06-06 07:17:36 +00:00
Abed 4ff18c878b Merge branch 'Implement_Access_Control_in_auth-service#3' into develop
Unit test coverage / gradle-test (push) Failing after 1m20s
CI for publishing docker image / build-and-publish (push) Failing after 1m35s
2025-05-25 23:27:38 +02:00
abed.alrahman 79dd8384e0 Merge pull request 'Replace-User-Metadata-#5' (#16) from Replace-User-Metadata-#5 into develop
Unit test coverage / gradle-test (push) Failing after 1m25s
CI for publishing docker image / build-and-publish (push) Failing after 1m34s
Reviewed-on: #16
Reviewed-by: Rui Hu <rui.hu@cleverthis.com>
Reviewed-by: Stanislav Hejny <stanislav.hejny@cleverthis.com>
2025-05-22 10:07:50 +00:00
hurui200320 0e0c463a1e Add checkstyle and add pipelines for building docker image and coverage check
Unit test coverage / gradle-test (push) Failing after 2m42s
CI for publishing docker image / build-and-publish (push) Successful in 3m46s
ISSUES CLOSED: clevermicro/user-management#17
PR: clevermicro/user-management#19
2025-05-22 12:52:11 +08:00
Abed ade56ec23d Add more tests cases to test class, to test auth endpoint as well 2025-05-20 03:27:18 +02:00
Abed 66767d9e1e 1. Implement Access Control in auth-service via Traefik Forward Auth
2. Add keycloak admin client, to fetch as admin from keycloak
3. Add /auth endpoint, that will parse the request, and decide for auth
2025-05-13 00:56:35 +02:00
Abed 33182d5a8e add auth token to warn message 2025-05-11 00:29:05 +02:00
Abed 9889789fcc Group added to Verfication response, 2025-05-11 00:21:28 +02:00
stanislav.hejny ac85ff58af Merge pull request 'Feat#1 creating auth-service, with JUnit test' (#14) from Create-Auth-Microservice#1 into develop
Reviewed-on: #14
Reviewed-by: Stanislav Hejny <stanislav.hejny@cleverthis.com>
2025-05-07 08:38:05 +00:00
Abed 668bd05e5a Applying check style, and changing the log messages 2025-05-07 01:23:13 +02:00
Abed 0a16092b3d Feat#1 creating auth-service, with JUnit test 2025-05-05 02:35:20 +02:00
freemo 0bbd8e2958 Added Apache OSS license 2024-01-25 23:14:00 -05:00
freemo 635b100322 Initial commit 2024-01-25 23:10:04 -05:00