mirror of
https://github.com/openfoodfoundation/openfoodnetwork
synced 2026-02-26 01:33:22 +00:00
Move source of truth of platforms into one place
The first test tokens had an inconsistent client_id and I had to introduce multiple mappings to get the right config. But that has been harmonised and we can put the config in one place.
This commit is contained in:
@@ -50,7 +50,7 @@ module Admin
|
||||
end
|
||||
|
||||
def dfc_platforms_available?
|
||||
DfcProvider::PlatformsController::PLATFORM_IDS.keys.any? do |id|
|
||||
ApiUser::PLATFORMS.keys.any? do |id|
|
||||
feature?(id, spree_current_user)
|
||||
end
|
||||
end
|
||||
|
||||
@@ -2,14 +2,6 @@
|
||||
|
||||
module DfcProvider
|
||||
class PlatformsController < DfcProvider::ApplicationController
|
||||
# List of platform identifiers.
|
||||
# local ID => semantic ID
|
||||
PLATFORM_IDS = {
|
||||
'cqcm-dev' => "https://api.proxy-dev.cqcm.startinblox.com/profile",
|
||||
'cqcm-stg' => "https://api.proxy-stg.cqcm.startinblox.com/profile",
|
||||
'cqcm' => "https://carte.cqcm.coop/profile",
|
||||
}.freeze
|
||||
|
||||
prepend_before_action :move_authenticity_token
|
||||
before_action :check_enterprise
|
||||
|
||||
@@ -48,7 +40,7 @@ module DfcProvider
|
||||
)
|
||||
end
|
||||
|
||||
ProxyNotifier.new.refresh(PLATFORM_IDS[key])
|
||||
ProxyNotifier.new.refresh(key)
|
||||
|
||||
render json: platform(key)
|
||||
end
|
||||
@@ -70,7 +62,7 @@ module DfcProvider
|
||||
end
|
||||
|
||||
def available_platforms
|
||||
PLATFORM_IDS.keys.select do |platform|
|
||||
ApiUser::PLATFORMS.keys.select do |platform|
|
||||
feature?(platform, current_user)
|
||||
end
|
||||
end
|
||||
@@ -78,7 +70,7 @@ module DfcProvider
|
||||
def platform(key)
|
||||
{
|
||||
'@type': "dfc-t:Platform",
|
||||
'@id': PLATFORM_IDS[key],
|
||||
'@id': ApiUser.platform_url(key),
|
||||
localId: key,
|
||||
'dfc-t:hasAssignedScopes': {
|
||||
'@type': "rdf:List",
|
||||
|
||||
@@ -2,11 +2,29 @@
|
||||
|
||||
# Authorised user or client using the API
|
||||
class ApiUser
|
||||
CLIENT_MAP = {
|
||||
"https://api.proxy-dev.cqcm.startinblox.com/profile" => "cqcm-dev",
|
||||
"https://api.proxy-stg.cqcm.startinblox.com/profile" => "cqcm-stg",
|
||||
"https://carte.cqcm.coop/profile" => "cqcm",
|
||||
PLATFORMS = {
|
||||
'cqcm-dev' => {
|
||||
id: "https://api.proxy-dev.cqcm.startinblox.com/profile",
|
||||
tokens: "https://kc.cqcm.startinblox.com/realms/startinblox/protocol/openid-connect/token",
|
||||
},
|
||||
'cqcm-stg' => {
|
||||
id: "https://api.proxy-stg.cqcm.startinblox.com/profile",
|
||||
tokens: "https://kc.cqcm.startinblox.com/realms/startinblox/protocol/openid-connect/token",
|
||||
},
|
||||
'cqcm' => {
|
||||
id: "https://carte.cqcm.coop/profile",
|
||||
tokens: "https://authentification.cqcm.coop/realms/cqcm/protocol/openid-connect/token",
|
||||
},
|
||||
}.freeze
|
||||
CLIENT_MAP = PLATFORMS.keys.index_by { |key| PLATFORMS.dig(key, :id) }.freeze
|
||||
|
||||
def self.platform_url(platform)
|
||||
PLATFORMS.dig(platform, :id)
|
||||
end
|
||||
|
||||
def self.token_endpoint(platform)
|
||||
PLATFORMS.dig(platform, :tokens)
|
||||
end
|
||||
|
||||
def self.from_client_id(client_id)
|
||||
id = CLIENT_MAP[client_id]
|
||||
|
||||
@@ -5,20 +5,13 @@ require "private_address_check/tcpsocket_ext"
|
||||
|
||||
# Call a webhook to notify a data proxy about changes in our data.
|
||||
class ProxyNotifier
|
||||
TOKEN_ENDPOINTS = {
|
||||
'https://api.proxy-dev.cqcm.startinblox.com/profile' => "https://kc.cqcm.startinblox.com/realms/startinblox/protocol/openid-connect/token",
|
||||
'https://api.proxy-stg.cqcm.startinblox.com/profile' => "https://kc.cqcm.startinblox.com/realms/startinblox/protocol/openid-connect/token",
|
||||
'https://carte.cqcm.coop/profile' => "https://authentification.cqcm.coop/realms/cqcm/protocol/openid-connect/token",
|
||||
|
||||
}.freeze
|
||||
|
||||
def refresh(platform_url)
|
||||
def refresh(platform)
|
||||
PrivateAddressCheck.only_public_connections do
|
||||
notify_proxy(platform_url)
|
||||
notify_proxy(platform)
|
||||
end
|
||||
end
|
||||
|
||||
def request_token(platform_url)
|
||||
def request_token(platform)
|
||||
connection = Faraday.new(
|
||||
request: { timeout: 5 },
|
||||
) do |f|
|
||||
@@ -27,7 +20,7 @@ class ProxyNotifier
|
||||
f.response :raise_error
|
||||
end
|
||||
|
||||
url = TOKEN_ENDPOINTS[platform_url]
|
||||
url = ApiUser.token_endpoint(platform)
|
||||
data = {
|
||||
grant_type: "client_credentials",
|
||||
client_id: ENV.fetch("OPENID_APP_ID", nil),
|
||||
@@ -38,8 +31,8 @@ class ProxyNotifier
|
||||
response.body["access_token"]
|
||||
end
|
||||
|
||||
def notify_proxy(platform_url)
|
||||
token = request_token(platform_url)
|
||||
def notify_proxy(platform)
|
||||
token = request_token(platform)
|
||||
data = {
|
||||
eventType: "refresh",
|
||||
enterpriseUrlid: DfcProvider::Engine.routes.url_helpers.enterprises_url,
|
||||
@@ -56,10 +49,11 @@ class ProxyNotifier
|
||||
f.response :json
|
||||
f.response :raise_error
|
||||
end
|
||||
connection.post(webhook_url(platform_url), data)
|
||||
connection.post(webhook_url(platform), data)
|
||||
end
|
||||
|
||||
def webhook_url(platform_url)
|
||||
def webhook_url(platform)
|
||||
platform_url = ApiUser.platform_url(platform)
|
||||
URI.parse(platform_url).tap do |url|
|
||||
url.path = "/djangoldp-dfc/webhook/"
|
||||
end
|
||||
|
||||
@@ -8,10 +8,10 @@ require_relative "../spec_helper"
|
||||
# OPENID_APP_ID="..."
|
||||
# OPENID_APP_SECRET="..."
|
||||
RSpec.describe ProxyNotifier do
|
||||
let(:platform_url) { "https://api.proxy-dev.cqcm.startinblox.com/profile" }
|
||||
let(:platform) { "cqcm-dev" }
|
||||
|
||||
it "receives an access token", :vcr do
|
||||
token = subject.request_token(platform_url)
|
||||
token = subject.request_token(platform)
|
||||
expect(token).to be_a String
|
||||
expect(token.length).to be > 20
|
||||
end
|
||||
@@ -21,7 +21,7 @@ RSpec.describe ProxyNotifier do
|
||||
# If you don't have valid credentials, you'll get an unauthorized error.
|
||||
# Correctly authenticated, the server fails to update its data.
|
||||
expect {
|
||||
subject.refresh(platform_url)
|
||||
subject.refresh(platform)
|
||||
}.to raise_error Faraday::ServerError
|
||||
end
|
||||
end
|
||||
|
||||
Reference in New Issue
Block a user