Skip to content

Commit 471ec54

Browse files
nicolstnicolst
authored
refactor: move keycloak logic to separate package (#19)
* refactor: attempt to factor out keycloak client creation * build(Dockerfile): include all of internal in builder * fix: read-unlock the read-lock
1 parent b037038 commit 471ec54

File tree

11 files changed

+313
-336
lines changed

11 files changed

+313
-336
lines changed

Dockerfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ RUN go mod download
1414
# Copy the go source
1515
COPY cmd/main.go cmd/main.go
1616
COPY api/ api/
17-
COPY internal/controller/ internal/controller/
17+
COPY internal/ internal/
1818

1919
# Build
2020
# the GOARCH has not a default value to allow the binary be built according to the host where the command

cmd/main.go

Lines changed: 4 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -45,6 +45,7 @@ import (
4545
"github.com/caarlos0/env/v11"
4646
daplav1alpha1 "github.com/statisticsnorway/keycloakerator/api/v1alpha1"
4747
"github.com/statisticsnorway/keycloakerator/internal/controller"
48+
"github.com/statisticsnorway/keycloakerator/internal/keycloak"
4849
//+kubebuilder:scaffold:imports
4950
)
5051

@@ -165,8 +166,7 @@ func main() {
165166
setupLog.Error(err, "unable to parse general config from env")
166167
}
167168

168-
var ctrlOpts []controller.SimpleProxyClientOption
169-
169+
var oidcService controller.OIDCService = &controller.OidcDummy{}
170170
if !cfg.KeycloakDummy {
171171
kcConfig := &keycloakConfig{}
172172

@@ -203,16 +203,15 @@ func main() {
203203
).String(),
204204
}
205205

206-
kc := controller.NewGocloakWrapper(
206+
oidcService = keycloak.NewGocloakWrapper(
207207
kcConfig.KeycloakUrl.String(),
208208
kcConfig.ClientRealm,
209209
authConfig.TokenSource(ctx),
210210
)
211-
ctrlOpts = append(ctrlOpts, controller.WithKeycloak(kc))
212211
}
213212

214213
// Set up our reconciler
215-
if err = controller.NewSimpleProxyClientReconciler(mgr, ctrlOpts...).SetupWithManager(mgr); err != nil {
214+
if err = controller.NewSimpleProxyClientReconciler(mgr, oidcService).SetupWithManager(mgr); err != nil {
216215
setupLog.Error(err, "unable to create controller", "controller", "SimpleProxyClient")
217216
os.Exit(1)
218217
}

go.mod

Lines changed: 3 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -3,14 +3,17 @@ module github.com/statisticsnorway/keycloakerator
33
go 1.21
44

55
require (
6+
cloud.google.com/go/secretmanager v1.13.1
67
github.com/Nerzal/gocloak/v13 v13.9.0
78
github.com/caarlos0/env/v11 v11.0.1
89
github.com/onsi/ginkgo/v2 v2.14.0
910
github.com/onsi/gomega v1.30.0
1011
golang.org/x/oauth2 v0.20.0
12+
gopkg.in/yaml.v3 v3.0.1
1113
k8s.io/api v0.29.0
1214
k8s.io/apimachinery v0.29.0
1315
k8s.io/client-go v0.29.0
16+
k8s.io/utils v0.0.0-20230726121419-3b25d923346b
1417
sigs.k8s.io/controller-runtime v0.17.2
1518
)
1619

@@ -19,7 +22,6 @@ require (
1922
cloud.google.com/go/auth/oauth2adapt v0.2.2 // indirect
2023
cloud.google.com/go/compute/metadata v0.3.0 // indirect
2124
cloud.google.com/go/iam v1.1.8 // indirect
22-
cloud.google.com/go/secretmanager v1.13.1 // indirect
2325
github.com/beorn7/perks v1.0.1 // indirect
2426
github.com/cespare/xxhash/v2 v2.2.0 // indirect
2527
github.com/davecgh/go-spew v1.1.1 // indirect
@@ -63,7 +65,6 @@ require (
6365
github.com/prometheus/procfs v0.12.0 // indirect
6466
github.com/segmentio/ksuid v1.0.4 // indirect
6567
github.com/spf13/pflag v1.0.5 // indirect
66-
github.com/stretchr/testify v1.9.0 // indirect
6768
go.opencensus.io v0.24.0 // indirect
6869
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.49.0 // indirect
6970
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 // indirect
@@ -90,12 +91,10 @@ require (
9091
google.golang.org/protobuf v1.34.1 // indirect
9192
gopkg.in/inf.v0 v0.9.1 // indirect
9293
gopkg.in/yaml.v2 v2.4.0 // indirect
93-
gopkg.in/yaml.v3 v3.0.1 // indirect
9494
k8s.io/apiextensions-apiserver v0.29.0 // indirect
9595
k8s.io/component-base v0.29.0 // indirect
9696
k8s.io/klog/v2 v2.110.1 // indirect
9797
k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect
98-
k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect
9998
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
10099
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
101100
sigs.k8s.io/yaml v1.4.0 // indirect

go.sum

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,6 @@
11
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
2+
cloud.google.com/go v0.112.2 h1:ZaGT6LiG7dBzi6zNOvVZwacaXlmf3lRqnC4DQzqyRQw=
3+
cloud.google.com/go v0.112.2/go.mod h1:iEqjp//KquGIJV/m+Pk3xecgKNhV+ry+vVTsy4TbDms=
24
cloud.google.com/go/auth v0.4.1 h1:Z7YNIhlWRtrnKlZke7z3GMqzvuYzdc2z98F9D1NV5Hg=
35
cloud.google.com/go/auth v0.4.1/go.mod h1:QVBuVEKpCn4Zp58hzRGvL0tjRGU0YqdRTdCHM1IHnro=
46
cloud.google.com/go/auth/oauth2adapt v0.2.2 h1:+TTV8aXpjeChS9M+aTtN/TjdQnzJvmzKFt//oWu7HX4=
@@ -179,6 +181,8 @@ go.opentelemetry.io/otel v1.24.0 h1:0LAOdjNmQeSTzGBzduGe/rU4tZhMwL5rWgtp9Ku5Jfo=
179181
go.opentelemetry.io/otel v1.24.0/go.mod h1:W7b9Ozg4nkF5tWI5zsXkaKKDjdVjpD4oAt9Qi/MArHo=
180182
go.opentelemetry.io/otel/metric v1.24.0 h1:6EhoGWWK28x1fbpA4tYTOWBkPefTDQnb8WSGXlc88kI=
181183
go.opentelemetry.io/otel/metric v1.24.0/go.mod h1:VYhLe1rFfxuTXLgj4CBiyz+9WYBA8pNGJgDcSFRKBco=
184+
go.opentelemetry.io/otel/sdk v1.24.0 h1:YMPPDNymmQN3ZgczicBY3B6sf9n62Dlj9pWD3ucgoDw=
185+
go.opentelemetry.io/otel/sdk v1.24.0/go.mod h1:KVrIYw6tEubO9E96HQpcmpTKDVn9gdv35HoYiQWGDFg=
182186
go.opentelemetry.io/otel/trace v1.24.0 h1:CsKnnL4dUAr/0llH9FKuc698G04IrpWV0MQA/Y1YELI=
183187
go.opentelemetry.io/otel/trace v1.24.0/go.mod h1:HPc3Xr/cOApsBI154IU0OI0HJexz+aw5uPdbs3UCjNU=
184188
go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=

internal/controller/keycloak.go

Lines changed: 0 additions & 87 deletions
This file was deleted.

internal/controller/keycloak_dummy.go

Lines changed: 27 additions & 47 deletions
Original file line numberDiff line numberDiff line change
@@ -2,63 +2,43 @@ package controller
22

33
import (
44
"context"
5-
"crypto/md5"
6-
"encoding/hex"
7-
"errors"
8-
"fmt"
5+
"math/rand"
96
"strconv"
10-
11-
"github.com/Nerzal/gocloak/v13"
7+
"sync"
128
)
139

14-
var _ Keycloak = (*KeycloakDummy)(nil)
15-
16-
type KeycloakDummy struct {
17-
clients []gocloak.Client
18-
}
19-
20-
func (d *KeycloakDummy) CreateClient(ctx context.Context, newClient gocloak.Client) (string, error) {
21-
id := strconv.Itoa(len(d.clients))
22-
newClient.ID = &id
23-
hash := md5.Sum([]byte(fmt.Sprintf("%s-%s", id, *(newClient.Name))))
24-
secret := hex.EncodeToString(hash[:])
25-
newClient.Secret = &secret
26-
d.clients = append(d.clients, newClient)
27-
return id, nil
10+
type OidcDummy struct {
11+
mu sync.RWMutex
12+
clients map[string]Client
2813
}
2914

30-
func (d *KeycloakDummy) CreateClientProtocolMapper(ctx context.Context, idOfClient string, mapper gocloak.ProtocolMapperRepresentation) (string, error) {
31-
return "", nil
32-
}
33-
34-
func (d *KeycloakDummy) GetClientByClientId(ctx context.Context, clientId string) (*gocloak.Client, error) {
35-
for _, client := range d.clients {
36-
if *client.ClientID == clientId {
37-
return &client, nil
38-
}
15+
func (d *OidcDummy) CreateClient(ctx context.Context, req CreateClientRequest) (*Client, error) {
16+
secret := strconv.Itoa(rand.Int())
17+
client := Client{
18+
ClientID: req.Name,
19+
ClientSecret: secret,
3920
}
40-
return nil, &ClientNotFoundError{ClientId: clientId}
21+
d.mu.Lock()
22+
defer d.mu.Unlock()
23+
d.clients[req.Name] = client
24+
return &client, nil
4125
}
4226

43-
func (d *KeycloakDummy) GetClient(ctx context.Context, idOfClient string) (*gocloak.Client, error) {
44-
id, err := strconv.Atoi(idOfClient)
45-
if err != nil {
46-
return nil, err
27+
func (d *OidcDummy) GetClient(ctx context.Context, req GetClientRequest) (*Client, error) {
28+
d.mu.RLock()
29+
defer d.mu.RUnlock()
30+
if client, ok := d.clients[req.Name]; ok {
31+
return &client, nil
4732
}
48-
if id < 0 || id >= len(d.clients) {
49-
return nil, fmt.Errorf("invalid dummy client ID %d", id)
50-
}
51-
return &d.clients[id], nil
33+
return nil, ErrNotFound
5234
}
5335

54-
func (d *KeycloakDummy) DeleteClient(ctx context.Context, idOfClient string) error {
55-
id, err := strconv.Atoi(idOfClient)
56-
if err != nil {
57-
return err
58-
}
59-
if id < 0 || id >= len(d.clients) {
60-
return errors.New("invalid dummy client ID")
36+
func (d *OidcDummy) DeleteClient(ctx context.Context, req DeleteClientRequest) error {
37+
d.mu.Lock()
38+
defer d.mu.Unlock()
39+
if _, ok := d.clients[req.Name]; ok {
40+
delete(d.clients, req.Name)
41+
return nil
6142
}
62-
d.clients = append(d.clients[:id], d.clients[id+1:]...)
63-
return nil
43+
return ErrNotFound
6444
}

internal/controller/oidc.go

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,32 @@
1+
package controller
2+
3+
import (
4+
"context"
5+
"errors"
6+
)
7+
8+
type OIDCService interface {
9+
CreateClient(context.Context, CreateClientRequest) (*Client, error)
10+
GetClient(context.Context, GetClientRequest) (*Client, error)
11+
DeleteClient(context.Context, DeleteClientRequest) error
12+
}
13+
14+
var ErrNotFound error = errors.New("client not found")
15+
16+
type Client struct {
17+
ClientID string
18+
ClientSecret string
19+
}
20+
21+
type CreateClientRequest struct {
22+
Name string
23+
RedirectURIs []string
24+
}
25+
26+
type GetClientRequest struct {
27+
Name string
28+
}
29+
30+
type DeleteClientRequest struct {
31+
Name string
32+
}

0 commit comments

Comments
 (0)