From 4762798b9ec591e1b9cfaaddb2e2f5da243a78fc Mon Sep 17 00:00:00 2001 From: adi6859 Date: Thu, 8 Feb 2024 15:15:02 +0530 Subject: [PATCH 1/5] story(version upgrade) : version up for authenticator --- go.mod | 2 +- go.sum | 11 ++--------- vendor/modules.txt | 4 ++-- 3 files changed, 5 insertions(+), 12 deletions(-) diff --git a/go.mod b/go.mod index 55d5e292f4..bad5992450 100644 --- a/go.mod +++ b/go.mod @@ -15,7 +15,7 @@ require ( github.com/coreos/go-oidc v2.2.1+incompatible github.com/davecgh/go-spew v1.1.1 github.com/deckarep/golang-set v1.8.0 - github.com/devtron-labs/authenticator v0.4.33 + github.com/devtron-labs/authenticator v0.4.34-0.20240208084114-6e2552488da8 github.com/devtron-labs/common-lib v0.0.12 github.com/devtron-labs/protos v0.0.3-0.20240130061723-7b2e12ab0abb github.com/evanphx/json-patch v5.6.0+incompatible diff --git a/go.sum b/go.sum index 0c8c76b200..70727b05ab 100644 --- a/go.sum +++ b/go.sum @@ -222,8 +222,8 @@ github.com/deckarep/golang-set v1.8.0 h1:sk9/l/KqpunDwP7pSjUg0keiOOLEnOBHzykLrsP github.com/deckarep/golang-set v1.8.0/go.mod h1:5nI87KwE7wgsBU1F4GKAw2Qod7p5kyS383rP6+o6qqo= github.com/denisenkom/go-mssqldb v0.0.0-20190707035753-2be1aa521ff4 h1:YcpmyvADGYw5LqMnHqSkyIELsHCGF6PkrmM31V8rF7o= github.com/denisenkom/go-mssqldb v0.0.0-20190707035753-2be1aa521ff4/go.mod h1:zAg7JM8CkOJ43xKXIj7eRO9kmWm/TW578qo+oDO6tuM= -github.com/devtron-labs/authenticator v0.4.33 h1:FpAV3ZgFluaRFcMwPpwxr/mwSipJ16XRvgABq3BzP5Y= -github.com/devtron-labs/authenticator v0.4.33/go.mod h1:ozNfT8WcruiSgnUbyp48WVfc41++W6xYXhKFp67lNTU= +github.com/devtron-labs/authenticator v0.4.34-0.20240208084114-6e2552488da8 h1:1vUwC7qRUpMK2G4uL3u6sOr6WCgzWit/8kBuUsqb0Ys= +github.com/devtron-labs/authenticator v0.4.34-0.20240208084114-6e2552488da8/go.mod h1:a5gxST+HNmJReXE2TkCicFQFWtlhp8eqBRwS23GydNE= github.com/devtron-labs/common-lib v0.0.12 h1:HirqTWtaXWPbfGeqQurjtn26b2Az7sMFZ1JAAz2koNM= github.com/devtron-labs/common-lib v0.0.12/go.mod h1:95/DizzVXu1kHap/VwEvdxwgd+BvPVYc0bJzt8yqGDU= github.com/devtron-labs/protos v0.0.3-0.20240130061723-7b2e12ab0abb h1:CkfQQgZc950/hTPqtQSiHV2RmZgkBLGCzwR02FZYjAU= @@ -365,7 +365,6 @@ github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zV github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= -github.com/golang-jwt/jwt/v4 v4.1.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= github.com/golang-jwt/jwt/v4 v4.4.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= @@ -548,7 +547,6 @@ github.com/igm/sockjs-go v3.0.0+incompatible h1:4w5ztbp2brVLJYz+o3u0m7+zmuup6eZ/ github.com/igm/sockjs-go v3.0.0+incompatible/go.mod h1:Yu6pvqjNniWNJe07LPObeCG6R77Qc97C6Kss0roF8tU= github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= -github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk= github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= @@ -673,7 +671,6 @@ github.com/masterzen/simplexml v0.0.0-20160608183007-4572e39b1ab9/go.mod h1:kCEb github.com/masterzen/winrm v0.0.0-20161014151040-7a535cd943fc/go.mod h1:CfZSN7zwz5gJiFhZJz49Uzk7mEBHIceWmbFmYx7Hf7E= github.com/masterzen/xmlpath v0.0.0-20140218185901-13f4951698ad/go.mod h1:A0zPC53iKKKcXYxr4ROjpQRQ5FgJXtelNdSmHHuq/tY= github.com/matryer/is v1.4.0 h1:sosSmIWwkYITGrxZ25ULNDeKiMNzFSr4V/eqBQP0PeE= -github.com/matryer/is v1.4.0/go.mod h1:8I/i5uYgLzgsgEloJE1U6xx5HkBQpAZvepWuujKwMRU= github.com/mattn/go-colorable v0.0.6/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-ieproxy v0.0.1 h1:qiyop7gCflfhwCzGyeT0gro3sF9AIg9HU98JORTkqfI= @@ -1068,7 +1065,6 @@ golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20210314154223-e6e6c4f2bb5b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20211117183948-ae814b36b871/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220314234659-1baeb1ce4c0b/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= @@ -1175,7 +1171,6 @@ golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211029224645-99673261e6eb/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20211209124913-491a49abca63/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= @@ -1195,7 +1190,6 @@ golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4Iltr golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= golang.org/x/oauth2 v0.11.0 h1:vPL4xzxBM4niKCW6g9whtaWVXTJf1U5e4aZxxFx/gbU= golang.org/x/oauth2 v0.11.0/go.mod h1:LdF7O/8bLR/qWK9DrpXmbHLTouvRHK0SgJl0GmDBchk= @@ -1482,7 +1476,6 @@ google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= google.golang.org/grpc v1.45.0/go.mod h1:lN7owxKUQEqMfSyQikvvk5tf/6zMPsrK+ONuO11+0rQ= google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk= google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98= diff --git a/vendor/modules.txt b/vendor/modules.txt index b7677d4c39..13fc1e096b 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -365,8 +365,8 @@ github.com/davecgh/go-spew/spew # github.com/deckarep/golang-set v1.8.0 ## explicit; go 1.17 github.com/deckarep/golang-set -# github.com/devtron-labs/authenticator v0.4.33 -## explicit; go 1.16 +# github.com/devtron-labs/authenticator v0.4.34-0.20240208084114-6e2552488da8 +## explicit; go 1.18 github.com/devtron-labs/authenticator/apiToken github.com/devtron-labs/authenticator/client github.com/devtron-labs/authenticator/jwt From 63348bed7783fe539353bdecf157c630c902f241 Mon Sep 17 00:00:00 2001 From: adi6859 Date: Fri, 16 Feb 2024 13:27:49 +0530 Subject: [PATCH 2/5] story (version up) : main merge --- go.mod | 2 +- go.sum | 4 ++-- .../authenticator/middleware/AuthMiddleware.go | 18 ++++++++++++++++-- vendor/modules.txt | 2 +- 4 files changed, 20 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index f711a92a80..3f1d68fe4d 100644 --- a/go.mod +++ b/go.mod @@ -15,7 +15,7 @@ require ( github.com/coreos/go-oidc v2.2.1+incompatible github.com/davecgh/go-spew v1.1.1 github.com/deckarep/golang-set v1.8.0 - github.com/devtron-labs/authenticator v0.4.34-0.20240208084114-6e2552488da8 + github.com/devtron-labs/authenticator v0.4.35-0.20240213065325-94085b564bfa github.com/devtron-labs/common-lib v0.0.14 github.com/devtron-labs/protos v0.0.3-0.20240130061723-7b2e12ab0abb github.com/evanphx/json-patch v5.6.0+incompatible diff --git a/go.sum b/go.sum index 4088f38146..c0487e2080 100644 --- a/go.sum +++ b/go.sum @@ -219,8 +219,8 @@ github.com/deckarep/golang-set v1.8.0 h1:sk9/l/KqpunDwP7pSjUg0keiOOLEnOBHzykLrsP github.com/deckarep/golang-set v1.8.0/go.mod h1:5nI87KwE7wgsBU1F4GKAw2Qod7p5kyS383rP6+o6qqo= github.com/denisenkom/go-mssqldb v0.0.0-20190707035753-2be1aa521ff4 h1:YcpmyvADGYw5LqMnHqSkyIELsHCGF6PkrmM31V8rF7o= github.com/denisenkom/go-mssqldb v0.0.0-20190707035753-2be1aa521ff4/go.mod h1:zAg7JM8CkOJ43xKXIj7eRO9kmWm/TW578qo+oDO6tuM= -github.com/devtron-labs/authenticator v0.4.34-0.20240208084114-6e2552488da8 h1:1vUwC7qRUpMK2G4uL3u6sOr6WCgzWit/8kBuUsqb0Ys= -github.com/devtron-labs/authenticator v0.4.34-0.20240208084114-6e2552488da8/go.mod h1:a5gxST+HNmJReXE2TkCicFQFWtlhp8eqBRwS23GydNE= +github.com/devtron-labs/authenticator v0.4.35-0.20240213065325-94085b564bfa h1:cF1CPAtqUDBRtLL4pTn4Eh8jWGBq/mHEeAMCkGv+GCs= +github.com/devtron-labs/authenticator v0.4.35-0.20240213065325-94085b564bfa/go.mod h1:a5gxST+HNmJReXE2TkCicFQFWtlhp8eqBRwS23GydNE= github.com/devtron-labs/common-lib v0.0.14 h1:7P0Z87Des8Bni+aVHhPITjzKITuCVOjwAHOgElrh/rk= github.com/devtron-labs/common-lib v0.0.14/go.mod h1:95/DizzVXu1kHap/VwEvdxwgd+BvPVYc0bJzt8yqGDU= github.com/devtron-labs/protos v0.0.3-0.20240130061723-7b2e12ab0abb h1:CkfQQgZc950/hTPqtQSiHV2RmZgkBLGCzwR02FZYjAU= diff --git a/vendor/github.com/devtron-labs/authenticator/middleware/AuthMiddleware.go b/vendor/github.com/devtron-labs/authenticator/middleware/AuthMiddleware.go index 0b33a1e0b5..3adc5f4ad6 100644 --- a/vendor/github.com/devtron-labs/authenticator/middleware/AuthMiddleware.go +++ b/vendor/github.com/devtron-labs/authenticator/middleware/AuthMiddleware.go @@ -18,6 +18,7 @@ package middleware import ( + "context" "encoding/json" "fmt" log "github.com/sirupsen/logrus" @@ -30,7 +31,7 @@ const tokenHeaderKey = "token" const argocdTokenHeaderKey = "argocd.token" // Authorizer is a middleware for authorization -func Authorizer(sessionManager *SessionManager, whitelistChecker func(url string) bool) func(next http.Handler) http.Handler { +func Authorizer(sessionManager *SessionManager, whitelistChecker func(url string) bool, userStatusCheckInDb func(token string) (bool, int32, error)) func(next http.Handler) http.Handler { return func(next http.Handler) http.Handler { fn := func(w http.ResponseWriter, r *http.Request) { token := "" @@ -48,6 +49,7 @@ func Authorizer(sessionManager *SessionManager, whitelistChecker func(url string token = r.Header.Get(tokenHeaderKey) } } + //users = append(users, "anonymous") authEnabled := true pass := false @@ -65,7 +67,19 @@ func Authorizer(sessionManager *SessionManager, whitelistChecker func(url string return } pass = true - //TODO - we also can set user info in session (to avoid fetch it for all create n active) + + // checking user status in db + isInactive, userId, err := userStatusCheckInDb(token) + if err != nil { + writeResponse(http.StatusUnauthorized, "Invalid User", w, err) + return + } else if isInactive { + writeResponse(http.StatusUnauthorized, "Inactive User", w, fmt.Errorf("inactive User")) + return + } + + //setting user id in context + context.WithValue(r.Context(), "userId", userId) } if pass { next.ServeHTTP(w, r) diff --git a/vendor/modules.txt b/vendor/modules.txt index e07e169183..9e6a650ffc 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -365,7 +365,7 @@ github.com/davecgh/go-spew/spew # github.com/deckarep/golang-set v1.8.0 ## explicit; go 1.17 github.com/deckarep/golang-set -# github.com/devtron-labs/authenticator v0.4.34-0.20240208084114-6e2552488da8 +# github.com/devtron-labs/authenticator v0.4.35-0.20240213065325-94085b564bfa ## explicit; go 1.18 github.com/devtron-labs/authenticator/apiToken github.com/devtron-labs/authenticator/client From b141f6eedb16ab1b155176f885af6f8cb4cd0a52 Mon Sep 17 00:00:00 2001 From: adi6859 Date: Fri, 16 Feb 2024 15:10:58 +0530 Subject: [PATCH 3/5] story (version up) : auth issue fixed --- App.go | 2 +- go.mod | 2 +- go.sum | 4 +-- .../middleware/AuthMiddleware.go | 26 +++++++++++-------- vendor/modules.txt | 2 +- 5 files changed, 20 insertions(+), 16 deletions(-) diff --git a/App.go b/App.go index 0337134d49..c3c94d98c8 100644 --- a/App.go +++ b/App.go @@ -99,7 +99,7 @@ func (app *App) Start() { app.MuxRouter.Init() //authEnforcer := casbin2.Create() - server := &http.Server{Addr: fmt.Sprintf(":%d", port), Handler: authMiddleware.Authorizer(app.sessionManager2, user.WhitelistChecker)(app.MuxRouter.Router)} + server := &http.Server{Addr: fmt.Sprintf(":%d", port), Handler: authMiddleware.Authorizer(app.sessionManager2, user.WhitelistChecker, nil)(app.MuxRouter.Router)} app.MuxRouter.Router.Use(app.loggingMiddleware.LoggingMiddleware) app.MuxRouter.Router.Use(middleware.PrometheusMiddleware) app.MuxRouter.Router.Use(middlewares.Recovery) diff --git a/go.mod b/go.mod index 3f1d68fe4d..d8115ac409 100644 --- a/go.mod +++ b/go.mod @@ -15,7 +15,7 @@ require ( github.com/coreos/go-oidc v2.2.1+incompatible github.com/davecgh/go-spew v1.1.1 github.com/deckarep/golang-set v1.8.0 - github.com/devtron-labs/authenticator v0.4.35-0.20240213065325-94085b564bfa + github.com/devtron-labs/authenticator v0.4.35-0.20240216091211-80e10a80ce7b github.com/devtron-labs/common-lib v0.0.14 github.com/devtron-labs/protos v0.0.3-0.20240130061723-7b2e12ab0abb github.com/evanphx/json-patch v5.6.0+incompatible diff --git a/go.sum b/go.sum index c0487e2080..ae8f28c444 100644 --- a/go.sum +++ b/go.sum @@ -219,8 +219,8 @@ github.com/deckarep/golang-set v1.8.0 h1:sk9/l/KqpunDwP7pSjUg0keiOOLEnOBHzykLrsP github.com/deckarep/golang-set v1.8.0/go.mod h1:5nI87KwE7wgsBU1F4GKAw2Qod7p5kyS383rP6+o6qqo= github.com/denisenkom/go-mssqldb v0.0.0-20190707035753-2be1aa521ff4 h1:YcpmyvADGYw5LqMnHqSkyIELsHCGF6PkrmM31V8rF7o= github.com/denisenkom/go-mssqldb v0.0.0-20190707035753-2be1aa521ff4/go.mod h1:zAg7JM8CkOJ43xKXIj7eRO9kmWm/TW578qo+oDO6tuM= -github.com/devtron-labs/authenticator v0.4.35-0.20240213065325-94085b564bfa h1:cF1CPAtqUDBRtLL4pTn4Eh8jWGBq/mHEeAMCkGv+GCs= -github.com/devtron-labs/authenticator v0.4.35-0.20240213065325-94085b564bfa/go.mod h1:a5gxST+HNmJReXE2TkCicFQFWtlhp8eqBRwS23GydNE= +github.com/devtron-labs/authenticator v0.4.35-0.20240216091211-80e10a80ce7b h1:aHKsdB4ghsp+x8167W8MZyF3WQOixTSJFyARrU+qR6s= +github.com/devtron-labs/authenticator v0.4.35-0.20240216091211-80e10a80ce7b/go.mod h1:a5gxST+HNmJReXE2TkCicFQFWtlhp8eqBRwS23GydNE= github.com/devtron-labs/common-lib v0.0.14 h1:7P0Z87Des8Bni+aVHhPITjzKITuCVOjwAHOgElrh/rk= github.com/devtron-labs/common-lib v0.0.14/go.mod h1:95/DizzVXu1kHap/VwEvdxwgd+BvPVYc0bJzt8yqGDU= github.com/devtron-labs/protos v0.0.3-0.20240130061723-7b2e12ab0abb h1:CkfQQgZc950/hTPqtQSiHV2RmZgkBLGCzwR02FZYjAU= diff --git a/vendor/github.com/devtron-labs/authenticator/middleware/AuthMiddleware.go b/vendor/github.com/devtron-labs/authenticator/middleware/AuthMiddleware.go index 3adc5f4ad6..3825bd565a 100644 --- a/vendor/github.com/devtron-labs/authenticator/middleware/AuthMiddleware.go +++ b/vendor/github.com/devtron-labs/authenticator/middleware/AuthMiddleware.go @@ -68,18 +68,22 @@ func Authorizer(sessionManager *SessionManager, whitelistChecker func(url string } pass = true - // checking user status in db - isInactive, userId, err := userStatusCheckInDb(token) - if err != nil { - writeResponse(http.StatusUnauthorized, "Invalid User", w, err) - return - } else if isInactive { - writeResponse(http.StatusUnauthorized, "Inactive User", w, fmt.Errorf("inactive User")) - return - } + // this function only supplied in case of enterprise build. handled here for all other case. + if userStatusCheckInDb != nil { - //setting user id in context - context.WithValue(r.Context(), "userId", userId) + // checking user status in db + isInactive, userId, err := userStatusCheckInDb(token) + if err != nil { + writeResponse(http.StatusUnauthorized, "Invalid User", w, err) + return + } else if isInactive { + writeResponse(http.StatusUnauthorized, "Inactive User", w, fmt.Errorf("inactive User")) + return + } + + //setting user id in context + context.WithValue(r.Context(), "userId", userId) + } } if pass { next.ServeHTTP(w, r) diff --git a/vendor/modules.txt b/vendor/modules.txt index 9e6a650ffc..fc6899155b 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -365,7 +365,7 @@ github.com/davecgh/go-spew/spew # github.com/deckarep/golang-set v1.8.0 ## explicit; go 1.17 github.com/deckarep/golang-set -# github.com/devtron-labs/authenticator v0.4.35-0.20240213065325-94085b564bfa +# github.com/devtron-labs/authenticator v0.4.35-0.20240216091211-80e10a80ce7b ## explicit; go 1.18 github.com/devtron-labs/authenticator/apiToken github.com/devtron-labs/authenticator/client From 3d241f52c58a2295c40f44f7d3f8eb6bfe6cc6c3 Mon Sep 17 00:00:00 2001 From: adi6859 Date: Fri, 16 Feb 2024 15:34:06 +0530 Subject: [PATCH 4/5] story (version up) : auth issue fixed --- cmd/external-app/externalApp.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/external-app/externalApp.go b/cmd/external-app/externalApp.go index d8c418218f..0f737d4cf2 100644 --- a/cmd/external-app/externalApp.go +++ b/cmd/external-app/externalApp.go @@ -53,7 +53,7 @@ func (app *App) Start() { if err != nil { app.Logger.Warnw("telemetry installation success event failed", "err", err) } - server := &http.Server{Addr: fmt.Sprintf(":%d", port), Handler: authMiddleware.Authorizer(app.sessionManager, user.WhitelistChecker)(app.MuxRouter.Router)} + server := &http.Server{Addr: fmt.Sprintf(":%d", port), Handler: authMiddleware.Authorizer(app.sessionManager, user.WhitelistChecker, nil)(app.MuxRouter.Router)} app.MuxRouter.Router.Use(middleware.PrometheusMiddleware) app.MuxRouter.Router.Use(middlewares.Recovery) app.server = server From 774be28229209a4364909df613edc627cc4ed020 Mon Sep 17 00:00:00 2001 From: adi6859 Date: Mon, 19 Feb 2024 12:36:55 +0530 Subject: [PATCH 5/5] story (version up) : main merge --- pkg/sql/connection.go | 2 +- util/version.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/sql/connection.go b/pkg/sql/connection.go index 820a4cc093..31911c8293 100644 --- a/pkg/sql/connection.go +++ b/pkg/sql/connection.go @@ -29,7 +29,7 @@ import ( type Config struct { Addr string `env:"PG_ADDR" envDefault:"127.0.0.1"` - Port string `env:"PG_PORT" envDefault:"8001"` + Port string `env:"PG_PORT" envDefault:"5432"` User string `env:"PG_USER" envDefault:""` Password string `env:"PG_PASSWORD" envDefault:"" secretData:"-"` Database string `env:"PG_DATABASE" envDefault:"orchestrator"` diff --git a/util/version.go b/util/version.go index 417b3fb010..f64cb32956 100644 --- a/util/version.go +++ b/util/version.go @@ -31,7 +31,7 @@ type ServerVersion struct { } func GetDevtronVersion() *ServerVersion { - return &ServerVersion{BuildTime: BuildTime, GitCommit: GitCommit, ServerMode: SERVER_MODE_FULL} + return &ServerVersion{BuildTime: BuildTime, GitCommit: GitCommit, ServerMode: ServerMode} } func IsBaseStack() bool {