atomic_admin 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 8ed8016c6474ebe66207d09ec1c66e42da12989c862dd1b7cdab433f8556b717
+  data.tar.gz: f6e57e1aa7917a06ce6854c2edcf77310526a402f5f709d43462bd45936e2e6e
+SHA512:
+  metadata.gz: 106d1dd8d2682945e602ac85eb5eab431f8fff57f83f9849e36a99c50b0cd462e50607afef5e2eb9889683b8009eef30db0ce6dca61bada38edd7f83d20983d0
+  data.tar.gz: 8ddda300ce1e5d949349c8ac20802153236a3742bff41cff35ea31500fb5b5502606f0df544e2dfe006b766ba02e847d85fd2d74c845565cf135e3b32f890a82

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2022 Atomic Jolt
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,16 @@
+# atomic_admin
+Engine to provide apis that power the atomic jolt admin app
+
+# Usage
+
+Add the gem to your project:
+gem 'atomic_admin',  git: 'https://github.com/atomicjolt/atomic_admin.git', tag: '0.1.0'
+
+Add the following to routes.rb:
+  ```
+  namespace :api do
+    namespace :admin do
+      mount AtomicAdmin::Engine => "/"
+    end
+  end
+  ```

data/Rakefile

@@ -0,0 +1,8 @@
+require "bundler/setup"
+
+APP_RAKEFILE = File.expand_path("test/dummy/Rakefile", __dir__)
+load "rails/tasks/engine.rake"
+
+load "rails/tasks/statistics.rake"
+
+require "bundler/gem_tasks"

data/app/controllers/atomic_admin/application_controller.rb

@@ -0,0 +1,23 @@
+module AtomicAdmin
+  class ApplicationController < ActionController::API 
+    include AtomicAdmin::JwtToken
+    # before_action :authenticate_user! # Use validate_token instead for now
+    before_action :validate_admin_app_token
+     before_action :validate_token
+     before_action :only_admins!
+
+     private
+
+     def only_admins!
+       return if @admin_app_validated
+
+       user_not_authorized unless current_user.admin?
+     end
+
+
+     def user_not_authorized(message = "Not Authorized")
+      render json: { message: message, }, status: 401
+    end
+
+  end
+end

data/app/controllers/atomic_admin/atomic_lti_install_controller.rb

@@ -0,0 +1,36 @@
+module AtomicAdmin
+  class AtomicLtiInstallController < ApplicationController
+    def install_params
+      params.permit(:iss, :client_id)
+    end
+
+    def find_install
+      AtomicLti::Install.find_by(id: params[:id])
+    end
+
+    def index
+      render json: AtomicLti::Install.all.order(:id).paginate(page: params[:page], per_page: 30)
+    end
+
+    def create
+      AtomicLti::Install.create!(install_params)
+    end
+
+    def show
+      install = find_install
+      render json: install
+    end
+
+    def update
+      install = find_install
+      result = install.update!(install_params)
+      render json: result
+    end
+
+    def destroy
+      install = find_install
+      install.destroy
+      render json: install
+    end
+  end
+end

data/app/controllers/atomic_admin/atomic_lti_platform_controller.rb

@@ -0,0 +1,43 @@
+module AtomicAdmin
+  class AtomicLtiPlatformController < ApplicationController
+    def platform_params
+      params.permit(:iss, :jwks_url, :token_url, :oidc_url)
+    end
+
+    def find_platform
+      AtomicLti::Platform.find_by(id: params[:id])
+    end
+
+    def index
+      page = AtomicLti::Platform.all.order(:id).paginate(page: params[:page], per_page: 30)
+
+      render json: {
+        platforms: page,
+        page: params[:page],
+        total_pages: page.total_pages
+      }
+    end
+
+    def create
+      platform = AtomicLti::Platform.create!(platform_params)
+      render json: { platform: platform }
+    end
+
+    def show
+      platform = find_platform
+      render json: platform
+    end
+
+    def update
+      platform = find_platform
+      platform.update!(platform_params)
+      render json: { platform: find_platform }
+    end
+
+    def destroy
+      platform = find_platform
+      platform.destroy
+      render json: platform
+    end
+  end
+end

data/app/controllers/atomic_admin/atomic_tenant_client_id_strategy_controller.rb

@@ -0,0 +1,54 @@
+module AtomicAdmin
+  class AtomicTenantClientIdStrategyController < ApplicationController
+    def pinned_client_id_params
+      params.permit(:iss, :client_id, :application_instance_id)
+    end
+
+    def find_pinned_client_id
+      AtomicTenant::PinnedClientId.find_by(id: params[:id])
+    end
+
+    def search 
+      page = AtomicTenant::PinnedClientId
+        .where(application_instance_id: params[:application_instance_id])
+        .order(:id).paginate(page: params[:page], per_page: 30)
+      render json: {
+        pinned_client_ids: page,
+        page: params[:page],
+        total_pages: page.total_pages
+      }
+    end
+
+    # def index
+    #   page = AtomicTenant::PinnedClientId.all.order(:id).paginate(page: params[:page], per_page: 30)
+    #   render json: {
+    #     pinned_client_ids: page,
+    #     page: params[:page],
+    #     total_pages: page.total_pages
+    #   }
+    # end
+
+    def create
+      result = AtomicTenant::PinnedClientId.create!(pinned_client_id_params)
+      render json: { pinned_client_id: result }
+    end
+
+    def show
+      pinned_client_id = find_pinned_client_id
+      render json: {pinned_client_id: pinned_client_id}
+    end
+
+    # def update
+    #   pinned_client_id = find_pinned_client_id
+    #   pinned_client_id.update!(pinned_client_id_params)
+
+    #   render json: {pinned_client_id: find_pinned_client_id}
+    # end
+
+    def destroy
+      pinned_client_id = find_pinned_client_id
+      pinned_client_id.destroy
+      render json: { pinned_client_id: pinned_client_id }
+    end
+  end
+end

data/app/controllers/atomic_admin/atomic_tenant_deployment_controller.rb

@@ -0,0 +1,76 @@
+module AtomicAdmin
+  class AtomicTenantDeploymentController < ApplicationController
+    def deployment_params
+      params.permit(:iss, :deployment_id, :application_instance_id)
+    end
+
+    def find_deployment
+      AtomicTenant::LtiDeployment.find_by(id: params[:id])
+    end
+
+    def search
+      tenant_deployments = AtomicTenant::LtiDeployment
+        .where(application_instance_id: params[:application_instance_id])
+        .order(:id)
+        .paginate(page: params[:page], per_page: 30)
+
+      page_ids = tenant_deployments.pluck(:iss, :deployment_id)
+
+      pairs = page_ids.reduce({}) do |acc, c| 
+        iss = c[0]
+        deployment_id = c[1]
+
+        acc[iss] = [] if acc[iss].nil?
+
+        acc[iss].push(deployment_id)
+        acc
+      end
+
+      page = pairs.reduce([]) do |acc, pair| 
+        iss = pair[0]
+        deployment_ids = pair[1]
+
+        deployments = AtomicLti.get_deployments(iss: iss, deployment_ids: deployment_ids)
+        acc.concat(deployments)
+      end
+
+      render json: {
+        deployments: page,
+        page: params[:page],
+        total_pages: tenant_deployments.total_pages
+      }
+    end
+
+    # def index
+    #   page = AtomicTenant::LtiDeployment.all.order(:id).paginate(page: params[:page], per_page: 30)
+    #   render json: {
+    #     deployments: page,
+    #     page: params[:page],
+    #     total_pages: page.total_pages
+    #   }
+    # end
+
+    def create
+      result = AtomicTenant::LtiDeployment.create!(deployment_params)
+      render json: { deployment: result }
+    end
+
+    def show
+      deployment = find_deployment
+      render json: { deployment: deployment }
+    end
+
+    # def update
+    #   deployment = find_deployment
+    #   deployment.update!(deployment_params)
+
+    #   render json: {deployment: find_deployment}
+    # end
+
+    def destroy
+      deployment = find_deployment
+      deployment.destroy
+      render json: { deployment: deployment }
+    end
+  end
+end

data/app/controllers/atomic_admin/atomic_tenant_platform_guid_strategy_controller.rb

@@ -0,0 +1,54 @@
+module AtomicAdmin
+  class AtomicTenantPlatformGuidStrategyController < ApplicationController
+    def pinned_platform_guid_params
+      params.permit(:iss, :platform_guid, :application_id, :application_instance_id)
+    end
+
+    def find_pinned_platform_guid
+      AtomicTenant::PinnedPlatformGuid.find(params[:id])
+    end
+
+    def search 
+      page = AtomicTenant::PinnedPlatformGuid
+        .where(application_instance_id: params[:application_instance_id])
+        .order(:id).paginate(page: params[:page], per_page: 30)
+      render json: {
+        pinned_platform_guids: page,
+        page: params[:page],
+        total_pages: page.total_pages
+      }
+    end
+
+    # def index 
+    #   page = AtomicTenant::PinnedPlatformGuid.all.order(:id).paginate(page: params[:page], per_page: 30)
+    #   render json: {
+    #     pinned_platform_guids: page,
+    #     page: params[:page],
+    #     total_pages: page.total_pages
+    #   }
+    # end
+
+    def create
+      result = AtomicTenant::PinnedPlatformGuid.create!(pinned_platform_guid_params)
+      render json: { pinned_platform_guid: result }
+    end
+
+    def show
+      pinned_platform_guid = find_pinned_platform_guid
+      render json: {pinned_platform_guid: pinned_platform_guid}
+    end
+
+    def update
+      pinned_platform_guid = find_pinned_platform_guid
+      pinned_platform_guid.update!(pinned_platform_guid_params)
+
+      render json: {pinned_platform_guid: find_pinned_platform_guid}
+    end
+
+    def destroy
+      pinned_platform_guid = find_pinned_platform_guid
+      pinned_platform_guid.destroy
+      render json: { pinned_platform_guid: pinned_platform_guid }
+    end
+  end
+end

data/app/jobs/atomic_admin/application_job.rb

@@ -0,0 +1,4 @@
+module AtomicAdmin
+  class ApplicationJob < ActiveJob::Base
+  end
+end

data/app/mailers/atomic_admin/application_mailer.rb

@@ -0,0 +1,6 @@
+module AtomicAdmin
+  class ApplicationMailer < ActionMailer::Base
+    default from: "from@example.com"
+    layout "mailer"
+  end
+end

data/app/models/atomic_admin/application_record.rb

@@ -0,0 +1,5 @@
+module AtomicAdmin
+  class ApplicationRecord < ActiveRecord::Base
+    self.abstract_class = true
+  end
+end

data/config/routes.rb

@@ -0,0 +1,13 @@
+AtomicAdmin::Engine.routes.draw do
+    # namespace :lti do 
+  resources :atomic_lti_platform
+  resources :atomic_lti_install
+  resources :atomic_tenant_deployment
+  post '/atomic_tenant_deployment/search', to: 'atomic_tenant_deployment#search'
+
+  resources :atomic_tenant_platform_guid_strategy
+  post '/atomic_tenant_platform_guid_strategy/search', to: 'atomic_tenant_platform_guid_strategy#search'
+  post '/atomic_tenant_client_id_strategy/search', to: 'atomic_tenant_client_id_strategy#search'
+
+  resources :atomic_tenant_client_id_strategy
+end

data/lib/atomic_admin/engine.rb

@@ -0,0 +1,6 @@
+module AtomicAdmin
+  class Engine < ::Rails::Engine
+    isolate_namespace AtomicAdmin
+    config.generators.api_only = true
+  end
+end

data/lib/atomic_admin/jwt_token.rb

@@ -0,0 +1,81 @@
+## Note: This code is basically copied out of the starter app to authenticate 
+##        admin app api calls. Lives at /app/controllers/concerns/jwt_token.rb in
+##        starter app
+module AtomicAdmin
+  module JwtToken
+ 
+    ALGORITHM = "HS512".freeze
+
+    class InvalidTokenError < StandardError; end
+
+    def self.valid?(token, secret = nil, algorithm = ALGORITHM)
+      decode(token, secret, true, algorithm)
+    end
+
+    def self.decode(token, secret = nil, validate = true, algorithm = ALGORITHM)
+      JWT.decode(
+        token,
+        secret || Rails.application.secrets.auth0_client_secret,
+        validate,
+        { algorithm: algorithm },
+      )
+    end
+
+    def decoded_jwt_token(req, secret = nil)
+      token = AtomicAdmin::JwtToken.valid?(encoded_token(req), secret)
+      raise InvalidTokenError, "Unable to decode jwt token" if token.blank?
+      raise InvalidTokenError, "Invalid token payload" if token.empty?
+
+      token[0]
+    end
+ 
+    def validate_token
+      return if @admin_app_validated
+
+      token = decoded_jwt_token(request)
+      raise InvalidTokenError if Rails.application.secrets.auth0_client_id != token["aud"]
+  
+      current_application_instance_id = request.env['atomic.validated.application_instance_id']
+      if current_application_instance_id && current_application_instance_id != token["application_instance_id"]
+        raise InvalidTokenError
+      end
+  
+      @user_tenant = token["user_tenant"] if token["user_tenant"].present?
+      @user = User.find(token["user_id"])
+  
+      sign_in(@user, event: :authentication, store: false)
+    rescue JWT::DecodeError, InvalidTokenError => e
+      Rails.logger.error "JWT Error occured #{e.inspect}"
+      begin
+        render json: { error: "Unauthorized: Invalid token." }, status: :unauthorized
+      rescue NoMethodError
+        raise GraphQL::ExecutionError, "Unauthorized: Invalid token."
+      end
+    end
+
+    def validate_admin_app_token
+      _bearer, jwt = request.headers['Authorization'].split(' ')
+      @atomic_admin_params = AtomicAdmin::JwtToken.decode(jwt, Rails.application.secrets.atomic_admin_shared_key)
+      @admin_app_validated = true
+    rescue JWT::DecodeError, InvalidTokenError => e
+      # fall back to regular app jwt
+      Rails.logger.error "JWT Error occured with admin app token #{e.inspect}"
+      @admin_app_validated = false
+    end
+  
+    protected
+  
+    def encoded_token(req)
+      return req.params[:jwt] if req.params[:jwt]
+  
+      header = req.headers["Authorization"] || req.headers[:authorization]
+      raise InvalidTokenError, "No authorization header found" if header.nil?
+  
+      token = header.split(" ").last
+      raise InvalidTokenError, "Invalid authorization header string" if token.nil?
+  
+      token
+    end
+  
+  end
+end

data/lib/atomic_admin/version.rb

@@ -0,0 +1,3 @@
+module AtomicAdmin
+  VERSION = "0.1.0"
+end

data/lib/atomic_admin.rb

@@ -0,0 +1,7 @@
+require "atomic_admin/version"
+require "atomic_admin/engine"
+require "atomic_admin/jwt_token"
+
+module AtomicAdmin
+  # Your code goes here...
+end

data/lib/tasks/atomic_admin_tasks.rake

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :atomic_admin do
+#   # Task goes here
+# end

metadata

@@ -0,0 +1,78 @@
+--- !ruby/object:Gem::Specification
+name: atomic_admin
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Nick Benoit
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2023-08-17 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '7.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '7.0'
+description: Engine to provide apis that power the atomic jolt admin app
+email:
+- nick.benoit@atomicjolt.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- MIT-LICENSE
+- README.md
+- Rakefile
+- app/controllers/atomic_admin/application_controller.rb
+- app/controllers/atomic_admin/atomic_lti_install_controller.rb
+- app/controllers/atomic_admin/atomic_lti_platform_controller.rb
+- app/controllers/atomic_admin/atomic_tenant_client_id_strategy_controller.rb
+- app/controllers/atomic_admin/atomic_tenant_deployment_controller.rb
+- app/controllers/atomic_admin/atomic_tenant_platform_guid_strategy_controller.rb
+- app/jobs/atomic_admin/application_job.rb
+- app/mailers/atomic_admin/application_mailer.rb
+- app/models/atomic_admin/application_record.rb
+- config/routes.rb
+- lib/atomic_admin.rb
+- lib/atomic_admin/engine.rb
+- lib/atomic_admin/jwt_token.rb
+- lib/atomic_admin/version.rb
+- lib/tasks/atomic_admin_tasks.rake
+homepage: https://github.com/atomicjolt/atomic_admin/
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/atomicjolt/atomic_admin/
+  source_code_uri: https://github.com/atomicjolt/atomic_admin/
+  changelog_uri: https://github.com/atomicjolt/atomic_admin/
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.4.15
+signing_key:
+specification_version: 4
+summary: Engine to provide apis that power the atomic jolt admin app
+test_files: []