soar-authentication-identity_uuid_translator 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 75d5f9b8860d8bdbdf32ffa7ffa5a3ca1876dec4
+  data.tar.gz: bf14f64cbb3fac590c1e4e1a7c8258512ae3db14
+SHA512:
+  metadata.gz: b0a41effcb26eb22ee5d79476637ef5ff61484ac150f52aa40adb4a05ec4f7badb3e9a3cb7b6973c58cf49bcffd6f823ee6c6297f84031dce3307dbad75d79c5
+  data.tar.gz: 040fb1c8e57b7c4b217a07602b726d96829163e598e74dc106a49ebceb5befe025e5ea748400d9534e10c2af127e9fd2c12bb7fac6752808bd383bf8628649a0

data/.gemspec

@@ -0,0 +1,16 @@
+Gem::Specification.new do |spec|
+  spec.name          = "soar-authentication-identity_uuid_translator"
+  spec.version       = "1.0.0"
+  spec.authors       = ["Charles Mulder"]
+  spec.email         = ["charles.mulder@hetzner.co.za"]
+
+  spec.summary       = %q{ Translate an identifier into a UUID}
+  spec.homepage      = "https://github.com/hetznerZA/soar-authentication-identity"
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.require_paths = ["lib"]
+
+  spec.add_runtime_dependency 'soar-registry-identity', '~> 4.0', '>= 4.0.2'
+  spec.add_runtime_dependency 'object_selector', '~> 1.0', '>= 1.0.1'
+  spec.add_runtime_dependency 'uuidtools', '~> 2.1', '>= 2.1.5'
+end

data/.gitignore

@@ -0,0 +1,24 @@
+*.swp
+*.swo
+# Used by dotenv library to load environment variables.
+# .env
+
+## Documentation cache and generated files:
+/.yardoc/
+/_yardoc/
+/doc/
+/rdoc/
+
+## Environment normalization:
+/.bundle/
+/vendor/bundle
+/lib/bundler/man/
+
+# for a library or gem, you might want to ignore these files since the code is
+# intended to run in multiple environments; otherwise, check them in:
+# Gemfile.lock
+.ruby-version
+.ruby-gemset
+*.gem
+.byebug_history
+Gemfile.lock

data/.rspec

@@ -0,0 +1,3 @@
+--color
+--format documentation
+--require spec_helper

data/Dockerfile.dynamo_db

@@ -0,0 +1,5 @@
+FROM openjdk:7
+WORKDIR /opt/dynamodb_local
+RUN wget -q -O - http://dynamodb-local.s3-website-us-west-2.amazonaws.com/dynamodb_local_latest.tar.gz | tar -xzf - -C /opt/dynamodb_local
+EXPOSE 8000
+ENTRYPOINT ["/usr/bin/java", "-Djava.library.path=/opt/dynamodb_local/DynamoDBLocal_lib", "-jar", "DynamoDBLocal.jar", "-inMemory"]

data/Dockerfile.features

@@ -0,0 +1,7 @@
+FROM ruby:2.3
+RUN apt-get update && apt-get install -y mysql-client libmysqlclient-dev
+WORKDIR /usr/local/src
+ADD Gemfile .gemspec /usr/local/src/
+RUN bundle install --without development --with test
+ADD . /usr/local/src/
+CMD sleep 10; bundle exec cucumber;

data/Dockerfile.rspec

@@ -0,0 +1,6 @@
+FROM ruby:2.3
+WORKDIR /usr/local/src
+ADD Gemfile .gemspec /usr/local/src/
+RUN bundle install --without development --with test
+ADD . /usr/local/src/
+

data/Gemfile

@@ -0,0 +1,10 @@
+source 'https://rubygems.org'
+
+gemspec
+
+group :test do
+  gem 'cucumber', '~> 2.4'
+  gem 'rspec', '~> 3.5'
+  gem 'hashie', '~> 3.5', '>= 3.5.5'
+  gem 'faker', '~> 1.7', '>= 1.7.3'
+end

data/README.md

@@ -0,0 +1,86 @@
+# Soar::Authentication::IdentityUuidTranslator
+Used by authentication service to translate an identity identifier into an UUID
+
+## Domain Analysis
+* [Identity UUID translation service](https://docs.google.com/a/hetzner.co.za/drawings/d/1lMExQnQn8uUyZ1eOjiDNrFr0OYZlKqkC-mx7oMx3sdo/edit?usp=sharing)
+* [Staff UUID translator](https://docs.google.com/a/hetzner.co.za/drawings/d/1kD4-24cucI23Xo0O3VCN9gFpfTcg_QvYmNhCP8oLCVs/edit?usp=sharing)
+* [Customer UUID translator](https://docs.google.com/a/hetzner.co.za/drawings/d/1wOINf-wbShfQbtv8p6py1y_IfxHtxjk93fA26d-D18M/edit?usp=sharing)
+
+## Tests
+
+### Local
+
+#### Soar::Authentication::IdentityUuidTranslator::Factory
+```bash
+$ bundle exec rspec spec/factory_spec.rb
+```
+
+#### Soar::Authentication::IdentityUuidTranslator::RoleGenerator
+```bash
+$ docker-compose --file docker-compose.dynamo_db.yml up --remove-orphans
+$ ROLES_DIRECTORY_CONFIG_FILE=config.dynamo_db.yml bundle exec rspec spec/role_generator_spec.rb
+```
+
+#### Soar::Authentication::IdentityUuidTranslator::Provider::Customer
+
+```bash
+$ docker-compose --file docker-compose.customer.yml up --remove-orphans
+$ ROLES_DIRECTORY_CONFIG_FILE=config.dynamo_db.yml IDENTITY_DIRECTORY_CONFIG_FILE=config.mysql.yml TEST_ORCHESTRATION_PROVIDER=CustomerClientNumber bundle exec cucumber
+```
+
+```bash
+$ docker-compose --file docker-compose.customer.yml up --remove-orphans
+$ ROLES_DIRECTORY_CONFIG_FILE=config.dynamo_db.yml IDENTITY_DIRECTORY_CONFIG_FILE=config.mysql.yml TEST_ORCHESTRATION_PROVIDER=CustomerEmail bundle exec cucumber
+```
+
+#### Soar::Authentication::IdentityUuidTranslator::Provider::Staff
+
+```bash
+$ docker-compose --file docker-compose.staff.yml up --remove-orphans
+$ ROLES_DIRECTORY_CONFIG_FILE=config.dynamo_db.yml IDENTITY_DIRECTORY_CONFIG_FILE=config.ldap.yml TEST_ORCHESTRATION_PROVIDER=Staff bundle exec cucumber
+```
+
+#### Domain identity provider
+Not implemented
+
+### CI
+
+#### Soar::Authentication::IdentityUuidTranslator::Factory
+```bash
+docker-compose --file docker-compose.ci.factory.yml --project-name soar-authentication-identity_uuid_translator-factory up --abort-on-container-exit --remove-orphans --build --force-recreate
+EXIT_CODE=$(docker ps -a -f "name=soarauthenticationidentityuuidtranslatorfactory_tests" -q | xargs docker inspect -f "{{ .State.ExitCode }}");
+docker-compose --file docker-compose.ci.factory.yml --project-name soar-authentication-identity_uuid_translator-factory down --rmi local
+exit $EXIT_CODE;
+```
+
+#### Soar::Authentication::IdentityUuidTranslator::RoleGenerator
+```bash
+docker-compose --file docker-compose.ci.role_generator.yml --project-name soar-authentication-identity_uuid_translator-role_generator up --abort-on-container-exit --remove-orphans --build --force-recreate
+EXIT_CODE=$(docker ps -a -f "name=soarauthenticationidentityuuidtranslatorrolegenerator_tests" -q | xargs docker inspect -f "{{ .State.ExitCode }}");
+docker-compose --file docker-compose.ci.role_generator.yml --project-name soar-authentication-identity_uuid_translator-role_generator down --rmi local
+exit $EXIT_CODE;
+```
+
+#### Soar::Authentication::IdentityUuidTranslator::Provider::Customer
+```bash
+docker-compose --file docker-compose.ci.customer_email.yml --project-name soar-authentication-identity_uuid_translator-provider-customer_email up --abort-on-container-exit --remove-orphans --build --force-recreate
+EXIT_CODE=$(docker ps -a -f "name=soarauthenticationidentityuuidtranslatorprovidercustomeremail_tests" -q | xargs docker inspect -f "{{ .State.ExitCode }}");
+docker-compose --file docker-compose.ci.customer_email.yml --project-name soar-authentication-identity_uuid_translator-provider-customer_email down --rmi local
+exit $EXIT_CODE;
+```
+
+```bash
+docker-compose --file docker-compose.ci.customer_client_number.yml --project-name soar-authentication-identity_uuid_translator-provider-customer_client_number up --abort-on-container-exit --remove-orphans --build --force-recreate
+EXIT_CODE=$(docker ps -a -f "name=soarauthenticationidentityuuidtranslatorprovidercustomerclientnumber_tests" -q | xargs docker inspect -f "{{ .State.ExitCode }}");
+docker-compose --file docker-compose.ci.customer_client_number.yml --project-name soar-authentication-identity_uuid_translator-provider-customer_client_number down --rmi local
+exit $EXIT_CODE;
+```
+
+#### Soar::Authentication::IdentityUuidTranslator::Provider::Staff
+```bash
+docker-compose --file docker-compose.ci.staff.yml --project-name soar-authentication-identity_uuid_translator-provider-staff up --abort-on-container-exit --remove-orphans --build --force-recreate
+EXIT_CODE=$(docker ps -a -f "name=soarauthenticationidentityuuidtranslatorproviderstaff_tests" -q | xargs docker inspect -f "{{ .State.ExitCode }}");
+docker-compose --file docker-compose.ci.staff.yml --project-name soar-authentication-identity_uuid_translator-provider-staff down --rmi local
+exit $EXIT_CODE;
+```
+

data/Rakefile

@@ -0,0 +1,14 @@
+task :default => :test
+
+task :test do
+  Rake::Task['rspec'].execute
+  Rake::Task['cucumber'].execute
+end
+
+task :rspec do
+  `rspec`
+end
+
+task :cucumber do
+  `cucumber`
+end

data/config/config.ci.dynamo_db.yml

@@ -0,0 +1,15 @@
+class: 'Soar::Registry::Staff::Directory::DynamoDb'
+config: 
+  table: 
+    name: 'identity_roles'
+    index:
+      partition_key: 'identity_uuid'
+      sort_key: 'identity_role'
+  configuration: 
+    region: 'us-west-2'
+    endpoint: 'http://dynamodb:8000'
+    http_read_timeout: 1, 
+    retry_limit: 0
+  credentials:
+    username: 'username'
+    password: 'secret'

data/config/config.ci.ldap.yml

@@ -0,0 +1,17 @@
+class: 'Soar::Registry::Directory::Provider::Ldap'
+config:
+  base: 'dc=hetzner,dc=co,dc=za'
+  index:
+    - 'entryuuid'
+    - 'mail'
+  config:
+    host: 'ldap'
+    port: 636
+  attributes: 
+    - 'entryuuid'
+    - 'cn' 
+    - 'mail' 
+    - 'sn'
+  credentials: 
+    username: 'cn=admin,dc=hetzner,dc=co,dc=za'
+    password: 'secret'

data/config/config.ci.mysql.yml

@@ -0,0 +1,18 @@
+class: 'Soar::Registry::Directory::Provider::Mysql'
+config: 
+  index:
+    - "ID"
+    - "Client_Number"
+    - "Notifyemail_Invoice"
+  config: 
+    database: 'konsoleh_genie'
+    table: 'Client'
+    host: 'mysql'
+    port: 3306
+  attributes:
+      - 'ID'
+      - 'Client_Number'
+      - 'Notifyemail_Invoice'
+  credentials: 
+    username: 'genie'
+    password: 'secret'

data/config/config.dynamo_db.yml

@@ -0,0 +1,15 @@
+class: 'Soar::Registry::Staff::Directory::DynamoDb'
+config: 
+  table: 
+    name: 'identity_roles'
+    index:
+      partition_key: 'identity_uuid'
+      sort_key: 'identity_role'
+  configuration: 
+    region: 'us-west-2'
+    endpoint: 'http://localhost:8000'
+    http_read_timeout: 1, 
+    retry_limit: 0
+  credentials:
+    username: 'username'
+    password: 'secret'

data/config/config.ldap.yml

@@ -0,0 +1,17 @@
+class: 'Soar::Registry::Directory::Provider::Ldap'
+config:
+  base: 'dc=hetzner,dc=co,dc=za'
+  index:
+    - 'entryuuid'
+    - 'mail'
+  config:
+    host: 'localhost'
+    port: 636
+  attributes: 
+    - 'entryuuid'
+    - 'cn' 
+    - 'mail' 
+    - 'sn'
+  credentials: 
+    username: 'cn=admin,dc=hetzner,dc=co,dc=za'
+    password: 'secret'

data/config/config.mysql.yml

@@ -0,0 +1,18 @@
+class: 'Soar::Registry::Directory::Provider::Mysql'
+config: 
+  index:
+    - "ID"
+    - "Client_Number"
+    - "Notifyemail_Invoice"
+  config: 
+    database: 'konsoleh_genie'
+    table: 'Client'
+    host: '0.0.0.0'
+    port: 3306
+  attributes:
+      - 'ID'
+      - 'Client_Number'
+      - 'Notifyemail_Invoice'
+  credentials: 
+    username: 'genie'
+    password: 'secret'

data/docker-compose.ci.customer_client_number.yml

@@ -0,0 +1,34 @@
+version: "2"
+services:
+    mysql:
+        image: mysql:5.5
+        expose: 
+            - "3306"
+        environment:
+            - MYSQL_ROOT_PASSWORD=secret
+            - MYSQL_DATABASE=konsoleh_genie
+            - MYSQL_USER=genie
+            - MYSQL_PASSWORD=secret
+
+    dynamodb:
+        build: 
+            context: .
+            dockerfile: Dockerfile.dynamo_db
+        expose: 
+            - "8000"
+
+    tests:
+        build: 
+            context: .
+            dockerfile: Dockerfile.features
+        links: 
+            - mysql 
+            - dynamodb
+        environment:
+            - ROLES_DIRECTORY_CONFIG_FILE=config.ci.dynamo_db.yml 
+            - IDENTITY_DIRECTORY_CONFIG_FILE=config.ci.mysql.yml 
+            - TEST_ORCHESTRATION_PROVIDER=CustomerClientNumber
+
+
+
+

data/docker-compose.ci.customer_email.yml

@@ -0,0 +1,34 @@
+version: "2"
+services:
+    mysql:
+        image: mysql:5.5
+        expose: 
+            - "3306"
+        environment:
+            - MYSQL_ROOT_PASSWORD=secret
+            - MYSQL_DATABASE=konsoleh_genie
+            - MYSQL_USER=genie
+            - MYSQL_PASSWORD=secret
+
+    dynamodb:
+        build: 
+            context: .
+            dockerfile: Dockerfile.dynamo_db
+        expose: 
+            - "8000"
+
+    tests:
+        build: 
+            context: .
+            dockerfile: Dockerfile.features
+        links: 
+            - mysql 
+            - dynamodb
+        environment:
+            - ROLES_DIRECTORY_CONFIG_FILE=config.ci.dynamo_db.yml 
+            - IDENTITY_DIRECTORY_CONFIG_FILE=config.ci.mysql.yml 
+            - TEST_ORCHESTRATION_PROVIDER=CustomerEmail
+
+
+
+

data/docker-compose.ci.factory.yml

@@ -0,0 +1,16 @@
+version: "2"
+services:
+
+    tests:
+        build: 
+            context: .
+            dockerfile: Dockerfile.rspec
+        command: 
+          - bundle
+          - exec 
+          - rspec
+          - "spec/factory_spec.rb"
+
+
+
+

data/docker-compose.ci.role_generator.yml

@@ -0,0 +1,27 @@
+version: "2"
+services:
+
+    dynamodb:
+        build: 
+            context: .
+            dockerfile: Dockerfile.dynamo_db
+        expose: 
+            - "8000"
+
+    tests:
+        build: 
+            context: .
+            dockerfile: Dockerfile.rspec
+        links:
+          - dynamodb
+        command: 
+          - bundle
+          - exec 
+          - rspec
+          - "spec/role_generator_spec.rb"
+        environment: 
+          - ROLES_DIRECTORY_CONFIG_FILE=config.ci.dynamo_db.yml
+
+
+
+

data/docker-compose.ci.staff.yml

@@ -0,0 +1,37 @@
+version: "2"
+services:
+    ldap:
+        image: osixia/openldap:1.1.7
+        expose: 
+            - "636"
+        hostname: hetzner.co.za
+        environment:
+            - LDAP_DOMAIN=hetzner.co.za
+            - LDAP_ORGANISATION=Hetzner
+            - LDAP_ADMIN_PASSWORD=secret
+            - LDAP_TLS_VERIFY_CLIENT=never
+            - LDAP_TLS_PROTOCOL_MIN=1.2
+            - LDAP_TLS_CIPHER_SUITE=SECURE128:-VERS-SSL3.0:+VERS-TLS1.2
+
+    dynamodb:
+        build: 
+            context: .
+            dockerfile: Dockerfile.dynamo_db
+        expose: 
+            - "8000"
+
+    tests:
+        build: 
+            context: .
+            dockerfile: Dockerfile.features
+        links: 
+            - ldap
+            - dynamodb
+        environment:
+            - ROLES_DIRECTORY_CONFIG_FILE=config.ci.dynamo_db.yml 
+            - IDENTITY_DIRECTORY_CONFIG_FILE=config.ci.ldap.yml 
+            - TEST_ORCHESTRATION_PROVIDER=Staff
+
+
+
+