k2hr3-api 1.0.25 → 1.0.26
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/ChangeLog +6 -0
- package/lib/k2hr3tokens.js +94 -60
- package/package.json +1 -1
- package/routes/userTokens.js +77 -126
- package/tests/auto_usertokens.js +6 -6
package/ChangeLog
CHANGED
|
@@ -1,3 +1,9 @@
|
|
|
1
|
+
k2hr3-api (1.0.26) unstable; urgency=low
|
|
2
|
+
|
|
3
|
+
* Added response object members in userToken GET API - #102
|
|
4
|
+
|
|
5
|
+
-- Takeshi Nakatani <ggtakec@gmail.com> Thu, 13 Jul 2023 09:11:09 +0900
|
|
6
|
+
|
|
1
7
|
k2hr3-api (1.0.25) unstable; urgency=low
|
|
2
8
|
|
|
3
9
|
* Added TENANT API for Local Tenant and updated etc - #100
|
package/lib/k2hr3tokens.js
CHANGED
|
@@ -639,16 +639,19 @@ function rawRemoveScopedUserToken(token)
|
|
|
639
639
|
//
|
|
640
640
|
// result : null or token information
|
|
641
641
|
// {
|
|
642
|
-
// role:
|
|
643
|
-
// user:
|
|
644
|
-
// hostname:
|
|
645
|
-
// ip:
|
|
646
|
-
// port:
|
|
647
|
-
// cuk:
|
|
648
|
-
// extra:
|
|
649
|
-
// tenant:
|
|
650
|
-
//
|
|
651
|
-
//
|
|
642
|
+
// role: role name
|
|
643
|
+
// user: user name
|
|
644
|
+
// hostname: always null
|
|
645
|
+
// ip: always null
|
|
646
|
+
// port: always 0
|
|
647
|
+
// cuk: always null
|
|
648
|
+
// extra: always null
|
|
649
|
+
// tenant: tenant name
|
|
650
|
+
// display: display alias name for tenant
|
|
651
|
+
// id: tenant id string
|
|
652
|
+
// description: description for tenant
|
|
653
|
+
// scoped: role token is always scoped(true)
|
|
654
|
+
// region: when user token, the creator region name of the token
|
|
652
655
|
// }
|
|
653
656
|
//
|
|
654
657
|
function rawCheckUserToken(token)
|
|
@@ -1747,16 +1750,19 @@ function rawGetDirectRoleTokenInfo(dkcobj_permanent, tokens)
|
|
|
1747
1750
|
//
|
|
1748
1751
|
// result : null or token information
|
|
1749
1752
|
// {
|
|
1750
|
-
// role:
|
|
1751
|
-
// user:
|
|
1752
|
-
// hostname:
|
|
1753
|
-
// ip:
|
|
1754
|
-
// port:
|
|
1755
|
-
// cuk:
|
|
1756
|
-
// extra:
|
|
1757
|
-
// tenant:
|
|
1758
|
-
//
|
|
1759
|
-
//
|
|
1753
|
+
// role: role name
|
|
1754
|
+
// user: null or user name
|
|
1755
|
+
// hostname: null or host name
|
|
1756
|
+
// ip: null or ip address
|
|
1757
|
+
// port: port number(if host is existed), 0 means any
|
|
1758
|
+
// cuk: cuk(allowed null)
|
|
1759
|
+
// extra: extra(allowed null)
|
|
1760
|
+
// tenant: tenant name
|
|
1761
|
+
// display: display alias name for tenant
|
|
1762
|
+
// id: tenant id string
|
|
1763
|
+
// description: description for tenant
|
|
1764
|
+
// scoped: role token is always scoped(true)
|
|
1765
|
+
// region: role token is always null
|
|
1760
1766
|
// }
|
|
1761
1767
|
//
|
|
1762
1768
|
function rawCheckRoleToken(token, ip, port, cuk, is_strict)
|
|
@@ -1828,6 +1834,12 @@ function rawCheckRoleToken(token, ip, port, cuk, is_strict)
|
|
|
1828
1834
|
return null;
|
|
1829
1835
|
}
|
|
1830
1836
|
|
|
1837
|
+
// Get tenant information
|
|
1838
|
+
var tenant_keys = r3keys(null, value.tenant);
|
|
1839
|
+
value.display = apiutil.getSafeString(dkcobj.getValue(tenant_keys.TENANT_DISP_KEY, null, true, null));
|
|
1840
|
+
value.id = apiutil.getSafeString(dkcobj.getValue(tenant_keys.TENANT_ID_KEY, null, true, null));
|
|
1841
|
+
value.description = apiutil.getSafeString(dkcobj.getValue(tenant_keys.TENANT_DESC_KEY, null, true, null));
|
|
1842
|
+
|
|
1831
1843
|
// compare ip address, if they are specified and token is not created by user
|
|
1832
1844
|
if(!apiutil.isSafeString(value.user)){
|
|
1833
1845
|
if(!apiutil.isSafeString(ip) || ip !== value.ip){
|
|
@@ -1909,17 +1921,20 @@ function rawCheckRoleToken(token, ip, port, cuk, is_strict)
|
|
|
1909
1921
|
}
|
|
1910
1922
|
|
|
1911
1923
|
// make result
|
|
1912
|
-
var token_info
|
|
1913
|
-
token_info.role
|
|
1914
|
-
token_info.user
|
|
1915
|
-
token_info.hostname
|
|
1916
|
-
token_info.ip
|
|
1917
|
-
token_info.port
|
|
1918
|
-
token_info.cuk
|
|
1919
|
-
token_info.extra
|
|
1920
|
-
token_info.tenant
|
|
1921
|
-
token_info.
|
|
1922
|
-
token_info.
|
|
1924
|
+
var token_info = {};
|
|
1925
|
+
token_info.role = value.role;
|
|
1926
|
+
token_info.user = value.user;
|
|
1927
|
+
token_info.hostname = value.hostname; // hostname
|
|
1928
|
+
token_info.ip = value.ip;
|
|
1929
|
+
token_info.port = value.port;
|
|
1930
|
+
token_info.cuk = value.cuk;
|
|
1931
|
+
token_info.extra = value.extra;
|
|
1932
|
+
token_info.tenant = value.tenant;
|
|
1933
|
+
token_info.display = value.display;
|
|
1934
|
+
token_info.id = value.id;
|
|
1935
|
+
token_info.description = value.description;
|
|
1936
|
+
token_info.scoped = true; // role token is always scoped
|
|
1937
|
+
token_info.region = null;
|
|
1923
1938
|
|
|
1924
1939
|
return token_info;
|
|
1925
1940
|
}
|
|
@@ -2152,10 +2167,19 @@ function rawGetUserTenantByToken(token)
|
|
|
2152
2167
|
dkcobj.clean();
|
|
2153
2168
|
return null;
|
|
2154
2169
|
}
|
|
2155
|
-
var
|
|
2156
|
-
var
|
|
2157
|
-
|
|
2158
|
-
|
|
2170
|
+
var user_name = apiutil.getSafeString(matches[1]);
|
|
2171
|
+
var tenant_name = apiutil.getSafeString(matches[2]);
|
|
2172
|
+
var tenant_display = null;
|
|
2173
|
+
var tenant_id = null;
|
|
2174
|
+
var tenant_desc = null;
|
|
2175
|
+
|
|
2176
|
+
if('' === tenant_name){
|
|
2177
|
+
tenant_name = null;
|
|
2178
|
+
}else{
|
|
2179
|
+
var tenant_keys = r3keys(user_name, tenant_name);
|
|
2180
|
+
tenant_display = apiutil.getSafeString(dkcobj.getValue(tenant_keys.TENANT_DISP_KEY, null, true, null));
|
|
2181
|
+
tenant_id = apiutil.getSafeString(dkcobj.getValue(tenant_keys.TENANT_ID_KEY, null, true, null));
|
|
2182
|
+
tenant_desc = apiutil.getSafeString(dkcobj.getValue(tenant_keys.TENANT_DESC_KEY, null, true, null));
|
|
2159
2183
|
}
|
|
2160
2184
|
|
|
2161
2185
|
// if token has seed, need to check seed
|
|
@@ -2168,20 +2192,21 @@ function rawGetUserTenantByToken(token)
|
|
|
2168
2192
|
//
|
|
2169
2193
|
//r3logger.dlog('token key(' + user_token_key + ') has seed.');
|
|
2170
2194
|
|
|
2171
|
-
var vres = osapi.verifyUserToken(
|
|
2195
|
+
var vres = osapi.verifyUserToken(user_name, tenant_name, token, token_seed);
|
|
2172
2196
|
if(!vres.result){
|
|
2173
2197
|
r3logger.elog('failed to verify token(' + token + ') with seed by ' + vres.message);
|
|
2174
2198
|
return null;
|
|
2175
2199
|
}
|
|
2176
2200
|
}
|
|
2177
2201
|
|
|
2178
|
-
/* eslint-disable indent, no-mixed-spaces-and-tabs */
|
|
2179
2202
|
var result = {
|
|
2180
|
-
|
|
2181
|
-
|
|
2182
|
-
|
|
2183
|
-
|
|
2184
|
-
|
|
2203
|
+
user: user_name,
|
|
2204
|
+
tenant: tenant_name,
|
|
2205
|
+
display: tenant_display,
|
|
2206
|
+
id: tenant_id,
|
|
2207
|
+
description: tenant_desc,
|
|
2208
|
+
region: region
|
|
2209
|
+
};
|
|
2185
2210
|
|
|
2186
2211
|
return result;
|
|
2187
2212
|
}
|
|
@@ -2191,8 +2216,10 @@ function rawGetUserTenantByToken(token)
|
|
|
2191
2216
|
//---------------------------------------------------------
|
|
2192
2217
|
// result [
|
|
2193
2218
|
// {
|
|
2194
|
-
// name:
|
|
2195
|
-
// display:
|
|
2219
|
+
// name: "tenant name", => tenant name which is "key" in k2hdkc
|
|
2220
|
+
// display: "display tenant name" => display alias name for tenant
|
|
2221
|
+
// id: "tenant id" => tenant id string
|
|
2222
|
+
// description: "tenant description" => description for tenant
|
|
2196
2223
|
// },
|
|
2197
2224
|
// ...
|
|
2198
2225
|
// ]
|
|
@@ -2245,13 +2272,15 @@ function rawGetTenantListByUserWithDkc(dkcobj_permanent, user)
|
|
|
2245
2272
|
var tenant_list = new Array(0);
|
|
2246
2273
|
for(cnt = 0; cnt < name_list.length; ++cnt){
|
|
2247
2274
|
var tenant_keys = r3keys(user, name_list[cnt]);
|
|
2248
|
-
var
|
|
2249
|
-
|
|
2250
|
-
|
|
2251
|
-
|
|
2275
|
+
var tenant_display = apiutil.getSafeString(dkcobj_permanent.getValue(tenant_keys.TENANT_DISP_KEY, null, true, null));
|
|
2276
|
+
var tenant_id = apiutil.getSafeString(dkcobj_permanent.getValue(tenant_keys.TENANT_ID_KEY, null, true, null));
|
|
2277
|
+
var tenant_desc = apiutil.getSafeString(dkcobj_permanent.getValue(tenant_keys.TENANT_DESC_KEY, null, true, null));
|
|
2278
|
+
|
|
2252
2279
|
tenant_list.push({
|
|
2253
2280
|
name: name_list[cnt],
|
|
2254
|
-
display:
|
|
2281
|
+
display: tenant_display,
|
|
2282
|
+
id: tenant_id,
|
|
2283
|
+
description: tenant_desc
|
|
2255
2284
|
});
|
|
2256
2285
|
}
|
|
2257
2286
|
|
|
@@ -2260,8 +2289,10 @@ function rawGetTenantListByUserWithDkc(dkcobj_permanent, user)
|
|
|
2260
2289
|
|
|
2261
2290
|
// result [
|
|
2262
2291
|
// {
|
|
2263
|
-
// name:
|
|
2264
|
-
// display:
|
|
2292
|
+
// name: "tenant name", => tenant name which is "key" in k2hdkc
|
|
2293
|
+
// display: "display tenant name" => display alias name for tenant
|
|
2294
|
+
// id: "tenant id" => tenant id string
|
|
2295
|
+
// description: "tenant description" => description for tenant
|
|
2265
2296
|
// },
|
|
2266
2297
|
// ...
|
|
2267
2298
|
// ]
|
|
@@ -2429,15 +2460,18 @@ function rawCheckTenantInTenantList(tenants, tenant)
|
|
|
2429
2460
|
//
|
|
2430
2461
|
// token is following:
|
|
2431
2462
|
// {
|
|
2432
|
-
// role:
|
|
2433
|
-
// user:
|
|
2434
|
-
// hostname:
|
|
2435
|
-
// ip:
|
|
2436
|
-
// port:
|
|
2437
|
-
// cuk:
|
|
2438
|
-
// extra:
|
|
2439
|
-
// tenant:
|
|
2440
|
-
//
|
|
2463
|
+
// role: role name
|
|
2464
|
+
// user: null or user name
|
|
2465
|
+
// hostname: null or host name
|
|
2466
|
+
// ip: null or host ip address
|
|
2467
|
+
// port: port number(if host is existed), 0 means any
|
|
2468
|
+
// cuk: cuk(allowed null)
|
|
2469
|
+
// extra: extra(allowed null)
|
|
2470
|
+
// tenant: tenant name
|
|
2471
|
+
// display: display alias name for tenant
|
|
2472
|
+
// id: tenant id string
|
|
2473
|
+
// description: description for tenant
|
|
2474
|
+
// scoped: role token is always scoped(true)
|
|
2441
2475
|
// }
|
|
2442
2476
|
|
|
2443
2477
|
function rawCheckToken(req, is_scoped, is_user)
|
package/package.json
CHANGED
package/routes/userTokens.js
CHANGED
|
@@ -50,13 +50,10 @@ function rawCommonGetUserToken(req, res, unscopedToken, otherToken, username, pa
|
|
|
50
50
|
// Get token from User Credentials
|
|
51
51
|
//
|
|
52
52
|
if(!apiutil.isSafeString(username)){
|
|
53
|
-
/* eslint-disable indent, no-mixed-spaces-and-tabs */
|
|
54
53
|
error = {
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
/* eslint-enable indent, no-mixed-spaces-and-tabs */
|
|
59
|
-
|
|
54
|
+
result: false,
|
|
55
|
+
message: 'Some parameter(user name or unscoped token) is wrong.'
|
|
56
|
+
};
|
|
60
57
|
r3logger.elog(error.message);
|
|
61
58
|
resutil.errResponse(req, res, 400, error); // 400: Bad Request
|
|
62
59
|
return;
|
|
@@ -65,27 +62,21 @@ function rawCommonGetUserToken(req, res, unscopedToken, otherToken, username, pa
|
|
|
65
62
|
r3token.getUserToken(_username, _passwd, _tenant, function(err, token)
|
|
66
63
|
{
|
|
67
64
|
if(null !== err){
|
|
68
|
-
/* eslint-disable indent, no-mixed-spaces-and-tabs */
|
|
69
65
|
var error = {
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
/* eslint-enable indent, no-mixed-spaces-and-tabs */
|
|
74
|
-
|
|
66
|
+
result: false,
|
|
67
|
+
message: 'could not get scoped user token for user=' + _username + ', tenant=' + _tenant + ' by ' + err.message
|
|
68
|
+
};
|
|
75
69
|
r3logger.elog(error.message);
|
|
76
70
|
resutil.errResponse(_req, _res, 404, error); // 404: Not Found
|
|
77
71
|
return;
|
|
78
72
|
}
|
|
79
73
|
r3logger.dlog('get user token jsonres = ' + JSON.stringify(token));
|
|
80
74
|
|
|
81
|
-
/* eslint-disable indent, no-mixed-spaces-and-tabs */
|
|
82
75
|
var result = { result: true,
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
/* eslint-enable indent, no-mixed-spaces-and-tabs */
|
|
88
|
-
|
|
76
|
+
message: 'succeed',
|
|
77
|
+
scoped: apiutil.isSafeString(_tenant),
|
|
78
|
+
token: token
|
|
79
|
+
};
|
|
89
80
|
_res.status(201); // 201: Created
|
|
90
81
|
_res.send(JSON.stringify(result));
|
|
91
82
|
});
|
|
@@ -95,13 +86,10 @@ function rawCommonGetUserToken(req, res, unscopedToken, otherToken, username, pa
|
|
|
95
86
|
// Get Scoped token from Unscoped token
|
|
96
87
|
//
|
|
97
88
|
if(!apiutil.isSafeString(username)){
|
|
98
|
-
/* eslint-disable indent, no-mixed-spaces-and-tabs */
|
|
99
89
|
error = {
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
/* eslint-enable indent, no-mixed-spaces-and-tabs */
|
|
104
|
-
|
|
90
|
+
result: false,
|
|
91
|
+
message: 'Some parameter(user name or unscoped token) is wrong.'
|
|
92
|
+
};
|
|
105
93
|
r3logger.elog(error.message);
|
|
106
94
|
resutil.errResponse(req, res, 400, error); // 400: Bad Request
|
|
107
95
|
return;
|
|
@@ -110,27 +98,22 @@ function rawCommonGetUserToken(req, res, unscopedToken, otherToken, username, pa
|
|
|
110
98
|
r3token.getScopedUserToken(_unscopedToken, _username, _tenant, function(err, token)
|
|
111
99
|
{
|
|
112
100
|
if(null !== err){
|
|
113
|
-
/* eslint-disable indent, no-mixed-spaces-and-tabs */
|
|
114
101
|
var error = {
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
/* eslint-enable indent, no-mixed-spaces-and-tabs */
|
|
119
|
-
|
|
102
|
+
result: false,
|
|
103
|
+
message: 'could not get scoped user token for user=' + _username + ', tenant=' + _tenant + ' by ' + err.message
|
|
104
|
+
};
|
|
120
105
|
r3logger.elog(error.message);
|
|
121
106
|
resutil.errResponse(_req, _res, 404, error); // 404: Not Found
|
|
122
107
|
return;
|
|
123
108
|
}
|
|
124
109
|
r3logger.dlog('get user token jsonres = ' + JSON.stringify(token));
|
|
125
110
|
|
|
126
|
-
/* eslint-disable indent, no-mixed-spaces-and-tabs */
|
|
127
111
|
var result = {
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
/* eslint-enable indent, no-mixed-spaces-and-tabs */
|
|
112
|
+
result: true,
|
|
113
|
+
message: 'succeed',
|
|
114
|
+
scoped: apiutil.isSafeString(_tenant),
|
|
115
|
+
token: token
|
|
116
|
+
};
|
|
134
117
|
|
|
135
118
|
_res.status(201); // 201: Created
|
|
136
119
|
_res.send(JSON.stringify(result));
|
|
@@ -143,28 +126,22 @@ function rawCommonGetUserToken(req, res, unscopedToken, otherToken, username, pa
|
|
|
143
126
|
r3token.getUserTokenByToken(_otherToken, _tenant, function(err, token)
|
|
144
127
|
{
|
|
145
128
|
if(null !== err){
|
|
146
|
-
/* eslint-disable indent, no-mixed-spaces-and-tabs */
|
|
147
129
|
var error = {
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
/* eslint-enable indent, no-mixed-spaces-and-tabs */
|
|
152
|
-
|
|
130
|
+
result: false,
|
|
131
|
+
message: 'could not get scoped user token for other token, tenant=' + _tenant + ' by ' + err.message
|
|
132
|
+
};
|
|
153
133
|
r3logger.elog(error.message);
|
|
154
134
|
resutil.errResponse(_req, _res, 404, error); // 404: Not Found
|
|
155
135
|
return;
|
|
156
136
|
}
|
|
157
137
|
r3logger.dlog('get user token jsonres = ' + JSON.stringify(token));
|
|
158
138
|
|
|
159
|
-
/* eslint-disable indent, no-mixed-spaces-and-tabs */
|
|
160
139
|
var result = {
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
/* eslint-enable indent, no-mixed-spaces-and-tabs */
|
|
167
|
-
|
|
140
|
+
result: true,
|
|
141
|
+
message: 'succeed',
|
|
142
|
+
scoped: apiutil.isSafeString(_tenant),
|
|
143
|
+
token: token
|
|
144
|
+
};
|
|
168
145
|
_res.status(201); // 201: Created
|
|
169
146
|
_res.send(JSON.stringify(result));
|
|
170
147
|
});
|
|
@@ -188,13 +165,11 @@ function rawGetUnscopedUserToken(req)
|
|
|
188
165
|
!apiutil.isSafeString(resobj.token_info.user) ||
|
|
189
166
|
false !== resobj.token_info.scoped )
|
|
190
167
|
{
|
|
191
|
-
/* eslint-disable indent, no-mixed-spaces-and-tabs */
|
|
192
168
|
return {
|
|
193
169
|
result: false,
|
|
194
170
|
status: 400, // 400: Bad Request
|
|
195
171
|
message: 'could not get unscoped user token in request.'
|
|
196
172
|
};
|
|
197
|
-
/* eslint-enable indent, no-mixed-spaces-and-tabs */
|
|
198
173
|
}
|
|
199
174
|
|
|
200
175
|
return {
|
|
@@ -223,13 +198,10 @@ router.post('/', function(req, res, next) // eslint-disable-line no-unused-
|
|
|
223
198
|
if( !apiutil.isSafeEntity(req) ||
|
|
224
199
|
!apiutil.isSafeEntity(req.body) )
|
|
225
200
|
{
|
|
226
|
-
/* eslint-disable indent, no-mixed-spaces-and-tabs */
|
|
227
201
|
error = {
|
|
228
|
-
|
|
229
|
-
|
|
230
|
-
|
|
231
|
-
/* eslint-enable indent, no-mixed-spaces-and-tabs */
|
|
232
|
-
|
|
202
|
+
result: false,
|
|
203
|
+
message: 'POST body does not have auth key'
|
|
204
|
+
};
|
|
233
205
|
r3logger.elog(error.message);
|
|
234
206
|
resutil.errResponse(req, res, 400, error); // 400: Bad Request
|
|
235
207
|
return;
|
|
@@ -260,13 +232,10 @@ router.post('/', function(req, res, next) // eslint-disable-line no-unused-
|
|
|
260
232
|
// (1) case of unscoped token registered in k2hr3
|
|
261
233
|
//
|
|
262
234
|
if(!apiutil.isSafeEntity(req.body.auth) || !apiutil.isSafeString(req.body.auth.tenantName)){
|
|
263
|
-
/* eslint-disable indent, no-mixed-spaces-and-tabs */
|
|
264
235
|
error = {
|
|
265
|
-
|
|
266
|
-
|
|
267
|
-
|
|
268
|
-
/* eslint-enable indent, no-mixed-spaces-and-tabs */
|
|
269
|
-
|
|
236
|
+
result: false,
|
|
237
|
+
message: 'POST body does not have tenant name(or user credentials)'
|
|
238
|
+
};
|
|
270
239
|
r3logger.elog(error.message);
|
|
271
240
|
resutil.errResponse(req, res, 400, error); // 400: Bad Request
|
|
272
241
|
return;
|
|
@@ -280,13 +249,10 @@ router.post('/', function(req, res, next) // eslint-disable-line no-unused-
|
|
|
280
249
|
//
|
|
281
250
|
otherToken = r3token.getAuthTokenHeader(req, false);
|
|
282
251
|
if(!apiutil.isSafeString(otherToken)){
|
|
283
|
-
/* eslint-disable indent, no-mixed-spaces-and-tabs */
|
|
284
252
|
error = {
|
|
285
|
-
|
|
286
|
-
|
|
287
|
-
|
|
288
|
-
/* eslint-enable indent, no-mixed-spaces-and-tabs */
|
|
289
|
-
|
|
253
|
+
result: false,
|
|
254
|
+
message: resobj.message
|
|
255
|
+
};
|
|
290
256
|
r3logger.elog(resobj.message);
|
|
291
257
|
resutil.errResponse(req, res, resobj.status, error); // 40X
|
|
292
258
|
return;
|
|
@@ -320,13 +286,10 @@ router.put('/', function(req, res, next) // eslint-disable-line no-unused-v
|
|
|
320
286
|
if( !apiutil.isSafeEntity(req) ||
|
|
321
287
|
!apiutil.isSafeEntity(req.query) )
|
|
322
288
|
{
|
|
323
|
-
/* eslint-disable indent, no-mixed-spaces-and-tabs */
|
|
324
289
|
error = {
|
|
325
|
-
|
|
326
|
-
|
|
327
|
-
|
|
328
|
-
/* eslint-enable indent, no-mixed-spaces-and-tabs */
|
|
329
|
-
|
|
290
|
+
result: false,
|
|
291
|
+
message: 'PUT argument does not have any data'
|
|
292
|
+
};
|
|
330
293
|
r3logger.elog(error.message);
|
|
331
294
|
resutil.errResponse(req, res, 400, error); // 400: Bad Request
|
|
332
295
|
return;
|
|
@@ -357,13 +320,10 @@ router.put('/', function(req, res, next) // eslint-disable-line no-unused-v
|
|
|
357
320
|
// (1) case of unscoped token registered in k2hr3
|
|
358
321
|
//
|
|
359
322
|
if(!apiutil.isSafeString(req.query.tenantname)){
|
|
360
|
-
/* eslint-disable indent, no-mixed-spaces-and-tabs */
|
|
361
323
|
error = {
|
|
362
|
-
|
|
363
|
-
|
|
364
|
-
|
|
365
|
-
/* eslint-enable indent, no-mixed-spaces-and-tabs */
|
|
366
|
-
|
|
324
|
+
result: false,
|
|
325
|
+
message: 'POST body does not have tenant name(or user credentials)'
|
|
326
|
+
};
|
|
367
327
|
r3logger.elog(error.message);
|
|
368
328
|
resutil.errResponse(req, res, 400, error); // 400: Bad Request
|
|
369
329
|
return;
|
|
@@ -378,13 +338,10 @@ router.put('/', function(req, res, next) // eslint-disable-line no-unused-v
|
|
|
378
338
|
//
|
|
379
339
|
otherToken = r3token.getAuthTokenHeader(req, false);
|
|
380
340
|
if(!apiutil.isSafeString(otherToken)){
|
|
381
|
-
/* eslint-disable indent, no-mixed-spaces-and-tabs */
|
|
382
341
|
error = {
|
|
383
|
-
|
|
384
|
-
|
|
385
|
-
|
|
386
|
-
/* eslint-enable indent, no-mixed-spaces-and-tabs */
|
|
387
|
-
|
|
342
|
+
result: false,
|
|
343
|
+
message: resobj.message
|
|
344
|
+
};
|
|
388
345
|
r3logger.elog(resobj.message);
|
|
389
346
|
resutil.errResponse(req, res, resobj.status, error); // 40X
|
|
390
347
|
return;
|
|
@@ -411,8 +368,10 @@ router.put('/', function(req, res, next) // eslint-disable-line no-unused-v
|
|
|
411
368
|
// user => user name
|
|
412
369
|
// tenants => [
|
|
413
370
|
// {
|
|
414
|
-
// name:
|
|
415
|
-
// display:
|
|
371
|
+
// name: "tenant name"
|
|
372
|
+
// display: "display name"
|
|
373
|
+
// id: "tenant id"
|
|
374
|
+
// description: "tenant description"
|
|
416
375
|
// },
|
|
417
376
|
// ...
|
|
418
377
|
// ]
|
|
@@ -453,21 +412,20 @@ router.get('/', function(req, res, next) // eslint-disable-line no-unused-v
|
|
|
453
412
|
// build response body
|
|
454
413
|
if(token_info.scoped){
|
|
455
414
|
// scoped token
|
|
456
|
-
/* eslint-disable indent, no-mixed-spaces-and-tabs */
|
|
457
415
|
result = {
|
|
458
|
-
|
|
459
|
-
|
|
460
|
-
|
|
461
|
-
|
|
462
|
-
|
|
463
|
-
|
|
464
|
-
|
|
465
|
-
|
|
466
|
-
|
|
467
|
-
|
|
468
|
-
|
|
469
|
-
|
|
470
|
-
|
|
416
|
+
result: true,
|
|
417
|
+
message: 'succeed',
|
|
418
|
+
scoped: true,
|
|
419
|
+
user: token_info.user,
|
|
420
|
+
tenants: [
|
|
421
|
+
{
|
|
422
|
+
name: token_info.tenant,
|
|
423
|
+
display: token_info.display,
|
|
424
|
+
id: token_info.id,
|
|
425
|
+
description: token_info.description
|
|
426
|
+
}
|
|
427
|
+
]
|
|
428
|
+
};
|
|
471
429
|
_res.status(200); // 200: OK
|
|
472
430
|
_res.send(JSON.stringify(result));
|
|
473
431
|
|
|
@@ -476,13 +434,10 @@ router.get('/', function(req, res, next) // eslint-disable-line no-unused-v
|
|
|
476
434
|
r3token.initializeTenantList(token_result.token, token_info.user, function(error, tenant_list)
|
|
477
435
|
{
|
|
478
436
|
if(null !== error){
|
|
479
|
-
/* eslint-disable indent, no-mixed-spaces-and-tabs */
|
|
480
437
|
var result = {
|
|
481
|
-
|
|
482
|
-
|
|
483
|
-
|
|
484
|
-
/* eslint-enable indent, no-mixed-spaces-and-tabs */
|
|
485
|
-
|
|
438
|
+
result: false,
|
|
439
|
+
message: 'failed to get tenant list for user (' + token_info.user + ') by unscoped token(' + token_result.token + ')'
|
|
440
|
+
};
|
|
486
441
|
r3logger.elog(result.message);
|
|
487
442
|
resutil.errResponse(_req, _res, 404, result); // 404: Not Found
|
|
488
443
|
return;
|
|
@@ -491,26 +446,22 @@ router.get('/', function(req, res, next) // eslint-disable-line no-unused-v
|
|
|
491
446
|
// reget tenant list
|
|
492
447
|
tenant_list = r3token.getTenantList(token_info.user);
|
|
493
448
|
if(null === tenant_list || apiutil.isEmptyArray(tenant_list)){
|
|
494
|
-
/* eslint-disable indent, no-mixed-spaces-and-tabs */
|
|
495
449
|
result = {
|
|
496
|
-
|
|
497
|
-
|
|
498
|
-
|
|
499
|
-
/* eslint-enable indent, no-mixed-spaces-and-tabs */
|
|
500
|
-
|
|
450
|
+
result: false,
|
|
451
|
+
message: 'token(' + token_result.token + ') for user (' + token_info.user + ') does not have any tenant.'
|
|
452
|
+
};
|
|
501
453
|
r3logger.elog(result.message);
|
|
502
454
|
resutil.errResponse(_req, _res, 404, result); // 404: Not Found
|
|
503
455
|
return;
|
|
504
456
|
}
|
|
505
457
|
|
|
506
|
-
|
|
507
|
-
|
|
508
|
-
|
|
509
|
-
|
|
510
|
-
|
|
511
|
-
|
|
512
|
-
|
|
513
|
-
|
|
458
|
+
result = {
|
|
459
|
+
result: true,
|
|
460
|
+
message: 'succeed',
|
|
461
|
+
scoped: false,
|
|
462
|
+
user: token_info.user,
|
|
463
|
+
tenants: tenant_list
|
|
464
|
+
};
|
|
514
465
|
_res.status(200); // 200: OK
|
|
515
466
|
_res.send(JSON.stringify(result));
|
|
516
467
|
});
|
package/tests/auto_usertokens.js
CHANGED
|
@@ -431,11 +431,11 @@ describe('API : USER TOKEN', function(){ // eslint-disable-line no-undef
|
|
|
431
431
|
expect(res.body.scoped).to.be.a('boolean').to.be.false;
|
|
432
432
|
expect(res.body.user).to.be.a('string').to.equal('dummyuser');
|
|
433
433
|
expect(res.body.tenants).to.be.an.instanceof(Array).to.have.lengthOf(5);
|
|
434
|
-
expect(res.body.tenants[0]).to.deep.equal({name: 'tenant0', display: 'dummy_tenant_0'});
|
|
435
|
-
expect(res.body.tenants[1]).to.deep.equal({name: 'tenant1', display: 'dummy_tenant_1'});
|
|
436
|
-
expect(res.body.tenants[2]).to.deep.equal({name: 'tenant2', display: 'dummy_tenant_2'});
|
|
437
|
-
expect(res.body.tenants[3]).to.deep.equal({name: 'tenant3', display: 'dummy_tenant_3'});
|
|
438
|
-
expect(res.body.tenants[4]).to.deep.equal({name: 'tenant4', display: 'dummy_tenant_4'});
|
|
434
|
+
expect(res.body.tenants[0]).to.deep.equal({name: 'tenant0', id: '1000', description: 'dummy tenant no.0', display: 'dummy_tenant_0'});
|
|
435
|
+
expect(res.body.tenants[1]).to.deep.equal({name: 'tenant1', id: '1001', description: 'dummy tenant no.1', display: 'dummy_tenant_1'});
|
|
436
|
+
expect(res.body.tenants[2]).to.deep.equal({name: 'tenant2', id: '1002', description: 'dummy tenant no.2', display: 'dummy_tenant_2'});
|
|
437
|
+
expect(res.body.tenants[3]).to.deep.equal({name: 'tenant3', id: '1003', description: 'dummy tenant no.3', display: 'dummy_tenant_3'});
|
|
438
|
+
expect(res.body.tenants[4]).to.deep.equal({name: 'tenant4', id: '1004', description: 'dummy tenant no.4', display: 'dummy_tenant_4'});
|
|
439
439
|
|
|
440
440
|
done();
|
|
441
441
|
});
|
|
@@ -455,7 +455,7 @@ describe('API : USER TOKEN', function(){ // eslint-disable-line no-undef
|
|
|
455
455
|
expect(res.body.scoped).to.be.a('boolean').to.be.true;
|
|
456
456
|
expect(res.body.user).to.be.a('string').to.equal('dummyuser');
|
|
457
457
|
expect(res.body.tenants).to.be.an.instanceof(Array).to.have.lengthOf(1);
|
|
458
|
-
expect(res.body.tenants[0]).to.deep.equal({name: 'tenant0', display: '
|
|
458
|
+
expect(res.body.tenants[0]).to.deep.equal({name: 'tenant0', id: '1000', description: 'dummy tenant no.0', display: 'dummy_tenant_0'});
|
|
459
459
|
|
|
460
460
|
done();
|
|
461
461
|
});
|