wip: done with tests

Signed-off-by: Alex Snaps <[email protected]>
Kuadrant · Sep 4, 2024 · d8db1ec · d8db1ec
1 parent 6ff3e3c
commit d8db1ec
Show file tree

Hide file tree

Showing 2 changed files with 52 additions and 60 deletions.
diff --git a/controllers/auth_config_controller_test.go b/controllers/auth_config_controller_test.go
@@ -6,7 +6,6 @@ import (
 	"os"
 	"testing"
 
-	old "github.com/kuadrant/authorino/api/v1beta1"
 	api "github.com/kuadrant/authorino/api/v1beta2"
 	"github.com/kuadrant/authorino/pkg/evaluators"
 	"github.com/kuadrant/authorino/pkg/httptest"
@@ -41,64 +40,66 @@ func TestMain(m *testing.M) {
 }
 
 func newTestAuthConfig(authConfigLabels map[string]string) api.AuthConfig {
-	spec := old.AuthConfigSpec{
+	spec := api.AuthConfigSpec{
 		Hosts: []string{"echo-api"},
-		Identity: []*old.Identity{
-			{
-				Name: "keycloak",
-				Oidc: &old.Identity_OidcConfig{
-					Endpoint: "http://127.0.0.1:9001/auth/realms/demo",
+		Authentication: map[string]api.AuthenticationSpec{
+			"keycloak": {
+				AuthenticationMethodSpec: api.AuthenticationMethodSpec{
+					Jwt: &api.JwtAuthenticationSpec{
+						IssuerUrl: "http://127.0.0.1:9001/auth/realms/demo",
+					},
 				},
-				ExtendedProperties: []old.ExtendedProperty{
-					{
-						JsonProperty: old.JsonProperty{
-							Name:  "source",
-							Value: runtime.RawExtension{Raw: []byte(`"test"`)},
-						},
+				Defaults: map[string]api.ValueOrSelector{
+					"source": {
+						Value: runtime.RawExtension{Raw: []byte(`"test"`)},
 					},
 				},
 			},
 		},
-		Metadata: []*old.Metadata{
-			{
-				Name: "userinfo",
-				UserInfo: &old.Metadata_UserInfo{
-					IdentitySource: "keycloak",
+		Metadata: map[string]api.MetadataSpec{
+			"userinfo": {
+				MetadataMethodSpec: api.MetadataMethodSpec{
+					UserInfo: &api.UserInfoMetadataSpec{
+						IdentitySource: "keycloak",
+					},
 				},
 			},
-			{
-				Name: "resource-data",
-				UMA: &old.Metadata_UMA{
-					Endpoint: "http://127.0.0.1:9001/auth/realms/demo",
-					Credentials: &v1.LocalObjectReference{
-						Name: "secret",
+			"resource-data": {
+				MetadataMethodSpec: api.MetadataMethodSpec{
+					Uma: &api.UmaMetadataSpec{
+						Endpoint: "http://127.0.0.1:9001/auth/realms/demo",
+						Credentials: &v1.LocalObjectReference{
+							Name: "secret",
+						},
 					},
 				},
 			},
 		},
-		Authorization: []*old.Authorization{
-			{
-				Name: "main-policy",
-				OPA: &old.Authorization_OPA{
-					InlineRego: `
+		Authorization: map[string]api.AuthorizationSpec{
+			"main-policy": {
+				AuthorizationMethodSpec: api.AuthorizationMethodSpec{
+					Opa: &api.OpaAuthorizationSpec{
+						Rego: `
 			method = object.get(input.context.request.http, "method", "")
 			path = object.get(input.context.request.http, "path", "")
 
 			allow {
               method == "GET"
               path = "/allow"
           }`,
+					},
 				},
 			},
-			{
-				Name: "some-extra-rules",
-				JSON: &old.Authorization_JSONPatternMatching{
-					Rules: []old.JSONPattern{
-						{
-							JSONPatternExpression: old.JSONPatternExpression{
-								Selector: "context.identity.role",
-								Operator: "eq",
-								Value:    "admin",
+			"some-extra-rules": {
+				AuthorizationMethodSpec: api.AuthorizationMethodSpec{
+					PatternMatching: &api.PatternMatchingAuthorizationSpec{
+						Patterns: []api.PatternExpressionOrRef{
+							{
+								PatternExpression: api.PatternExpression{
+									Selector: "context.identity.role",
+									Operator: "eq",
+									Value:    "admin",
+								},
 							},
 						},
 					},
@@ -109,23 +110,14 @@ func newTestAuthConfig(authConfigLabels map[string]string) api.AuthConfig {
 	return api.AuthConfig{
 		TypeMeta: metav1.TypeMeta{
 			Kind:       "AuthConfig",
-			APIVersion: "authorino.kuadrant.io/v1beta1",
+			APIVersion: "authorino.kuadrant.io/v1beta2",
 		},
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      "auth-config-1",
 			Namespace: "authorino",
 			Labels:    authConfigLabels,
 		},
-		Spec: api.AuthConfigSpec{
-			Hosts:          []string{"echo-api"},
-			NamedPatterns:  nil,
-			Conditions:     nil,
-			Authentication: nil,
-			Metadata:       nil,
-			Authorization:  nil,
-			Response:       nil,
-			Callbacks:      nil,
-		},
+		Spec: spec,
 	}
 }
 

diff --git a/controllers/auth_config_status_updater.go b/controllers/auth_config_status_updater.go
@@ -6,7 +6,7 @@ import (
 	"sort"
 	"strings"
 
-	api "github.com/kuadrant/authorino/api/v1beta1"
+	api "github.com/kuadrant/authorino/api/v1beta2"
 	"github.com/kuadrant/authorino/pkg/log"
 	"github.com/kuadrant/authorino/pkg/utils"
 
@@ -105,11 +105,11 @@ func (u *AuthConfigStatusUpdater) SetupWithManager(mgr ctrl.Manager) error {
 		Complete(u)
 }
 
-func updateStatusConditions(currentConditions []api.Condition, newCondition api.Condition) ([]api.Condition, bool) {
+func updateStatusConditions(currentConditions []api.AuthConfigStatusCondition, newCondition api.AuthConfigStatusCondition) ([]api.AuthConfigStatusCondition, bool) {
 	newCondition.LastTransitionTime = metav1.Now()
 
 	if currentConditions == nil {
-		return []api.Condition{newCondition}, true
+		return []api.AuthConfigStatusCondition{newCondition}, true
 	}
 
 	for i, condition := range currentConditions {
@@ -122,7 +122,7 @@ func updateStatusConditions(currentConditions []api.Condition, newCondition api.
 				newCondition.LastTransitionTime = condition.LastTransitionTime
 			}
 
-			res := make([]api.Condition, len(currentConditions))
+			res := make([]api.AuthConfigStatusCondition, len(currentConditions))
 			copy(res, currentConditions)
 			res[i] = newCondition
 			return res, true
@@ -143,7 +143,7 @@ func updateStatusAvailable(authConfig *api.AuthConfig, available bool) (changed
 		message = ""
 	}
 
-	authConfig.Status.Conditions, changed = updateStatusConditions(authConfig.Status.Conditions, api.Condition{
+	authConfig.Status.Conditions, changed = updateStatusConditions(authConfig.Status.Conditions, api.AuthConfigStatusCondition{
 		Type:    api.StatusConditionAvailable,
 		Status:  status,
 		Reason:  reason,
@@ -164,7 +164,7 @@ func updateStatusReady(authConfig *api.AuthConfig, ready bool, reason, message s
 		reason = api.StatusReasonUnknown
 	}
 
-	authConfig.Status.Conditions, changed = updateStatusConditions(authConfig.Status.Conditions, api.Condition{
+	authConfig.Status.Conditions, changed = updateStatusConditions(authConfig.Status.Conditions, api.AuthConfigStatusCondition{
 		Type:    api.StatusConditionReady,
 		Status:  status,
 		Reason:  reason,
@@ -181,14 +181,14 @@ func updateStatusSummary(authConfig *api.AuthConfig, newLinkedHosts []string) (c
 		newLinkedHosts = []string{}
 	}
 
-	new := api.Summary{
+	new := api.AuthConfigStatusSummary{
 		Ready:                    authConfig.Status.Ready(),
 		HostsReady:               newLinkedHosts,
 		NumHostsReady:            fmt.Sprintf("%d/%d", len(newLinkedHosts), len(authConfig.Spec.Hosts)),
-		NumIdentitySources:       int64(len(authConfig.Spec.Identity)),
+		NumIdentitySources:       int64(len(authConfig.Spec.Authentication)),
 		NumMetadataSources:       int64(len(authConfig.Spec.Metadata)),
 		NumAuthorizationPolicies: int64(len(authConfig.Spec.Authorization)),
-		NumResponseItems:         int64(len(authConfig.Spec.Response)),
+		NumResponseItems:         int64(len(authConfig.Spec.Response.Success.DynamicMetadata) + len(authConfig.Spec.Response.Success.Headers)),
 		FestivalWristbandEnabled: issuingWristbands(authConfig),
 	}
 
@@ -213,8 +213,8 @@ func updateStatusSummary(authConfig *api.AuthConfig, newLinkedHosts []string) (c
 }
 
 func issuingWristbands(authConfig *api.AuthConfig) bool {
-	for _, responseConfig := range authConfig.Spec.Response {
-		if responseConfig.GetType() == api.ResponseWristband {
+	for _, responseConfig := range authConfig.Spec.Response.Success.DynamicMetadata {
+		if responseConfig.GetMethod() == api.WristbandAuthResponse {
 			return true
 		}
 	}