Merge pull request #19 from andy89923/fix/oauth

ianchen0119 · web-flow · commit f1900adeee20 · 2024-02-07T15:24:25.000+08:00
Fix: use models in serviceName
diff --git a/internal/context/context.go b/internal/context/context.go
@@ -44,7 +44,7 @@ func Init() {
 }
 
 type NFContext interface {
-	AuthorizationCheck(token, serviceName string) error
+	AuthorizationCheck(token string, serviceName models.ServiceName) error
 }
 
 var _ NFContext = &NSSFContext{}
@@ -136,22 +136,22 @@ func GetSelf() *NSSFContext {
 	return &nssfContext
 }
 
-func (c *NSSFContext) GetTokenCtx(scope string, targetNF models.NfType) (
+func (c *NSSFContext) GetTokenCtx(serviceName models.ServiceName, targetNF models.NfType) (
 	context.Context, *models.ProblemDetails, error,
 ) {
 	if !c.OAuth2Required {
 		return context.TODO(), nil, nil
 	}
 	return oauth.GetTokenCtx(models.NfType_NSSF, targetNF,
-		c.NfId, c.NrfUri, scope)
+		c.NfId, c.NrfUri, string(serviceName))
 }
 
-func (c *NSSFContext) AuthorizationCheck(token, serviceName string) error {
+func (c *NSSFContext) AuthorizationCheck(token string, serviceName models.ServiceName) error {
 	if !c.OAuth2Required {
 		logger.UtilLog.Debugf("NSSFContext::AuthorizationCheck: OAuth2 not required\n")
 		return nil
 	}
 
 	logger.UtilLog.Debugf("NSSFContext::AuthorizationCheck: token[%s] serviceName[%s]\n", token, serviceName)
-	return oauth.VerifyOAuth(token, serviceName, c.NrfCertPem)
+	return oauth.VerifyOAuth(token, string(serviceName), c.NrfCertPem)
 }
diff --git a/internal/sbi/consumer/nf_management.go b/internal/sbi/consumer/nf_management.go
@@ -93,7 +93,7 @@ func SendDeregisterNFInstance() (*models.ProblemDetails, error) {
 
 	var err error
 
-	ctx, pd, err := nssf_context.GetSelf().GetTokenCtx("nnrf-nfm", models.NfType_NRF)
+	ctx, pd, err := nssf_context.GetSelf().GetTokenCtx(models.ServiceName_NNRF_NFM, models.NfType_NRF)
 	if err != nil {
 		return pd, err
 	}
diff --git a/internal/sbi/nssaiavailability/routers.go b/internal/sbi/nssaiavailability/routers.go
@@ -23,8 +23,6 @@ import (
 	logger_util "github.com/free5gc/util/logger"
 )
 
-const serviceName string = string(models.ServiceName_NNSSF_NSSAIAVAILABILITY)
-
 // Route is the information for every URI.
 type Route struct {
 	// Name is the name of this Route.
@@ -50,7 +48,7 @@ func NewRouter() *gin.Engine {
 func AddService(engine *gin.Engine) *gin.RouterGroup {
 	group := engine.Group(factory.NssfNssaiavailResUriPrefix)
 
-	routerAuthorizationCheck := util.NewRouterAuthorizationCheck(serviceName)
+	routerAuthorizationCheck := util.NewRouterAuthorizationCheck(models.ServiceName_NNSSF_NSSAIAVAILABILITY)
 	group.Use(func(c *gin.Context) {
 		routerAuthorizationCheck.Check(c, nssf_context.GetSelf())
 	})
diff --git a/internal/sbi/nsselection/routers.go b/internal/sbi/nsselection/routers.go
@@ -23,8 +23,6 @@ import (
 	logger_util "github.com/free5gc/util/logger"
 )
 
-const serviceName string = string(models.ServiceName_NNSSF_NSSELECTION)
-
 // Route is the information for every URI.
 type Route struct {
 	// Name is the name of this Route.
@@ -50,7 +48,7 @@ func NewRouter() *gin.Engine {
 func AddService(engine *gin.Engine) *gin.RouterGroup {
 	group := engine.Group(factory.NssfNsselectResUriPrefix)
 
-	routerAuthorizationCheck := util.NewRouterAuthorizationCheck(serviceName)
+	routerAuthorizationCheck := util.NewRouterAuthorizationCheck(models.ServiceName_NNSSF_NSSELECTION)
 	group.Use(func(c *gin.Context) {
 		routerAuthorizationCheck.Check(c, nssf_context.GetSelf())
 	})
diff --git a/internal/util/router_auth_check.go b/internal/util/router_auth_check.go
@@ -7,13 +7,14 @@ import (
 
 	nssf_context "github.com/free5gc/nssf/internal/context"
 	"github.com/free5gc/nssf/internal/logger"
+	"github.com/free5gc/openapi/models"
 )
 
 type RouterAuthorizationCheck struct {
-	serviceName string
+	serviceName models.ServiceName
 }
 
-func NewRouterAuthorizationCheck(serviceName string) *RouterAuthorizationCheck {
+func NewRouterAuthorizationCheck(serviceName models.ServiceName) *RouterAuthorizationCheck {
 	return &RouterAuthorizationCheck{
 		serviceName: serviceName,
 	}
diff --git a/internal/util/router_auth_check_test.go b/internal/util/router_auth_check_test.go
@@ -7,6 +7,8 @@ import (
 
 	"github.com/gin-gonic/gin"
 	"github.com/pkg/errors"
+
+	"github.com/free5gc/openapi/models"
 )
 
 const (
@@ -20,7 +22,7 @@ func newMockNSSFContext() *mockNSSFContext {
 	return &mockNSSFContext{}
 }
 
-func (m *mockNSSFContext) AuthorizationCheck(token string, serviceName string) error {
+func (m *mockNSSFContext) AuthorizationCheck(token string, serviceName models.ServiceName) error {
 	if token == Valid {
 		return nil
 	}
@@ -81,7 +83,9 @@ func TestRouterAuthorizationCheck_Check(t *testing.T) {
 			}
 			c.Request.Header.Set("Authorization", tt.args.token)
 
-			rac := NewRouterAuthorizationCheck("testService")
+			var testService models.ServiceName = "testService"
+
+			rac := NewRouterAuthorizationCheck(testService)
 			rac.Check(c, newMockNSSFContext())
 			if w.Code != tt.want.statusCode {
 				t.Errorf("StatusCode should be %d, but got %d", tt.want.statusCode, w.Code)

Original file line number	Diff line number	Diff line change
`@@ -44,7 +44,7 @@ func Init() {`
`44`	`44`	`}`
`45`	`45`
`46`	`46`	`type NFContext interface {`
`47`		`- AuthorizationCheck(token, serviceName string) error`
	`47`	`+ AuthorizationCheck(token string, serviceName models.ServiceName) error`
`48`	`48`	`}`
`49`	`49`
`50`	`50`	`var _ NFContext = &NSSFContext{}`
`@@ -136,22 +136,22 @@ func GetSelf() *NSSFContext {`
`136`	`136`	`return &nssfContext`
`137`	`137`	`}`
`138`	`138`
`139`		`-func (c *NSSFContext) GetTokenCtx(scope string, targetNF models.NfType) (`
	`139`	`+func (c *NSSFContext) GetTokenCtx(serviceName models.ServiceName, targetNF models.NfType) (`
`140`	`140`	`context.Context, *models.ProblemDetails, error,`
`141`	`141`	`) {`
`142`	`142`	`if !c.OAuth2Required {`
`143`	`143`	`return context.TODO(), nil, nil`
`144`	`144`	`}`
`145`	`145`	`return oauth.GetTokenCtx(models.NfType_NSSF, targetNF,`
`146`		`- c.NfId, c.NrfUri, scope)`
	`146`	`+ c.NfId, c.NrfUri, string(serviceName))`
`147`	`147`	`}`
`148`	`148`
`149`		`-func (c *NSSFContext) AuthorizationCheck(token, serviceName string) error {`
	`149`	`+func (c *NSSFContext) AuthorizationCheck(token string, serviceName models.ServiceName) error {`
`150`	`150`	`if !c.OAuth2Required {`
`151`	`151`	`logger.UtilLog.Debugf("NSSFContext::AuthorizationCheck: OAuth2 not required\n")`
`152`	`152`	`return nil`
`153`	`153`	`}`
`154`	`154`
`155`	`155`	`logger.UtilLog.Debugf("NSSFContext::AuthorizationCheck: token[%s] serviceName[%s]\n", token, serviceName)`
`156`		`- return oauth.VerifyOAuth(token, serviceName, c.NrfCertPem)`
	`156`	`+ return oauth.VerifyOAuth(token, string(serviceName), c.NrfCertPem)`
`157`	`157`	`}`
Original file line number	Diff line number	Diff line change
`@@ -93,7 +93,7 @@ func SendDeregisterNFInstance() (*models.ProblemDetails, error) {`
`93`	`93`
`94`	`94`	`var err error`
`95`	`95`
`96`		`- ctx, pd, err := nssf_context.GetSelf().GetTokenCtx("nnrf-nfm", models.NfType_NRF)`
	`96`	`+ ctx, pd, err := nssf_context.GetSelf().GetTokenCtx(models.ServiceName_NNRF_NFM, models.NfType_NRF)`
`97`	`97`	`if err != nil {`
`98`	`98`	`return pd, err`
`99`	`99`	`}`
Original file line number	Diff line number	Diff line change
`@@ -7,13 +7,14 @@ import (`
`7`	`7`
`8`	`8`	`nssf_context "github.com/free5gc/nssf/internal/context"`
`9`	`9`	`"github.com/free5gc/nssf/internal/logger"`
	`10`	`+ "github.com/free5gc/openapi/models"`
`10`	`11`	`)`
`11`	`12`
`12`	`13`	`type RouterAuthorizationCheck struct {`
`13`		`- serviceName string`
	`14`	`+ serviceName models.ServiceName`
`14`	`15`	`}`
`15`	`16`
`16`		`-func NewRouterAuthorizationCheck(serviceName string) *RouterAuthorizationCheck {`
	`17`	`+func NewRouterAuthorizationCheck(serviceName models.ServiceName) *RouterAuthorizationCheck {`
`17`	`18`	`return &RouterAuthorizationCheck{`
`18`	`19`	`serviceName: serviceName,`
`19`	`20`	`}`
Original file line number	Diff line number	Diff line change
`@@ -7,6 +7,8 @@ import (`
`7`	`7`
`8`	`8`	`"github.com/gin-gonic/gin"`
`9`	`9`	`"github.com/pkg/errors"`
	`10`	`+`
	`11`	`+ "github.com/free5gc/openapi/models"`
`10`	`12`	`)`
`11`	`13`
`12`	`14`	`const (`
`@@ -20,7 +22,7 @@ func newMockNSSFContext() *mockNSSFContext {`
`20`	`22`	`return &mockNSSFContext{}`
`21`	`23`	`}`
`22`	`24`
`23`		`-func (m *mockNSSFContext) AuthorizationCheck(token string, serviceName string) error {`
	`25`	`+func (m *mockNSSFContext) AuthorizationCheck(token string, serviceName models.ServiceName) error {`
`24`	`26`	`if token == Valid {`
`25`	`27`	`return nil`
`26`	`28`	`}`
`@@ -81,7 +83,9 @@ func TestRouterAuthorizationCheck_Check(t *testing.T) {`
`81`	`83`	`}`
`82`	`84`	`c.Request.Header.Set("Authorization", tt.args.token)`
`83`	`85`
`84`		`- rac := NewRouterAuthorizationCheck("testService")`
	`86`	`+ var testService models.ServiceName = "testService"`
	`87`	`+`
	`88`	`+ rac := NewRouterAuthorizationCheck(testService)`
`85`	`89`	`rac.Check(c, newMockNSSFContext())`
`86`	`90`	`if w.Code != tt.want.statusCode {`
`87`	`91`	`t.Errorf("StatusCode should be %d, but got %d", tt.want.statusCode, w.Code)`