mirror of
https://github.com/team-alembic/ash_authentication.git
synced 2024-09-20 05:13:10 +12:00
chore: final fixes for installer
This commit is contained in:
parent
f390cdfa05
commit
6e7ce4c27d
4 changed files with 36 additions and 31 deletions
|
@ -334,12 +334,34 @@ defmodule AshAuthentication.TokenResource.Transformer do
|
||||||
end
|
end
|
||||||
|
|
||||||
defp validate_is_revoked_action(dsl_state, action_name) do
|
defp validate_is_revoked_action(dsl_state, action_name) do
|
||||||
with {:ok, action} <- validate_action_exists(dsl_state, action_name),
|
case validate_action_exists(dsl_state, action_name) do
|
||||||
:ok <-
|
{:ok, %{type: :read} = action} ->
|
||||||
validate_action_argument_option(action, :token, :type, [Ash.Type.String, :string]),
|
with :ok <-
|
||||||
:ok <- validate_action_argument_option(action, :jti, :type, [Ash.Type.String, :string]),
|
validate_action_argument_option(action, :token, :type, [Ash.Type.String, :string]),
|
||||||
:ok <- validate_action_has_preparation(action, TokenResource.IsRevokedPreparation) do
|
:ok <-
|
||||||
validate_field_in_values(action, :type, [:read])
|
validate_action_argument_option(action, :jti, :type, [Ash.Type.String, :string]),
|
||||||
|
:ok <- validate_action_has_preparation(action, TokenResource.IsRevokedPreparation) do
|
||||||
|
:ok
|
||||||
|
end
|
||||||
|
|
||||||
|
{:ok, %{type: :action} = action} ->
|
||||||
|
with :ok <-
|
||||||
|
validate_action_argument_option(action, :token, :type, [Ash.Type.String, :string]),
|
||||||
|
:ok <-
|
||||||
|
validate_action_argument_option(action, :jti, :type, [Ash.Type.String, :string]) do
|
||||||
|
:ok
|
||||||
|
end
|
||||||
|
|
||||||
|
{:ok, _} ->
|
||||||
|
{:error,
|
||||||
|
Spark.Error.DslError.exception(
|
||||||
|
module: Spark.Dsl.Transformer.get_persisted(dsl_state, :module),
|
||||||
|
path: [:actions, :is_revoked],
|
||||||
|
message: "The action `:is_revoked` must be a read action or a generic action"
|
||||||
|
)}
|
||||||
|
|
||||||
|
_ ->
|
||||||
|
:ok
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -32,7 +32,6 @@ defmodule AshAuthentication.Transformer do
|
||||||
:ok | {:ok, map} | {:error, term} | {:warn, map, String.t() | [String.t()]} | :halt
|
:ok | {:ok, map} | {:error, term} | {:warn, map, String.t() | [String.t()]} | :halt
|
||||||
def transform(dsl_state) do
|
def transform(dsl_state) do
|
||||||
with {:ok, dsl_state} <- maybe_set_domain(dsl_state, :authentication),
|
with {:ok, dsl_state} <- maybe_set_domain(dsl_state, :authentication),
|
||||||
:ok <- validate_at_least_one_strategy(dsl_state),
|
|
||||||
:ok <- validate_unique_strategy_names(dsl_state),
|
:ok <- validate_unique_strategy_names(dsl_state),
|
||||||
:ok <- validate_unique_add_on_names(dsl_state),
|
:ok <- validate_unique_add_on_names(dsl_state),
|
||||||
{:ok, dsl_state} <- maybe_transform_token_lifetime(dsl_state),
|
{:ok, dsl_state} <- maybe_transform_token_lifetime(dsl_state),
|
||||||
|
@ -119,22 +118,6 @@ defmodule AshAuthentication.Transformer do
|
||||||
defp ensure_current_user_atom_exists(subject_name),
|
defp ensure_current_user_atom_exists(subject_name),
|
||||||
do: String.to_atom("current_#{subject_name}")
|
do: String.to_atom("current_#{subject_name}")
|
||||||
|
|
||||||
defp validate_at_least_one_strategy(dsl_state) do
|
|
||||||
ok? =
|
|
||||||
dsl_state
|
|
||||||
|> Transformer.get_entities([:authentication, :strategies])
|
|
||||||
|> Enum.any?()
|
|
||||||
|
|
||||||
if ok?,
|
|
||||||
do: :ok,
|
|
||||||
else:
|
|
||||||
{:error,
|
|
||||||
DslError.exception(
|
|
||||||
path: [:authentication, :strategies],
|
|
||||||
message: "Expected at least one authentication strategy"
|
|
||||||
)}
|
|
||||||
end
|
|
||||||
|
|
||||||
defp validate_read_action(dsl_state, action_name) do
|
defp validate_read_action(dsl_state, action_name) do
|
||||||
with {:ok, action} <- validate_action_exists(dsl_state, action_name),
|
with {:ok, action} <- validate_action_exists(dsl_state, action_name),
|
||||||
:ok <- validate_field_in_values(action, :type, [:read]) do
|
:ok <- validate_field_in_values(action, :type, [:read]) do
|
||||||
|
|
|
@ -103,11 +103,10 @@ defmodule Mix.Tasks.AshAuthentication.Install do
|
||||||
) do
|
) do
|
||||||
case Igniter.Code.Module.find_module(igniter, user_resource) do
|
case Igniter.Code.Module.find_module(igniter, user_resource) do
|
||||||
{:ok, {igniter, _, _}} ->
|
{:ok, {igniter, _, _}} ->
|
||||||
{:ok,
|
|
||||||
Igniter.add_warning(
|
Igniter.add_warning(
|
||||||
igniter,
|
igniter,
|
||||||
"User resource already exists: #{user_resource}, skipping creation."
|
"User resource already exists: #{user_resource}, skipping creation."
|
||||||
)}
|
)
|
||||||
|
|
||||||
{:error, igniter} ->
|
{:error, igniter} ->
|
||||||
extensions = "AshAuthentication,Ash.Policy.Authorizer"
|
extensions = "AshAuthentication,Ash.Policy.Authorizer"
|
||||||
|
@ -213,11 +212,10 @@ defmodule Mix.Tasks.AshAuthentication.Install do
|
||||||
defp generate_token_resource(igniter, token_resource, argv, resource_args) do
|
defp generate_token_resource(igniter, token_resource, argv, resource_args) do
|
||||||
case Igniter.Code.Module.find_module(igniter, token_resource) do
|
case Igniter.Code.Module.find_module(igniter, token_resource) do
|
||||||
{:ok, {igniter, _, _}} ->
|
{:ok, {igniter, _, _}} ->
|
||||||
{:ok,
|
|
||||||
Igniter.add_warning(
|
Igniter.add_warning(
|
||||||
igniter,
|
igniter,
|
||||||
"Token resource already exists: #{token_resource}, skipping creation."
|
"Token resource already exists: #{token_resource}, skipping creation."
|
||||||
)}
|
)
|
||||||
|
|
||||||
{:error, igniter} ->
|
{:error, igniter} ->
|
||||||
extensions = "AshAuthentication.TokenResource,Ash.Policy.Authorizer"
|
extensions = "AshAuthentication.TokenResource,Ash.Policy.Authorizer"
|
||||||
|
@ -238,6 +236,8 @@ defmodule Mix.Tasks.AshAuthentication.Install do
|
||||||
"read",
|
"read",
|
||||||
"--extend",
|
"--extend",
|
||||||
extensions,
|
extensions,
|
||||||
|
"--uuid-primary-key",
|
||||||
|
"id",
|
||||||
"--attribute",
|
"--attribute",
|
||||||
"jti:string:primary_key:public:required:sensitive",
|
"jti:string:primary_key:public:required:sensitive",
|
||||||
"--attribute",
|
"--attribute",
|
||||||
|
@ -296,9 +296,8 @@ defmodule Mix.Tasks.AshAuthentication.Install do
|
||||||
description "Returns true if a revocation token is found for the provided token"
|
description "Returns true if a revocation token is found for the provided token"
|
||||||
argument :token, :string, sensitive?: true, allow_nil?: false
|
argument :token, :string, sensitive?: true, allow_nil?: false
|
||||||
argument :jti, :string, sensitive?: true, allow_nil?: false
|
argument :jti, :string, sensitive?: true, allow_nil?: false
|
||||||
get? true
|
|
||||||
|
|
||||||
prepare AshAuthentication.TokenResource.IsRevokedPreparation
|
run AshAuthentication.TokenResource.IsRevoked
|
||||||
end
|
end
|
||||||
""")
|
""")
|
||||||
|> Ash.Resource.Igniter.add_action(token_resource, """
|
|> Ash.Resource.Igniter.add_action(token_resource, """
|
||||||
|
|
|
@ -139,6 +139,8 @@ defmodule Mix.Tasks.AshAuthentication.InstallTest do
|
||||||
end
|
end
|
||||||
|
|
||||||
attributes do
|
attributes do
|
||||||
|
uuid_primary_key(:id)
|
||||||
|
|
||||||
attribute :jti, :string do
|
attribute :jti, :string do
|
||||||
primary_key?(true)
|
primary_key?(true)
|
||||||
public?(true)
|
public?(true)
|
||||||
|
@ -188,9 +190,8 @@ defmodule Mix.Tasks.AshAuthentication.InstallTest do
|
||||||
description("Returns true if a revocation token is found for the provided token")
|
description("Returns true if a revocation token is found for the provided token")
|
||||||
argument(:token, :string, sensitive?: true, allow_nil?: false)
|
argument(:token, :string, sensitive?: true, allow_nil?: false)
|
||||||
argument(:jti, :string, sensitive?: true, allow_nil?: false)
|
argument(:jti, :string, sensitive?: true, allow_nil?: false)
|
||||||
get?(true)
|
|
||||||
|
|
||||||
prepare(AshAuthentication.TokenResource.IsRevokedPreparation)
|
run(AshAuthentication.TokenResource.IsRevoked)
|
||||||
end
|
end
|
||||||
|
|
||||||
create :revoke_token do
|
create :revoke_token do
|
||||||
|
|
Loading…
Reference in a new issue