diff --git a/Dockerfile b/Dockerfile index 59e8b7f..a59d486 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.19.1-alpine as go-builder +FROM golang:1.19.5-alpine as go-builder WORKDIR /authorizer COPY server server COPY Makefile . diff --git a/server/db/providers/arangodb/email_template.go b/server/db/providers/arangodb/email_template.go index 70dd474..8134cbe 100644 --- a/server/db/providers/arangodb/email_template.go +++ b/server/db/providers/arangodb/email_template.go @@ -5,7 +5,6 @@ import ( "fmt" "time" - "github.com/arangodb/go-driver" arangoDriver "github.com/arangodb/go-driver" "github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/graph/model" @@ -52,7 +51,7 @@ func (p *provider) ListEmailTemplate(ctx context.Context, pagination model.Pagin query := fmt.Sprintf("FOR d in %s SORT d.created_at DESC LIMIT %d, %d RETURN d", models.Collections.EmailTemplate, pagination.Offset, pagination.Limit) - sctx := driver.WithQueryFullCount(ctx) + sctx := arangoDriver.WithQueryFullCount(ctx) cursor, err := p.db.Query(sctx, query, nil) if err != nil { return nil, err diff --git a/server/db/providers/arangodb/provider.go b/server/db/providers/arangodb/provider.go index 6c26525..5488428 100644 --- a/server/db/providers/arangodb/provider.go +++ b/server/db/providers/arangodb/provider.go @@ -2,8 +2,11 @@ package arangodb import ( "context" + "crypto/tls" + "crypto/x509" + "encoding/base64" + "fmt" - "github.com/arangodb/go-driver" arangoDriver "github.com/arangodb/go-driver" "github.com/arangodb/go-driver/http" "github.com/authorizerdev/authorizer/server/db/models" @@ -22,44 +25,75 @@ type provider struct { func NewProvider() (*provider, error) { ctx := context.Background() dbURL := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseURL - conn, err := http.NewConnection(http.ConnectionConfig{ + dbUsername := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseUsername + dbPassword := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabasePassword + dbCACertificate := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseCACert + httpConfig := http.ConnectionConfig{ Endpoints: []string{dbURL}, - }) + } + // If ca certificate if present, create tls config + if dbCACertificate != "" { + caCert, err := base64.StdEncoding.DecodeString(dbCACertificate) + if err != nil { + return nil, err + } + // Prepare TLS Config + tlsConfig := &tls.Config{} + certPool := x509.NewCertPool() + if success := certPool.AppendCertsFromPEM(caCert); !success { + return nil, fmt.Errorf("invalid certificate") + } + tlsConfig.RootCAs = certPool + httpConfig.TLSConfig = tlsConfig + } + // Create new http connection + conn, err := http.NewConnection(httpConfig) if err != nil { return nil, err } - - arangoClient, err := arangoDriver.NewClient(arangoDriver.ClientConfig{ + clientConfig := arangoDriver.ClientConfig{ Connection: conn, - }) + } + if dbUsername != "" && dbPassword != "" { + clientConfig.Authentication = arangoDriver.BasicAuthentication(dbUsername, dbPassword) + } + arangoClient, err := arangoDriver.NewClient(clientConfig) if err != nil { return nil, err } - var arangodb driver.Database + var arangodb arangoDriver.Database dbName := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseName - arangodb_exists, err := arangoClient.DatabaseExists(nil, dbName) - + arangodb_exists, err := arangoClient.DatabaseExists(ctx, dbName) + if err != nil { + return nil, err + } if arangodb_exists { - arangodb, err = arangoClient.Database(nil, dbName) + arangodb, err = arangoClient.Database(ctx, dbName) if err != nil { return nil, err } } else { - arangodb, err = arangoClient.CreateDatabase(nil, dbName, nil) + arangodb, err = arangoClient.CreateDatabase(ctx, dbName, nil) if err != nil { return nil, err } } userCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.User) + if err != nil { + return nil, err + } if !userCollectionExists { _, err = arangodb.CreateCollection(ctx, models.Collections.User, nil) if err != nil { return nil, err } } - userCollection, _ := arangodb.Collection(nil, models.Collections.User) + userCollection, err := arangodb.Collection(ctx, models.Collections.User) + if err != nil { + return nil, err + } userCollection.EnsureHashIndex(ctx, []string{"email"}, &arangoDriver.EnsureHashIndexOptions{ Unique: true, Sparse: true, @@ -70,6 +104,9 @@ func NewProvider() (*provider, error) { }) verificationRequestCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.VerificationRequest) + if err != nil { + return nil, err + } if !verificationRequestCollectionExists { _, err = arangodb.CreateCollection(ctx, models.Collections.VerificationRequest, nil) if err != nil { @@ -77,7 +114,10 @@ func NewProvider() (*provider, error) { } } - verificationRequestCollection, _ := arangodb.Collection(nil, models.Collections.VerificationRequest) + verificationRequestCollection, err := arangodb.Collection(ctx, models.Collections.VerificationRequest) + if err != nil { + return nil, err + } verificationRequestCollection.EnsureHashIndex(ctx, []string{"email", "identifier"}, &arangoDriver.EnsureHashIndexOptions{ Unique: true, Sparse: true, @@ -87,6 +127,9 @@ func NewProvider() (*provider, error) { }) sessionCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.Session) + if err != nil { + return nil, err + } if !sessionCollectionExists { _, err = arangodb.CreateCollection(ctx, models.Collections.Session, nil) if err != nil { @@ -94,13 +137,19 @@ func NewProvider() (*provider, error) { } } - sessionCollection, _ := arangodb.Collection(nil, models.Collections.Session) + sessionCollection, err := arangodb.Collection(ctx, models.Collections.Session) + if err != nil { + return nil, err + } sessionCollection.EnsureHashIndex(ctx, []string{"user_id"}, &arangoDriver.EnsureHashIndexOptions{ Sparse: true, }) - configCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.Env) - if !configCollectionExists { + envCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.Env) + if err != nil { + return nil, err + } + if !envCollectionExists { _, err = arangodb.CreateCollection(ctx, models.Collections.Env, nil) if err != nil { return nil, err @@ -108,6 +157,9 @@ func NewProvider() (*provider, error) { } webhookCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.Webhook) + if err != nil { + return nil, err + } if !webhookCollectionExists { _, err = arangodb.CreateCollection(ctx, models.Collections.Webhook, nil) if err != nil { @@ -115,13 +167,19 @@ func NewProvider() (*provider, error) { } } - webhookCollection, _ := arangodb.Collection(nil, models.Collections.Webhook) + webhookCollection, err := arangodb.Collection(ctx, models.Collections.Webhook) + if err != nil { + return nil, err + } webhookCollection.EnsureHashIndex(ctx, []string{"event_name"}, &arangoDriver.EnsureHashIndexOptions{ Unique: true, Sparse: true, }) webhookLogCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.WebhookLog) + if err != nil { + return nil, err + } if !webhookLogCollectionExists { _, err = arangodb.CreateCollection(ctx, models.Collections.WebhookLog, nil) if err != nil { @@ -129,12 +187,18 @@ func NewProvider() (*provider, error) { } } - webhookLogCollection, _ := arangodb.Collection(nil, models.Collections.WebhookLog) + webhookLogCollection, err := arangodb.Collection(ctx, models.Collections.WebhookLog) + if err != nil { + return nil, err + } webhookLogCollection.EnsureHashIndex(ctx, []string{"webhook_id"}, &arangoDriver.EnsureHashIndexOptions{ Sparse: true, }) emailTemplateCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.EmailTemplate) + if err != nil { + return nil, err + } if !emailTemplateCollectionExists { _, err = arangodb.CreateCollection(ctx, models.Collections.EmailTemplate, nil) if err != nil { @@ -142,13 +206,19 @@ func NewProvider() (*provider, error) { } } - emailTemplateCollection, _ := arangodb.Collection(nil, models.Collections.EmailTemplate) + emailTemplateCollection, err := arangodb.Collection(ctx, models.Collections.EmailTemplate) + if err != nil { + return nil, err + } emailTemplateCollection.EnsureHashIndex(ctx, []string{"event_name"}, &arangoDriver.EnsureHashIndexOptions{ Unique: true, Sparse: true, }) otpCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.OTP) + if err != nil { + return nil, err + } if !otpCollectionExists { _, err = arangodb.CreateCollection(ctx, models.Collections.OTP, nil) if err != nil { @@ -156,7 +226,10 @@ func NewProvider() (*provider, error) { } } - otpCollection, _ := arangodb.Collection(nil, models.Collections.OTP) + otpCollection, err := arangodb.Collection(ctx, models.Collections.OTP) + if err != nil { + return nil, err + } otpCollection.EnsureHashIndex(ctx, []string{"email"}, &arangoDriver.EnsureHashIndexOptions{ Unique: true, Sparse: true, diff --git a/server/db/providers/arangodb/user.go b/server/db/providers/arangodb/user.go index 1201297..cccbf94 100644 --- a/server/db/providers/arangodb/user.go +++ b/server/db/providers/arangodb/user.go @@ -7,7 +7,6 @@ import ( "strings" "time" - "github.com/arangodb/go-driver" arangoDriver "github.com/arangodb/go-driver" "github.com/google/uuid" @@ -91,7 +90,7 @@ func (p *provider) DeleteUser(ctx context.Context, user models.User) error { // ListUsers to get list of users from database func (p *provider) ListUsers(ctx context.Context, pagination model.Pagination) (*model.Users, error) { var users []*model.User - sctx := driver.WithQueryFullCount(ctx) + sctx := arangoDriver.WithQueryFullCount(ctx) query := fmt.Sprintf("FOR d in %s SORT d.created_at DESC LIMIT %d, %d RETURN d", models.Collections.User, pagination.Offset, pagination.Limit) @@ -199,7 +198,7 @@ func (p *provider) UpdateUsers(ctx context.Context, data map[string]interface{}, } query := "" - if ids != nil && len(ids) > 0 { + if len(ids) > 0 { keysArray := "" for _, id := range ids { keysArray += fmt.Sprintf("'%s', ", id) @@ -212,7 +211,6 @@ func (p *provider) UpdateUsers(ctx context.Context, data map[string]interface{}, } _, err = p.db.Query(ctx, query, nil) - if err != nil { return err } diff --git a/server/db/providers/arangodb/verification_requests.go b/server/db/providers/arangodb/verification_requests.go index 8722bad..f69bcb0 100644 --- a/server/db/providers/arangodb/verification_requests.go +++ b/server/db/providers/arangodb/verification_requests.go @@ -5,7 +5,7 @@ import ( "fmt" "time" - "github.com/arangodb/go-driver" + arangoDriver "github.com/arangodb/go-driver" "github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/graph/model" "github.com/google/uuid" @@ -96,7 +96,7 @@ func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email stri // ListVerificationRequests to get list of verification requests from database func (p *provider) ListVerificationRequests(ctx context.Context, pagination model.Pagination) (*model.VerificationRequests, error) { var verificationRequests []*model.VerificationRequest - sctx := driver.WithQueryFullCount(ctx) + sctx := arangoDriver.WithQueryFullCount(ctx) query := fmt.Sprintf("FOR d in %s SORT d.created_at DESC LIMIT %d, %d RETURN d", models.Collections.VerificationRequest, pagination.Offset, pagination.Limit) cursor, err := p.db.Query(sctx, query, nil) @@ -112,7 +112,7 @@ func (p *provider) ListVerificationRequests(ctx context.Context, pagination mode var verificationRequest models.VerificationRequest meta, err := cursor.ReadDocument(ctx, &verificationRequest) - if driver.IsNoMoreDocuments(err) { + if arangoDriver.IsNoMoreDocuments(err) { break } else if err != nil { return nil, err @@ -132,8 +132,8 @@ func (p *provider) ListVerificationRequests(ctx context.Context, pagination mode // DeleteVerificationRequest to delete verification request from database func (p *provider) DeleteVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) error { - collection, _ := p.db.Collection(nil, models.Collections.VerificationRequest) - _, err := collection.RemoveDocument(nil, verificationRequest.Key) + collection, _ := p.db.Collection(ctx, models.Collections.VerificationRequest) + _, err := collection.RemoveDocument(ctx, verificationRequest.Key) if err != nil { return err } diff --git a/server/db/providers/arangodb/webhook.go b/server/db/providers/arangodb/webhook.go index 2fd62da..0e89b86 100644 --- a/server/db/providers/arangodb/webhook.go +++ b/server/db/providers/arangodb/webhook.go @@ -5,7 +5,6 @@ import ( "fmt" "time" - "github.com/arangodb/go-driver" arangoDriver "github.com/arangodb/go-driver" "github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/graph/model" @@ -50,7 +49,7 @@ func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination) query := fmt.Sprintf("FOR d in %s SORT d.created_at DESC LIMIT %d, %d RETURN d", models.Collections.Webhook, pagination.Offset, pagination.Limit) - sctx := driver.WithQueryFullCount(ctx) + sctx := arangoDriver.WithQueryFullCount(ctx) cursor, err := p.db.Query(sctx, query, nil) if err != nil { return nil, err diff --git a/server/db/providers/arangodb/webhook_log.go b/server/db/providers/arangodb/webhook_log.go index 35565e1..42de751 100644 --- a/server/db/providers/arangodb/webhook_log.go +++ b/server/db/providers/arangodb/webhook_log.go @@ -5,7 +5,6 @@ import ( "fmt" "time" - "github.com/arangodb/go-driver" arangoDriver "github.com/arangodb/go-driver" "github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/graph/model" @@ -44,7 +43,7 @@ func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Paginat } } - sctx := driver.WithQueryFullCount(ctx) + sctx := arangoDriver.WithQueryFullCount(ctx) cursor, err := p.db.Query(sctx, query, bindVariables) if err != nil { return nil, err