fix(update_profile): changing password if not signed up via basic

Resolves #198

.env.sample

@@ -1,3 +1,4 @@
+ENV=production
 DATABASE_URL=data.db
 DATABASE_TYPE=sqlite
 CUSTOM_ACCESS_TOKEN_SCRIPT="function(user,tokenPayload){var data = tokenPayload;data.extra = {'x-extra-id': user.id};return data;}"

.env.test

@@ -0,0 +1,9 @@
+ENV=test
+DATABASE_URL=test.db
+DATABASE_TYPE=sqlite
+CUSTOM_ACCESS_TOKEN_SCRIPT="function(user,tokenPayload){var data = tokenPayload;data.extra = {'x-extra-id': user.id};return data;}"
+SMTP_HOST=smtp.mailtrap.io
+SMTP_PORT=2525
+SMTP_USERNAME=test
+SMTP_PASSWORD=test
+SENDER_EMAIL="info@authorizer.dev"

.gitignore

@@ -8,6 +8,7 @@ dashboard/build
 build
 .env
 data.db
+test.db
 .DS_Store
 .env.local
 *.tar.gz

Makefile

@@ -10,7 +10,7 @@ build-dashboard:
 clean:
 	rm -rf build
 test:
-	cd server && go clean --testcache && go test -v ./test
+	rm -rf server/test/test.db && rm -rf test.db && cd server && go clean --testcache && go test -p 1 -v ./test
 generate:
 	cd server && go get github.com/99designs/gqlgen/cmd@v0.14.0 && go run github.com/99designs/gqlgen generate
 	

app/package-lock.json

@@ -9,7 +9,7 @@
 			"version": "1.0.0",
 			"license": "ISC",
 			"dependencies": {
-				"@authorizerdev/authorizer-react": "^0.17.0",
+				"@authorizerdev/authorizer-react": "^0.25.0",
 				"@types/react": "^17.0.15",
 				"@types/react-dom": "^17.0.9",
 				"esbuild": "^0.12.17",
@@ -26,9 +26,9 @@
 			}
 		},
 		"node_modules/@authorizerdev/authorizer-js": {
-			"version": "0.10.0",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-0.10.0.tgz",
-			"integrity": "sha512-REM8FLD/Ej9gzA2zDGDAke6QFss33ubePlTDmLDmIYUuQmpHFlO5mCCS6nVsKkN7F/Bcwkmp+eUNQjkdGCaKLg==",
+			"version": "0.14.0",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-0.14.0.tgz",
+			"integrity": "sha512-cpeeFrmG623QPLn+nf+ACHayZYqW8xokIidGikeboBDJtuAAQB50a54/7HwLHriG2FB7WvPuHQ/9LFFX//N1lg==",
 			"dependencies": {
 				"node-fetch": "^2.6.1"
 			},
@@ -37,11 +37,11 @@
 			}
 		},
 		"node_modules/@authorizerdev/authorizer-react": {
-			"version": "0.17.0",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-0.17.0.tgz",
-			"integrity": "sha512-7WcNCU7hDFkVfFb8LcJXFwWiLYd8aY78z1AbNPxCa2Cw5G85PaRkzjKybP6h01ITVOHO6M03lLwPj8p6Sr6fEg==",
+			"version": "0.25.0",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-0.25.0.tgz",
+			"integrity": "sha512-Dt2rZf+cGCVb8dqcJ/9l8Trx+QeXnTdfhER6r/cq0iOnFC9MqWzQPB3RgrlUoMLHtZvKNDXIk1HvfD5hSX9lhw==",
 			"dependencies": {
-				"@authorizerdev/authorizer-js": "^0.10.0",
+				"@authorizerdev/authorizer-js": "^0.14.0",
 				"final-form": "^4.20.2",
 				"react-final-form": "^6.5.3",
 				"styled-components": "^5.3.0"
@@ -816,7 +816,7 @@
 		"node_modules/tr46": {
 			"version": "0.0.3",
 			"resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz",
-			"integrity": "sha1-gYT9NH2snNwYWZLzpmIuFLnZq2o="
+			"integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw=="
 		},
 		"node_modules/typescript": {
 			"version": "4.3.5",
@@ -838,12 +838,12 @@
 		"node_modules/webidl-conversions": {
 			"version": "3.0.1",
 			"resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz",
-			"integrity": "sha1-JFNCdeKnvGvnvIZhHMFq4KVlSHE="
+			"integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ=="
 		},
 		"node_modules/whatwg-url": {
 			"version": "5.0.0",
 			"resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz",
-			"integrity": "sha1-lmRU6HZUYuN2RNNib2dCzotwll0=",
+			"integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==",
 			"dependencies": {
 				"tr46": "~0.0.3",
 				"webidl-conversions": "^3.0.0"
@@ -852,19 +852,19 @@
 	},
 	"dependencies": {
 		"@authorizerdev/authorizer-js": {
-			"version": "0.10.0",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-0.10.0.tgz",
-			"integrity": "sha512-REM8FLD/Ej9gzA2zDGDAke6QFss33ubePlTDmLDmIYUuQmpHFlO5mCCS6nVsKkN7F/Bcwkmp+eUNQjkdGCaKLg==",
+			"version": "0.14.0",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-0.14.0.tgz",
+			"integrity": "sha512-cpeeFrmG623QPLn+nf+ACHayZYqW8xokIidGikeboBDJtuAAQB50a54/7HwLHriG2FB7WvPuHQ/9LFFX//N1lg==",
 			"requires": {
 				"node-fetch": "^2.6.1"
 			}
 		},
 		"@authorizerdev/authorizer-react": {
-			"version": "0.17.0",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-0.17.0.tgz",
-			"integrity": "sha512-7WcNCU7hDFkVfFb8LcJXFwWiLYd8aY78z1AbNPxCa2Cw5G85PaRkzjKybP6h01ITVOHO6M03lLwPj8p6Sr6fEg==",
+			"version": "0.25.0",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-0.25.0.tgz",
+			"integrity": "sha512-Dt2rZf+cGCVb8dqcJ/9l8Trx+QeXnTdfhER6r/cq0iOnFC9MqWzQPB3RgrlUoMLHtZvKNDXIk1HvfD5hSX9lhw==",
 			"requires": {
-				"@authorizerdev/authorizer-js": "^0.10.0",
+				"@authorizerdev/authorizer-js": "^0.14.0",
 				"final-form": "^4.20.2",
 				"react-final-form": "^6.5.3",
 				"styled-components": "^5.3.0"
@@ -1482,7 +1482,7 @@
 		"tr46": {
 			"version": "0.0.3",
 			"resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz",
-			"integrity": "sha1-gYT9NH2snNwYWZLzpmIuFLnZq2o="
+			"integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw=="
 		},
 		"typescript": {
 			"version": "4.3.5",
@@ -1497,12 +1497,12 @@
 		"webidl-conversions": {
 			"version": "3.0.1",
 			"resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz",
-			"integrity": "sha1-JFNCdeKnvGvnvIZhHMFq4KVlSHE="
+			"integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ=="
 		},
 		"whatwg-url": {
 			"version": "5.0.0",
 			"resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz",
-			"integrity": "sha1-lmRU6HZUYuN2RNNib2dCzotwll0=",
+			"integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==",
 			"requires": {
 				"tr46": "~0.0.3",
 				"webidl-conversions": "^3.0.0"

app/package.json

@@ -11,7 +11,7 @@
 	"author": "Lakhan Samani",
 	"license": "ISC",
 	"dependencies": {
-		"@authorizerdev/authorizer-react": "^0.17.0",
+		"@authorizerdev/authorizer-react": "^0.25.0",
 		"@types/react": "^17.0.15",
 		"@types/react-dom": "^17.0.9",
 		"esbuild": "^0.12.17",

app/src/pages/login.tsx

@@ -72,11 +72,13 @@ export default function Login({ urlProps }: { urlProps: Record<string, any> }) {
 					</Footer>
 				</Fragment>
 			)}
-			{config.is_sign_up_enabled && (
-				<FooterContent>
-					Don't have an account? <Link to="/app/signup"> Sign Up</Link>
-				</FooterContent>
-			)}
+			{config.is_basic_authentication_enabled &&
+				!config.is_magic_link_login_enabled &&
+				config.is_sign_up_enabled && (
+					<FooterContent>
+						Don't have an account? <Link to="/app/signup"> Sign Up</Link>
+					</FooterContent>
+				)}
 		</Fragment>
 	);
 }

dashboard/package-lock.json

@@ -2529,7 +2529,8 @@
 		"@chakra-ui/css-reset": {
 			"version": "1.1.1",
 			"resolved": "https://registry.npmjs.org/@chakra-ui/css-reset/-/css-reset-1.1.1.tgz",
-			"integrity": "sha512-+KNNHL4OWqeKia5SL858K3Qbd8WxMij9mWIilBzLD4j2KFrl/+aWFw8syMKth3NmgIibrjsljo+PU3fy2o50dg=="
+			"integrity": "sha512-+KNNHL4OWqeKia5SL858K3Qbd8WxMij9mWIilBzLD4j2KFrl/+aWFw8syMKth3NmgIibrjsljo+PU3fy2o50dg==",
+			"requires": {}
 		},
 		"@chakra-ui/descendant": {
 			"version": "2.1.1",
@@ -3133,7 +3134,8 @@
 		"@graphql-typed-document-node/core": {
 			"version": "3.1.1",
 			"resolved": "https://registry.npmjs.org/@graphql-typed-document-node/core/-/core-3.1.1.tgz",
-			"integrity": "sha512-NQ17ii0rK1b34VZonlmT2QMJFI70m0TRwbknO/ihlbatXyaktDhN/98vBiUU6kNBPljqGqyIrl2T4nY2RpFANg=="
+			"integrity": "sha512-NQ17ii0rK1b34VZonlmT2QMJFI70m0TRwbknO/ihlbatXyaktDhN/98vBiUU6kNBPljqGqyIrl2T4nY2RpFANg==",
+			"requires": {}
 		},
 		"@popperjs/core": {
 			"version": "2.11.0",
@@ -3843,7 +3845,8 @@
 		"react-icons": {
 			"version": "4.3.1",
 			"resolved": "https://registry.npmjs.org/react-icons/-/react-icons-4.3.1.tgz",
-			"integrity": "sha512-cB10MXLTs3gVuXimblAdI71jrJx8njrJZmNMEMC+sQu5B/BIOmlsAjskdqpn81y8UBVEGuHODd7/ci5DvoSzTQ=="
+			"integrity": "sha512-cB10MXLTs3gVuXimblAdI71jrJx8njrJZmNMEMC+sQu5B/BIOmlsAjskdqpn81y8UBVEGuHODd7/ci5DvoSzTQ==",
+			"requires": {}
 		},
 		"react-is": {
 			"version": "16.13.1",
@@ -4029,7 +4032,8 @@
 		"use-callback-ref": {
 			"version": "1.2.5",
 			"resolved": "https://registry.npmjs.org/use-callback-ref/-/use-callback-ref-1.2.5.tgz",
-			"integrity": "sha512-gN3vgMISAgacF7sqsLPByqoePooY3n2emTH59Ur5d/M8eg4WTWu1xp8i8DHjohftIyEx0S08RiYxbffr4j8Peg=="
+			"integrity": "sha512-gN3vgMISAgacF7sqsLPByqoePooY3n2emTH59Ur5d/M8eg4WTWu1xp8i8DHjohftIyEx0S08RiYxbffr4j8Peg==",
+			"requires": {}
 		},
 		"use-sidecar": {
 			"version": "1.0.5",

dashboard/src/components/EnvComponents/DatabaseCredentials.tsx

@@ -1,88 +1,89 @@
-import React from "react";
-import { Flex, Stack, Center, Text, useMediaQuery } from "@chakra-ui/react";
+import React from 'react';
+import { Flex, Stack, Center, Text, useMediaQuery } from '@chakra-ui/react';
 
-import InputField from "../../components/InputField";
-import { TextInputType } from "../../constants";
+import InputField from '../../components/InputField';
+import { TextInputType } from '../../constants';
 
 const DatabaseCredentials = ({ variables, setVariables }: any) => {
-  const [isNotSmallerScreen] = useMediaQuery("(min-width:600px)");
-  return (
-    <div>
-      {" "}
-      <Text fontSize="md" paddingTop="2%" fontWeight="bold">
-        Database Credentials
-      </Text>
-      <Stack spacing={6} padding="3% 0">
-        <Text fontStyle="italic" fontSize="sm" color="blackAlpha.500" mt={3}>
-          Note: Database related environment variables cannot be updated from
-          dashboard :(
-        </Text>
-        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
-          <Flex
-            w={isNotSmallerScreen ? "30%" : "40%"}
-            justifyContent="start"
-            alignItems="center"
-          >
-            <Text fontSize="sm">DataBase Name:</Text>
-          </Flex>
-          <Center
-            w={isNotSmallerScreen ? "70%" : "100%"}
-            mt={isNotSmallerScreen ? "0" : "3"}
-          >
-            <InputField
-              borderRadius={5}
-              variables={variables}
-              setVariables={setVariables}
-              inputType={TextInputType.DATABASE_NAME}
-              isDisabled={true}
-            />
-          </Center>
-        </Flex>
-        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
-          <Flex
-            w={isNotSmallerScreen ? "30%" : "40%"}
-            justifyContent="start"
-            alignItems="center"
-          >
-            <Text fontSize="sm">DataBase Type:</Text>
-          </Flex>
-          <Center
-            w={isNotSmallerScreen ? "70%" : "100%"}
-            mt={isNotSmallerScreen ? "0" : "3"}
-          >
-            <InputField
-              borderRadius={5}
-              variables={variables}
-              setVariables={setVariables}
-              inputType={TextInputType.DATABASE_TYPE}
-              isDisabled={true}
-            />
-          </Center>
-        </Flex>
-        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
-          <Flex
-            w={isNotSmallerScreen ? "30%" : "40%"}
-            justifyContent="start"
-            alignItems="center"
-          >
-            <Text fontSize="sm">DataBase URL:</Text>
-          </Flex>
-          <Center
-            w={isNotSmallerScreen ? "70%" : "100%"}
-            mt={isNotSmallerScreen ? "0" : "3"}
-          >
-            <InputField
-              borderRadius={5}
-              variables={variables}
-              setVariables={setVariables}
-              inputType={TextInputType.DATABASE_URL}
-              isDisabled={true}
-            />
-          </Center>
-        </Flex>
-      </Stack>
-    </div>
-  );
+	const [isNotSmallerScreen] = useMediaQuery('(min-width:600px)');
+	return (
+		<div>
+			{' '}
+			<Text fontSize="md" paddingTop="2%" fontWeight="bold">
+				Database Credentials
+			</Text>
+			<Stack spacing={6} padding="3% 0">
+				<Text fontStyle="italic" fontSize="sm" color="blackAlpha.500" mt={3}>
+					Note: Database related environment variables cannot be updated from
+					dashboard. Please use .env file or OS environment variables to update
+					it.
+				</Text>
+				<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
+					<Flex
+						w={isNotSmallerScreen ? '30%' : '40%'}
+						justifyContent="start"
+						alignItems="center"
+					>
+						<Text fontSize="sm">DataBase Name:</Text>
+					</Flex>
+					<Center
+						w={isNotSmallerScreen ? '70%' : '100%'}
+						mt={isNotSmallerScreen ? '0' : '3'}
+					>
+						<InputField
+							borderRadius={5}
+							variables={variables}
+							setVariables={setVariables}
+							inputType={TextInputType.DATABASE_NAME}
+							isDisabled={true}
+						/>
+					</Center>
+				</Flex>
+				<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
+					<Flex
+						w={isNotSmallerScreen ? '30%' : '40%'}
+						justifyContent="start"
+						alignItems="center"
+					>
+						<Text fontSize="sm">DataBase Type:</Text>
+					</Flex>
+					<Center
+						w={isNotSmallerScreen ? '70%' : '100%'}
+						mt={isNotSmallerScreen ? '0' : '3'}
+					>
+						<InputField
+							borderRadius={5}
+							variables={variables}
+							setVariables={setVariables}
+							inputType={TextInputType.DATABASE_TYPE}
+							isDisabled={true}
+						/>
+					</Center>
+				</Flex>
+				<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
+					<Flex
+						w={isNotSmallerScreen ? '30%' : '40%'}
+						justifyContent="start"
+						alignItems="center"
+					>
+						<Text fontSize="sm">DataBase URL:</Text>
+					</Flex>
+					<Center
+						w={isNotSmallerScreen ? '70%' : '100%'}
+						mt={isNotSmallerScreen ? '0' : '3'}
+					>
+						<InputField
+							borderRadius={5}
+							variables={variables}
+							setVariables={setVariables}
+							inputType={TextInputType.DATABASE_URL}
+							isDisabled={true}
+						/>
+					</Center>
+				</Flex>
+			</Stack>
+		</div>
+	);
 };
 
-export default DatabaseCredentials;
+export default DatabaseCredentials;

dashboard/src/components/EnvComponents/Features.tsx

@@ -3,7 +3,7 @@ import { Flex, Stack, Text } from '@chakra-ui/react';
 import InputField from '../InputField';
 import { SwitchInputType } from '../../constants';
 
-const UICustomization = ({ variables, setVariables }: any) => {
+const Features = ({ variables, setVariables }: any) => {
 	return (
 		<div>
 			{' '}
@@ -71,9 +71,21 @@ const UICustomization = ({ variables, setVariables }: any) => {
 						/>
 					</Flex>
 				</Flex>
+				<Flex>
+					<Flex w="100%" justifyContent="start" alignItems="center">
+						<Text fontSize="sm">Disable Strong Password:</Text>
+					</Flex>
+					<Flex justifyContent="start" mb={3}>
+						<InputField
+							variables={variables}
+							setVariables={setVariables}
+							inputType={SwitchInputType.DISABLE_STRONG_PASSWORD}
+						/>
+					</Flex>
+				</Flex>
 			</Stack>
 		</div>
 	);
 };
 
-export default UICustomization;
+export default Features;

dashboard/src/components/EnvComponents/OAuthConfig.tsx

@@ -9,7 +9,13 @@ import {
 	Divider,
 	useMediaQuery,
 } from '@chakra-ui/react';
-import { FaGoogle, FaGithub, FaFacebookF } from 'react-icons/fa';
+import {
+	FaGoogle,
+	FaGithub,
+	FaFacebookF,
+	FaLinkedin,
+	FaApple,
+} from 'react-icons/fa';
 import { TextInputType, HiddenInputType } from '../../constants';
 
 const OAuthConfig = ({
@@ -182,6 +188,82 @@ const OAuthConfig = ({
 							/>
 						</Center>
 					</Flex>
+					<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
+						<Center
+							w={isNotSmallerScreen ? '55px' : '35px'}
+							h="35px"
+							marginRight="1.5%"
+							border="1px solid #3b5998"
+							borderRadius="5px"
+						>
+							<FaLinkedin style={{ color: '#3b5998' }} />
+						</Center>
+						<Center
+							w={isNotSmallerScreen ? '70%' : '100%'}
+							mt={isNotSmallerScreen ? '0' : '3'}
+							marginRight="1.5%"
+						>
+							<InputField
+								borderRadius={5}
+								variables={envVariables}
+								setVariables={setVariables}
+								inputType={TextInputType.LINKEDIN_CLIENT_ID}
+								placeholder="LinkedIn Client ID"
+							/>
+						</Center>
+						<Center
+							w={isNotSmallerScreen ? '70%' : '100%'}
+							mt={isNotSmallerScreen ? '0' : '3'}
+						>
+							<InputField
+								borderRadius={5}
+								variables={envVariables}
+								setVariables={setVariables}
+								fieldVisibility={fieldVisibility}
+								setFieldVisibility={setFieldVisibility}
+								inputType={HiddenInputType.LINKEDIN_CLIENT_SECRET}
+								placeholder="LinkedIn Client Secret"
+							/>
+						</Center>
+					</Flex>
+					<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
+						<Center
+							w={isNotSmallerScreen ? '55px' : '35px'}
+							h="35px"
+							marginRight="1.5%"
+							border="1px solid #3b5998"
+							borderRadius="5px"
+						>
+							<FaApple style={{ color: '#3b5998' }} />
+						</Center>
+						<Center
+							w={isNotSmallerScreen ? '70%' : '100%'}
+							mt={isNotSmallerScreen ? '0' : '3'}
+							marginRight="1.5%"
+						>
+							<InputField
+								borderRadius={5}
+								variables={envVariables}
+								setVariables={setVariables}
+								inputType={TextInputType.APPLE_CLIENT_ID}
+								placeholder="Apple Client ID"
+							/>
+						</Center>
+						<Center
+							w={isNotSmallerScreen ? '70%' : '100%'}
+							mt={isNotSmallerScreen ? '0' : '3'}
+						>
+							<InputField
+								borderRadius={5}
+								variables={envVariables}
+								setVariables={setVariables}
+								fieldVisibility={fieldVisibility}
+								setFieldVisibility={setFieldVisibility}
+								inputType={HiddenInputType.APPLE_CLIENT_SECRET}
+								placeholder="Apple CLient Secret"
+							/>
+						</Center>
+					</Flex>
 				</Stack>
 			</Box>
 		</div>

dashboard/src/components/EnvComponents/Roles.tsx

@@ -1,67 +1,68 @@
-import React from "react";
-import { Flex, Stack, Center, Text, useMediaQuery } from "@chakra-ui/react";
-import { ArrayInputType } from "../../constants";
-import InputField from "../InputField";
+import React from 'react';
+import { Flex, Stack, Center, Text, useMediaQuery } from '@chakra-ui/react';
+import { ArrayInputType } from '../../constants';
+import InputField from '../InputField';
 
 const Roles = ({ variables, setVariables }: any) => {
-  const [isNotSmallerScreen] = useMediaQuery("(min-width:600px)");
-  return (
-    <div>
-      {" "}
-      <Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={5}>
-        Roles
-      </Text>
-      <Stack spacing={6} padding="2% 0%">
-        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
-          <Flex w="30%" justifyContent="start" alignItems="center">
-            <Text fontSize="sm">Roles:</Text>
-          </Flex>
-          <Center
-            w={isNotSmallerScreen ? "70%" : "100%"}
-            mt={isNotSmallerScreen ? "0" : "2"}
-            overflow="hidden"
-          >
-            <InputField
-              borderRadius={7}
-              variables={variables}
-              setVariables={setVariables}
-              inputType={ArrayInputType.ROLES}
-            />
-          </Center>
-        </Flex>
-        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
-          <Flex w="30%" justifyContent="start" alignItems="center">
-            <Text fontSize="sm">Default Roles:</Text>
-          </Flex>
-          <Center
-            w={isNotSmallerScreen ? "70%" : "100%"}
-            mt={isNotSmallerScreen ? "0" : "2"}
-          >
-            <InputField
-              variables={variables}
-              setVariables={setVariables}
-              inputType={ArrayInputType.DEFAULT_ROLES}
-            />
-          </Center>
-        </Flex>
-        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
-          <Flex w="30%" justifyContent="start" alignItems="center">
-            <Text fontSize="sm">Protected Roles:</Text>
-          </Flex>
-          <Center
-            w={isNotSmallerScreen ? "70%" : "100%"}
-            mt={isNotSmallerScreen ? "0" : "2"}
-          >
-            <InputField
-              variables={variables}
-              setVariables={setVariables}
-              inputType={ArrayInputType.PROTECTED_ROLES}
-            />
-          </Center>
-        </Flex>
-      </Stack>
-    </div>
-  );
+	const [isNotSmallerScreen] = useMediaQuery('(min-width:600px)');
+
+	return (
+		<div>
+			{' '}
+			<Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={5}>
+				Roles
+			</Text>
+			<Stack spacing={6} padding="2% 0%">
+				<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
+					<Flex w="30%" justifyContent="start" alignItems="center">
+						<Text fontSize="sm">Roles:</Text>
+					</Flex>
+					<Center
+						w={isNotSmallerScreen ? '70%' : '100%'}
+						mt={isNotSmallerScreen ? '0' : '2'}
+						overflow="hidden"
+					>
+						<InputField
+							borderRadius={7}
+							variables={variables}
+							setVariables={setVariables}
+							inputType={ArrayInputType.ROLES}
+						/>
+					</Center>
+				</Flex>
+				<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
+					<Flex w="30%" justifyContent="start" alignItems="center">
+						<Text fontSize="sm">Default Roles:</Text>
+					</Flex>
+					<Center
+						w={isNotSmallerScreen ? '70%' : '100%'}
+						mt={isNotSmallerScreen ? '0' : '2'}
+					>
+						<InputField
+							variables={variables}
+							setVariables={setVariables}
+							inputType={ArrayInputType.DEFAULT_ROLES}
+						/>
+					</Center>
+				</Flex>
+				<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
+					<Flex w="30%" justifyContent="start" alignItems="center">
+						<Text fontSize="sm">Protected Roles:</Text>
+					</Flex>
+					<Center
+						w={isNotSmallerScreen ? '70%' : '100%'}
+						mt={isNotSmallerScreen ? '0' : '2'}
+					>
+						<InputField
+							variables={variables}
+							setVariables={setVariables}
+							inputType={ArrayInputType.PROTECTED_ROLES}
+						/>
+					</Center>
+				</Flex>
+			</Stack>
+		</div>
+	);
 };
 
-export default Roles;
+export default Roles;

dashboard/src/components/EnvComponents/SessionStorage.tsx

@@ -1,36 +1,42 @@
-import React from "react";
-import { Flex, Stack, Center, Text, useMediaQuery } from "@chakra-ui/react";
-import InputField from "../InputField";
+import React from 'react';
+import { Flex, Stack, Center, Text, useMediaQuery } from '@chakra-ui/react';
+import InputField from '../InputField';
 
 const SessionStorage = ({ variables, setVariables, RedisURL }: any) => {
-  const [isNotSmallerScreen] = useMediaQuery("(min-width:600px)");
-  return (
-    <div>
-      {" "}
-      <Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={5}>
-        Session Storage
-      </Text>
-      <Stack spacing={6} padding="2% 0%">
-        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
-          <Flex w="30%" justifyContent="start" alignItems="center">
-            <Text fontSize="sm">Redis URL:</Text>
-          </Flex>
-          <Center
-            w={isNotSmallerScreen ? "70%" : "100%"}
-            mt={isNotSmallerScreen ? "0" : "3"}
-          >
-            <InputField
-              borderRadius={5}
-              variables={variables}
-              setVariables={setVariables}
-              inputType={RedisURL}
-              placeholder="Redis URL"
-            />
-          </Center>
-        </Flex>
-      </Stack>
-    </div>
-  );
+	const [isNotSmallerScreen] = useMediaQuery('(min-width:600px)');
+	return (
+		<div>
+			{' '}
+			<Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={5}>
+				Session Storage
+			</Text>
+			<Text fontStyle="italic" fontSize="sm" color="blackAlpha.500" mt={3}>
+				Note: Redis related environment variables cannot be updated from
+				dashboard. Please use .env file or OS environment variables to update
+				it.
+			</Text>
+			<Stack spacing={6} padding="2% 0%">
+				<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
+					<Flex w="30%" justifyContent="start" alignItems="center">
+						<Text fontSize="sm">Redis URL:</Text>
+					</Flex>
+					<Center
+						w={isNotSmallerScreen ? '70%' : '100%'}
+						mt={isNotSmallerScreen ? '0' : '3'}
+					>
+						<InputField
+							disabled
+							borderRadius={5}
+							variables={variables}
+							setVariables={setVariables}
+							inputType={RedisURL}
+							placeholder="Redis URL"
+						/>
+					</Center>
+				</Flex>
+			</Stack>
+		</div>
+	);
 };
 
-export default SessionStorage;
+export default SessionStorage;

dashboard/src/components/InviteMembersModal.tsx

@@ -22,7 +22,7 @@ import {
 	InputRightElement,
 	Text,
 	Link,
-	Tooltip
+	Tooltip,
 } from '@chakra-ui/react';
 import { useClient } from 'urql';
 import { FaUserPlus, FaMinusCircle, FaPlus, FaUpload } from 'react-icons/fa';
@@ -187,22 +187,22 @@ const InviteMembersModal = ({
 				isDisabled={disabled}
 				size="sm"
 			>
-				 <Center h="100%">
-                   {disabled ? (
-                      <Tooltip
-                        mr={8}
-                        mt={1}
-                        hasArrow
-                        bg="gray.300"
-                        color="black"
-                        label="Email verification is disabled, refer to 'UI Customization' tab within 'Environment' to enable it."
-                      >
-                      Invite Members
-                      </Tooltip>
-                    ) : (
-                    "Invite Members"
-                    )}
-                  </Center>{" "}
+				<Center h="100%">
+					{disabled ? (
+						<Tooltip
+							mr={8}
+							mt={1}
+							hasArrow
+							bg="gray.300"
+							color="black"
+							label="Email verification is disabled, refer to 'Features' tab within 'Environment' to enable it."
+						>
+							Invite Members
+						</Tooltip>
+					) : (
+						'Invite Members'
+					)}
+				</Center>{' '}
 			</Button>
 			<Modal isOpen={isOpen} onClose={closeModalHandler} size="xl">
 				<ModalOverlay />

dashboard/src/components/Menu.tsx

@@ -98,9 +98,9 @@ const LinkItems: Array<LinkItemProps> = [
 			},
 			{ name: 'Access Token', icon: SiOpenaccess, route: '/access-token' },
 			{
-				name: 'UI Customization',
+				name: 'Features',
 				icon: BiCustomize,
-				route: '/ui-customization',
+				route: '/features',
 			},
 			{ name: 'Database', icon: RiDatabase2Line, route: '/db-cred' },
 			{

dashboard/src/constants.ts

@@ -7,6 +7,8 @@ export const TextInputType = {
 	GOOGLE_CLIENT_ID: 'GOOGLE_CLIENT_ID',
 	GITHUB_CLIENT_ID: 'GITHUB_CLIENT_ID',
 	FACEBOOK_CLIENT_ID: 'FACEBOOK_CLIENT_ID',
+	LINKEDIN_CLIENT_ID: 'LINKEDIN_CLIENT_ID',
+	APPLE_CLIENT_ID: 'APPLE_CLIENT_ID',
 	JWT_ROLE_CLAIM: 'JWT_ROLE_CLAIM',
 	REDIS_URL: 'REDIS_URL',
 	SMTP_HOST: 'SMTP_HOST',
@@ -31,6 +33,8 @@ export const HiddenInputType = {
 	GOOGLE_CLIENT_SECRET: 'GOOGLE_CLIENT_SECRET',
 	GITHUB_CLIENT_SECRET: 'GITHUB_CLIENT_SECRET',
 	FACEBOOK_CLIENT_SECRET: 'FACEBOOK_CLIENT_SECRET',
+	LINKEDIN_CLIENT_SECRET: 'LINKEDIN_CLIENT_SECRET',
+	APPLE_CLIENT_SECRET: 'APPLE_CLIENT_SECRET',
 	JWT_SECRET: 'JWT_SECRET',
 	SMTP_PASSWORD: 'SMTP_PASSWORD',
 	ADMIN_SECRET: 'ADMIN_SECRET',
@@ -62,6 +66,8 @@ export const SwitchInputType = {
 	DISABLE_EMAIL_VERIFICATION: 'DISABLE_EMAIL_VERIFICATION',
 	DISABLE_BASIC_AUTHENTICATION: 'DISABLE_BASIC_AUTHENTICATION',
 	DISABLE_SIGN_UP: 'DISABLE_SIGN_UP',
+	DISABLE_REDIS_FOR_ENV: 'DISABLE_REDIS_FOR_ENV',
+	DISABLE_STRONG_PASSWORD: 'DISABLE_STRONG_PASSWORD',
 };
 
 export const DateInputType = {
@@ -98,6 +104,10 @@ export interface envVarTypes {
 	GITHUB_CLIENT_SECRET: string;
 	FACEBOOK_CLIENT_ID: string;
 	FACEBOOK_CLIENT_SECRET: string;
+	LINKEDIN_CLIENT_ID: string;
+	LINKEDIN_CLIENT_SECRET: string;
+	APPLE_CLIENT_ID: string;
+	APPLE_CLIENT_SECRET: string;
 	ROLES: [string] | [];
 	DEFAULT_ROLES: [string] | [];
 	PROTECTED_ROLES: [string] | [];
@@ -122,6 +132,7 @@ export interface envVarTypes {
 	DISABLE_EMAIL_VERIFICATION: boolean;
 	DISABLE_BASIC_AUTHENTICATION: boolean;
 	DISABLE_SIGN_UP: boolean;
+	DISABLE_STRONG_PASSWORD: boolean;
 	OLD_ADMIN_SECRET: string;
 	DATABASE_NAME: string;
 	DATABASE_TYPE: string;
@@ -138,7 +149,7 @@ export const envSubViews = {
 	WHITELIST_VARIABLES: 'whitelist-variables',
 	ORGANIZATION_INFO: 'organization-info',
 	ACCESS_TOKEN: 'access-token',
-	UI_CUSTOMIZATION: 'ui-customization',
+	FEATURES: 'features',
 	ADMIN_SECRET: 'admin-secret',
 	DB_CRED: 'db-cred',
 };

dashboard/src/graphql/queries/index.ts

@@ -26,9 +26,13 @@ export const EnvVariablesQuery = `
       GITHUB_CLIENT_SECRET,
       FACEBOOK_CLIENT_ID,
       FACEBOOK_CLIENT_SECRET,
-      ROLES,
+      LINKEDIN_CLIENT_ID,
+      LINKEDIN_CLIENT_SECRET,
+      APPLE_CLIENT_ID,
+      APPLE_CLIENT_SECRET,
       DEFAULT_ROLES,
       PROTECTED_ROLES,
+      ROLES,
       JWT_TYPE,
       JWT_SECRET,
       JWT_ROLE_CLAIM,
@@ -49,6 +53,8 @@ export const EnvVariablesQuery = `
       DISABLE_EMAIL_VERIFICATION,
       DISABLE_BASIC_AUTHENTICATION,
       DISABLE_SIGN_UP,
+      DISABLE_STRONG_PASSWORD,
+      DISABLE_REDIS_FOR_ENV,
       CUSTOM_ACCESS_TOKEN_SCRIPT,
       DATABASE_NAME,
       DATABASE_TYPE,

dashboard/src/pages/Environment.tsx

@@ -25,7 +25,7 @@ import EmailConfigurations from '../components/EnvComponents/EmailConfiguration'
 import DomainWhiteListing from '../components/EnvComponents/DomainWhitelisting';
 import OrganizationInfo from '../components/EnvComponents/OrganizationInfo';
 import AccessToken from '../components/EnvComponents/AccessToken';
-import UICustomization from '../components/EnvComponents/UICustomization';
+import Features from '../components/EnvComponents/Features';
 import SecurityAdminSecret from '../components/EnvComponents/SecurityAdminSecret';
 import DatabaseCredentials from '../components/EnvComponents/DatabaseCredentials';
 
@@ -46,6 +46,10 @@ const Environment = () => {
 		GITHUB_CLIENT_SECRET: '',
 		FACEBOOK_CLIENT_ID: '',
 		FACEBOOK_CLIENT_SECRET: '',
+		LINKEDIN_CLIENT_ID: '',
+		LINKEDIN_CLIENT_SECRET: '',
+		APPLE_CLIENT_ID: '',
+		APPLE_CLIENT_SECRET: '',
 		ROLES: [],
 		DEFAULT_ROLES: [],
 		PROTECTED_ROLES: [],
@@ -70,6 +74,7 @@ const Environment = () => {
 		DISABLE_EMAIL_VERIFICATION: false,
 		DISABLE_BASIC_AUTHENTICATION: false,
 		DISABLE_SIGN_UP: false,
+		DISABLE_STRONG_PASSWORD: false,
 		OLD_ADMIN_SECRET: '',
 		DATABASE_NAME: '',
 		DATABASE_TYPE: '',
@@ -83,6 +88,8 @@ const Environment = () => {
 		GOOGLE_CLIENT_SECRET: false,
 		GITHUB_CLIENT_SECRET: false,
 		FACEBOOK_CLIENT_SECRET: false,
+		LINKEDIN_CLIENT_SECRET: false,
+		APPLE_CLIENT_SECRET: false,
 		JWT_SECRET: false,
 		SMTP_PASSWORD: false,
 		ADMIN_SECRET: false,
@@ -259,12 +266,9 @@ const Environment = () => {
 						setVariables={setEnvVariables}
 					/>
 				);
-			case envSubViews.UI_CUSTOMIZATION:
+			case envSubViews.FEATURES:
 				return (
-					<UICustomization
-						variables={envVariables}
-						setVariables={setEnvVariables}
-					/>
+					<Features variables={envVariables} setVariables={setEnvVariables} />
 				);
 			case envSubViews.ADMIN_SECRET:
 				return (

package-lock.json

@@ -0,0 +1,6 @@
+{
+  "name": "authorizer",
+  "lockfileVersion": 2,
+  "requires": true,
+  "packages": {}
+}

server/cli/cli.go

@@ -0,0 +1,14 @@
+package cli
+
+var (
+	// ARG_DB_URL is the cli arg variable for the database url
+	ARG_DB_URL *string
+	// ARG_DB_TYPE is the cli arg variable for the database type
+	ARG_DB_TYPE *string
+	// ARG_ENV_FILE is the cli arg variable for the env file
+	ARG_ENV_FILE *string
+	// ARG_LOG_LEVEL is the cli arg variable for the log level
+	ARG_LOG_LEVEL *string
+	// ARG_REDIS_URL is the cli arg variable for the redis url
+	ARG_REDIS_URL *string
+)

server/constants/auth_methods.go

@@ -0,0 +1,18 @@
+package constants
+
+const (
+	// AuthRecipeMethodBasicAuth is the basic_auth auth method
+	AuthRecipeMethodBasicAuth = "basic_auth"
+	// AuthRecipeMethodMagicLinkLogin is the magic_link_login auth method
+	AuthRecipeMethodMagicLinkLogin = "magic_link_login"
+	// AuthRecipeMethodGoogle is the google auth method
+	AuthRecipeMethodGoogle = "google"
+	// AuthRecipeMethodGithub is the github auth method
+	AuthRecipeMethodGithub = "github"
+	// AuthRecipeMethodFacebook is the facebook auth method
+	AuthRecipeMethodFacebook = "facebook"
+	// AuthRecipeMethodLinkedin is the linkedin auth method
+	AuthRecipeMethodLinkedIn = "linkedin"
+	// AuthRecipeMethodApple is the apple auth method
+	AuthRecipeMethodApple = "apple"
+)

server/constants/cookie.go

@@ -0,0 +1,8 @@
+package constants
+
+const (
+	// AppCookieName is the name of the cookie that is used to store the application token
+	AppCookieName = "cookie"
+	// AdminCookieName is the name of the cookie that is used to store the admin token
+	AdminCookieName = "authorizer-admin"
+)

server/constants/db_types.go

@@ -19,4 +19,10 @@ const (
 	DbTypeMariaDB = "mariadb"
 	// DbTypeCassandra is the cassandra database type
 	DbTypeCassandraDB = "cassandradb"
+	// DbTypeScyllaDB is the scylla database type
+	DbTypeScyllaDB = "scylladb"
+	// DbTypeCockroachDB is the cockroach database type
+	DbTypeCockroachDB = "cockroachdb"
+	// DbTypePlanetScaleDB is the planetscale database type
+	DbTypePlanetScaleDB = "planetscale"
 )

server/constants/env.go

@@ -3,14 +3,8 @@ package constants
 var VERSION = "0.0.1"
 
 const (
-	// Envstore identifier
-	// StringStore string store identifier
-	StringStoreIdentifier = "stringStore"
-	// BoolStore bool store identifier
-	BoolStoreIdentifier = "boolStore"
-	// SliceStore slice store identifier
-	SliceStoreIdentifier = "sliceStore"
-
+	// TestEnv is used for testing
+	TestEnv = "test"
 	// EnvKeyEnv key for env variable ENV
 	EnvKeyEnv = "ENV"
 	// EnvKeyEnvPath key for cli arg variable ENV_PATH
@@ -19,7 +13,6 @@ const (
 	EnvKeyAuthorizerURL = "AUTHORIZER_URL"
 	// EnvKeyPort key for env variable PORT
 	EnvKeyPort = "PORT"
-
 	// EnvKeyAccessTokenExpiryTime key for env variable ACCESS_TOKEN_EXPIRY_TIME
 	EnvKeyAccessTokenExpiryTime = "ACCESS_TOKEN_EXPIRY_TIME"
 	// EnvKeyAdminSecret key for env variable ADMIN_SECRET
@@ -62,34 +55,12 @@ const (
 	EnvKeyJwtPrivateKey = "JWT_PRIVATE_KEY"
 	// EnvKeyJwtPublicKey key for env variable JWT_PUBLIC_KEY
 	EnvKeyJwtPublicKey = "JWT_PUBLIC_KEY"
-	// EnvKeyAllowedOrigins key for env variable ALLOWED_ORIGINS
-	EnvKeyAllowedOrigins = "ALLOWED_ORIGINS"
 	// EnvKeyAppURL key for env variable APP_URL
 	EnvKeyAppURL = "APP_URL"
 	// EnvKeyRedisURL key for env variable REDIS_URL
 	EnvKeyRedisURL = "REDIS_URL"
-	// EnvKeyCookieName key for env variable COOKIE_NAME
-	EnvKeyCookieName = "COOKIE_NAME"
-	// EnvKeyAdminCookieName key for env variable ADMIN_COOKIE_NAME
-	EnvKeyAdminCookieName = "ADMIN_COOKIE_NAME"
 	// EnvKeyResetPasswordURL key for env variable RESET_PASSWORD_URL
 	EnvKeyResetPasswordURL = "RESET_PASSWORD_URL"
-	// EnvKeyDisableEmailVerification key for env variable DISABLE_EMAIL_VERIFICATION
-	EnvKeyDisableEmailVerification = "DISABLE_EMAIL_VERIFICATION"
-	// EnvKeyDisableBasicAuthentication key for env variable DISABLE_BASIC_AUTH
-	EnvKeyDisableBasicAuthentication = "DISABLE_BASIC_AUTHENTICATION"
-	// EnvKeyDisableMagicLinkLogin key for env variable DISABLE_MAGIC_LINK_LOGIN
-	EnvKeyDisableMagicLinkLogin = "DISABLE_MAGIC_LINK_LOGIN"
-	// EnvKeyDisableLoginPage key for env variable DISABLE_LOGIN_PAGE
-	EnvKeyDisableLoginPage = "DISABLE_LOGIN_PAGE"
-	// EnvKeyDisableSignUp key for env variable DISABLE_SIGN_UP
-	EnvKeyDisableSignUp = "DISABLE_SIGN_UP"
-	// EnvKeyRoles key for env variable ROLES
-	EnvKeyRoles = "ROLES"
-	// EnvKeyProtectedRoles key for env variable PROTECTED_ROLES
-	EnvKeyProtectedRoles = "PROTECTED_ROLES"
-	// EnvKeyDefaultRoles key for env variable DEFAULT_ROLES
-	EnvKeyDefaultRoles = "DEFAULT_ROLES"
 	// EnvKeyJwtRoleClaim key for env variable JWT_ROLE_CLAIM
 	EnvKeyJwtRoleClaim = "JWT_ROLE_CLAIM"
 	// EnvKeyGoogleClientID key for env variable GOOGLE_CLIENT_ID
@@ -104,6 +75,14 @@ const (
 	EnvKeyFacebookClientID = "FACEBOOK_CLIENT_ID"
 	// EnvKeyFacebookClientSecret key for env variable FACEBOOK_CLIENT_SECRET
 	EnvKeyFacebookClientSecret = "FACEBOOK_CLIENT_SECRET"
+	// EnvKeyLinkedinClientID key for env variable LINKEDIN_CLIENT_ID
+	EnvKeyLinkedInClientID = "LINKEDIN_CLIENT_ID"
+	// EnvKeyLinkedinClientSecret key for env variable LINKEDIN_CLIENT_SECRET
+	EnvKeyLinkedInClientSecret = "LINKEDIN_CLIENT_SECRET"
+	// EnvKeyAppleClientID key for env variable APPLE_CLIENT_ID
+	EnvKeyAppleClientID = "APPLE_CLIENT_ID"
+	// EnvKeyAppleClientSecret key for env variable APPLE_CLIENT_SECRET
+	EnvKeyAppleClientSecret = "APPLE_CLIENT_SECRET"
 	// EnvKeyOrganizationName key for env variable ORGANIZATION_NAME
 	EnvKeyOrganizationName = "ORGANIZATION_NAME"
 	// EnvKeyOrganizationLogo key for env variable ORGANIZATION_LOGO
@@ -120,6 +99,32 @@ const (
 	EnvKeyEncryptionKey = "ENCRYPTION_KEY"
 	// EnvKeyJWK key for env variable JWK
 	EnvKeyJWK = "JWK"
+
+	// Boolean variables
 	// EnvKeyIsProd key for env variable IS_PROD
 	EnvKeyIsProd = "IS_PROD"
+	// EnvKeyDisableEmailVerification key for env variable DISABLE_EMAIL_VERIFICATION
+	EnvKeyDisableEmailVerification = "DISABLE_EMAIL_VERIFICATION"
+	// EnvKeyDisableBasicAuthentication key for env variable DISABLE_BASIC_AUTH
+	EnvKeyDisableBasicAuthentication = "DISABLE_BASIC_AUTHENTICATION"
+	// EnvKeyDisableMagicLinkLogin key for env variable DISABLE_MAGIC_LINK_LOGIN
+	EnvKeyDisableMagicLinkLogin = "DISABLE_MAGIC_LINK_LOGIN"
+	// EnvKeyDisableLoginPage key for env variable DISABLE_LOGIN_PAGE
+	EnvKeyDisableLoginPage = "DISABLE_LOGIN_PAGE"
+	// EnvKeyDisableSignUp key for env variable DISABLE_SIGN_UP
+	EnvKeyDisableSignUp = "DISABLE_SIGN_UP"
+	// EnvKeyDisableRedisForEnv key for env variable DISABLE_REDIS_FOR_ENV
+	EnvKeyDisableRedisForEnv = "DISABLE_REDIS_FOR_ENV"
+	// EnvKeyDisableStrongPassword key for env variable DISABLE_STRONG_PASSWORD
+	EnvKeyDisableStrongPassword = "DISABLE_STRONG_PASSWORD"
+
+	// Slice variables
+	// EnvKeyRoles key for env variable ROLES
+	EnvKeyRoles = "ROLES"
+	// EnvKeyProtectedRoles key for env variable PROTECTED_ROLES
+	EnvKeyProtectedRoles = "PROTECTED_ROLES"
+	// EnvKeyDefaultRoles key for env variable DEFAULT_ROLES
+	EnvKeyDefaultRoles = "DEFAULT_ROLES"
+	// EnvKeyAllowedOrigins key for env variable ALLOWED_ORIGINS
+	EnvKeyAllowedOrigins = "ALLOWED_ORIGINS"
 )

server/constants/oauth_info_urls.go

@@ -8,4 +8,7 @@ const (
 	FacebookUserInfoURL = "https://graph.facebook.com/me?fields=id,first_name,last_name,name,email,picture&access_token="
 	// Ref: https://docs.github.com/en/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps#3-your-github-app-accesses-the-api-with-the-users-access-token
 	GithubUserInfoURL = "https://api.github.com/user"
+	// Ref: https://docs.microsoft.com/en-us/linkedin/shared/integrations/people/profile-api
+	LinkedInUserInfoURL = "https://api.linkedin.com/v2/me?projection=(id,localizedFirstName,localizedLastName,emailAddress,profilePicture(displayImage~:playableStreams))"
+	LinkedInEmailURL    = "https://api.linkedin.com/v2/emailAddress?q=members&projection=(elements*(handle~))"
 )

server/constants/signup_methods.go

@@ -1,14 +0,0 @@
-package constants
-
-const (
-	// SignupMethodBasicAuth is the basic_auth signup method
-	SignupMethodBasicAuth = "basic_auth"
-	// SignupMethodMagicLinkLogin is the magic_link_login signup method
-	SignupMethodMagicLinkLogin = "magic_link_login"
-	// SignupMethodGoogle is the google signup method
-	SignupMethodGoogle = "google"
-	// SignupMethodGithub is the github signup method
-	SignupMethodGithub = "github"
-	// SignupMethodFacebook is the facebook signup method
-	SignupMethodFacebook = "facebook"
-)

server/constants/token_types.go

@@ -7,4 +7,6 @@ const (
 	TokenTypeAccessToken = "access_token"
 	// TokenTypeIdentityToken is the identity_token token type
 	TokenTypeIdentityToken = "id_token"
+	// TokenTypeSessionToken is the session_token type used for browser session
+	TokenTypeSessionToken = "session_token"
 )

server/constants/webhook_event.go

@@ -0,0 +1,18 @@
+package constants
+
+const (
+
+	// UserLoginWebhookEvent name for login event
+	UserLoginWebhookEvent = `user.login`
+	// UserCreatedWebhookEvent name for user creation event
+	// This is triggered when user entry is created but still not verified
+	UserCreatedWebhookEvent = `user.created`
+	// UserSignUpWebhookEvent name for signup event
+	UserSignUpWebhookEvent = `user.signup`
+	// UserAccessRevokedWebhookEvent name for user access revoke event
+	UserAccessRevokedWebhookEvent = `user.access_revoked`
+	// UserAccessEnabledWebhookEvent name for user access enable event
+	UserAccessEnabledWebhookEvent = `user.access_enabled`
+	// UserDeletedWebhookEvent name for user deleted event
+	UserDeletedWebhookEvent = `user.deleted`
+)

server/cookie/admin_cookie.go

@@ -4,8 +4,7 @@ import (
 	"net/url"
 
 	"github.com/authorizerdev/authorizer/server/constants"
-	"github.com/authorizerdev/authorizer/server/envstore"
-	"github.com/authorizerdev/authorizer/server/utils"
+	"github.com/authorizerdev/authorizer/server/parsers"
 	"github.com/gin-gonic/gin"
 )
 
@@ -13,15 +12,14 @@ import (
 func SetAdminCookie(gc *gin.Context, token string) {
 	secure := true
 	httpOnly := true
-	hostname := utils.GetHost(gc)
-	host, _ := utils.GetHostParts(hostname)
-
-	gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), token, 3600, "/", host, secure, httpOnly)
+	hostname := parsers.GetHost(gc)
+	host, _ := parsers.GetHostParts(hostname)
+	gc.SetCookie(constants.AdminCookieName, token, 3600, "/", host, secure, httpOnly)
 }
 
 // GetAdminCookie gets the admin cookie from the request
 func GetAdminCookie(gc *gin.Context) (string, error) {
-	cookie, err := gc.Request.Cookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName))
+	cookie, err := gc.Request.Cookie(constants.AdminCookieName)
 	if err != nil {
 		return "", err
 	}
@@ -39,8 +37,7 @@ func GetAdminCookie(gc *gin.Context) (string, error) {
 func DeleteAdminCookie(gc *gin.Context) {
 	secure := true
 	httpOnly := true
-	hostname := utils.GetHost(gc)
-	host, _ := utils.GetHostParts(hostname)
-
-	gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), "", -1, "/", host, secure, httpOnly)
+	hostname := parsers.GetHost(gc)
+	host, _ := parsers.GetHostParts(hostname)
+	gc.SetCookie(constants.AdminCookieName, "", -1, "/", host, secure, httpOnly)
 }

server/cookie/cookie.go

@@ -5,8 +5,7 @@ import (
 	"net/url"
 
 	"github.com/authorizerdev/authorizer/server/constants"
-	"github.com/authorizerdev/authorizer/server/envstore"
-	"github.com/authorizerdev/authorizer/server/utils"
+	"github.com/authorizerdev/authorizer/server/parsers"
 	"github.com/gin-gonic/gin"
 )
 
@@ -14,9 +13,9 @@ import (
 func SetSession(gc *gin.Context, sessionID string) {
 	secure := true
 	httpOnly := true
-	hostname := utils.GetHost(gc)
-	host, _ := utils.GetHostParts(hostname)
-	domain := utils.GetDomainName(hostname)
+	hostname := parsers.GetHost(gc)
+	host, _ := parsers.GetHostParts(hostname)
+	domain := parsers.GetDomainName(hostname)
 	if domain != "localhost" {
 		domain = "." + domain
 	}
@@ -25,33 +24,33 @@ func SetSession(gc *gin.Context, sessionID string) {
 	year := 60 * 60 * 24 * 365
 
 	gc.SetSameSite(http.SameSiteNoneMode)
-	gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+"_session", sessionID, year, "/", host, secure, httpOnly)
-	gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+"_session_domain", sessionID, year, "/", domain, secure, httpOnly)
+	gc.SetCookie(constants.AppCookieName+"_session", sessionID, year, "/", host, secure, httpOnly)
+	gc.SetCookie(constants.AppCookieName+"_session_domain", sessionID, year, "/", domain, secure, httpOnly)
 }
 
 // DeleteSession sets session cookies to expire
 func DeleteSession(gc *gin.Context) {
 	secure := true
 	httpOnly := true
-	hostname := utils.GetHost(gc)
-	host, _ := utils.GetHostParts(hostname)
-	domain := utils.GetDomainName(hostname)
+	hostname := parsers.GetHost(gc)
+	host, _ := parsers.GetHostParts(hostname)
+	domain := parsers.GetDomainName(hostname)
 	if domain != "localhost" {
 		domain = "." + domain
 	}
 
 	gc.SetSameSite(http.SameSiteNoneMode)
-	gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+"_session", "", -1, "/", host, secure, httpOnly)
-	gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+"_session_domain", "", -1, "/", domain, secure, httpOnly)
+	gc.SetCookie(constants.AppCookieName+"_session", "", -1, "/", host, secure, httpOnly)
+	gc.SetCookie(constants.AppCookieName+"_session_domain", "", -1, "/", domain, secure, httpOnly)
 }
 
 // GetSession gets the session cookie from context
 func GetSession(gc *gin.Context) (string, error) {
 	var cookie *http.Cookie
 	var err error
-	cookie, err = gc.Request.Cookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName) + "_session")
+	cookie, err = gc.Request.Cookie(constants.AppCookieName + "_session")
 	if err != nil {
-		cookie, err = gc.Request.Cookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName) + "_session_domain")
+		cookie, err = gc.Request.Cookie(constants.AppCookieName + "_session_domain")
 		if err != nil {
 			return "", err
 		}

server/crypto/aes.go

@@ -7,14 +7,18 @@ import (
 	"io"
 
 	"github.com/authorizerdev/authorizer/server/constants"
-	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 )
 
 var bytes = []byte{35, 46, 57, 24, 85, 35, 24, 74, 87, 35, 88, 98, 66, 32, 14, 0o5}
 
 // EncryptAES method is to encrypt or hide any classified text
 func EncryptAES(text string) (string, error) {
-	key := []byte(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey))
+	k, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey)
+	if err != nil {
+		return "", err
+	}
+	key := []byte(k)
 	block, err := aes.NewCipher(key)
 	if err != nil {
 		return "", err
@@ -28,7 +32,11 @@ func EncryptAES(text string) (string, error) {
 
 // DecryptAES method is to extract back the encrypted text
 func DecryptAES(text string) (string, error) {
-	key := []byte(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey))
+	k, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey)
+	if err != nil {
+		return "", err
+	}
+	key := []byte(k)
 	block, err := aes.NewCipher(key)
 	if err != nil {
 		return "", err
@@ -46,9 +54,13 @@ func DecryptAES(text string) (string, error) {
 // EncryptAESEnv encrypts data using AES algorithm
 // kept for the backward compatibility of env data encryption
 func EncryptAESEnv(text []byte) ([]byte, error) {
-	key := []byte(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey))
-	c, err := aes.NewCipher(key)
 	var res []byte
+	k, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey)
+	if err != nil {
+		return res, err
+	}
+	key := []byte(k)
+	c, err := aes.NewCipher(key)
 	if err != nil {
 		return res, err
 	}
@@ -81,9 +93,13 @@ func EncryptAESEnv(text []byte) ([]byte, error) {
 // DecryptAES decrypts data using AES algorithm
 // Kept for the backward compatibility of env data decryption
 func DecryptAESEnv(ciphertext []byte) ([]byte, error) {
-	key := []byte(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey))
-	c, err := aes.NewCipher(key)
 	var res []byte
+	k, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey)
+	if err != nil {
+		return res, err
+	}
+	key := []byte(k)
+	c, err := aes.NewCipher(key)
 	if err != nil {
 		return res, err
 	}

server/crypto/common.go

@@ -5,7 +5,7 @@ import (
 	"encoding/json"
 
 	"github.com/authorizerdev/authorizer/server/constants"
-	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 	"golang.org/x/crypto/bcrypt"
 	"gopkg.in/square/go-jose.v2"
 )
@@ -37,20 +37,35 @@ func GetPubJWK(algo, keyID string, publicKey interface{}) (string, error) {
 // this is called while initializing app / when env is updated
 func GenerateJWKBasedOnEnv() (string, error) {
 	jwk := ""
-	algo := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtType)
-	clientID := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyClientID)
+	algo, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyJwtType)
+	if err != nil {
+		return jwk, err
+	}
+	clientID, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyClientID)
+	if err != nil {
+		return jwk, err
+	}
+
+	jwtSecret, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyJwtSecret)
+	if err != nil {
+		return jwk, err
+	}
 
-	var err error
 	// check if jwt secret is provided
 	if IsHMACA(algo) {
-		jwk, err = GetPubJWK(algo, clientID, []byte(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtSecret)))
+		jwk, err = GetPubJWK(algo, clientID, []byte(jwtSecret))
 		if err != nil {
 			return "", err
 		}
 	}
 
+	jwtPublicKey, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyJwtPublicKey)
+	if err != nil {
+		return jwk, err
+	}
+
 	if IsRSA(algo) {
-		publicKeyInstance, err := ParseRsaPublicKeyFromPemStr(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtPublicKey))
+		publicKeyInstance, err := ParseRsaPublicKeyFromPemStr(jwtPublicKey)
 		if err != nil {
 			return "", err
 		}
@@ -62,7 +77,11 @@ func GenerateJWKBasedOnEnv() (string, error) {
 	}
 
 	if IsECDSA(algo) {
-		publicKeyInstance, err := ParseEcdsaPublicKeyFromPemStr(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtPublicKey))
+		jwtPublicKey, err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyJwtPublicKey)
+		if err != nil {
+			return jwk, err
+		}
+		publicKeyInstance, err := ParseEcdsaPublicKeyFromPemStr(jwtPublicKey)
 		if err != nil {
 			return "", err
 		}
@@ -77,13 +96,16 @@ func GenerateJWKBasedOnEnv() (string, error) {
 }
 
 // EncryptEnvData is used to encrypt the env data
-func EncryptEnvData(data envstore.Store) (string, error) {
+func EncryptEnvData(data map[string]interface{}) (string, error) {
 	jsonBytes, err := json.Marshal(data)
 	if err != nil {
 		return "", err
 	}
 
-	storeData := envstore.EnvStoreObj.GetEnvStoreClone()
+	storeData, err := memorystore.Provider.GetEnvStore()
+	if err != nil {
+		return "", err
+	}
 
 	err = json.Unmarshal(jsonBytes, &storeData)
 	if err != nil {

server/db/db.go

@@ -9,7 +9,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/db/providers/cassandradb"
 	"github.com/authorizerdev/authorizer/server/db/providers/mongodb"
 	"github.com/authorizerdev/authorizer/server/db/providers/sql"
-	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 )
 
 // Provider returns the current database provider
@@ -18,13 +18,15 @@ var Provider providers.Provider
 func InitDB() error {
 	var err error
 
-	isSQL := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) != constants.DbTypeArangodb && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) != constants.DbTypeMongodb && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) != constants.DbTypeCassandraDB
-	isArangoDB := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) == constants.DbTypeArangodb
-	isMongoDB := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) == constants.DbTypeMongodb
-	isCassandra := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) == constants.DbTypeCassandraDB
+	envs := memorystore.RequiredEnvStoreObj.GetRequiredEnv()
+
+	isSQL := envs.DatabaseType != constants.DbTypeArangodb && envs.DatabaseType != constants.DbTypeMongodb && envs.DatabaseType != constants.DbTypeCassandraDB && envs.DatabaseType != constants.DbTypeScyllaDB
+	isArangoDB := envs.DatabaseType == constants.DbTypeArangodb
+	isMongoDB := envs.DatabaseType == constants.DbTypeMongodb
+	isCassandra := envs.DatabaseType == constants.DbTypeCassandraDB || envs.DatabaseType == constants.DbTypeScyllaDB
 
 	if isSQL {
-		log.Info("Initializing SQL Driver for: ", envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType))
+		log.Info("Initializing SQL Driver for: ", envs.DatabaseType)
 		Provider, err = sql.NewProvider()
 		if err != nil {
 			log.Fatal("Failed to initialize SQL driver: ", err)

server/db/models/model.go

@@ -6,6 +6,8 @@ type CollectionList struct {
 	VerificationRequest string
 	Session             string
 	Env                 string
+	Webhook             string
+	WebhookLog          string
 }
 
 var (
@@ -17,5 +19,7 @@ var (
 		VerificationRequest: Prefix + "verification_requests",
 		Session:             Prefix + "sessions",
 		Env:                 Prefix + "env",
+		Webhook:             Prefix + "webhook",
+		WebhookLog:          Prefix + "webhook_log",
 	}
 )

server/db/models/session.go

@@ -6,8 +6,7 @@ package models
 type Session struct {
 	Key       string `json:"_key,omitempty" bson:"_key,omitempty" cql:"_key,omitempty"` // for arangodb
 	ID        string `gorm:"primaryKey;type:char(36)" json:"_id" bson:"_id" cql:"id"`
-	UserID    string `gorm:"type:char(36),index:" json:"user_id" bson:"user_id" cql:"user_id"`
-	User      User   `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;" json:"-" bson:"-" cql:"-"`
+	UserID    string `gorm:"type:char(36)" json:"user_id" bson:"user_id" cql:"user_id"`
 	UserAgent string `json:"user_agent" bson:"user_agent" cql:"user_agent"`
 	IP        string `json:"ip" bson:"ip" cql:"ip"`
 	CreatedAt int64  `json:"created_at" bson:"created_at" cql:"created_at"`

server/db/models/user.go

@@ -38,9 +38,13 @@ func (user *User) AsAPIUser() *model.User {
 	email := user.Email
 	createdAt := user.CreatedAt
 	updatedAt := user.UpdatedAt
-	revokedTimestamp := user.RevokedTimestamp
+
+	id := user.ID
+	if strings.Contains(id, Collections.WebhookLog+"/") {
+		id = strings.TrimPrefix(id, Collections.WebhookLog+"/")
+	}
 	return &model.User{
-		ID:                  user.ID,
+		ID:                  id,
 		Email:               user.Email,
 		EmailVerified:       isEmailVerified,
 		SignupMethods:       user.SignupMethods,
@@ -55,7 +59,7 @@ func (user *User) AsAPIUser() *model.User {
 		PhoneNumberVerified: &isPhoneVerified,
 		Picture:             user.Picture,
 		Roles:               strings.Split(user.Roles, ","),
-		RevokedTimestamp:    revokedTimestamp,
+		RevokedTimestamp:    user.RevokedTimestamp,
 		CreatedAt:           &createdAt,
 		UpdatedAt:           &updatedAt,
 	}

server/db/models/verification_requests.go

@@ -1,6 +1,10 @@
 package models
 
-import "github.com/authorizerdev/authorizer/server/graph/model"
+import (
+	"strings"
+
+	"github.com/authorizerdev/authorizer/server/graph/model"
+)
 
 // Note: any change here should be reflected in providers/casandra/provider.go as it does not have model support in collection creation
 
@@ -27,8 +31,13 @@ func (v *VerificationRequest) AsAPIVerificationRequest() *model.VerificationRequ
 	redirectURI := v.RedirectURI
 	expires := v.ExpiresAt
 	identifier := v.Identifier
+
+	id := v.ID
+	if strings.Contains(id, Collections.WebhookLog+"/") {
+		id = strings.TrimPrefix(id, Collections.WebhookLog+"/")
+	}
 	return &model.VerificationRequest{
-		ID:          v.ID,
+		ID:          id,
 		Token:       &token,
 		Identifier:  &identifier,
 		Expires:     &expires,

server/db/models/webhook.go

@@ -0,0 +1,41 @@
+package models
+
+import (
+	"encoding/json"
+	"strings"
+
+	"github.com/authorizerdev/authorizer/server/graph/model"
+)
+
+// Note: any change here should be reflected in providers/casandra/provider.go as it does not have model support in collection creation
+
+// Webhook model for db
+type Webhook struct {
+	Key       string `json:"_key,omitempty" bson:"_key,omitempty" cql:"_key,omitempty"` // for arangodb
+	ID        string `gorm:"primaryKey;type:char(36)" json:"_id" bson:"_id" cql:"id"`
+	EventName string `gorm:"unique" json:"event_name" bson:"event_name" cql:"event_name"`
+	EndPoint  string `gorm:"type:text" json:"endpoint" bson:"endpoint" cql:"endpoint"`
+	Headers   string `gorm:"type:text" json:"headers" bson:"headers" cql:"headers"`
+	Enabled   bool   `json:"enabled" bson:"enabled" cql:"enabled"`
+	CreatedAt int64  `json:"created_at" bson:"created_at" cql:"created_at"`
+	UpdatedAt int64  `json:"updated_at" bson:"updated_at" cql:"updated_at"`
+}
+
+func (w *Webhook) AsAPIWebhook() *model.Webhook {
+	headersMap := make(map[string]interface{})
+	json.Unmarshal([]byte(w.Headers), &headersMap)
+
+	id := w.ID
+	if strings.Contains(id, Collections.Webhook+"/") {
+		id = strings.TrimPrefix(id, Collections.Webhook+"/")
+	}
+	return &model.Webhook{
+		ID:        id,
+		EventName: &w.EventName,
+		Endpoint:  &w.EndPoint,
+		Headers:   headersMap,
+		Enabled:   &w.Enabled,
+		CreatedAt: &w.CreatedAt,
+		UpdatedAt: &w.UpdatedAt,
+	}
+}

server/db/models/webhook_log.go

@@ -0,0 +1,37 @@
+package models
+
+import (
+	"strings"
+
+	"github.com/authorizerdev/authorizer/server/graph/model"
+)
+
+// Note: any change here should be reflected in providers/casandra/provider.go as it does not have model support in collection creation
+
+// WebhookLog model for db
+type WebhookLog struct {
+	Key        string `json:"_key,omitempty" bson:"_key,omitempty" cql:"_key,omitempty"` // for arangodb
+	ID         string `gorm:"primaryKey;type:char(36)" json:"_id" bson:"_id" cql:"id"`
+	HttpStatus int64  `json:"http_status" bson:"http_status" cql:"http_status"`
+	Response   string `gorm:"type:text" json:"response" bson:"response" cql:"response"`
+	Request    string `gorm:"type:text" json:"request" bson:"request" cql:"request"`
+	WebhookID  string `gorm:"type:char(36)" json:"webhook_id" bson:"webhook_id" cql:"webhook_id"`
+	CreatedAt  int64  `json:"created_at" bson:"created_at" cql:"created_at"`
+	UpdatedAt  int64  `json:"updated_at" bson:"updated_at" cql:"updated_at"`
+}
+
+func (w *WebhookLog) AsAPIWebhookLog() *model.WebhookLog {
+	id := w.ID
+	if strings.Contains(id, Collections.WebhookLog+"/") {
+		id = strings.TrimPrefix(id, Collections.WebhookLog+"/")
+	}
+	return &model.WebhookLog{
+		ID:         id,
+		HTTPStatus: &w.HttpStatus,
+		Response:   &w.Response,
+		Request:    &w.Request,
+		WebhookID:  &w.WebhookID,
+		CreatedAt:  &w.CreatedAt,
+		UpdatedAt:  &w.UpdatedAt,
+	}
+}

server/db/providers/arangodb/env.go

@@ -1,6 +1,7 @@
 package arangodb
 
 import (
+	"context"
 	"fmt"
 	"time"
 
@@ -11,15 +12,15 @@ import (
 )
 
 // AddEnv to save environment information in database
-func (p *provider) AddEnv(env models.Env) (models.Env, error) {
+func (p *provider) AddEnv(ctx context.Context, env models.Env) (models.Env, error) {
 	if env.ID == "" {
 		env.ID = uuid.New().String()
 	}
 
 	env.CreatedAt = time.Now().Unix()
 	env.UpdatedAt = time.Now().Unix()
-	configCollection, _ := p.db.Collection(nil, models.Collections.Env)
-	meta, err := configCollection.CreateDocument(arangoDriver.WithOverwrite(nil), env)
+	configCollection, _ := p.db.Collection(ctx, models.Collections.Env)
+	meta, err := configCollection.CreateDocument(arangoDriver.WithOverwrite(ctx), env)
 	if err != nil {
 		return env, err
 	}
@@ -29,10 +30,10 @@ func (p *provider) AddEnv(env models.Env) (models.Env, error) {
 }
 
 // UpdateEnv to update environment information in database
-func (p *provider) UpdateEnv(env models.Env) (models.Env, error) {
+func (p *provider) UpdateEnv(ctx context.Context, env models.Env) (models.Env, error) {
 	env.UpdatedAt = time.Now().Unix()
-	collection, _ := p.db.Collection(nil, models.Collections.Env)
-	meta, err := collection.UpdateDocument(nil, env.Key, env)
+	collection, _ := p.db.Collection(ctx, models.Collections.Env)
+	meta, err := collection.UpdateDocument(ctx, env.Key, env)
 	if err != nil {
 		return env, err
 	}
@@ -43,11 +44,11 @@ func (p *provider) UpdateEnv(env models.Env) (models.Env, error) {
 }
 
 // GetEnv to get environment information from database
-func (p *provider) GetEnv() (models.Env, error) {
+func (p *provider) GetEnv(ctx context.Context) (models.Env, error) {
 	var env models.Env
 	query := fmt.Sprintf("FOR d in %s RETURN d", models.Collections.Env)
 
-	cursor, err := p.db.Query(nil, query, nil)
+	cursor, err := p.db.Query(ctx, query, nil)
 	if err != nil {
 		return env, err
 	}
@@ -60,7 +61,7 @@ func (p *provider) GetEnv() (models.Env, error) {
 			}
 			break
 		}
-		_, err := cursor.ReadDocument(nil, &env)
+		_, err := cursor.ReadDocument(ctx, &env)
 		if err != nil {
 			return env, err
 		}

server/db/providers/arangodb/provider.go

@@ -6,9 +6,8 @@ import (
 	"github.com/arangodb/go-driver"
 	arangoDriver "github.com/arangodb/go-driver"
 	"github.com/arangodb/go-driver/http"
-	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db/models"
-	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 )
 
 type provider struct {
@@ -22,8 +21,9 @@ type provider struct {
 // NewProvider to initialize arangodb connection
 func NewProvider() (*provider, error) {
 	ctx := context.Background()
+	dbURL := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseURL
 	conn, err := http.NewConnection(http.ConnectionConfig{
-		Endpoints: []string{envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)},
+		Endpoints: []string{dbURL},
 	})
 	if err != nil {
 		return nil, err
@@ -37,16 +37,16 @@ func NewProvider() (*provider, error) {
 	}
 
 	var arangodb driver.Database
-
-	arangodb_exists, err := arangoClient.DatabaseExists(nil, envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName))
+	dbName := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseName
+	arangodb_exists, err := arangoClient.DatabaseExists(nil, dbName)
 
 	if arangodb_exists {
-		arangodb, err = arangoClient.Database(nil, envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName))
+		arangodb, err = arangoClient.Database(nil, dbName)
 		if err != nil {
 			return nil, err
 		}
 	} else {
-		arangodb, err = arangoClient.CreateDatabase(nil, envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName), nil)
+		arangodb, err = arangoClient.CreateDatabase(nil, dbName, nil)
 		if err != nil {
 			return nil, err
 		}
@@ -107,6 +107,33 @@ func NewProvider() (*provider, error) {
 		}
 	}
 
+	webhookCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.Webhook)
+	if !webhookCollectionExists {
+		_, err = arangodb.CreateCollection(ctx, models.Collections.Webhook, nil)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	webhookCollection, _ := arangodb.Collection(nil, models.Collections.Webhook)
+	webhookCollection.EnsureHashIndex(ctx, []string{"event_name"}, &arangoDriver.EnsureHashIndexOptions{
+		Unique: true,
+		Sparse: true,
+	})
+
+	webhookLogCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.WebhookLog)
+	if !webhookLogCollectionExists {
+		_, err = arangodb.CreateCollection(ctx, models.Collections.WebhookLog, nil)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	webhookLogCollection, _ := arangodb.Collection(nil, models.Collections.WebhookLog)
+	webhookLogCollection.EnsureHashIndex(ctx, []string{"webhook_id"}, &arangoDriver.EnsureHashIndexOptions{
+		Sparse: true,
+	})
+
 	return &provider{
 		db: arangodb,
 	}, err

server/db/providers/arangodb/session.go

@@ -1,7 +1,7 @@
 package arangodb
 
 import (
-	"fmt"
+	"context"
 	"time"
 
 	"github.com/authorizerdev/authorizer/server/db/models"
@@ -9,31 +9,17 @@ import (
 )
 
 // AddSession to save session information in database
-func (p *provider) AddSession(session models.Session) error {
+func (p *provider) AddSession(ctx context.Context, session models.Session) error {
 	if session.ID == "" {
 		session.ID = uuid.New().String()
 	}
 
 	session.CreatedAt = time.Now().Unix()
 	session.UpdatedAt = time.Now().Unix()
-	sessionCollection, _ := p.db.Collection(nil, models.Collections.Session)
-	_, err := sessionCollection.CreateDocument(nil, session)
+	sessionCollection, _ := p.db.Collection(ctx, models.Collections.Session)
+	_, err := sessionCollection.CreateDocument(ctx, session)
 	if err != nil {
 		return err
 	}
 	return nil
 }
-
-// DeleteSession to delete session information from database
-func (p *provider) DeleteSession(userId string) error {
-	query := fmt.Sprintf(`FOR d IN %s FILTER d.user_id == @userId REMOVE { _key: d._key } IN %s`, models.Collections.Session, models.Collections.Session)
-	bindVars := map[string]interface{}{
-		"userId": userId,
-	}
-	cursor, err := p.db.Query(nil, query, bindVars)
-	if err != nil {
-		return err
-	}
-	defer cursor.Close()
-	return nil
-}

server/db/providers/arangodb/user.go

@@ -3,32 +3,35 @@ package arangodb
 import (
 	"context"
 	"fmt"
-	"strings"
 	"time"
 
 	"github.com/arangodb/go-driver"
 	arangoDriver "github.com/arangodb/go-driver"
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db/models"
-	"github.com/authorizerdev/authorizer/server/envstore"
 	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/google/uuid"
 )
 
 // AddUser to save user information in database
-func (p *provider) AddUser(user models.User) (models.User, error) {
+func (p *provider) AddUser(ctx context.Context, user models.User) (models.User, error) {
 	if user.ID == "" {
 		user.ID = uuid.New().String()
 	}
 
 	if user.Roles == "" {
-		user.Roles = strings.Join(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",")
+		defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
+		if err != nil {
+			return user, err
+		}
+		user.Roles = defaultRoles
 	}
 
 	user.CreatedAt = time.Now().Unix()
 	user.UpdatedAt = time.Now().Unix()
-	userCollection, _ := p.db.Collection(nil, models.Collections.User)
-	meta, err := userCollection.CreateDocument(arangoDriver.WithOverwrite(nil), user)
+	userCollection, _ := p.db.Collection(ctx, models.Collections.User)
+	meta, err := userCollection.CreateDocument(arangoDriver.WithOverwrite(ctx), user)
 	if err != nil {
 		return user, err
 	}
@@ -39,10 +42,10 @@ func (p *provider) AddUser(user models.User) (models.User, error) {
 }
 
 // UpdateUser to update user information in database
-func (p *provider) UpdateUser(user models.User) (models.User, error) {
+func (p *provider) UpdateUser(ctx context.Context, user models.User) (models.User, error) {
 	user.UpdatedAt = time.Now().Unix()
-	collection, _ := p.db.Collection(nil, models.Collections.User)
-	meta, err := collection.UpdateDocument(nil, user.Key, user)
+	collection, _ := p.db.Collection(ctx, models.Collections.User)
+	meta, err := collection.UpdateDocument(ctx, user.Key, user)
 	if err != nil {
 		return user, err
 	}
@@ -53,24 +56,34 @@ func (p *provider) UpdateUser(user models.User) (models.User, error) {
 }
 
 // DeleteUser to delete user information from database
-func (p *provider) DeleteUser(user models.User) error {
-	collection, _ := p.db.Collection(nil, models.Collections.User)
-	_, err := collection.RemoveDocument(nil, user.Key)
+func (p *provider) DeleteUser(ctx context.Context, user models.User) error {
+	collection, _ := p.db.Collection(ctx, models.Collections.User)
+	_, err := collection.RemoveDocument(ctx, user.Key)
 	if err != nil {
 		return err
 	}
 
+	query := fmt.Sprintf(`FOR d IN %s FILTER d.user_id == @user_id REMOVE { _key: d._key } IN %s`, models.Collections.Session, models.Collections.Session)
+	bindVars := map[string]interface{}{
+		"user_id": user.ID,
+	}
+	cursor, err := p.db.Query(ctx, query, bindVars)
+	if err != nil {
+		return err
+	}
+	defer cursor.Close()
+
 	return nil
 }
 
 // ListUsers to get list of users from database
-func (p *provider) ListUsers(pagination model.Pagination) (*model.Users, error) {
+func (p *provider) ListUsers(ctx context.Context, pagination model.Pagination) (*model.Users, error) {
 	var users []*model.User
-	ctx := driver.WithQueryFullCount(context.Background())
+	sctx := driver.WithQueryFullCount(ctx)
 
 	query := fmt.Sprintf("FOR d in %s SORT d.created_at DESC LIMIT %d, %d RETURN d", models.Collections.User, pagination.Offset, pagination.Limit)
 
-	cursor, err := p.db.Query(ctx, query, nil)
+	cursor, err := p.db.Query(sctx, query, nil)
 	if err != nil {
 		return nil, err
 	}
@@ -81,7 +94,7 @@ func (p *provider) ListUsers(pagination model.Pagination) (*model.Users, error)
 
 	for {
 		var user models.User
-		meta, err := cursor.ReadDocument(nil, &user)
+		meta, err := cursor.ReadDocument(ctx, &user)
 
 		if arangoDriver.IsNoMoreDocuments(err) {
 			break
@@ -101,7 +114,7 @@ func (p *provider) ListUsers(pagination model.Pagination) (*model.Users, error)
 }
 
 // GetUserByEmail to get user information from database using email address
-func (p *provider) GetUserByEmail(email string) (models.User, error) {
+func (p *provider) GetUserByEmail(ctx context.Context, email string) (models.User, error) {
 	var user models.User
 
 	query := fmt.Sprintf("FOR d in %s FILTER d.email == @email RETURN d", models.Collections.User)
@@ -109,7 +122,7 @@ func (p *provider) GetUserByEmail(email string) (models.User, error) {
 		"email": email,
 	}
 
-	cursor, err := p.db.Query(nil, query, bindVars)
+	cursor, err := p.db.Query(ctx, query, bindVars)
 	if err != nil {
 		return user, err
 	}
@@ -122,7 +135,7 @@ func (p *provider) GetUserByEmail(email string) (models.User, error) {
 			}
 			break
 		}
-		_, err := cursor.ReadDocument(nil, &user)
+		_, err := cursor.ReadDocument(ctx, &user)
 		if err != nil {
 			return user, err
 		}
@@ -132,7 +145,7 @@ func (p *provider) GetUserByEmail(email string) (models.User, error) {
 }
 
 // GetUserByID to get user information from database using user ID
-func (p *provider) GetUserByID(id string) (models.User, error) {
+func (p *provider) GetUserByID(ctx context.Context, id string) (models.User, error) {
 	var user models.User
 
 	query := fmt.Sprintf("FOR d in %s FILTER d._id == @id LIMIT 1 RETURN d", models.Collections.User)
@@ -140,7 +153,7 @@ func (p *provider) GetUserByID(id string) (models.User, error) {
 		"id": id,
 	}
 
-	cursor, err := p.db.Query(nil, query, bindVars)
+	cursor, err := p.db.Query(ctx, query, bindVars)
 	if err != nil {
 		return user, err
 	}
@@ -153,7 +166,7 @@ func (p *provider) GetUserByID(id string) (models.User, error) {
 			}
 			break
 		}
-		_, err := cursor.ReadDocument(nil, &user)
+		_, err := cursor.ReadDocument(ctx, &user)
 		if err != nil {
 			return user, err
 		}

server/db/providers/arangodb/verification_requests.go

@@ -12,15 +12,15 @@ import (
 )
 
 // AddVerification to save verification request in database
-func (p *provider) AddVerificationRequest(verificationRequest models.VerificationRequest) (models.VerificationRequest, error) {
+func (p *provider) AddVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) (models.VerificationRequest, error) {
 	if verificationRequest.ID == "" {
 		verificationRequest.ID = uuid.New().String()
 	}
 
 	verificationRequest.CreatedAt = time.Now().Unix()
 	verificationRequest.UpdatedAt = time.Now().Unix()
-	verificationRequestRequestCollection, _ := p.db.Collection(nil, models.Collections.VerificationRequest)
-	meta, err := verificationRequestRequestCollection.CreateDocument(nil, verificationRequest)
+	verificationRequestRequestCollection, _ := p.db.Collection(ctx, models.Collections.VerificationRequest)
+	meta, err := verificationRequestRequestCollection.CreateDocument(ctx, verificationRequest)
 	if err != nil {
 		return verificationRequest, err
 	}
@@ -31,14 +31,14 @@ func (p *provider) AddVerificationRequest(verificationRequest models.Verificatio
 }
 
 // GetVerificationRequestByToken to get verification request from database using token
-func (p *provider) GetVerificationRequestByToken(token string) (models.VerificationRequest, error) {
+func (p *provider) GetVerificationRequestByToken(ctx context.Context, token string) (models.VerificationRequest, error) {
 	var verificationRequest models.VerificationRequest
 	query := fmt.Sprintf("FOR d in %s FILTER d.token == @token LIMIT 1 RETURN d", models.Collections.VerificationRequest)
 	bindVars := map[string]interface{}{
 		"token": token,
 	}
 
-	cursor, err := p.db.Query(nil, query, bindVars)
+	cursor, err := p.db.Query(ctx, query, bindVars)
 	if err != nil {
 		return verificationRequest, err
 	}
@@ -51,7 +51,7 @@ func (p *provider) GetVerificationRequestByToken(token string) (models.Verificat
 			}
 			break
 		}
-		_, err := cursor.ReadDocument(nil, &verificationRequest)
+		_, err := cursor.ReadDocument(ctx, &verificationRequest)
 		if err != nil {
 			return verificationRequest, err
 		}
@@ -61,7 +61,7 @@ func (p *provider) GetVerificationRequestByToken(token string) (models.Verificat
 }
 
 // GetVerificationRequestByEmail to get verification request by email from database
-func (p *provider) GetVerificationRequestByEmail(email string, identifier string) (models.VerificationRequest, error) {
+func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email string, identifier string) (models.VerificationRequest, error) {
 	var verificationRequest models.VerificationRequest
 
 	query := fmt.Sprintf("FOR d in %s FILTER d.email == @email FILTER d.identifier == @identifier LIMIT 1 RETURN d", models.Collections.VerificationRequest)
@@ -70,7 +70,7 @@ func (p *provider) GetVerificationRequestByEmail(email string, identifier string
 		"identifier": identifier,
 	}
 
-	cursor, err := p.db.Query(nil, query, bindVars)
+	cursor, err := p.db.Query(ctx, query, bindVars)
 	if err != nil {
 		return verificationRequest, err
 	}
@@ -83,7 +83,7 @@ func (p *provider) GetVerificationRequestByEmail(email string, identifier string
 			}
 			break
 		}
-		_, err := cursor.ReadDocument(nil, &verificationRequest)
+		_, err := cursor.ReadDocument(ctx, &verificationRequest)
 		if err != nil {
 			return verificationRequest, err
 		}
@@ -93,12 +93,12 @@ func (p *provider) GetVerificationRequestByEmail(email string, identifier string
 }
 
 // ListVerificationRequests to get list of verification requests from database
-func (p *provider) ListVerificationRequests(pagination model.Pagination) (*model.VerificationRequests, error) {
+func (p *provider) ListVerificationRequests(ctx context.Context, pagination model.Pagination) (*model.VerificationRequests, error) {
 	var verificationRequests []*model.VerificationRequest
-	ctx := driver.WithQueryFullCount(context.Background())
+	sctx := driver.WithQueryFullCount(ctx)
 	query := fmt.Sprintf("FOR d in %s SORT d.created_at DESC LIMIT %d, %d RETURN d", models.Collections.VerificationRequest, pagination.Offset, pagination.Limit)
 
-	cursor, err := p.db.Query(ctx, query, nil)
+	cursor, err := p.db.Query(sctx, query, nil)
 	if err != nil {
 		return nil, err
 	}
@@ -109,7 +109,7 @@ func (p *provider) ListVerificationRequests(pagination model.Pagination) (*model
 
 	for {
 		var verificationRequest models.VerificationRequest
-		meta, err := cursor.ReadDocument(nil, &verificationRequest)
+		meta, err := cursor.ReadDocument(ctx, &verificationRequest)
 
 		if driver.IsNoMoreDocuments(err) {
 			break
@@ -130,7 +130,7 @@ func (p *provider) ListVerificationRequests(pagination model.Pagination) (*model
 }
 
 // DeleteVerificationRequest to delete verification request from database
-func (p *provider) DeleteVerificationRequest(verificationRequest models.VerificationRequest) error {
+func (p *provider) DeleteVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) error {
 	collection, _ := p.db.Collection(nil, models.Collections.VerificationRequest)
 	_, err := collection.RemoveDocument(nil, verificationRequest.Key)
 	if err != nil {

server/db/providers/arangodb/webhook.go

@@ -0,0 +1,161 @@
+package arangodb
+
+import (
+	"context"
+	"fmt"
+	"time"
+
+	"github.com/arangodb/go-driver"
+	arangoDriver "github.com/arangodb/go-driver"
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/google/uuid"
+)
+
+// AddWebhook to add webhook
+func (p *provider) AddWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+	if webhook.ID == "" {
+		webhook.ID = uuid.New().String()
+	}
+
+	webhook.Key = webhook.ID
+	webhook.CreatedAt = time.Now().Unix()
+	webhook.UpdatedAt = time.Now().Unix()
+	webhookCollection, _ := p.db.Collection(ctx, models.Collections.Webhook)
+	_, err := webhookCollection.CreateDocument(ctx, webhook)
+	if err != nil {
+		return nil, err
+	}
+	return webhook.AsAPIWebhook(), nil
+}
+
+// UpdateWebhook to update webhook
+func (p *provider) UpdateWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+	webhook.UpdatedAt = time.Now().Unix()
+	webhookCollection, _ := p.db.Collection(ctx, models.Collections.Webhook)
+	meta, err := webhookCollection.UpdateDocument(ctx, webhook.Key, webhook)
+	if err != nil {
+		return nil, err
+	}
+
+	webhook.Key = meta.Key
+	webhook.ID = meta.ID.String()
+	return webhook.AsAPIWebhook(), nil
+}
+
+// ListWebhooks to list webhook
+func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination) (*model.Webhooks, error) {
+	webhooks := []*model.Webhook{}
+
+	query := fmt.Sprintf("FOR d in %s SORT d.created_at DESC LIMIT %d, %d RETURN d", models.Collections.Webhook, pagination.Offset, pagination.Limit)
+
+	sctx := driver.WithQueryFullCount(ctx)
+	cursor, err := p.db.Query(sctx, query, nil)
+	if err != nil {
+		return nil, err
+	}
+	defer cursor.Close()
+
+	paginationClone := pagination
+	paginationClone.Total = cursor.Statistics().FullCount()
+
+	for {
+		var webhook models.Webhook
+		meta, err := cursor.ReadDocument(ctx, &webhook)
+
+		if arangoDriver.IsNoMoreDocuments(err) {
+			break
+		} else if err != nil {
+			return nil, err
+		}
+
+		if meta.Key != "" {
+			webhooks = append(webhooks, webhook.AsAPIWebhook())
+		}
+	}
+
+	return &model.Webhooks{
+		Pagination: &paginationClone,
+		Webhooks:   webhooks,
+	}, nil
+}
+
+// GetWebhookByID to get webhook by id
+func (p *provider) GetWebhookByID(ctx context.Context, webhookID string) (*model.Webhook, error) {
+	var webhook models.Webhook
+	query := fmt.Sprintf("FOR d in %s FILTER d._key == @webhook_id RETURN d", models.Collections.Webhook)
+	bindVars := map[string]interface{}{
+		"webhook_id": webhookID,
+	}
+
+	cursor, err := p.db.Query(ctx, query, bindVars)
+	if err != nil {
+		return nil, err
+	}
+	defer cursor.Close()
+
+	for {
+		if !cursor.HasMore() {
+			if webhook.Key == "" {
+				return nil, fmt.Errorf("webhook not found")
+			}
+			break
+		}
+		_, err := cursor.ReadDocument(ctx, &webhook)
+		if err != nil {
+			return nil, err
+		}
+	}
+	return webhook.AsAPIWebhook(), nil
+}
+
+// GetWebhookByEventName to get webhook by event_name
+func (p *provider) GetWebhookByEventName(ctx context.Context, eventName string) (*model.Webhook, error) {
+	var webhook models.Webhook
+	query := fmt.Sprintf("FOR d in %s FILTER d.event_name == @event_name RETURN d", models.Collections.Webhook)
+	bindVars := map[string]interface{}{
+		"event_name": eventName,
+	}
+
+	cursor, err := p.db.Query(ctx, query, bindVars)
+	if err != nil {
+		return nil, err
+	}
+	defer cursor.Close()
+
+	for {
+		if !cursor.HasMore() {
+			if webhook.Key == "" {
+				return nil, fmt.Errorf("webhook not found")
+			}
+			break
+		}
+		_, err := cursor.ReadDocument(ctx, &webhook)
+		if err != nil {
+			return nil, err
+		}
+	}
+	return webhook.AsAPIWebhook(), nil
+}
+
+// DeleteWebhook to delete webhook
+func (p *provider) DeleteWebhook(ctx context.Context, webhook *model.Webhook) error {
+	webhookCollection, _ := p.db.Collection(ctx, models.Collections.Webhook)
+	_, err := webhookCollection.RemoveDocument(ctx, webhook.ID)
+	if err != nil {
+		return err
+	}
+
+	query := fmt.Sprintf("FOR d IN %s FILTER d.webhook_id == @webhook_id REMOVE { _key: d._key } IN %s", models.Collections.WebhookLog, models.Collections.WebhookLog)
+	bindVars := map[string]interface{}{
+		"webhook_id": webhook.ID,
+	}
+
+	cursor, err := p.db.Query(ctx, query, bindVars)
+	if err != nil {
+		return err
+	}
+	defer cursor.Close()
+
+	return nil
+}

server/db/providers/arangodb/webhook_log.go

@@ -0,0 +1,75 @@
+package arangodb
+
+import (
+	"context"
+	"fmt"
+	"time"
+
+	"github.com/arangodb/go-driver"
+	arangoDriver "github.com/arangodb/go-driver"
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/google/uuid"
+)
+
+// AddWebhookLog to add webhook log
+func (p *provider) AddWebhookLog(ctx context.Context, webhookLog models.WebhookLog) (*model.WebhookLog, error) {
+	if webhookLog.ID == "" {
+		webhookLog.ID = uuid.New().String()
+	}
+
+	webhookLog.Key = webhookLog.ID
+	webhookLog.CreatedAt = time.Now().Unix()
+	webhookLog.UpdatedAt = time.Now().Unix()
+	webhookLogCollection, _ := p.db.Collection(ctx, models.Collections.WebhookLog)
+	_, err := webhookLogCollection.CreateDocument(ctx, webhookLog)
+	if err != nil {
+		return nil, err
+	}
+	return webhookLog.AsAPIWebhookLog(), nil
+}
+
+// ListWebhookLogs to list webhook logs
+func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Pagination, webhookID string) (*model.WebhookLogs, error) {
+	webhookLogs := []*model.WebhookLog{}
+	bindVariables := map[string]interface{}{}
+
+	query := fmt.Sprintf("FOR d in %s SORT d.created_at DESC LIMIT %d, %d RETURN d", models.Collections.WebhookLog, pagination.Offset, pagination.Limit)
+
+	if webhookID != "" {
+		query = fmt.Sprintf("FOR d in %s FILTER d.webhook_id == @webhook_id SORT d.created_at DESC LIMIT %d, %d RETURN d", models.Collections.WebhookLog, pagination.Offset, pagination.Limit)
+		bindVariables = map[string]interface{}{
+			"webhook_id": webhookID,
+		}
+	}
+
+	sctx := driver.WithQueryFullCount(ctx)
+	cursor, err := p.db.Query(sctx, query, bindVariables)
+	if err != nil {
+		return nil, err
+	}
+	defer cursor.Close()
+
+	paginationClone := pagination
+	paginationClone.Total = cursor.Statistics().FullCount()
+
+	for {
+		var webhookLog models.WebhookLog
+		meta, err := cursor.ReadDocument(ctx, &webhookLog)
+
+		if arangoDriver.IsNoMoreDocuments(err) {
+			break
+		} else if err != nil {
+			return nil, err
+		}
+
+		if meta.Key != "" {
+			webhookLogs = append(webhookLogs, webhookLog.AsAPIWebhookLog())
+		}
+	}
+
+	return &model.WebhookLogs{
+		Pagination:  &paginationClone,
+		WebhookLogs: webhookLogs,
+	}, nil
+}

server/db/providers/cassandradb/env.go

@@ -1,6 +1,7 @@
 package cassandradb
 
 import (
+	"context"
 	"fmt"
 	"time"
 
@@ -10,7 +11,7 @@ import (
 )
 
 // AddEnv to save environment information in database
-func (p *provider) AddEnv(env models.Env) (models.Env, error) {
+func (p *provider) AddEnv(ctx context.Context, env models.Env) (models.Env, error) {
 	if env.ID == "" {
 		env.ID = uuid.New().String()
 	}
@@ -27,7 +28,7 @@ func (p *provider) AddEnv(env models.Env) (models.Env, error) {
 }
 
 // UpdateEnv to update environment information in database
-func (p *provider) UpdateEnv(env models.Env) (models.Env, error) {
+func (p *provider) UpdateEnv(ctx context.Context, env models.Env) (models.Env, error) {
 	env.UpdatedAt = time.Now().Unix()
 
 	updateEnvQuery := fmt.Sprintf("UPDATE %s SET env = '%s', updated_at = %d WHERE id = '%s'", KeySpace+"."+models.Collections.Env, env.EnvData, env.UpdatedAt, env.ID)
@@ -39,7 +40,7 @@ func (p *provider) UpdateEnv(env models.Env) (models.Env, error) {
 }
 
 // GetEnv to get environment information from database
-func (p *provider) GetEnv() (models.Env, error) {
+func (p *provider) GetEnv(ctx context.Context) (models.Env, error) {
 	var env models.Env
 
 	query := fmt.Sprintf("SELECT id, env, hash, created_at, updated_at FROM %s LIMIT 1", KeySpace+"."+models.Collections.Env)

server/db/providers/cassandradb/provider.go

@@ -5,11 +5,12 @@ import (
 	"crypto/x509"
 	"fmt"
 	"strings"
+	"time"
 
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/crypto"
 	"github.com/authorizerdev/authorizer/server/db/models"
-	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/gocql/gocql"
 	cansandraDriver "github.com/gocql/gocql"
 )
@@ -23,15 +24,21 @@ var KeySpace string
 
 // NewProvider to initialize arangodb connection
 func NewProvider() (*provider, error) {
-	dbURL := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)
+	dbURL := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseURL
 	if dbURL == "" {
-		dbURL = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseHost)
-		if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabasePort) != "" {
-			dbURL = fmt.Sprintf("%s:%s", dbURL, envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabasePort))
+		dbHost := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseHost
+		dbPort := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabasePort
+		if dbPort != "" && dbHost != "" {
+			dbURL = fmt.Sprintf("%s:%s", dbHost, dbPort)
+		} else if dbHost != "" {
+			dbURL = dbHost
 		}
 	}
 
-	KeySpace = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName)
+	KeySpace = memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseName
+	if KeySpace == "" {
+		KeySpace = constants.EnvKeyDatabaseName
+	}
 	clusterURL := []string{}
 	if strings.Contains(dbURL, ",") {
 		clusterURL = strings.Split(dbURL, ",")
@@ -39,25 +46,31 @@ func NewProvider() (*provider, error) {
 		clusterURL = append(clusterURL, dbURL)
 	}
 	cassandraClient := cansandraDriver.NewCluster(clusterURL...)
-	if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseUsername) != "" && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabasePassword) != "" {
+	dbUsername := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseUsername
+	dbPassword := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabasePassword
+
+	if dbUsername != "" && dbPassword != "" {
 		cassandraClient.Authenticator = &cansandraDriver.PasswordAuthenticator{
-			Username: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseUsername),
-			Password: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabasePassword),
+			Username: dbUsername,
+			Password: dbPassword,
 		}
 	}
 
-	if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseCert) != "" && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseCACert) != "" && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseCertKey) != "" {
-		certString, err := crypto.DecryptB64(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseCert))
+	dbCert := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseCert
+	dbCACert := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseCACert
+	dbCertKey := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseCertKey
+	if dbCert != "" && dbCACert != "" && dbCertKey != "" {
+		certString, err := crypto.DecryptB64(dbCert)
 		if err != nil {
 			return nil, err
 		}
 
-		keyString, err := crypto.DecryptB64(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseCertKey))
+		keyString, err := crypto.DecryptB64(dbCertKey)
 		if err != nil {
 			return nil, err
 		}
 
-		caString, err := crypto.DecryptB64(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseCACert))
+		caString, err := crypto.DecryptB64(dbCACert)
 		if err != nil {
 			return nil, err
 		}
@@ -84,6 +97,8 @@ func NewProvider() (*provider, error) {
 		NumRetries: 3,
 	}
 	cassandraClient.Consistency = gocql.LocalQuorum
+	cassandraClient.ConnectTimeout = 10 * time.Second
+	cassandraClient.ProtoVersion = 4
 
 	session, err := cassandraClient.CreateSession()
 	if err != nil {
@@ -128,6 +143,11 @@ func NewProvider() (*provider, error) {
 	if err != nil {
 		return nil, err
 	}
+	sessionIndexQuery := fmt.Sprintf("CREATE INDEX IF NOT EXISTS authorizer_session_user_id ON %s.%s (user_id)", KeySpace, models.Collections.Session)
+	err = session.Query(sessionIndexQuery).Exec()
+	if err != nil {
+		return nil, err
+	}
 
 	userCollectionQuery := fmt.Sprintf("CREATE TABLE IF NOT EXISTS %s.%s (id text, email text, email_verified_at bigint, password text, signup_methods text, given_name text, family_name text, middle_name text, nickname text, gender text, birthdate text, phone_number text, phone_number_verified_at bigint, picture text, roles text, updated_at bigint, created_at bigint, revoked_timestamp bigint, PRIMARY KEY (id))", KeySpace, models.Collections.User)
 	err = session.Query(userCollectionQuery).Exec()
@@ -162,6 +182,28 @@ func NewProvider() (*provider, error) {
 		return nil, err
 	}
 
+	webhookCollectionQuery := fmt.Sprintf("CREATE TABLE IF NOT EXISTS %s.%s (id text, event_name text, endpoint text, enabled boolean, headers text, updated_at bigint, created_at bigint, PRIMARY KEY (id))", KeySpace, models.Collections.Webhook)
+	err = session.Query(webhookCollectionQuery).Exec()
+	if err != nil {
+		return nil, err
+	}
+	webhookIndexQuery := fmt.Sprintf("CREATE INDEX IF NOT EXISTS authorizer_webhook_event_name ON %s.%s (event_name)", KeySpace, models.Collections.Webhook)
+	err = session.Query(webhookIndexQuery).Exec()
+	if err != nil {
+		return nil, err
+	}
+
+	webhookLogCollectionQuery := fmt.Sprintf("CREATE TABLE IF NOT EXISTS %s.%s (id text, http_status bigint, response text, request text, webhook_id text,updated_at bigint, created_at bigint, PRIMARY KEY (id))", KeySpace, models.Collections.WebhookLog)
+	err = session.Query(webhookLogCollectionQuery).Exec()
+	if err != nil {
+		return nil, err
+	}
+	webhookLogIndexQuery := fmt.Sprintf("CREATE INDEX IF NOT EXISTS authorizer_webhook_log_webhook_id ON %s.%s (webhook_id)", KeySpace, models.Collections.WebhookLog)
+	err = session.Query(webhookLogIndexQuery).Exec()
+	if err != nil {
+		return nil, err
+	}
+
 	return &provider{
 		db: session,
 	}, err

server/db/providers/cassandradb/session.go

@@ -1,6 +1,7 @@
 package cassandradb
 
 import (
+	"context"
 	"fmt"
 	"time"
 
@@ -9,7 +10,7 @@ import (
 )
 
 // AddSession to save session information in database
-func (p *provider) AddSession(session models.Session) error {
+func (p *provider) AddSession(ctx context.Context, session models.Session) error {
 	if session.ID == "" {
 		session.ID = uuid.New().String()
 	}
@@ -24,13 +25,3 @@ func (p *provider) AddSession(session models.Session) error {
 	}
 	return nil
 }
-
-// DeleteSession to delete session information from database
-func (p *provider) DeleteSession(userId string) error {
-	deleteSessionQuery := fmt.Sprintf("DELETE FROM %s WHERE user_id = '%s'", KeySpace+"."+models.Collections.Session, userId)
-	err := p.db.Query(deleteSessionQuery).Exec()
-	if err != nil {
-		return err
-	}
-	return nil
-}

server/db/providers/cassandradb/user.go

@@ -1,6 +1,7 @@
 package cassandradb
 
 import (
+	"context"
 	"encoding/json"
 	"fmt"
 	"reflect"
@@ -9,20 +10,24 @@ import (
 
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db/models"
-	"github.com/authorizerdev/authorizer/server/envstore"
 	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/gocql/gocql"
 	"github.com/google/uuid"
 )
 
 // AddUser to save user information in database
-func (p *provider) AddUser(user models.User) (models.User, error) {
+func (p *provider) AddUser(ctx context.Context, user models.User) (models.User, error) {
 	if user.ID == "" {
 		user.ID = uuid.New().String()
 	}
 
 	if user.Roles == "" {
-		user.Roles = strings.Join(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",")
+		defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
+		if err != nil {
+			return user, err
+		}
+		user.Roles = defaultRoles
 	}
 
 	user.CreatedAt = time.Now().Unix()
@@ -75,7 +80,7 @@ func (p *provider) AddUser(user models.User) (models.User, error) {
 }
 
 // UpdateUser to update user information in database
-func (p *provider) UpdateUser(user models.User) (models.User, error) {
+func (p *provider) UpdateUser(ctx context.Context, user models.User) (models.User, error) {
 	user.UpdatedAt = time.Now().Unix()
 
 	bytes, err := json.Marshal(user)
@@ -93,10 +98,11 @@ func (p *provider) UpdateUser(user models.User) (models.User, error) {
 
 	updateFields := ""
 	for key, value := range userMap {
-		if value != nil && key != "_id" {
+		if key == "_id" {
+			continue
 		}
 
-		if key == "_id" {
+		if key == "_key" {
 			continue
 		}
 
@@ -126,14 +132,36 @@ func (p *provider) UpdateUser(user models.User) (models.User, error) {
 }
 
 // DeleteUser to delete user information from database
-func (p *provider) DeleteUser(user models.User) error {
+func (p *provider) DeleteUser(ctx context.Context, user models.User) error {
 	query := fmt.Sprintf("DELETE FROM %s WHERE id = '%s'", KeySpace+"."+models.Collections.User, user.ID)
 	err := p.db.Query(query).Exec()
-	return err
+	if err != nil {
+		return err
+	}
+
+	getSessionsQuery := fmt.Sprintf("SELECT id FROM %s WHERE user_id = '%s' ALLOW FILTERING", KeySpace+"."+models.Collections.Session, user.ID)
+	scanner := p.db.Query(getSessionsQuery).Iter().Scanner()
+	sessionIDs := ""
+	for scanner.Next() {
+		var wlID string
+		err = scanner.Scan(&wlID)
+		if err != nil {
+			return err
+		}
+		sessionIDs += fmt.Sprintf("'%s',", wlID)
+	}
+	sessionIDs = strings.TrimSuffix(sessionIDs, ",")
+	deleteSessionQuery := fmt.Sprintf("DELETE FROM %s WHERE id IN (%s)", KeySpace+"."+models.Collections.Session, sessionIDs)
+	err = p.db.Query(deleteSessionQuery).Exec()
+	if err != nil {
+		return err
+	}
+
+	return nil
 }
 
 // ListUsers to get list of users from database
-func (p *provider) ListUsers(pagination model.Pagination) (*model.Users, error) {
+func (p *provider) ListUsers(ctx context.Context, pagination model.Pagination) (*model.Users, error) {
 	responseUsers := []*model.User{}
 	paginationClone := pagination
 	totalCountQuery := fmt.Sprintf(`SELECT COUNT(*) FROM %s`, KeySpace+"."+models.Collections.User)
@@ -167,9 +195,9 @@ func (p *provider) ListUsers(pagination model.Pagination) (*model.Users, error)
 }
 
 // GetUserByEmail to get user information from database using email address
-func (p *provider) GetUserByEmail(email string) (models.User, error) {
+func (p *provider) GetUserByEmail(ctx context.Context, email string) (models.User, error) {
 	var user models.User
-	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, created_at, updated_at FROM %s WHERE email = '%s' LIMIT 1", KeySpace+"."+models.Collections.User, email)
+	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, created_at, updated_at FROM %s WHERE email = '%s' LIMIT 1 ALLOW FILTERING", KeySpace+"."+models.Collections.User, email)
 	err := p.db.Query(query).Consistency(gocql.One).Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.CreatedAt, &user.UpdatedAt)
 	if err != nil {
 		return user, err
@@ -178,7 +206,7 @@ func (p *provider) GetUserByEmail(email string) (models.User, error) {
 }
 
 // GetUserByID to get user information from database using user ID
-func (p *provider) GetUserByID(id string) (models.User, error) {
+func (p *provider) GetUserByID(ctx context.Context, id string) (models.User, error) {
 	var user models.User
 	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, created_at, updated_at FROM %s WHERE id = '%s' LIMIT 1", KeySpace+"."+models.Collections.User, id)
 	err := p.db.Query(query).Consistency(gocql.One).Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.CreatedAt, &user.UpdatedAt)

server/db/providers/cassandradb/verification_requests.go

@@ -1,6 +1,7 @@
 package cassandradb
 
 import (
+	"context"
 	"fmt"
 	"time"
 
@@ -11,7 +12,7 @@ import (
 )
 
 // AddVerification to save verification request in database
-func (p *provider) AddVerificationRequest(verificationRequest models.VerificationRequest) (models.VerificationRequest, error) {
+func (p *provider) AddVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) (models.VerificationRequest, error) {
 	if verificationRequest.ID == "" {
 		verificationRequest.ID = uuid.New().String()
 	}
@@ -28,7 +29,7 @@ func (p *provider) AddVerificationRequest(verificationRequest models.Verificatio
 }
 
 // GetVerificationRequestByToken to get verification request from database using token
-func (p *provider) GetVerificationRequestByToken(token string) (models.VerificationRequest, error) {
+func (p *provider) GetVerificationRequestByToken(ctx context.Context, token string) (models.VerificationRequest, error) {
 	var verificationRequest models.VerificationRequest
 	query := fmt.Sprintf(`SELECT id, jwt_token, identifier, expires_at, email, nonce, redirect_uri, created_at, updated_at FROM %s WHERE jwt_token = '%s' LIMIT 1`, KeySpace+"."+models.Collections.VerificationRequest, token)
 
@@ -40,7 +41,7 @@ func (p *provider) GetVerificationRequestByToken(token string) (models.Verificat
 }
 
 // GetVerificationRequestByEmail to get verification request by email from database
-func (p *provider) GetVerificationRequestByEmail(email string, identifier string) (models.VerificationRequest, error) {
+func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email string, identifier string) (models.VerificationRequest, error) {
 	var verificationRequest models.VerificationRequest
 	query := fmt.Sprintf(`SELECT id, jwt_token, identifier, expires_at, email, nonce, redirect_uri, created_at, updated_at FROM %s WHERE email = '%s' AND identifier = '%s' LIMIT 1 ALLOW FILTERING`, KeySpace+"."+models.Collections.VerificationRequest, email, identifier)
 
@@ -53,7 +54,7 @@ func (p *provider) GetVerificationRequestByEmail(email string, identifier string
 }
 
 // ListVerificationRequests to get list of verification requests from database
-func (p *provider) ListVerificationRequests(pagination model.Pagination) (*model.VerificationRequests, error) {
+func (p *provider) ListVerificationRequests(ctx context.Context, pagination model.Pagination) (*model.VerificationRequests, error) {
 	var verificationRequests []*model.VerificationRequest
 
 	paginationClone := pagination
@@ -89,7 +90,7 @@ func (p *provider) ListVerificationRequests(pagination model.Pagination) (*model
 }
 
 // DeleteVerificationRequest to delete verification request from database
-func (p *provider) DeleteVerificationRequest(verificationRequest models.VerificationRequest) error {
+func (p *provider) DeleteVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) error {
 	query := fmt.Sprintf("DELETE FROM %s WHERE id = '%s'", KeySpace+"."+models.Collections.VerificationRequest, verificationRequest.ID)
 	err := p.db.Query(query).Exec()
 	if err != nil {

server/db/providers/cassandradb/webhook.go

@@ -0,0 +1,172 @@
+package cassandradb
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"reflect"
+	"strings"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/gocql/gocql"
+	"github.com/google/uuid"
+)
+
+// AddWebhook to add webhook
+func (p *provider) AddWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+	if webhook.ID == "" {
+		webhook.ID = uuid.New().String()
+	}
+
+	webhook.Key = webhook.ID
+	webhook.CreatedAt = time.Now().Unix()
+	webhook.UpdatedAt = time.Now().Unix()
+
+	existingHook, _ := p.GetWebhookByEventName(ctx, webhook.EventName)
+	if existingHook != nil {
+		return nil, fmt.Errorf("Webhook with %s event_name already exists", webhook.EventName)
+	}
+
+	insertQuery := fmt.Sprintf("INSERT INTO %s (id, event_name, endpoint, headers, enabled,  created_at, updated_at) VALUES ('%s', '%s', '%s', '%s', %t, %d, %d)", KeySpace+"."+models.Collections.Webhook, webhook.ID, webhook.EventName, webhook.EndPoint, webhook.Headers, webhook.Enabled, webhook.CreatedAt, webhook.UpdatedAt)
+	err := p.db.Query(insertQuery).Exec()
+	if err != nil {
+		return nil, err
+	}
+
+	return webhook.AsAPIWebhook(), nil
+}
+
+// UpdateWebhook to update webhook
+func (p *provider) UpdateWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+	webhook.UpdatedAt = time.Now().Unix()
+
+	bytes, err := json.Marshal(webhook)
+	if err != nil {
+		return nil, err
+	}
+	// use decoder instead of json.Unmarshall, because it converts int64 -> float64 after unmarshalling
+	decoder := json.NewDecoder(strings.NewReader(string(bytes)))
+	decoder.UseNumber()
+	webhookMap := map[string]interface{}{}
+	err = decoder.Decode(&webhookMap)
+	if err != nil {
+		return nil, err
+	}
+
+	updateFields := ""
+	for key, value := range webhookMap {
+		if key == "_id" {
+			continue
+		}
+
+		if key == "_key" {
+			continue
+		}
+
+		if value == nil {
+			updateFields += fmt.Sprintf("%s = null,", key)
+			continue
+		}
+
+		valueType := reflect.TypeOf(value)
+		if valueType.Name() == "string" {
+			updateFields += fmt.Sprintf("%s = '%s', ", key, value.(string))
+		} else {
+			updateFields += fmt.Sprintf("%s = %v, ", key, value)
+		}
+	}
+	updateFields = strings.Trim(updateFields, " ")
+	updateFields = strings.TrimSuffix(updateFields, ",")
+
+	query := fmt.Sprintf("UPDATE %s SET %s WHERE id = '%s'", KeySpace+"."+models.Collections.Webhook, updateFields, webhook.ID)
+	err = p.db.Query(query).Exec()
+	if err != nil {
+		return nil, err
+	}
+	return webhook.AsAPIWebhook(), nil
+}
+
+// ListWebhooks to list webhook
+func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination) (*model.Webhooks, error) {
+	webhooks := []*model.Webhook{}
+	paginationClone := pagination
+
+	totalCountQuery := fmt.Sprintf(`SELECT COUNT(*) FROM %s`, KeySpace+"."+models.Collections.Webhook)
+	err := p.db.Query(totalCountQuery).Consistency(gocql.One).Scan(&paginationClone.Total)
+	if err != nil {
+		return nil, err
+	}
+
+	// there is no offset in cassandra
+	// so we fetch till limit + offset
+	// and return the results from offset to limit
+	query := fmt.Sprintf("SELECT id, event_name, endpoint, headers, enabled, created_at, updated_at FROM %s LIMIT %d", KeySpace+"."+models.Collections.Webhook, pagination.Limit+pagination.Offset)
+
+	scanner := p.db.Query(query).Iter().Scanner()
+	counter := int64(0)
+	for scanner.Next() {
+		if counter >= pagination.Offset {
+			var webhook models.Webhook
+			err := scanner.Scan(&webhook.ID, &webhook.EventName, &webhook.EndPoint, &webhook.Headers, &webhook.Enabled, &webhook.CreatedAt, &webhook.UpdatedAt)
+			if err != nil {
+				return nil, err
+			}
+			webhooks = append(webhooks, webhook.AsAPIWebhook())
+		}
+		counter++
+	}
+
+	return &model.Webhooks{
+		Pagination: &paginationClone,
+		Webhooks:   webhooks,
+	}, nil
+}
+
+// GetWebhookByID to get webhook by id
+func (p *provider) GetWebhookByID(ctx context.Context, webhookID string) (*model.Webhook, error) {
+	var webhook models.Webhook
+	query := fmt.Sprintf(`SELECT id, event_name, endpoint, headers, enabled, created_at, updated_at FROM %s WHERE id = '%s' LIMIT 1`, KeySpace+"."+models.Collections.Webhook, webhookID)
+	err := p.db.Query(query).Consistency(gocql.One).Scan(&webhook.ID, &webhook.EventName, &webhook.EndPoint, &webhook.Headers, &webhook.Enabled, &webhook.CreatedAt, &webhook.UpdatedAt)
+	if err != nil {
+		return nil, err
+	}
+	return webhook.AsAPIWebhook(), nil
+}
+
+// GetWebhookByEventName to get webhook by event_name
+func (p *provider) GetWebhookByEventName(ctx context.Context, eventName string) (*model.Webhook, error) {
+	var webhook models.Webhook
+	query := fmt.Sprintf(`SELECT id, event_name, endpoint, headers, enabled, created_at, updated_at FROM %s WHERE event_name = '%s' LIMIT 1 ALLOW FILTERING`, KeySpace+"."+models.Collections.Webhook, eventName)
+	err := p.db.Query(query).Consistency(gocql.One).Scan(&webhook.ID, &webhook.EventName, &webhook.EndPoint, &webhook.Headers, &webhook.Enabled, &webhook.CreatedAt, &webhook.UpdatedAt)
+	if err != nil {
+		return nil, err
+	}
+	return webhook.AsAPIWebhook(), nil
+}
+
+// DeleteWebhook to delete webhook
+func (p *provider) DeleteWebhook(ctx context.Context, webhook *model.Webhook) error {
+	query := fmt.Sprintf("DELETE FROM %s WHERE id = '%s'", KeySpace+"."+models.Collections.Webhook, webhook.ID)
+	err := p.db.Query(query).Exec()
+	if err != nil {
+		return err
+	}
+
+	getWebhookLogQuery := fmt.Sprintf("SELECT id FROM %s WHERE webhook_id = '%s' ALLOW FILTERING", KeySpace+"."+models.Collections.WebhookLog, webhook.ID)
+	scanner := p.db.Query(getWebhookLogQuery).Iter().Scanner()
+	webhookLogIDs := ""
+	for scanner.Next() {
+		var wlID string
+		err = scanner.Scan(&wlID)
+		if err != nil {
+			return err
+		}
+		webhookLogIDs += fmt.Sprintf("'%s',", wlID)
+	}
+	webhookLogIDs = strings.TrimSuffix(webhookLogIDs, ",")
+	query = fmt.Sprintf("DELETE FROM %s WHERE id IN (%s)", KeySpace+"."+models.Collections.WebhookLog, webhookLogIDs)
+	err = p.db.Query(query).Exec()
+	return err
+}

server/db/providers/cassandradb/webhook_log.go

@@ -0,0 +1,70 @@
+package cassandradb
+
+import (
+	"context"
+	"fmt"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/gocql/gocql"
+	"github.com/google/uuid"
+)
+
+// AddWebhookLog to add webhook log
+func (p *provider) AddWebhookLog(ctx context.Context, webhookLog models.WebhookLog) (*model.WebhookLog, error) {
+	if webhookLog.ID == "" {
+		webhookLog.ID = uuid.New().String()
+	}
+
+	webhookLog.Key = webhookLog.ID
+	webhookLog.CreatedAt = time.Now().Unix()
+	webhookLog.UpdatedAt = time.Now().Unix()
+
+	insertQuery := fmt.Sprintf("INSERT INTO %s (id, http_status, response, request, webhook_id, created_at, updated_at) VALUES ('%s', %d,'%s', '%s', '%s', %d, %d)", KeySpace+"."+models.Collections.WebhookLog, webhookLog.ID, webhookLog.HttpStatus, webhookLog.Response, webhookLog.Request, webhookLog.WebhookID, webhookLog.CreatedAt, webhookLog.UpdatedAt)
+	err := p.db.Query(insertQuery).Exec()
+	if err != nil {
+		return nil, err
+	}
+	return webhookLog.AsAPIWebhookLog(), nil
+}
+
+// ListWebhookLogs to list webhook logs
+func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Pagination, webhookID string) (*model.WebhookLogs, error) {
+	webhookLogs := []*model.WebhookLog{}
+	paginationClone := pagination
+	totalCountQuery := fmt.Sprintf(`SELECT COUNT(*) FROM %s`, KeySpace+"."+models.Collections.WebhookLog)
+	// there is no offset in cassandra
+	// so we fetch till limit + offset
+	// and return the results from offset to limit
+	query := fmt.Sprintf("SELECT id, http_status, response, request, webhook_id, created_at, updated_at FROM %s LIMIT %d", KeySpace+"."+models.Collections.WebhookLog, pagination.Limit+pagination.Offset)
+
+	if webhookID != "" {
+		totalCountQuery = fmt.Sprintf(`SELECT COUNT(*) FROM %s WHERE webhook_id='%s' ALLOW FILTERING`, KeySpace+"."+models.Collections.WebhookLog, webhookID)
+		query = fmt.Sprintf("SELECT id, http_status, response, request, webhook_id, created_at, updated_at FROM %s WHERE webhook_id = '%s' LIMIT %d ALLOW FILTERING", KeySpace+"."+models.Collections.WebhookLog, webhookID, pagination.Limit+pagination.Offset)
+	}
+
+	err := p.db.Query(totalCountQuery).Consistency(gocql.One).Scan(&paginationClone.Total)
+	if err != nil {
+		return nil, err
+	}
+
+	scanner := p.db.Query(query).Iter().Scanner()
+	counter := int64(0)
+	for scanner.Next() {
+		if counter >= pagination.Offset {
+			var webhookLog models.WebhookLog
+			err := scanner.Scan(&webhookLog.ID, &webhookLog.HttpStatus, &webhookLog.Response, &webhookLog.Request, &webhookLog.WebhookID, &webhookLog.CreatedAt, &webhookLog.UpdatedAt)
+			if err != nil {
+				return nil, err
+			}
+			webhookLogs = append(webhookLogs, webhookLog.AsAPIWebhookLog())
+		}
+		counter++
+	}
+
+	return &model.WebhookLogs{
+		Pagination:  &paginationClone,
+		WebhookLogs: webhookLogs,
+	}, nil
+}

server/db/providers/mongodb/env.go

@@ -1,6 +1,7 @@
 package mongodb
 
 import (
+	"context"
 	"fmt"
 	"time"
 
@@ -11,7 +12,7 @@ import (
 )
 
 // AddEnv to save environment information in database
-func (p *provider) AddEnv(env models.Env) (models.Env, error) {
+func (p *provider) AddEnv(ctx context.Context, env models.Env) (models.Env, error) {
 	if env.ID == "" {
 		env.ID = uuid.New().String()
 	}
@@ -20,7 +21,7 @@ func (p *provider) AddEnv(env models.Env) (models.Env, error) {
 	env.UpdatedAt = time.Now().Unix()
 	env.Key = env.ID
 	configCollection := p.db.Collection(models.Collections.Env, options.Collection())
-	_, err := configCollection.InsertOne(nil, env)
+	_, err := configCollection.InsertOne(ctx, env)
 	if err != nil {
 		return env, err
 	}
@@ -28,10 +29,10 @@ func (p *provider) AddEnv(env models.Env) (models.Env, error) {
 }
 
 // UpdateEnv to update environment information in database
-func (p *provider) UpdateEnv(env models.Env) (models.Env, error) {
+func (p *provider) UpdateEnv(ctx context.Context, env models.Env) (models.Env, error) {
 	env.UpdatedAt = time.Now().Unix()
 	configCollection := p.db.Collection(models.Collections.Env, options.Collection())
-	_, err := configCollection.UpdateOne(nil, bson.M{"_id": bson.M{"$eq": env.ID}}, bson.M{"$set": env}, options.MergeUpdateOptions())
+	_, err := configCollection.UpdateOne(ctx, bson.M{"_id": bson.M{"$eq": env.ID}}, bson.M{"$set": env}, options.MergeUpdateOptions())
 	if err != nil {
 		return env, err
 	}
@@ -39,14 +40,14 @@ func (p *provider) UpdateEnv(env models.Env) (models.Env, error) {
 }
 
 // GetEnv to get environment information from database
-func (p *provider) GetEnv() (models.Env, error) {
+func (p *provider) GetEnv(ctx context.Context) (models.Env, error) {
 	var env models.Env
 	configCollection := p.db.Collection(models.Collections.Env, options.Collection())
-	cursor, err := configCollection.Find(nil, bson.M{}, options.Find())
+	cursor, err := configCollection.Find(ctx, bson.M{}, options.Find())
 	if err != nil {
 		return env, err
 	}
-	defer cursor.Close(nil)
+	defer cursor.Close(ctx)
 
 	for cursor.Next(nil) {
 		err := cursor.Decode(&env)

server/db/providers/mongodb/provider.go

@@ -4,9 +4,8 @@ import (
 	"context"
 	"time"
 
-	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db/models"
-	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 	"go.mongodb.org/mongo-driver/bson"
 	"go.mongodb.org/mongo-driver/mongo"
 	"go.mongodb.org/mongo-driver/mongo/options"
@@ -19,7 +18,8 @@ type provider struct {
 
 // NewProvider to initialize mongodb connection
 func NewProvider() (*provider, error) {
-	mongodbOptions := options.Client().ApplyURI(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL))
+	dbURL := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseURL
+	mongodbOptions := options.Client().ApplyURI(dbURL)
 	maxWait := time.Duration(5 * time.Second)
 	mongodbOptions.ConnectTimeout = &maxWait
 	mongoClient, err := mongo.NewClient(mongodbOptions)
@@ -37,18 +37,19 @@ func NewProvider() (*provider, error) {
 		return nil, err
 	}
 
-	mongodb := mongoClient.Database(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName), options.Database())
+	dbName := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseName
+	mongodb := mongoClient.Database(dbName, options.Database())
 
 	mongodb.CreateCollection(ctx, models.Collections.User, options.CreateCollection())
 	userCollection := mongodb.Collection(models.Collections.User, options.Collection())
 	userCollection.Indexes().CreateMany(ctx, []mongo.IndexModel{
-		mongo.IndexModel{
+		{
 			Keys:    bson.M{"email": 1},
 			Options: options.Index().SetUnique(true).SetSparse(true),
 		},
 	}, options.CreateIndexes())
 	userCollection.Indexes().CreateMany(ctx, []mongo.IndexModel{
-		mongo.IndexModel{
+		{
 			Keys: bson.M{"phone_number": 1},
 			Options: options.Index().SetUnique(true).SetSparse(true).SetPartialFilterExpression(map[string]interface{}{
 				"phone_number": map[string]string{"$type": "string"},
@@ -59,13 +60,13 @@ func NewProvider() (*provider, error) {
 	mongodb.CreateCollection(ctx, models.Collections.VerificationRequest, options.CreateCollection())
 	verificationRequestCollection := mongodb.Collection(models.Collections.VerificationRequest, options.Collection())
 	verificationRequestCollection.Indexes().CreateMany(ctx, []mongo.IndexModel{
-		mongo.IndexModel{
+		{
 			Keys:    bson.M{"email": 1, "identifier": 1},
 			Options: options.Index().SetUnique(true).SetSparse(true),
 		},
 	}, options.CreateIndexes())
 	verificationRequestCollection.Indexes().CreateMany(ctx, []mongo.IndexModel{
-		mongo.IndexModel{
+		{
 			Keys:    bson.M{"token": 1},
 			Options: options.Index().SetSparse(true),
 		},
@@ -74,7 +75,7 @@ func NewProvider() (*provider, error) {
 	mongodb.CreateCollection(ctx, models.Collections.Session, options.CreateCollection())
 	sessionCollection := mongodb.Collection(models.Collections.Session, options.Collection())
 	sessionCollection.Indexes().CreateMany(ctx, []mongo.IndexModel{
-		mongo.IndexModel{
+		{
 			Keys:    bson.M{"user_id": 1},
 			Options: options.Index().SetSparse(true),
 		},
@@ -82,6 +83,24 @@ func NewProvider() (*provider, error) {
 
 	mongodb.CreateCollection(ctx, models.Collections.Env, options.CreateCollection())
 
+	mongodb.CreateCollection(ctx, models.Collections.Webhook, options.CreateCollection())
+	webhookCollection := mongodb.Collection(models.Collections.Webhook, options.Collection())
+	webhookCollection.Indexes().CreateMany(ctx, []mongo.IndexModel{
+		{
+			Keys:    bson.M{"event_name": 1},
+			Options: options.Index().SetUnique(true).SetSparse(true),
+		},
+	}, options.CreateIndexes())
+
+	mongodb.CreateCollection(ctx, models.Collections.WebhookLog, options.CreateCollection())
+	webhookLogCollection := mongodb.Collection(models.Collections.WebhookLog, options.Collection())
+	webhookLogCollection.Indexes().CreateMany(ctx, []mongo.IndexModel{
+		{
+			Keys:    bson.M{"webhook_id": 1},
+			Options: options.Index().SetSparse(true),
+		},
+	}, options.CreateIndexes())
+
 	return &provider{
 		db: mongodb,
 	}, nil

server/db/providers/mongodb/session.go

@@ -1,16 +1,16 @@
 package mongodb
 
 import (
+	"context"
 	"time"
 
 	"github.com/authorizerdev/authorizer/server/db/models"
 	"github.com/google/uuid"
-	"go.mongodb.org/mongo-driver/bson"
 	"go.mongodb.org/mongo-driver/mongo/options"
 )
 
 // AddSession to save session information in database
-func (p *provider) AddSession(session models.Session) error {
+func (p *provider) AddSession(ctx context.Context, session models.Session) error {
 	if session.ID == "" {
 		session.ID = uuid.New().String()
 	}
@@ -19,17 +19,7 @@ func (p *provider) AddSession(session models.Session) error {
 	session.CreatedAt = time.Now().Unix()
 	session.UpdatedAt = time.Now().Unix()
 	sessionCollection := p.db.Collection(models.Collections.Session, options.Collection())
-	_, err := sessionCollection.InsertOne(nil, session)
-	if err != nil {
-		return err
-	}
-	return nil
-}
-
-// DeleteSession to delete session information from database
-func (p *provider) DeleteSession(userId string) error {
-	sessionCollection := p.db.Collection(models.Collections.Session, options.Collection())
-	_, err := sessionCollection.DeleteMany(nil, bson.M{"user_id": userId}, options.Delete())
+	_, err := sessionCollection.InsertOne(ctx, session)
 	if err != nil {
 		return err
 	}

server/db/providers/mongodb/user.go

@@ -1,32 +1,36 @@
 package mongodb
 
 import (
-	"strings"
+	"context"
 	"time"
 
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db/models"
-	"github.com/authorizerdev/authorizer/server/envstore"
 	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/google/uuid"
 	"go.mongodb.org/mongo-driver/bson"
 	"go.mongodb.org/mongo-driver/mongo/options"
 )
 
 // AddUser to save user information in database
-func (p *provider) AddUser(user models.User) (models.User, error) {
+func (p *provider) AddUser(ctx context.Context, user models.User) (models.User, error) {
 	if user.ID == "" {
 		user.ID = uuid.New().String()
 	}
 
 	if user.Roles == "" {
-		user.Roles = strings.Join(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",")
+		defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
+		if err != nil {
+			return user, err
+		}
+		user.Roles = defaultRoles
 	}
 	user.CreatedAt = time.Now().Unix()
 	user.UpdatedAt = time.Now().Unix()
 	user.Key = user.ID
 	userCollection := p.db.Collection(models.Collections.User, options.Collection())
-	_, err := userCollection.InsertOne(nil, user)
+	_, err := userCollection.InsertOne(ctx, user)
 	if err != nil {
 		return user, err
 	}
@@ -35,10 +39,10 @@ func (p *provider) AddUser(user models.User) (models.User, error) {
 }
 
 // UpdateUser to update user information in database
-func (p *provider) UpdateUser(user models.User) (models.User, error) {
+func (p *provider) UpdateUser(ctx context.Context, user models.User) (models.User, error) {
 	user.UpdatedAt = time.Now().Unix()
 	userCollection := p.db.Collection(models.Collections.User, options.Collection())
-	_, err := userCollection.UpdateOne(nil, bson.M{"_id": bson.M{"$eq": user.ID}}, bson.M{"$set": user}, options.MergeUpdateOptions())
+	_, err := userCollection.UpdateOne(ctx, bson.M{"_id": bson.M{"$eq": user.ID}}, bson.M{"$set": user}, options.MergeUpdateOptions())
 	if err != nil {
 		return user, err
 	}
@@ -46,9 +50,15 @@ func (p *provider) UpdateUser(user models.User) (models.User, error) {
 }
 
 // DeleteUser to delete user information from database
-func (p *provider) DeleteUser(user models.User) error {
+func (p *provider) DeleteUser(ctx context.Context, user models.User) error {
 	userCollection := p.db.Collection(models.Collections.User, options.Collection())
-	_, err := userCollection.DeleteOne(nil, bson.M{"_id": user.ID}, options.Delete())
+	_, err := userCollection.DeleteOne(ctx, bson.M{"_id": user.ID}, options.Delete())
+	if err != nil {
+		return err
+	}
+
+	sessionCollection := p.db.Collection(models.Collections.Session, options.Collection())
+	_, err = sessionCollection.DeleteMany(ctx, bson.M{"user_id": user.ID}, options.Delete())
 	if err != nil {
 		return err
 	}
@@ -57,7 +67,7 @@ func (p *provider) DeleteUser(user models.User) error {
 }
 
 // ListUsers to get list of users from database
-func (p *provider) ListUsers(pagination model.Pagination) (*model.Users, error) {
+func (p *provider) ListUsers(ctx context.Context, pagination model.Pagination) (*model.Users, error) {
 	var users []*model.User
 	opts := options.Find()
 	opts.SetLimit(pagination.Limit)
@@ -65,23 +75,22 @@ func (p *provider) ListUsers(pagination model.Pagination) (*model.Users, error)
 	opts.SetSort(bson.M{"created_at": -1})
 
 	paginationClone := pagination
-	// TODO add pagination total
 
 	userCollection := p.db.Collection(models.Collections.User, options.Collection())
-	count, err := userCollection.CountDocuments(nil, bson.M{}, options.Count())
+	count, err := userCollection.CountDocuments(ctx, bson.M{}, options.Count())
 	if err != nil {
 		return nil, err
 	}
 
 	paginationClone.Total = count
 
-	cursor, err := userCollection.Find(nil, bson.M{}, opts)
+	cursor, err := userCollection.Find(ctx, bson.M{}, opts)
 	if err != nil {
 		return nil, err
 	}
-	defer cursor.Close(nil)
+	defer cursor.Close(ctx)
 
-	for cursor.Next(nil) {
+	for cursor.Next(ctx) {
 		var user models.User
 		err := cursor.Decode(&user)
 		if err != nil {
@@ -97,10 +106,10 @@ func (p *provider) ListUsers(pagination model.Pagination) (*model.Users, error)
 }
 
 // GetUserByEmail to get user information from database using email address
-func (p *provider) GetUserByEmail(email string) (models.User, error) {
+func (p *provider) GetUserByEmail(ctx context.Context, email string) (models.User, error) {
 	var user models.User
 	userCollection := p.db.Collection(models.Collections.User, options.Collection())
-	err := userCollection.FindOne(nil, bson.M{"email": email}).Decode(&user)
+	err := userCollection.FindOne(ctx, bson.M{"email": email}).Decode(&user)
 	if err != nil {
 		return user, err
 	}
@@ -109,11 +118,11 @@ func (p *provider) GetUserByEmail(email string) (models.User, error) {
 }
 
 // GetUserByID to get user information from database using user ID
-func (p *provider) GetUserByID(id string) (models.User, error) {
+func (p *provider) GetUserByID(ctx context.Context, id string) (models.User, error) {
 	var user models.User
 
 	userCollection := p.db.Collection(models.Collections.User, options.Collection())
-	err := userCollection.FindOne(nil, bson.M{"_id": id}).Decode(&user)
+	err := userCollection.FindOne(ctx, bson.M{"_id": id}).Decode(&user)
 	if err != nil {
 		return user, err
 	}

server/db/providers/mongodb/verification_requests.go

@@ -1,6 +1,7 @@
 package mongodb
 
 import (
+	"context"
 	"time"
 
 	"github.com/authorizerdev/authorizer/server/db/models"
@@ -11,7 +12,7 @@ import (
 )
 
 // AddVerification to save verification request in database
-func (p *provider) AddVerificationRequest(verificationRequest models.VerificationRequest) (models.VerificationRequest, error) {
+func (p *provider) AddVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) (models.VerificationRequest, error) {
 	if verificationRequest.ID == "" {
 		verificationRequest.ID = uuid.New().String()
 
@@ -19,7 +20,7 @@ func (p *provider) AddVerificationRequest(verificationRequest models.Verificatio
 		verificationRequest.UpdatedAt = time.Now().Unix()
 		verificationRequest.Key = verificationRequest.ID
 		verificationRequestCollection := p.db.Collection(models.Collections.VerificationRequest, options.Collection())
-		_, err := verificationRequestCollection.InsertOne(nil, verificationRequest)
+		_, err := verificationRequestCollection.InsertOne(ctx, verificationRequest)
 		if err != nil {
 			return verificationRequest, err
 		}
@@ -29,11 +30,11 @@ func (p *provider) AddVerificationRequest(verificationRequest models.Verificatio
 }
 
 // GetVerificationRequestByToken to get verification request from database using token
-func (p *provider) GetVerificationRequestByToken(token string) (models.VerificationRequest, error) {
+func (p *provider) GetVerificationRequestByToken(ctx context.Context, token string) (models.VerificationRequest, error) {
 	var verificationRequest models.VerificationRequest
 
 	verificationRequestCollection := p.db.Collection(models.Collections.VerificationRequest, options.Collection())
-	err := verificationRequestCollection.FindOne(nil, bson.M{"token": token}).Decode(&verificationRequest)
+	err := verificationRequestCollection.FindOne(ctx, bson.M{"token": token}).Decode(&verificationRequest)
 	if err != nil {
 		return verificationRequest, err
 	}
@@ -42,11 +43,11 @@ func (p *provider) GetVerificationRequestByToken(token string) (models.Verificat
 }
 
 // GetVerificationRequestByEmail to get verification request by email from database
-func (p *provider) GetVerificationRequestByEmail(email string, identifier string) (models.VerificationRequest, error) {
+func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email string, identifier string) (models.VerificationRequest, error) {
 	var verificationRequest models.VerificationRequest
 
 	verificationRequestCollection := p.db.Collection(models.Collections.VerificationRequest, options.Collection())
-	err := verificationRequestCollection.FindOne(nil, bson.M{"email": email, "identifier": identifier}).Decode(&verificationRequest)
+	err := verificationRequestCollection.FindOne(ctx, bson.M{"email": email, "identifier": identifier}).Decode(&verificationRequest)
 	if err != nil {
 		return verificationRequest, err
 	}
@@ -55,7 +56,7 @@ func (p *provider) GetVerificationRequestByEmail(email string, identifier string
 }
 
 // ListVerificationRequests to get list of verification requests from database
-func (p *provider) ListVerificationRequests(pagination model.Pagination) (*model.VerificationRequests, error) {
+func (p *provider) ListVerificationRequests(ctx context.Context, pagination model.Pagination) (*model.VerificationRequests, error) {
 	var verificationRequests []*model.VerificationRequest
 
 	opts := options.Find()
@@ -65,17 +66,17 @@ func (p *provider) ListVerificationRequests(pagination model.Pagination) (*model
 
 	verificationRequestCollection := p.db.Collection(models.Collections.VerificationRequest, options.Collection())
 
-	verificationRequestCollectionCount, err := verificationRequestCollection.CountDocuments(nil, bson.M{})
+	verificationRequestCollectionCount, err := verificationRequestCollection.CountDocuments(ctx, bson.M{})
 	paginationClone := pagination
 	paginationClone.Total = verificationRequestCollectionCount
 
-	cursor, err := verificationRequestCollection.Find(nil, bson.M{}, opts)
+	cursor, err := verificationRequestCollection.Find(ctx, bson.M{}, opts)
 	if err != nil {
 		return nil, err
 	}
-	defer cursor.Close(nil)
+	defer cursor.Close(ctx)
 
-	for cursor.Next(nil) {
+	for cursor.Next(ctx) {
 		var verificationRequest models.VerificationRequest
 		err := cursor.Decode(&verificationRequest)
 		if err != nil {
@@ -91,9 +92,9 @@ func (p *provider) ListVerificationRequests(pagination model.Pagination) (*model
 }
 
 // DeleteVerificationRequest to delete verification request from database
-func (p *provider) DeleteVerificationRequest(verificationRequest models.VerificationRequest) error {
+func (p *provider) DeleteVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) error {
 	verificationRequestCollection := p.db.Collection(models.Collections.VerificationRequest, options.Collection())
-	_, err := verificationRequestCollection.DeleteOne(nil, bson.M{"_id": verificationRequest.ID}, options.Delete())
+	_, err := verificationRequestCollection.DeleteOne(ctx, bson.M{"_id": verificationRequest.ID}, options.Delete())
 	if err != nil {
 		return err
 	}

server/db/providers/mongodb/webhook.go

@@ -0,0 +1,120 @@
+package mongodb
+
+import (
+	"context"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/google/uuid"
+	"go.mongodb.org/mongo-driver/bson"
+	"go.mongodb.org/mongo-driver/mongo/options"
+)
+
+// AddWebhook to add webhook
+func (p *provider) AddWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+	if webhook.ID == "" {
+		webhook.ID = uuid.New().String()
+	}
+
+	webhook.Key = webhook.ID
+	webhook.CreatedAt = time.Now().Unix()
+	webhook.UpdatedAt = time.Now().Unix()
+
+	webhookCollection := p.db.Collection(models.Collections.Webhook, options.Collection())
+	_, err := webhookCollection.InsertOne(ctx, webhook)
+	if err != nil {
+		return nil, err
+	}
+	return webhook.AsAPIWebhook(), nil
+}
+
+// UpdateWebhook to update webhook
+func (p *provider) UpdateWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+	webhook.UpdatedAt = time.Now().Unix()
+	webhookCollection := p.db.Collection(models.Collections.Webhook, options.Collection())
+	_, err := webhookCollection.UpdateOne(ctx, bson.M{"_id": bson.M{"$eq": webhook.ID}}, bson.M{"$set": webhook}, options.MergeUpdateOptions())
+	if err != nil {
+		return nil, err
+	}
+
+	return webhook.AsAPIWebhook(), nil
+}
+
+// ListWebhooks to list webhook
+func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination) (*model.Webhooks, error) {
+	var webhooks []*model.Webhook
+	opts := options.Find()
+	opts.SetLimit(pagination.Limit)
+	opts.SetSkip(pagination.Offset)
+	opts.SetSort(bson.M{"created_at": -1})
+
+	paginationClone := pagination
+
+	webhookCollection := p.db.Collection(models.Collections.Webhook, options.Collection())
+	count, err := webhookCollection.CountDocuments(ctx, bson.M{}, options.Count())
+	if err != nil {
+		return nil, err
+	}
+
+	paginationClone.Total = count
+
+	cursor, err := webhookCollection.Find(ctx, bson.M{}, opts)
+	if err != nil {
+		return nil, err
+	}
+	defer cursor.Close(ctx)
+
+	for cursor.Next(ctx) {
+		var webhook models.Webhook
+		err := cursor.Decode(&webhook)
+		if err != nil {
+			return nil, err
+		}
+		webhooks = append(webhooks, webhook.AsAPIWebhook())
+	}
+
+	return &model.Webhooks{
+		Pagination: &paginationClone,
+		Webhooks:   webhooks,
+	}, nil
+}
+
+// GetWebhookByID to get webhook by id
+func (p *provider) GetWebhookByID(ctx context.Context, webhookID string) (*model.Webhook, error) {
+	var webhook models.Webhook
+	webhookCollection := p.db.Collection(models.Collections.Webhook, options.Collection())
+	err := webhookCollection.FindOne(ctx, bson.M{"_id": webhookID}).Decode(&webhook)
+	if err != nil {
+		return nil, err
+	}
+	return webhook.AsAPIWebhook(), nil
+}
+
+// GetWebhookByEventName to get webhook by event_name
+func (p *provider) GetWebhookByEventName(ctx context.Context, eventName string) (*model.Webhook, error) {
+	var webhook models.Webhook
+	webhookCollection := p.db.Collection(models.Collections.Webhook, options.Collection())
+	err := webhookCollection.FindOne(ctx, bson.M{"event_name": eventName}).Decode(&webhook)
+	if err != nil {
+		return nil, err
+	}
+	return webhook.AsAPIWebhook(), nil
+}
+
+// DeleteWebhook to delete webhook
+func (p *provider) DeleteWebhook(ctx context.Context, webhook *model.Webhook) error {
+	webhookCollection := p.db.Collection(models.Collections.Webhook, options.Collection())
+	_, err := webhookCollection.DeleteOne(nil, bson.M{"_id": webhook.ID}, options.Delete())
+	if err != nil {
+		return err
+	}
+
+	webhookLogCollection := p.db.Collection(models.Collections.WebhookLog, options.Collection())
+	_, err = webhookLogCollection.DeleteMany(nil, bson.M{"webhook_id": webhook.ID}, options.Delete())
+	if err != nil {
+		return err
+	}
+
+	return nil
+}

server/db/providers/mongodb/webhook_log.go

@@ -0,0 +1,74 @@
+package mongodb
+
+import (
+	"context"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/google/uuid"
+	"go.mongodb.org/mongo-driver/bson"
+	"go.mongodb.org/mongo-driver/mongo/options"
+)
+
+// AddWebhookLog to add webhook log
+func (p *provider) AddWebhookLog(ctx context.Context, webhookLog models.WebhookLog) (*model.WebhookLog, error) {
+	if webhookLog.ID == "" {
+		webhookLog.ID = uuid.New().String()
+	}
+
+	webhookLog.Key = webhookLog.ID
+	webhookLog.CreatedAt = time.Now().Unix()
+	webhookLog.UpdatedAt = time.Now().Unix()
+
+	webhookLogCollection := p.db.Collection(models.Collections.WebhookLog, options.Collection())
+	_, err := webhookLogCollection.InsertOne(ctx, webhookLog)
+	if err != nil {
+		return nil, err
+	}
+	return webhookLog.AsAPIWebhookLog(), nil
+}
+
+// ListWebhookLogs to list webhook logs
+func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Pagination, webhookID string) (*model.WebhookLogs, error) {
+	webhookLogs := []*model.WebhookLog{}
+	opts := options.Find()
+	opts.SetLimit(pagination.Limit)
+	opts.SetSkip(pagination.Offset)
+	opts.SetSort(bson.M{"created_at": -1})
+
+	paginationClone := pagination
+	query := bson.M{}
+
+	if webhookID != "" {
+		query = bson.M{"webhook_id": webhookID}
+	}
+
+	webhookLogCollection := p.db.Collection(models.Collections.WebhookLog, options.Collection())
+	count, err := webhookLogCollection.CountDocuments(ctx, query, options.Count())
+	if err != nil {
+		return nil, err
+	}
+
+	paginationClone.Total = count
+
+	cursor, err := webhookLogCollection.Find(ctx, query, opts)
+	if err != nil {
+		return nil, err
+	}
+	defer cursor.Close(ctx)
+
+	for cursor.Next(ctx) {
+		var webhookLog models.WebhookLog
+		err := cursor.Decode(&webhookLog)
+		if err != nil {
+			return nil, err
+		}
+		webhookLogs = append(webhookLogs, webhookLog.AsAPIWebhookLog())
+	}
+
+	return &model.WebhookLogs{
+		Pagination:  &paginationClone,
+		WebhookLogs: webhookLogs,
+	}, nil
+}

server/db/providers/provider_template/env.go

@@ -1,6 +1,7 @@
 package provider_template
 
 import (
+	"context"
 	"time"
 
 	"github.com/authorizerdev/authorizer/server/db/models"
@@ -8,7 +9,7 @@ import (
 )
 
 // AddEnv to save environment information in database
-func (p *provider) AddEnv(env models.Env) (models.Env, error) {
+func (p *provider) AddEnv(ctx context.Context, env models.Env) (models.Env, error) {
 	if env.ID == "" {
 		env.ID = uuid.New().String()
 	}
@@ -19,13 +20,13 @@ func (p *provider) AddEnv(env models.Env) (models.Env, error) {
 }
 
 // UpdateEnv to update environment information in database
-func (p *provider) UpdateEnv(env models.Env) (models.Env, error) {
+func (p *provider) UpdateEnv(ctx context.Context, env models.Env) (models.Env, error) {
 	env.UpdatedAt = time.Now().Unix()
 	return env, nil
 }
 
 // GetEnv to get environment information from database
-func (p *provider) GetEnv() (models.Env, error) {
+func (p *provider) GetEnv(ctx context.Context) (models.Env, error) {
 	var env models.Env
 
 	return env, nil

server/db/providers/provider_template/session.go

@@ -1,6 +1,7 @@
 package provider_template
 
 import (
+	"context"
 	"time"
 
 	"github.com/authorizerdev/authorizer/server/db/models"
@@ -8,7 +9,7 @@ import (
 )
 
 // AddSession to save session information in database
-func (p *provider) AddSession(session models.Session) error {
+func (p *provider) AddSession(ctx context.Context, session models.Session) error {
 	if session.ID == "" {
 		session.ID = uuid.New().String()
 	}
@@ -19,6 +20,6 @@ func (p *provider) AddSession(session models.Session) error {
 }
 
 // DeleteSession to delete session information from database
-func (p *provider) DeleteSession(userId string) error {
+func (p *provider) DeleteSession(ctx context.Context, userId string) error {
 	return nil
 }

server/db/providers/provider_template/user.go

@@ -1,24 +1,28 @@
 package provider_template
 
 import (
-	"strings"
+	"context"
 	"time"
 
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db/models"
-	"github.com/authorizerdev/authorizer/server/envstore"
 	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/google/uuid"
 )
 
 // AddUser to save user information in database
-func (p *provider) AddUser(user models.User) (models.User, error) {
+func (p *provider) AddUser(ctx context.Context, user models.User) (models.User, error) {
 	if user.ID == "" {
 		user.ID = uuid.New().String()
 	}
 
 	if user.Roles == "" {
-		user.Roles = strings.Join(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",")
+		defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
+		if err != nil {
+			return user, err
+		}
+		user.Roles = defaultRoles
 	}
 
 	user.CreatedAt = time.Now().Unix()
@@ -28,30 +32,30 @@ func (p *provider) AddUser(user models.User) (models.User, error) {
 }
 
 // UpdateUser to update user information in database
-func (p *provider) UpdateUser(user models.User) (models.User, error) {
+func (p *provider) UpdateUser(ctx context.Context, user models.User) (models.User, error) {
 	user.UpdatedAt = time.Now().Unix()
 	return user, nil
 }
 
 // DeleteUser to delete user information from database
-func (p *provider) DeleteUser(user models.User) error {
+func (p *provider) DeleteUser(ctx context.Context, user models.User) error {
 	return nil
 }
 
 // ListUsers to get list of users from database
-func (p *provider) ListUsers(pagination model.Pagination) (*model.Users, error) {
+func (p *provider) ListUsers(ctx context.Context, pagination model.Pagination) (*model.Users, error) {
 	return nil, nil
 }
 
 // GetUserByEmail to get user information from database using email address
-func (p *provider) GetUserByEmail(email string) (models.User, error) {
+func (p *provider) GetUserByEmail(ctx context.Context, email string) (models.User, error) {
 	var user models.User
 
 	return user, nil
 }
 
 // GetUserByID to get user information from database using user ID
-func (p *provider) GetUserByID(id string) (models.User, error) {
+func (p *provider) GetUserByID(ctx context.Context, id string) (models.User, error) {
 	var user models.User
 
 	return user, nil

server/db/providers/provider_template/verification_requests.go

@@ -1,6 +1,7 @@
 package provider_template
 
 import (
+	"context"
 	"time"
 
 	"github.com/authorizerdev/authorizer/server/db/models"
@@ -9,7 +10,7 @@ import (
 )
 
 // AddVerification to save verification request in database
-func (p *provider) AddVerificationRequest(verificationRequest models.VerificationRequest) (models.VerificationRequest, error) {
+func (p *provider) AddVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) (models.VerificationRequest, error) {
 	if verificationRequest.ID == "" {
 		verificationRequest.ID = uuid.New().String()
 	}
@@ -21,25 +22,25 @@ func (p *provider) AddVerificationRequest(verificationRequest models.Verificatio
 }
 
 // GetVerificationRequestByToken to get verification request from database using token
-func (p *provider) GetVerificationRequestByToken(token string) (models.VerificationRequest, error) {
+func (p *provider) GetVerificationRequestByToken(ctx context.Context, token string) (models.VerificationRequest, error) {
 	var verificationRequest models.VerificationRequest
 
 	return verificationRequest, nil
 }
 
 // GetVerificationRequestByEmail to get verification request by email from database
-func (p *provider) GetVerificationRequestByEmail(email string, identifier string) (models.VerificationRequest, error) {
+func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email string, identifier string) (models.VerificationRequest, error) {
 	var verificationRequest models.VerificationRequest
 
 	return verificationRequest, nil
 }
 
 // ListVerificationRequests to get list of verification requests from database
-func (p *provider) ListVerificationRequests(pagination model.Pagination) (*model.VerificationRequests, error) {
+func (p *provider) ListVerificationRequests(ctx context.Context, pagination model.Pagination) (*model.VerificationRequests, error) {
 	return nil, nil
 }
 
 // DeleteVerificationRequest to delete verification request from database
-func (p *provider) DeleteVerificationRequest(verificationRequest models.VerificationRequest) error {
+func (p *provider) DeleteVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) error {
 	return nil
 }

server/db/providers/provider_template/webhook.go

@@ -0,0 +1,49 @@
+package provider_template
+
+import (
+	"context"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/google/uuid"
+)
+
+// AddWebhook to add webhook
+func (p *provider) AddWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+	if webhook.ID == "" {
+		webhook.ID = uuid.New().String()
+	}
+
+	webhook.Key = webhook.ID
+	webhook.CreatedAt = time.Now().Unix()
+	webhook.UpdatedAt = time.Now().Unix()
+	return webhook.AsAPIWebhook(), nil
+}
+
+// UpdateWebhook to update webhook
+func (p *provider) UpdateWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+	webhook.UpdatedAt = time.Now().Unix()
+	return webhook.AsAPIWebhook(), nil
+}
+
+// ListWebhooks to list webhook
+func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination) (*model.Webhooks, error) {
+	return nil, nil
+}
+
+// GetWebhookByID to get webhook by id
+func (p *provider) GetWebhookByID(ctx context.Context, webhookID string) (*model.Webhook, error) {
+	return nil, nil
+}
+
+// GetWebhookByEventName to get webhook by event_name
+func (p *provider) GetWebhookByEventName(ctx context.Context, eventName string) (*model.Webhook, error) {
+	return nil, nil
+}
+
+// DeleteWebhook to delete webhook
+func (p *provider) DeleteWebhook(ctx context.Context, webhook *model.Webhook) error {
+	// Also delete webhook logs for given webhook id
+	return nil
+}

server/db/providers/provider_template/webhook_log.go

@@ -0,0 +1,27 @@
+package provider_template
+
+import (
+	"context"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/google/uuid"
+)
+
+// AddWebhookLog to add webhook log
+func (p *provider) AddWebhookLog(ctx context.Context, webhookLog models.WebhookLog) (*model.WebhookLog, error) {
+	if webhookLog.ID == "" {
+		webhookLog.ID = uuid.New().String()
+	}
+
+	webhookLog.Key = webhookLog.ID
+	webhookLog.CreatedAt = time.Now().Unix()
+	webhookLog.UpdatedAt = time.Now().Unix()
+	return webhookLog.AsAPIWebhookLog(), nil
+}
+
+// ListWebhookLogs to list webhook logs
+func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Pagination, webhookID string) (*model.WebhookLogs, error) {
+	return nil, nil
+}

server/db/providers/providers.go

@@ -1,44 +1,62 @@
 package providers
 
 import (
+	"context"
+
 	"github.com/authorizerdev/authorizer/server/db/models"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 )
 
 type Provider interface {
 	// AddUser to save user information in database
-	AddUser(user models.User) (models.User, error)
+	AddUser(ctx context.Context, user models.User) (models.User, error)
 	// UpdateUser to update user information in database
-	UpdateUser(user models.User) (models.User, error)
+	UpdateUser(ctx context.Context, user models.User) (models.User, error)
 	// DeleteUser to delete user information from database
-	DeleteUser(user models.User) error
+	DeleteUser(ctx context.Context, user models.User) error
 	// ListUsers to get list of users from database
-	ListUsers(pagination model.Pagination) (*model.Users, error)
+	ListUsers(ctx context.Context, pagination model.Pagination) (*model.Users, error)
 	// GetUserByEmail to get user information from database using email address
-	GetUserByEmail(email string) (models.User, error)
+	GetUserByEmail(ctx context.Context, email string) (models.User, error)
 	// GetUserByID to get user information from database using user ID
-	GetUserByID(id string) (models.User, error)
+	GetUserByID(ctx context.Context, id string) (models.User, error)
 
 	// AddVerification to save verification request in database
-	AddVerificationRequest(verificationRequest models.VerificationRequest) (models.VerificationRequest, error)
+	AddVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) (models.VerificationRequest, error)
 	// GetVerificationRequestByToken to get verification request from database using token
-	GetVerificationRequestByToken(token string) (models.VerificationRequest, error)
+	GetVerificationRequestByToken(ctx context.Context, token string) (models.VerificationRequest, error)
 	// GetVerificationRequestByEmail to get verification request by email from database
-	GetVerificationRequestByEmail(email string, identifier string) (models.VerificationRequest, error)
+	GetVerificationRequestByEmail(ctx context.Context, email string, identifier string) (models.VerificationRequest, error)
 	// ListVerificationRequests to get list of verification requests from database
-	ListVerificationRequests(pagination model.Pagination) (*model.VerificationRequests, error)
+	ListVerificationRequests(ctx context.Context, pagination model.Pagination) (*model.VerificationRequests, error)
 	// DeleteVerificationRequest to delete verification request from database
-	DeleteVerificationRequest(verificationRequest models.VerificationRequest) error
+	DeleteVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) error
 
 	// AddSession to save session information in database
-	AddSession(session models.Session) error
-	// DeleteSession to delete session information from database
-	DeleteSession(userId string) error
+	AddSession(ctx context.Context, session models.Session) error
 
 	// AddEnv to save environment information in database
-	AddEnv(env models.Env) (models.Env, error)
+	AddEnv(ctx context.Context, env models.Env) (models.Env, error)
 	// UpdateEnv to update environment information in database
-	UpdateEnv(env models.Env) (models.Env, error)
+	UpdateEnv(ctx context.Context, env models.Env) (models.Env, error)
 	// GetEnv to get environment information from database
-	GetEnv() (models.Env, error)
+	GetEnv(ctx context.Context) (models.Env, error)
+
+	// AddWebhook to add webhook
+	AddWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error)
+	// UpdateWebhook to update webhook
+	UpdateWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error)
+	// ListWebhooks to list webhook
+	ListWebhook(ctx context.Context, pagination model.Pagination) (*model.Webhooks, error)
+	// GetWebhookByID to get webhook by id
+	GetWebhookByID(ctx context.Context, webhookID string) (*model.Webhook, error)
+	// GetWebhookByEventName to get webhook by event_name
+	GetWebhookByEventName(ctx context.Context, eventName string) (*model.Webhook, error)
+	// DeleteWebhook to delete webhook
+	DeleteWebhook(ctx context.Context, webhook *model.Webhook) error
+
+	// AddWebhookLog to add webhook log
+	AddWebhookLog(ctx context.Context, webhookLog models.WebhookLog) (*model.WebhookLog, error)
+	// ListWebhookLogs to list webhook logs
+	ListWebhookLogs(ctx context.Context, pagination model.Pagination, webhookID string) (*model.WebhookLogs, error)
 }

server/db/providers/sql/env.go

@@ -1,6 +1,7 @@
 package sql
 
 import (
+	"context"
 	"time"
 
 	"github.com/authorizerdev/authorizer/server/db/models"
@@ -8,7 +9,7 @@ import (
 )
 
 // AddEnv to save environment information in database
-func (p *provider) AddEnv(env models.Env) (models.Env, error) {
+func (p *provider) AddEnv(ctx context.Context, env models.Env) (models.Env, error) {
 	if env.ID == "" {
 		env.ID = uuid.New().String()
 	}
@@ -25,7 +26,7 @@ func (p *provider) AddEnv(env models.Env) (models.Env, error) {
 }
 
 // UpdateEnv to update environment information in database
-func (p *provider) UpdateEnv(env models.Env) (models.Env, error) {
+func (p *provider) UpdateEnv(ctx context.Context, env models.Env) (models.Env, error) {
 	env.UpdatedAt = time.Now().Unix()
 	result := p.db.Save(&env)
 
@@ -36,7 +37,7 @@ func (p *provider) UpdateEnv(env models.Env) (models.Env, error) {
 }
 
 // GetEnv to get environment information from database
-func (p *provider) GetEnv() (models.Env, error) {
+func (p *provider) GetEnv(ctx context.Context) (models.Env, error) {
 	var env models.Env
 	result := p.db.First(&env)
 

server/db/providers/sql/provider.go

@@ -7,7 +7,7 @@ import (
 
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db/models"
-	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 	"gorm.io/driver/mysql"
 	"gorm.io/driver/postgres"
 	"gorm.io/driver/sqlite"
@@ -41,22 +41,26 @@ func NewProvider() (*provider, error) {
 			TablePrefix: models.Prefix,
 		},
 	}
-	switch envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) {
-	case constants.DbTypePostgres, constants.DbTypeYugabyte:
-		sqlDB, err = gorm.Open(postgres.Open(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig)
+
+	dbType := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseType
+	dbURL := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseURL
+
+	switch dbType {
+	case constants.DbTypePostgres, constants.DbTypeYugabyte, constants.DbTypeCockroachDB:
+		sqlDB, err = gorm.Open(postgres.Open(dbURL), ormConfig)
 	case constants.DbTypeSqlite:
-		sqlDB, err = gorm.Open(sqlite.Open(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig)
-	case constants.DbTypeMysql, constants.DbTypeMariaDB:
-		sqlDB, err = gorm.Open(mysql.Open(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig)
+		sqlDB, err = gorm.Open(sqlite.Open(dbURL), ormConfig)
+	case constants.DbTypeMysql, constants.DbTypeMariaDB, constants.DbTypePlanetScaleDB:
+		sqlDB, err = gorm.Open(mysql.Open(dbURL), ormConfig)
 	case constants.DbTypeSqlserver:
-		sqlDB, err = gorm.Open(sqlserver.Open(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig)
+		sqlDB, err = gorm.Open(sqlserver.Open(dbURL), ormConfig)
 	}
 
 	if err != nil {
 		return nil, err
 	}
 
-	err = sqlDB.AutoMigrate(&models.User{}, &models.VerificationRequest{}, &models.Session{}, &models.Env{})
+	err = sqlDB.AutoMigrate(&models.User{}, &models.VerificationRequest{}, &models.Session{}, &models.Env{}, &models.Webhook{}, models.WebhookLog{})
 	if err != nil {
 		return nil, err
 	}

server/db/providers/sql/session.go

@@ -1,6 +1,7 @@
 package sql
 
 import (
+	"context"
 	"time"
 
 	"github.com/authorizerdev/authorizer/server/db/models"
@@ -9,7 +10,7 @@ import (
 )
 
 // AddSession to save session information in database
-func (p *provider) AddSession(session models.Session) error {
+func (p *provider) AddSession(ctx context.Context, session models.Session) error {
 	if session.ID == "" {
 		session.ID = uuid.New().String()
 	}
@@ -26,13 +27,3 @@ func (p *provider) AddSession(session models.Session) error {
 	}
 	return nil
 }
-
-// DeleteSession to delete session information from database
-func (p *provider) DeleteSession(userId string) error {
-	result := p.db.Where("user_id = ?", userId).Delete(&models.Session{})
-
-	if result.Error != nil {
-		return result.Error
-	}
-	return nil
-}

server/db/providers/sql/user.go

@@ -1,25 +1,29 @@
 package sql
 
 import (
-	"strings"
+	"context"
 	"time"
 
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db/models"
-	"github.com/authorizerdev/authorizer/server/envstore"
 	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/google/uuid"
 	"gorm.io/gorm/clause"
 )
 
 // AddUser to save user information in database
-func (p *provider) AddUser(user models.User) (models.User, error) {
+func (p *provider) AddUser(ctx context.Context, user models.User) (models.User, error) {
 	if user.ID == "" {
 		user.ID = uuid.New().String()
 	}
 
 	if user.Roles == "" {
-		user.Roles = strings.Join(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",")
+		defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
+		if err != nil {
+			return user, err
+		}
+		user.Roles = defaultRoles
 	}
 
 	user.CreatedAt = time.Now().Unix()
@@ -39,7 +43,7 @@ func (p *provider) AddUser(user models.User) (models.User, error) {
 }
 
 // UpdateUser to update user information in database
-func (p *provider) UpdateUser(user models.User) (models.User, error) {
+func (p *provider) UpdateUser(ctx context.Context, user models.User) (models.User, error) {
 	user.UpdatedAt = time.Now().Unix()
 
 	result := p.db.Save(&user)
@@ -52,18 +56,23 @@ func (p *provider) UpdateUser(user models.User) (models.User, error) {
 }
 
 // DeleteUser to delete user information from database
-func (p *provider) DeleteUser(user models.User) error {
+func (p *provider) DeleteUser(ctx context.Context, user models.User) error {
 	result := p.db.Delete(&user)
 
 	if result.Error != nil {
 		return result.Error
 	}
 
+	result = p.db.Where("user_id = ?", user.ID).Delete(&models.Session{})
+	if result.Error != nil {
+		return result.Error
+	}
+
 	return nil
 }
 
 // ListUsers to get list of users from database
-func (p *provider) ListUsers(pagination model.Pagination) (*model.Users, error) {
+func (p *provider) ListUsers(ctx context.Context, pagination model.Pagination) (*model.Users, error) {
 	var users []models.User
 	result := p.db.Limit(int(pagination.Limit)).Offset(int(pagination.Offset)).Order("created_at DESC").Find(&users)
 	if result.Error != nil {
@@ -91,10 +100,9 @@ func (p *provider) ListUsers(pagination model.Pagination) (*model.Users, error)
 }
 
 // GetUserByEmail to get user information from database using email address
-func (p *provider) GetUserByEmail(email string) (models.User, error) {
+func (p *provider) GetUserByEmail(ctx context.Context, email string) (models.User, error) {
 	var user models.User
 	result := p.db.Where("email = ?", email).First(&user)
-
 	if result.Error != nil {
 		return user, result.Error
 	}
@@ -103,11 +111,10 @@ func (p *provider) GetUserByEmail(email string) (models.User, error) {
 }
 
 // GetUserByID to get user information from database using user ID
-func (p *provider) GetUserByID(id string) (models.User, error) {
+func (p *provider) GetUserByID(ctx context.Context, id string) (models.User, error) {
 	var user models.User
 
 	result := p.db.Where("id = ?", id).First(&user)
-
 	if result.Error != nil {
 		return user, result.Error
 	}

server/db/providers/sql/verification_requests.go

@@ -1,6 +1,7 @@
 package sql
 
 import (
+	"context"
 	"time"
 
 	"github.com/authorizerdev/authorizer/server/db/models"
@@ -10,7 +11,7 @@ import (
 )
 
 // AddVerification to save verification request in database
-func (p *provider) AddVerificationRequest(verificationRequest models.VerificationRequest) (models.VerificationRequest, error) {
+func (p *provider) AddVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) (models.VerificationRequest, error) {
 	if verificationRequest.ID == "" {
 		verificationRequest.ID = uuid.New().String()
 	}
@@ -31,7 +32,7 @@ func (p *provider) AddVerificationRequest(verificationRequest models.Verificatio
 }
 
 // GetVerificationRequestByToken to get verification request from database using token
-func (p *provider) GetVerificationRequestByToken(token string) (models.VerificationRequest, error) {
+func (p *provider) GetVerificationRequestByToken(ctx context.Context, token string) (models.VerificationRequest, error) {
 	var verificationRequest models.VerificationRequest
 	result := p.db.Where("token = ?", token).First(&verificationRequest)
 
@@ -43,7 +44,7 @@ func (p *provider) GetVerificationRequestByToken(token string) (models.Verificat
 }
 
 // GetVerificationRequestByEmail to get verification request by email from database
-func (p *provider) GetVerificationRequestByEmail(email string, identifier string) (models.VerificationRequest, error) {
+func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email string, identifier string) (models.VerificationRequest, error) {
 	var verificationRequest models.VerificationRequest
 
 	result := p.db.Where("email = ? AND identifier = ?", email, identifier).First(&verificationRequest)
@@ -56,7 +57,7 @@ func (p *provider) GetVerificationRequestByEmail(email string, identifier string
 }
 
 // ListVerificationRequests to get list of verification requests from database
-func (p *provider) ListVerificationRequests(pagination model.Pagination) (*model.VerificationRequests, error) {
+func (p *provider) ListVerificationRequests(ctx context.Context, pagination model.Pagination) (*model.VerificationRequests, error) {
 	var verificationRequests []models.VerificationRequest
 
 	result := p.db.Limit(int(pagination.Limit)).Offset(int(pagination.Offset)).Order("created_at DESC").Find(&verificationRequests)
@@ -85,7 +86,7 @@ func (p *provider) ListVerificationRequests(pagination model.Pagination) (*model
 }
 
 // DeleteVerificationRequest to delete verification request from database
-func (p *provider) DeleteVerificationRequest(verificationRequest models.VerificationRequest) error {
+func (p *provider) DeleteVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) error {
 	result := p.db.Delete(&verificationRequest)
 
 	if result.Error != nil {

server/db/providers/sql/webhook.go

@@ -0,0 +1,104 @@
+package sql
+
+import (
+	"context"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/google/uuid"
+)
+
+// AddWebhook to add webhook
+func (p *provider) AddWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+	if webhook.ID == "" {
+		webhook.ID = uuid.New().String()
+	}
+
+	webhook.Key = webhook.ID
+	webhook.CreatedAt = time.Now().Unix()
+	webhook.UpdatedAt = time.Now().Unix()
+	res := p.db.Create(&webhook)
+	if res.Error != nil {
+		return nil, res.Error
+	}
+	return webhook.AsAPIWebhook(), nil
+}
+
+// UpdateWebhook to update webhook
+func (p *provider) UpdateWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+	webhook.UpdatedAt = time.Now().Unix()
+
+	result := p.db.Save(&webhook)
+	if result.Error != nil {
+		return nil, result.Error
+	}
+
+	return webhook.AsAPIWebhook(), nil
+}
+
+// ListWebhooks to list webhook
+func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination) (*model.Webhooks, error) {
+	var webhooks []models.Webhook
+
+	result := p.db.Limit(int(pagination.Limit)).Offset(int(pagination.Offset)).Order("created_at DESC").Find(&webhooks)
+	if result.Error != nil {
+		return nil, result.Error
+	}
+
+	var total int64
+	totalRes := p.db.Model(&models.Webhook{}).Count(&total)
+	if totalRes.Error != nil {
+		return nil, totalRes.Error
+	}
+
+	paginationClone := pagination
+	paginationClone.Total = total
+
+	responseWebhooks := []*model.Webhook{}
+	for _, w := range webhooks {
+		responseWebhooks = append(responseWebhooks, w.AsAPIWebhook())
+	}
+	return &model.Webhooks{
+		Pagination: &paginationClone,
+		Webhooks:   responseWebhooks,
+	}, nil
+}
+
+// GetWebhookByID to get webhook by id
+func (p *provider) GetWebhookByID(ctx context.Context, webhookID string) (*model.Webhook, error) {
+	var webhook models.Webhook
+
+	result := p.db.Where("id = ?", webhookID).First(&webhook)
+	if result.Error != nil {
+		return nil, result.Error
+	}
+	return webhook.AsAPIWebhook(), nil
+}
+
+// GetWebhookByEventName to get webhook by event_name
+func (p *provider) GetWebhookByEventName(ctx context.Context, eventName string) (*model.Webhook, error) {
+	var webhook models.Webhook
+
+	result := p.db.Where("event_name = ?", eventName).First(&webhook)
+	if result.Error != nil {
+		return nil, result.Error
+	}
+	return webhook.AsAPIWebhook(), nil
+}
+
+// DeleteWebhook to delete webhook
+func (p *provider) DeleteWebhook(ctx context.Context, webhook *model.Webhook) error {
+	result := p.db.Delete(&models.Webhook{
+		ID: webhook.ID,
+	})
+	if result.Error != nil {
+		return result.Error
+	}
+
+	result = p.db.Where("webhook_id = ?", webhook.ID).Delete(&models.WebhookLog{})
+	if result.Error != nil {
+		return result.Error
+	}
+	return nil
+}

server/db/providers/sql/webhook_log.go

@@ -0,0 +1,68 @@
+package sql
+
+import (
+	"context"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/google/uuid"
+	"gorm.io/gorm"
+	"gorm.io/gorm/clause"
+)
+
+// AddWebhookLog to add webhook log
+func (p *provider) AddWebhookLog(ctx context.Context, webhookLog models.WebhookLog) (*model.WebhookLog, error) {
+	if webhookLog.ID == "" {
+		webhookLog.ID = uuid.New().String()
+	}
+
+	webhookLog.Key = webhookLog.ID
+	webhookLog.CreatedAt = time.Now().Unix()
+	webhookLog.UpdatedAt = time.Now().Unix()
+	res := p.db.Clauses(
+		clause.OnConflict{
+			DoNothing: true,
+		}).Create(&webhookLog)
+	if res.Error != nil {
+		return nil, res.Error
+	}
+
+	return webhookLog.AsAPIWebhookLog(), nil
+}
+
+// ListWebhookLogs to list webhook logs
+func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Pagination, webhookID string) (*model.WebhookLogs, error) {
+	var webhookLogs []models.WebhookLog
+	var result *gorm.DB
+	var totalRes *gorm.DB
+	var total int64
+
+	if webhookID != "" {
+		result = p.db.Where("webhook_id = ?", webhookID).Limit(int(pagination.Limit)).Offset(int(pagination.Offset)).Order("created_at DESC").Find(&webhookLogs)
+		totalRes = p.db.Where("webhook_id = ?", webhookID).Model(&models.WebhookLog{}).Count(&total)
+	} else {
+		result = p.db.Limit(int(pagination.Limit)).Offset(int(pagination.Offset)).Order("created_at DESC").Find(&webhookLogs)
+		totalRes = p.db.Model(&models.WebhookLog{}).Count(&total)
+	}
+
+	if result.Error != nil {
+		return nil, result.Error
+	}
+
+	if totalRes.Error != nil {
+		return nil, totalRes.Error
+	}
+
+	paginationClone := pagination
+	paginationClone.Total = total
+
+	responseWebhookLogs := []*model.WebhookLog{}
+	for _, w := range webhookLogs {
+		responseWebhookLogs = append(responseWebhookLogs, w.AsAPIWebhookLog())
+	}
+	return &model.WebhookLogs{
+		WebhookLogs: responseWebhookLogs,
+		Pagination:  &paginationClone,
+	}, nil
+}

server/email/email.go

@@ -11,7 +11,7 @@ import (
 	gomail "gopkg.in/mail.v2"
 
 	"github.com/authorizerdev/authorizer/server/constants"
-	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 )
 
 // addEmailTemplate is used to add html template in email body
@@ -33,17 +33,57 @@ func addEmailTemplate(a string, b map[string]interface{}, templateName string) s
 // SendMail function to send mail
 func SendMail(to []string, Subject, bodyMessage string) error {
 	// dont trigger email sending in case of test
-	if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEnv) == "test" {
+	envKey, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyEnv)
+	if err != nil {
+		return err
+	}
+	if envKey == constants.TestEnv {
 		return nil
 	}
 	m := gomail.NewMessage()
-	m.SetHeader("From", envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeySenderEmail))
+	senderEmail, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeySenderEmail)
+	if err != nil {
+		log.Errorf("Error while getting sender email from env variable: %v", err)
+		return err
+	}
+
+	smtpPort, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeySmtpPort)
+	if err != nil {
+		log.Errorf("Error while getting smtp port from env variable: %v", err)
+		return err
+	}
+
+	smtpHost, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeySmtpHost)
+	if err != nil {
+		log.Errorf("Error while getting smtp host from env variable: %v", err)
+		return err
+	}
+
+	smtpUsername, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeySmtpUsername)
+	if err != nil {
+		log.Errorf("Error while getting smtp username from env variable: %v", err)
+		return err
+	}
+
+	smtpPassword, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeySmtpPassword)
+	if err != nil {
+		log.Errorf("Error while getting smtp password from env variable: %v", err)
+		return err
+	}
+
+	isProd, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsProd)
+	if err != nil {
+		log.Errorf("Error while getting env variable: %v", err)
+		return err
+	}
+
+	m.SetHeader("From", senderEmail)
 	m.SetHeader("To", to...)
 	m.SetHeader("Subject", Subject)
 	m.SetBody("text/html", bodyMessage)
-	port, _ := strconv.Atoi(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpPort))
-	d := gomail.NewDialer(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpHost), port, envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpUsername), envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpPassword))
-	if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEnv) == "development" {
+	port, _ := strconv.Atoi(smtpPort)
+	d := gomail.NewDialer(smtpHost, port, smtpUsername, smtpPassword)
+	if !isProd {
 		d.TLSConfig = &tls.Config{InsecureSkipVerify: true}
 	}
 	if err := d.DialAndSend(m); err != nil {

server/email/forgot_password_email.go

@@ -2,14 +2,19 @@ package email
 
 import (
 	"github.com/authorizerdev/authorizer/server/constants"
-	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 )
 
 // SendForgotPasswordMail to send forgot password email
 func SendForgotPasswordMail(toEmail, token, hostname string) error {
-	resetPasswordUrl := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyResetPasswordURL)
+	resetPasswordUrl, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyResetPasswordURL)
+	if err != nil {
+		return err
+	}
 	if resetPasswordUrl == "" {
-		envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyResetPasswordURL, hostname+"/app/reset-password")
+		if err := memorystore.Provider.UpdateEnvVariable(constants.EnvKeyResetPasswordURL, hostname+"/app/reset-password"); err != nil {
+			return err
+		}
 	}
 
 	// The receiver needs to be in slice as the receive supports multiple receiver
@@ -103,8 +108,14 @@ func SendForgotPasswordMail(toEmail, token, hostname string) error {
 	`
 
 	data := make(map[string]interface{}, 3)
-	data["org_logo"] = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
-	data["org_name"] = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
+	data["org_logo"], err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
+	if err != nil {
+		return err
+	}
+	data["org_name"], err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
+	if err != nil {
+		return err
+	}
 	data["verification_url"] = resetPasswordUrl + "?token=" + token
 	message = addEmailTemplate(message, data, "reset_password_email.tmpl")
 

server/email/invite_email.go

@@ -4,7 +4,7 @@ import (
 	log "github.com/sirupsen/logrus"
 
 	"github.com/authorizerdev/authorizer/server/constants"
-	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 )
 
 // InviteEmail to send invite email
@@ -99,13 +99,20 @@ func InviteEmail(toEmail, token, verificationURL, redirectURI string) error {
     </html>
 	`
 	data := make(map[string]interface{}, 3)
-	data["org_logo"] = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
-	data["org_name"] = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
+	var err error
+	data["org_logo"], err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
+	if err != nil {
+		return err
+	}
+	data["org_name"], err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
+	if err != nil {
+		return err
+	}
 	data["verification_url"] = verificationURL + "?token=" + token + "&redirect_uri=" + redirectURI
 	message = addEmailTemplate(message, data, "invite_email.tmpl")
 	// bodyMessage := sender.WriteHTMLEmail(Receiver, Subject, message)
 
-	err := SendMail(Receiver, Subject, message)
+	err = SendMail(Receiver, Subject, message)
 	if err != nil {
 		log.Warn("error sending email: ", err)
 	}

server/email/verification_email.go

@@ -4,7 +4,7 @@ import (
 	log "github.com/sirupsen/logrus"
 
 	"github.com/authorizerdev/authorizer/server/constants"
-	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 )
 
 // SendVerificationMail to send verification email
@@ -99,13 +99,20 @@ func SendVerificationMail(toEmail, token, hostname string) error {
     </html>
 	`
 	data := make(map[string]interface{}, 3)
-	data["org_logo"] = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
-	data["org_name"] = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
+	var err error
+	data["org_logo"], err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
+	if err != nil {
+		return err
+	}
+	data["org_name"], err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
+	if err != nil {
+		return err
+	}
 	data["verification_url"] = hostname + "/verify_email?token=" + token
 	message = addEmailTemplate(message, data, "verify_email.tmpl")
 	// bodyMessage := sender.WriteHTMLEmail(Receiver, Subject, message)
 
-	err := SendMail(Receiver, Subject, message)
+	err = SendMail(Receiver, Subject, message)
 	if err != nil {
 		log.Warn("error sending email: ", err)
 	}

server/env/env.go

@@ -2,212 +2,247 @@ package env
 
 import (
 	"errors"
+	"fmt"
 	"os"
+	"strconv"
 	"strings"
 
 	"github.com/google/uuid"
-	"github.com/joho/godotenv"
 	log "github.com/sirupsen/logrus"
 
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/crypto"
-	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/utils"
 )
 
-// InitRequiredEnv to initialize EnvData and through error if required env are not present
-func InitRequiredEnv() error {
-	envPath := os.Getenv(constants.EnvKeyEnvPath)
-
-	if envPath == "" {
-		envPath = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEnvPath)
-		if envPath == "" {
-			envPath = `.env`
-		}
-	}
-
-	if envstore.ARG_ENV_FILE != nil && *envstore.ARG_ENV_FILE != "" {
-		envPath = *envstore.ARG_ENV_FILE
-	}
-	log.Info("env path: ", envPath)
-
-	err := godotenv.Load(envPath)
-	if err != nil {
-		log.Info("using OS env instead of %s file", envPath)
-	}
-
-	dbURL := os.Getenv(constants.EnvKeyDatabaseURL)
-	dbType := os.Getenv(constants.EnvKeyDatabaseType)
-	dbName := os.Getenv(constants.EnvKeyDatabaseName)
-	dbPort := os.Getenv(constants.EnvKeyDatabasePort)
-	dbHost := os.Getenv(constants.EnvKeyDatabaseHost)
-	dbUsername := os.Getenv(constants.EnvKeyDatabaseUsername)
-	dbPassword := os.Getenv(constants.EnvKeyDatabasePassword)
-	dbCert := os.Getenv(constants.EnvKeyDatabaseCert)
-	dbCertKey := os.Getenv(constants.EnvKeyDatabaseCertKey)
-	dbCACert := os.Getenv(constants.EnvKeyDatabaseCACert)
-
-	if strings.TrimSpace(dbType) == "" {
-		if envstore.ARG_DB_TYPE != nil && *envstore.ARG_DB_TYPE != "" {
-			dbType = strings.TrimSpace(*envstore.ARG_DB_TYPE)
-		}
-
-		if dbType == "" {
-			log.Debug("DATABASE_TYPE is not set")
-			return errors.New("invalid database type. DATABASE_TYPE is empty")
-		}
-	}
-
-	if strings.TrimSpace(dbURL) == "" && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL) == "" {
-		if envstore.ARG_DB_URL != nil && *envstore.ARG_DB_URL != "" {
-			dbURL = strings.TrimSpace(*envstore.ARG_DB_URL)
-		}
-
-		if dbURL == "" && dbPort == "" && dbHost == "" && dbUsername == "" && dbPassword == "" {
-			log.Debug("DATABASE_URL is not set")
-			return errors.New("invalid database url. DATABASE_URL is required")
-		}
-	}
-
-	if dbName == "" {
-		if dbName == "" {
-			dbName = "authorizer"
-		}
-	}
-
-	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEnvPath, envPath)
-	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseURL, dbURL)
-	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseType, dbType)
-	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseName, dbName)
-	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseHost, dbHost)
-	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabasePort, dbPort)
-	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseUsername, dbUsername)
-	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabasePassword, dbPassword)
-	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseCert, dbCert)
-	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseCertKey, dbCertKey)
-	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseCACert, dbCACert)
-
-	return nil
-}
-
 // InitEnv to initialize EnvData and through error if required env are not present
 func InitAllEnv() error {
 	envData, err := GetEnvData()
 	if err != nil {
 		log.Info("No env data found in db, using local clone of env data")
 		// get clone of current store
-		envData = envstore.EnvStoreObj.GetEnvStoreClone()
+		envData, err = memorystore.Provider.GetEnvStore()
+		if err != nil {
+			log.Debug("Error while getting env data from memorystore: ", err)
+			return err
+		}
 	}
 
-	clientID := envData.StringEnv[constants.EnvKeyClientID]
 	// unique client id for each instance
-	if clientID == "" {
+	cid, ok := envData[constants.EnvKeyClientID]
+	clientID := ""
+	if !ok || cid == "" {
 		clientID = uuid.New().String()
-		envData.StringEnv[constants.EnvKeyClientID] = clientID
+		envData[constants.EnvKeyClientID] = clientID
+	} else {
+		clientID = cid.(string)
 	}
 
-	clientSecret := envData.StringEnv[constants.EnvKeyClientSecret]
-	// unique client id for each instance
-	if clientSecret == "" {
-		clientSecret = uuid.New().String()
-		envData.StringEnv[constants.EnvKeyClientSecret] = clientSecret
+	// unique client secret for each instance
+	if val, ok := envData[constants.EnvKeyClientSecret]; !ok || val != "" {
+		envData[constants.EnvKeyClientSecret] = uuid.New().String()
 	}
 
-	if envData.StringEnv[constants.EnvKeyEnv] == "" {
-		envData.StringEnv[constants.EnvKeyEnv] = os.Getenv(constants.EnvKeyEnv)
-		if envData.StringEnv[constants.EnvKeyEnv] == "" {
-			envData.StringEnv[constants.EnvKeyEnv] = "production"
+	// os string envs
+	osEnv := os.Getenv(constants.EnvKeyEnv)
+	osAppURL := os.Getenv(constants.EnvKeyAppURL)
+	osAuthorizerURL := os.Getenv(constants.EnvKeyAuthorizerURL)
+	osPort := os.Getenv(constants.EnvKeyPort)
+	osAccessTokenExpiryTime := os.Getenv(constants.EnvKeyAccessTokenExpiryTime)
+	osAdminSecret := os.Getenv(constants.EnvKeyAdminSecret)
+	osSmtpHost := os.Getenv(constants.EnvKeySmtpHost)
+	osSmtpPort := os.Getenv(constants.EnvKeySmtpPort)
+	osSmtpUsername := os.Getenv(constants.EnvKeySmtpUsername)
+	osSmtpPassword := os.Getenv(constants.EnvKeySmtpPassword)
+	osSenderEmail := os.Getenv(constants.EnvKeySenderEmail)
+	osJwtType := os.Getenv(constants.EnvKeyJwtType)
+	osJwtSecret := os.Getenv(constants.EnvKeyJwtSecret)
+	osJwtPrivateKey := os.Getenv(constants.EnvKeyJwtPrivateKey)
+	osJwtPublicKey := os.Getenv(constants.EnvKeyJwtPublicKey)
+	osJwtRoleClaim := os.Getenv(constants.EnvKeyJwtRoleClaim)
+	osCustomAccessTokenScript := os.Getenv(constants.EnvKeyCustomAccessTokenScript)
+	osGoogleClientID := os.Getenv(constants.EnvKeyGoogleClientID)
+	osGoogleClientSecret := os.Getenv(constants.EnvKeyGoogleClientSecret)
+	osGithubClientID := os.Getenv(constants.EnvKeyGithubClientID)
+	osGithubClientSecret := os.Getenv(constants.EnvKeyGithubClientSecret)
+	osFacebookClientID := os.Getenv(constants.EnvKeyFacebookClientID)
+	osFacebookClientSecret := os.Getenv(constants.EnvKeyFacebookClientSecret)
+	osLinkedInClientID := os.Getenv(constants.EnvKeyLinkedInClientID)
+	osLinkedInClientSecret := os.Getenv(constants.EnvKeyLinkedInClientSecret)
+	osAppleClientID := os.Getenv(constants.EnvKeyAppleClientID)
+	osAppleClientSecret := os.Getenv(constants.EnvKeyAppleClientSecret)
+	osResetPasswordURL := os.Getenv(constants.EnvKeyResetPasswordURL)
+	osOrganizationName := os.Getenv(constants.EnvKeyOrganizationName)
+	osOrganizationLogo := os.Getenv(constants.EnvKeyOrganizationLogo)
+
+	// os bool vars
+	osDisableBasicAuthentication := os.Getenv(constants.EnvKeyDisableBasicAuthentication)
+	osDisableEmailVerification := os.Getenv(constants.EnvKeyDisableEmailVerification)
+	osDisableMagicLinkLogin := os.Getenv(constants.EnvKeyDisableMagicLinkLogin)
+	osDisableLoginPage := os.Getenv(constants.EnvKeyDisableLoginPage)
+	osDisableSignUp := os.Getenv(constants.EnvKeyDisableSignUp)
+	osDisableRedisForEnv := os.Getenv(constants.EnvKeyDisableRedisForEnv)
+	osDisableStrongPassword := os.Getenv(constants.EnvKeyDisableStrongPassword)
+
+	// os slice vars
+	osAllowedOrigins := os.Getenv(constants.EnvKeyAllowedOrigins)
+	osRoles := os.Getenv(constants.EnvKeyRoles)
+	osDefaultRoles := os.Getenv(constants.EnvKeyDefaultRoles)
+	osProtectedRoles := os.Getenv(constants.EnvKeyProtectedRoles)
+
+	ienv, ok := envData[constants.EnvKeyEnv]
+	if !ok || ienv == "" {
+		envData[constants.EnvKeyEnv] = osEnv
+		if envData[constants.EnvKeyEnv] == "" {
+			envData[constants.EnvKeyEnv] = "production"
 		}
 
-		if envData.StringEnv[constants.EnvKeyEnv] == "production" {
-			envData.BoolEnv[constants.EnvKeyIsProd] = true
+		if envData[constants.EnvKeyEnv] == "production" {
+			envData[constants.EnvKeyIsProd] = true
 		} else {
-			envData.BoolEnv[constants.EnvKeyIsProd] = false
+			envData[constants.EnvKeyIsProd] = false
 		}
 	}
-
-	if envData.StringEnv[constants.EnvKeyAppURL] == "" {
-		envData.StringEnv[constants.EnvKeyAppURL] = os.Getenv(constants.EnvKeyAppURL)
-	}
-
-	if envData.StringEnv[constants.EnvKeyAuthorizerURL] == "" {
-		envData.StringEnv[constants.EnvKeyAuthorizerURL] = os.Getenv(constants.EnvKeyAuthorizerURL)
-	}
-
-	if envData.StringEnv[constants.EnvKeyPort] == "" {
-		envData.StringEnv[constants.EnvKeyPort] = os.Getenv(constants.EnvKeyPort)
-		if envData.StringEnv[constants.EnvKeyPort] == "" {
-			envData.StringEnv[constants.EnvKeyPort] = "8080"
-		}
-	}
-
-	if envData.StringEnv[constants.EnvKeyAccessTokenExpiryTime] == "" {
-		envData.StringEnv[constants.EnvKeyAccessTokenExpiryTime] = os.Getenv(constants.EnvKeyAccessTokenExpiryTime)
-		if envData.StringEnv[constants.EnvKeyAccessTokenExpiryTime] == "" {
-			envData.StringEnv[constants.EnvKeyAccessTokenExpiryTime] = "30m"
-		}
-	}
-
-	if envData.StringEnv[constants.EnvKeyAdminSecret] == "" {
-		envData.StringEnv[constants.EnvKeyAdminSecret] = os.Getenv(constants.EnvKeyAdminSecret)
-	}
-
-	if envData.StringEnv[constants.EnvKeySmtpHost] == "" {
-		envData.StringEnv[constants.EnvKeySmtpHost] = os.Getenv(constants.EnvKeySmtpHost)
-	}
-
-	if envData.StringEnv[constants.EnvKeySmtpPort] == "" {
-		envData.StringEnv[constants.EnvKeySmtpPort] = os.Getenv(constants.EnvKeySmtpPort)
-	}
-
-	if envData.StringEnv[constants.EnvKeySmtpUsername] == "" {
-		envData.StringEnv[constants.EnvKeySmtpUsername] = os.Getenv(constants.EnvKeySmtpUsername)
-	}
-
-	if envData.StringEnv[constants.EnvKeySmtpPassword] == "" {
-		envData.StringEnv[constants.EnvKeySmtpPassword] = os.Getenv(constants.EnvKeySmtpPassword)
-	}
-
-	if envData.StringEnv[constants.EnvKeySenderEmail] == "" {
-		envData.StringEnv[constants.EnvKeySenderEmail] = os.Getenv(constants.EnvKeySenderEmail)
-	}
-
-	algo := envData.StringEnv[constants.EnvKeyJwtType]
-	if algo == "" {
-		envData.StringEnv[constants.EnvKeyJwtType] = os.Getenv(constants.EnvKeyJwtType)
-		if envData.StringEnv[constants.EnvKeyJwtType] == "" {
-			envData.StringEnv[constants.EnvKeyJwtType] = "RS256"
-			algo = envData.StringEnv[constants.EnvKeyJwtType]
+	if osEnv != "" && osEnv != envData[constants.EnvKeyEnv] {
+		envData[constants.EnvKeyEnv] = osEnv
+		if envData[constants.EnvKeyEnv] == "production" {
+			envData[constants.EnvKeyIsProd] = true
 		} else {
-			algo = envData.StringEnv[constants.EnvKeyJwtType]
-			if !crypto.IsHMACA(algo) && !crypto.IsRSA(algo) && !crypto.IsECDSA(algo) {
-				log.Debug("Invalid JWT Algorithm")
-				return errors.New("invalid JWT_TYPE")
-			}
+			envData[constants.EnvKeyIsProd] = false
 		}
 	}
 
+	if val, ok := envData[constants.EnvKeyAppURL]; !ok || val == "" {
+		envData[constants.EnvKeyAppURL] = osAppURL
+	}
+	if osAppURL != "" && envData[constants.EnvKeyAppURL] != osAppURL {
+		envData[constants.EnvKeyAppURL] = osAppURL
+	}
+
+	if val, ok := envData[constants.EnvKeyAuthorizerURL]; !ok || val == "" {
+		envData[constants.EnvKeyAuthorizerURL] = osAuthorizerURL
+	}
+	if osAuthorizerURL != "" && envData[constants.EnvKeyAuthorizerURL] != osAuthorizerURL {
+		envData[constants.EnvKeyAuthorizerURL] = osAuthorizerURL
+	}
+
+	if val, ok := envData[constants.EnvKeyPort]; !ok || val == "" {
+		envData[constants.EnvKeyPort] = osPort
+		if envData[constants.EnvKeyPort] == "" {
+			envData[constants.EnvKeyPort] = "8080"
+		}
+	}
+	if osPort != "" && envData[constants.EnvKeyPort] != osPort {
+		envData[constants.EnvKeyPort] = osPort
+	}
+
+	if val, ok := envData[constants.EnvKeyAccessTokenExpiryTime]; !ok || val == "" {
+		envData[constants.EnvKeyAccessTokenExpiryTime] = osAccessTokenExpiryTime
+		if envData[constants.EnvKeyAccessTokenExpiryTime] == "" {
+			envData[constants.EnvKeyAccessTokenExpiryTime] = "30m"
+		}
+	}
+	if osAccessTokenExpiryTime != "" && envData[constants.EnvKeyAccessTokenExpiryTime] != osAccessTokenExpiryTime {
+		envData[constants.EnvKeyAccessTokenExpiryTime] = osAccessTokenExpiryTime
+	}
+
+	if val, ok := envData[constants.EnvKeyAdminSecret]; !ok || val == "" {
+		envData[constants.EnvKeyAdminSecret] = osAdminSecret
+	}
+	if osAdminSecret != "" && envData[constants.EnvKeyAdminSecret] != osAdminSecret {
+		envData[constants.EnvKeyAdminSecret] = osAdminSecret
+	}
+
+	if val, ok := envData[constants.EnvKeySmtpHost]; !ok || val == "" {
+		envData[constants.EnvKeySmtpHost] = osSmtpHost
+	}
+	if osSmtpHost != "" && envData[constants.EnvKeySmtpHost] != osSmtpHost {
+		envData[constants.EnvKeySmtpHost] = osSmtpHost
+	}
+
+	if val, ok := envData[constants.EnvKeySmtpPort]; !ok || val == "" {
+		envData[constants.EnvKeySmtpPort] = osSmtpPort
+	}
+	if osSmtpPort != "" && envData[constants.EnvKeySmtpPort] != osSmtpPort {
+		envData[constants.EnvKeySmtpPort] = osSmtpPort
+	}
+
+	if val, ok := envData[constants.EnvKeySmtpUsername]; !ok || val == "" {
+		envData[constants.EnvKeySmtpUsername] = osSmtpUsername
+	}
+	if osSmtpUsername != "" && envData[constants.EnvKeySmtpUsername] != osSmtpUsername {
+		envData[constants.EnvKeySmtpUsername] = osSmtpUsername
+	}
+
+	if val, ok := envData[constants.EnvKeySmtpPassword]; !ok || val == "" {
+		envData[constants.EnvKeySmtpPassword] = osSmtpPassword
+	}
+	if osSmtpPassword != "" && envData[constants.EnvKeySmtpPassword] != osSmtpPassword {
+		envData[constants.EnvKeySmtpPassword] = osSmtpPassword
+	}
+
+	if val, ok := envData[constants.EnvKeySenderEmail]; !ok || val == "" {
+		envData[constants.EnvKeySenderEmail] = osSenderEmail
+	}
+	if osSenderEmail != "" && envData[constants.EnvKeySenderEmail] != osSenderEmail {
+		envData[constants.EnvKeySenderEmail] = osSenderEmail
+	}
+
+	algoVal, ok := envData[constants.EnvKeyJwtType]
+	algo := ""
+	if !ok || algoVal == "" {
+		envData[constants.EnvKeyJwtType] = osJwtType
+		if envData[constants.EnvKeyJwtType] == "" {
+			envData[constants.EnvKeyJwtType] = "RS256"
+			algo = envData[constants.EnvKeyJwtType].(string)
+		}
+	} else {
+		algo = algoVal.(string)
+		if !crypto.IsHMACA(algo) && !crypto.IsRSA(algo) && !crypto.IsECDSA(algo) {
+			log.Debug("Invalid JWT Algorithm")
+			return errors.New("invalid JWT_TYPE")
+		}
+	}
+	if osJwtType != "" && osJwtType != algo {
+		if !crypto.IsHMACA(osJwtType) && !crypto.IsRSA(osJwtType) && !crypto.IsECDSA(osJwtType) {
+			log.Debug("Invalid JWT Algorithm")
+			return errors.New("invalid JWT_TYPE")
+		}
+		algo = osJwtType
+		envData[constants.EnvKeyJwtType] = osJwtType
+	}
+
 	if crypto.IsHMACA(algo) {
-		if envData.StringEnv[constants.EnvKeyJwtSecret] == "" {
-			envData.StringEnv[constants.EnvKeyJwtSecret] = os.Getenv(constants.EnvKeyJwtSecret)
-			if envData.StringEnv[constants.EnvKeyJwtSecret] == "" {
-				envData.StringEnv[constants.EnvKeyJwtSecret], _, err = crypto.NewHMACKey(algo, clientID)
+		if val, ok := envData[constants.EnvKeyJwtSecret]; !ok || val == "" {
+			envData[constants.EnvKeyJwtSecret] = osJwtSecret
+			if envData[constants.EnvKeyJwtSecret] == "" {
+				envData[constants.EnvKeyJwtSecret], _, err = crypto.NewHMACKey(algo, clientID)
 				if err != nil {
 					return err
 				}
 			}
 		}
+		if osJwtSecret != "" && envData[constants.EnvKeyJwtSecret] != osJwtSecret {
+			envData[constants.EnvKeyJwtSecret] = osJwtSecret
+		}
 	}
 
 	if crypto.IsRSA(algo) || crypto.IsECDSA(algo) {
 		privateKey, publicKey := "", ""
 
-		if envData.StringEnv[constants.EnvKeyJwtPrivateKey] == "" {
-			privateKey = os.Getenv(constants.EnvKeyJwtPrivateKey)
+		if val, ok := envData[constants.EnvKeyJwtPrivateKey]; !ok || val == "" {
+			privateKey = osJwtPrivateKey
+		}
+		if osJwtPrivateKey != "" && privateKey != osJwtPrivateKey {
+			privateKey = osJwtPrivateKey
 		}
 
-		if envData.StringEnv[constants.EnvKeyJwtPublicKey] == "" {
-			publicKey = os.Getenv(constants.EnvKeyJwtPublicKey)
+		if val, ok := envData[constants.EnvKeyJwtPublicKey]; !ok || val == "" {
+			publicKey = osJwtPublicKey
+		}
+		if osJwtPublicKey != "" && publicKey != osJwtPublicKey {
+			publicKey = osJwtPublicKey
 		}
 
 		// if algo is RSA / ECDSA, then we need to have both private and public key
@@ -250,159 +285,273 @@ func InitAllEnv() error {
 			}
 		}
 
-		envData.StringEnv[constants.EnvKeyJwtPrivateKey] = privateKey
-		envData.StringEnv[constants.EnvKeyJwtPublicKey] = publicKey
+		envData[constants.EnvKeyJwtPrivateKey] = privateKey
+		envData[constants.EnvKeyJwtPublicKey] = publicKey
 
 	}
 
-	if envData.StringEnv[constants.EnvKeyJwtRoleClaim] == "" {
-		envData.StringEnv[constants.EnvKeyJwtRoleClaim] = os.Getenv(constants.EnvKeyJwtRoleClaim)
+	if val, ok := envData[constants.EnvKeyJwtRoleClaim]; !ok || val == "" {
+		envData[constants.EnvKeyJwtRoleClaim] = osJwtRoleClaim
 
-		if envData.StringEnv[constants.EnvKeyJwtRoleClaim] == "" {
-			envData.StringEnv[constants.EnvKeyJwtRoleClaim] = "role"
+		if envData[constants.EnvKeyJwtRoleClaim] == "" {
+			envData[constants.EnvKeyJwtRoleClaim] = "role"
+		}
+	}
+	if osJwtRoleClaim != "" && envData[constants.EnvKeyJwtRoleClaim] != osJwtRoleClaim {
+		envData[constants.EnvKeyJwtRoleClaim] = osJwtRoleClaim
+	}
+
+	if val, ok := envData[constants.EnvKeyCustomAccessTokenScript]; !ok || val == "" {
+		envData[constants.EnvKeyCustomAccessTokenScript] = osCustomAccessTokenScript
+	}
+	if osCustomAccessTokenScript != "" && envData[constants.EnvKeyCustomAccessTokenScript] != osCustomAccessTokenScript {
+		envData[constants.EnvKeyCustomAccessTokenScript] = osCustomAccessTokenScript
+	}
+
+	if val, ok := envData[constants.EnvKeyGoogleClientID]; !ok || val == "" {
+		envData[constants.EnvKeyGoogleClientID] = osGoogleClientID
+	}
+	if osGoogleClientID != "" && envData[constants.EnvKeyGoogleClientID] != osGoogleClientID {
+		envData[constants.EnvKeyGoogleClientID] = osGoogleClientID
+	}
+
+	if val, ok := envData[constants.EnvKeyGoogleClientSecret]; !ok || val == "" {
+		envData[constants.EnvKeyGoogleClientSecret] = osGoogleClientSecret
+	}
+	if osGoogleClientSecret != "" && envData[constants.EnvKeyGoogleClientSecret] != osGoogleClientSecret {
+		envData[constants.EnvKeyGoogleClientSecret] = osGoogleClientSecret
+	}
+
+	if val, ok := envData[constants.EnvKeyGithubClientID]; !ok || val == "" {
+		envData[constants.EnvKeyGithubClientID] = osGithubClientID
+	}
+	if osGithubClientID != "" && envData[constants.EnvKeyGithubClientID] != osGithubClientID {
+		envData[constants.EnvKeyGithubClientID] = osGithubClientID
+	}
+
+	if val, ok := envData[constants.EnvKeyGithubClientSecret]; !ok || val == "" {
+		envData[constants.EnvKeyGithubClientSecret] = osGithubClientSecret
+	}
+	if osGithubClientSecret != "" && envData[constants.EnvKeyGithubClientSecret] != osGithubClientSecret {
+		envData[constants.EnvKeyGithubClientSecret] = osGithubClientSecret
+	}
+
+	if val, ok := envData[constants.EnvKeyFacebookClientID]; !ok || val == "" {
+		envData[constants.EnvKeyFacebookClientID] = osFacebookClientID
+	}
+	if osFacebookClientID != "" && envData[constants.EnvKeyFacebookClientID] != osFacebookClientID {
+		envData[constants.EnvKeyFacebookClientID] = osFacebookClientID
+	}
+
+	if val, ok := envData[constants.EnvKeyFacebookClientSecret]; !ok || val == "" {
+		envData[constants.EnvKeyFacebookClientSecret] = osFacebookClientSecret
+	}
+	if osFacebookClientSecret != "" && envData[constants.EnvKeyFacebookClientSecret] != osFacebookClientSecret {
+		envData[constants.EnvKeyFacebookClientSecret] = osFacebookClientSecret
+	}
+
+	if val, ok := envData[constants.EnvKeyLinkedInClientID]; !ok || val == "" {
+		envData[constants.EnvKeyLinkedInClientID] = osLinkedInClientID
+	}
+	if osFacebookClientID != "" && envData[constants.EnvKeyLinkedInClientID] != osFacebookClientID {
+		envData[constants.EnvKeyLinkedInClientID] = osLinkedInClientID
+	}
+
+	if val, ok := envData[constants.EnvKeyLinkedInClientSecret]; !ok || val == "" {
+		envData[constants.EnvKeyLinkedInClientSecret] = osLinkedInClientSecret
+	}
+	if osFacebookClientSecret != "" && envData[constants.EnvKeyLinkedInClientSecret] != osFacebookClientSecret {
+		envData[constants.EnvKeyLinkedInClientSecret] = osLinkedInClientSecret
+	}
+
+	if val, ok := envData[constants.EnvKeyAppleClientID]; !ok || val == "" {
+		envData[constants.EnvKeyAppleClientID] = osAppleClientID
+	}
+	if osFacebookClientID != "" && envData[constants.EnvKeyAppleClientID] != osFacebookClientID {
+		envData[constants.EnvKeyAppleClientID] = osAppleClientID
+	}
+
+	if val, ok := envData[constants.EnvKeyAppleClientSecret]; !ok || val == "" {
+		envData[constants.EnvKeyAppleClientSecret] = osAppleClientSecret
+	}
+	if osFacebookClientSecret != "" && envData[constants.EnvKeyAppleClientSecret] != osFacebookClientSecret {
+		envData[constants.EnvKeyAppleClientSecret] = osAppleClientSecret
+	}
+
+	if val, ok := envData[constants.EnvKeyResetPasswordURL]; !ok || val == "" {
+		envData[constants.EnvKeyResetPasswordURL] = strings.TrimPrefix(osResetPasswordURL, "/")
+	}
+	if osResetPasswordURL != "" && envData[constants.EnvKeyResetPasswordURL] != osResetPasswordURL {
+		envData[constants.EnvKeyResetPasswordURL] = osResetPasswordURL
+	}
+
+	if val, ok := envData[constants.EnvKeyOrganizationName]; !ok || val == "" {
+		envData[constants.EnvKeyOrganizationName] = osOrganizationName
+	}
+	if osOrganizationName != "" && envData[constants.EnvKeyOrganizationName] != osOrganizationName {
+		envData[constants.EnvKeyOrganizationName] = osOrganizationName
+	}
+
+	if val, ok := envData[constants.EnvKeyOrganizationLogo]; !ok || val == "" {
+		envData[constants.EnvKeyOrganizationLogo] = osOrganizationLogo
+	}
+	if osOrganizationLogo != "" && envData[constants.EnvKeyOrganizationLogo] != osOrganizationLogo {
+		envData[constants.EnvKeyOrganizationLogo] = osOrganizationLogo
+	}
+
+	if _, ok := envData[constants.EnvKeyDisableBasicAuthentication]; !ok {
+		envData[constants.EnvKeyDisableBasicAuthentication] = osDisableBasicAuthentication == "true"
+	}
+	if osDisableBasicAuthentication != "" {
+		boolValue, err := strconv.ParseBool(osDisableBasicAuthentication)
+		if err != nil {
+			return err
+		}
+		if boolValue != envData[constants.EnvKeyDisableBasicAuthentication].(bool) {
+			envData[constants.EnvKeyDisableBasicAuthentication] = boolValue
 		}
 	}
 
-	if envData.StringEnv[constants.EnvKeyCustomAccessTokenScript] == "" {
-		envData.StringEnv[constants.EnvKeyCustomAccessTokenScript] = os.Getenv(constants.EnvKeyCustomAccessTokenScript)
+	if _, ok := envData[constants.EnvKeyDisableEmailVerification]; !ok {
+		envData[constants.EnvKeyDisableEmailVerification] = osDisableEmailVerification == "true"
 	}
-
-	if envData.StringEnv[constants.EnvKeyRedisURL] == "" {
-		envData.StringEnv[constants.EnvKeyRedisURL] = os.Getenv(constants.EnvKeyRedisURL)
-	}
-
-	if envData.StringEnv[constants.EnvKeyCookieName] == "" {
-		envData.StringEnv[constants.EnvKeyCookieName] = os.Getenv(constants.EnvKeyCookieName)
-		if envData.StringEnv[constants.EnvKeyCookieName] == "" {
-			envData.StringEnv[constants.EnvKeyCookieName] = "authorizer"
+	if osDisableEmailVerification != "" {
+		boolValue, err := strconv.ParseBool(osDisableEmailVerification)
+		if err != nil {
+			return err
+		}
+		if boolValue != envData[constants.EnvKeyDisableEmailVerification].(bool) {
+			envData[constants.EnvKeyDisableEmailVerification] = boolValue
 		}
 	}
 
-	if envData.StringEnv[constants.EnvKeyGoogleClientID] == "" {
-		envData.StringEnv[constants.EnvKeyGoogleClientID] = os.Getenv(constants.EnvKeyGoogleClientID)
+	if _, ok := envData[constants.EnvKeyDisableMagicLinkLogin]; !ok {
+		envData[constants.EnvKeyDisableMagicLinkLogin] = osDisableMagicLinkLogin == "true"
+	}
+	if osDisableMagicLinkLogin != "" {
+		boolValue, err := strconv.ParseBool(osDisableMagicLinkLogin)
+		if err != nil {
+			return err
+		}
+		if boolValue != envData[constants.EnvKeyDisableMagicLinkLogin].(bool) {
+			envData[constants.EnvKeyDisableMagicLinkLogin] = boolValue
+		}
 	}
 
-	if envData.StringEnv[constants.EnvKeyGoogleClientSecret] == "" {
-		envData.StringEnv[constants.EnvKeyGoogleClientSecret] = os.Getenv(constants.EnvKeyGoogleClientSecret)
+	if _, ok := envData[constants.EnvKeyDisableLoginPage]; !ok {
+		envData[constants.EnvKeyDisableLoginPage] = osDisableLoginPage == "true"
+	}
+	if osDisableLoginPage != "" {
+		boolValue, err := strconv.ParseBool(osDisableLoginPage)
+		if err != nil {
+			return err
+		}
+		if boolValue != envData[constants.EnvKeyDisableLoginPage].(bool) {
+			envData[constants.EnvKeyDisableLoginPage] = boolValue
+		}
 	}
 
-	if envData.StringEnv[constants.EnvKeyGithubClientID] == "" {
-		envData.StringEnv[constants.EnvKeyGithubClientID] = os.Getenv(constants.EnvKeyGithubClientID)
+	if _, ok := envData[constants.EnvKeyDisableSignUp]; !ok {
+		envData[constants.EnvKeyDisableSignUp] = osDisableSignUp == "true"
+	}
+	if osDisableSignUp != "" {
+		boolValue, err := strconv.ParseBool(osDisableSignUp)
+		if err != nil {
+			return err
+		}
+		if boolValue != envData[constants.EnvKeyDisableSignUp].(bool) {
+			envData[constants.EnvKeyDisableSignUp] = boolValue
+		}
 	}
 
-	if envData.StringEnv[constants.EnvKeyGithubClientSecret] == "" {
-		envData.StringEnv[constants.EnvKeyGithubClientSecret] = os.Getenv(constants.EnvKeyGithubClientSecret)
+	if _, ok := envData[constants.EnvKeyDisableRedisForEnv]; !ok {
+		envData[constants.EnvKeyDisableRedisForEnv] = osDisableRedisForEnv == "true"
+	}
+	if osDisableRedisForEnv != "" {
+		boolValue, err := strconv.ParseBool(osDisableRedisForEnv)
+		if err != nil {
+			return err
+		}
+		if boolValue != envData[constants.EnvKeyDisableRedisForEnv].(bool) {
+			envData[constants.EnvKeyDisableRedisForEnv] = boolValue
+		}
 	}
 
-	if envData.StringEnv[constants.EnvKeyFacebookClientID] == "" {
-		envData.StringEnv[constants.EnvKeyFacebookClientID] = os.Getenv(constants.EnvKeyFacebookClientID)
+	if _, ok := envData[constants.EnvKeyDisableStrongPassword]; !ok {
+		envData[constants.EnvKeyDisableStrongPassword] = osDisableStrongPassword == "true"
 	}
-
-	if envData.StringEnv[constants.EnvKeyFacebookClientSecret] == "" {
-		envData.StringEnv[constants.EnvKeyFacebookClientSecret] = os.Getenv(constants.EnvKeyFacebookClientSecret)
+	if osDisableStrongPassword != "" {
+		boolValue, err := strconv.ParseBool(osDisableStrongPassword)
+		if err != nil {
+			return err
+		}
+		if boolValue != envData[constants.EnvKeyDisableStrongPassword].(bool) {
+			envData[constants.EnvKeyDisableStrongPassword] = boolValue
+		}
 	}
 
-	if envData.StringEnv[constants.EnvKeyResetPasswordURL] == "" {
-		envData.StringEnv[constants.EnvKeyResetPasswordURL] = strings.TrimPrefix(os.Getenv(constants.EnvKeyResetPasswordURL), "/")
-	}
-
-	envData.BoolEnv[constants.EnvKeyDisableBasicAuthentication] = os.Getenv(constants.EnvKeyDisableBasicAuthentication) == "true"
-	envData.BoolEnv[constants.EnvKeyDisableEmailVerification] = os.Getenv(constants.EnvKeyDisableEmailVerification) == "true"
-	envData.BoolEnv[constants.EnvKeyDisableMagicLinkLogin] = os.Getenv(constants.EnvKeyDisableMagicLinkLogin) == "true"
-	envData.BoolEnv[constants.EnvKeyDisableLoginPage] = os.Getenv(constants.EnvKeyDisableLoginPage) == "true"
-	envData.BoolEnv[constants.EnvKeyDisableSignUp] = os.Getenv(constants.EnvKeyDisableSignUp) == "true"
-
 	// no need to add nil check as its already done above
-	if envData.StringEnv[constants.EnvKeySmtpHost] == "" || envData.StringEnv[constants.EnvKeySmtpUsername] == "" || envData.StringEnv[constants.EnvKeySmtpPassword] == "" || envData.StringEnv[constants.EnvKeySenderEmail] == "" && envData.StringEnv[constants.EnvKeySmtpPort] == "" {
-		envData.BoolEnv[constants.EnvKeyDisableEmailVerification] = true
-		envData.BoolEnv[constants.EnvKeyDisableMagicLinkLogin] = true
+	if envData[constants.EnvKeySmtpHost] == "" || envData[constants.EnvKeySmtpUsername] == "" || envData[constants.EnvKeySmtpPassword] == "" || envData[constants.EnvKeySenderEmail] == "" && envData[constants.EnvKeySmtpPort] == "" {
+		envData[constants.EnvKeyDisableEmailVerification] = true
+		envData[constants.EnvKeyDisableMagicLinkLogin] = true
 	}
 
-	if envData.BoolEnv[constants.EnvKeyDisableEmailVerification] {
-		envData.BoolEnv[constants.EnvKeyDisableMagicLinkLogin] = true
+	if envData[constants.EnvKeyDisableEmailVerification].(bool) {
+		envData[constants.EnvKeyDisableMagicLinkLogin] = true
 	}
 
-	allowedOriginsSplit := strings.Split(os.Getenv(constants.EnvKeyAllowedOrigins), ",")
-	allowedOrigins := []string{}
-	hasWildCard := false
+	if val, ok := envData[constants.EnvKeyAllowedOrigins]; !ok || val == "" {
+		envData[constants.EnvKeyAllowedOrigins] = osAllowedOrigins
+		if envData[constants.EnvKeyAllowedOrigins] == "" {
+			envData[constants.EnvKeyAllowedOrigins] = "*"
+		}
+	}
+	if osAllowedOrigins != "" && envData[constants.EnvKeyAllowedOrigins] != osAllowedOrigins {
+		envData[constants.EnvKeyAllowedOrigins] = osAllowedOrigins
+	}
 
-	for _, val := range allowedOriginsSplit {
-		trimVal := strings.TrimSpace(val)
-		if trimVal != "" {
-			if trimVal != "*" {
-				host, port := utils.GetHostParts(trimVal)
-				allowedOrigins = append(allowedOrigins, host+":"+port)
-			} else {
-				hasWildCard = true
-				allowedOrigins = append(allowedOrigins, trimVal)
-				break
-			}
+	if val, ok := envData[constants.EnvKeyRoles]; !ok || val == "" {
+		envData[constants.EnvKeyRoles] = osRoles
+		if envData[constants.EnvKeyRoles] == "" {
+			envData[constants.EnvKeyRoles] = "user"
+		}
+	}
+	if osRoles != "" && envData[constants.EnvKeyRoles] != osRoles {
+		envData[constants.EnvKeyRoles] = osRoles
+	}
+	roles := strings.Split(envData[constants.EnvKeyRoles].(string), ",")
+
+	if val, ok := envData[constants.EnvKeyDefaultRoles]; !ok || val == "" {
+		envData[constants.EnvKeyDefaultRoles] = osDefaultRoles
+		if envData[constants.EnvKeyDefaultRoles] == "" {
+			envData[constants.EnvKeyDefaultRoles] = "user"
+		}
+	}
+	if osDefaultRoles != "" && envData[constants.EnvKeyDefaultRoles] != osDefaultRoles {
+		envData[constants.EnvKeyDefaultRoles] = osDefaultRoles
+	}
+	defaultRoles := strings.Split(envData[constants.EnvKeyDefaultRoles].(string), ",")
+	if len(defaultRoles) == 0 {
+		defaultRoles = []string{roles[0]}
+	}
+
+	for _, role := range defaultRoles {
+		if !utils.StringSliceContains(roles, role) {
+			return fmt.Errorf("Default role %s is not defined in roles", role)
 		}
 	}
 
-	if len(allowedOrigins) > 1 && hasWildCard {
-		allowedOrigins = []string{"*"}
+	if val, ok := envData[constants.EnvKeyProtectedRoles]; !ok || val == "" {
+		envData[constants.EnvKeyProtectedRoles] = osProtectedRoles
+	}
+	if osProtectedRoles != "" && envData[constants.EnvKeyProtectedRoles] != osProtectedRoles {
+		envData[constants.EnvKeyProtectedRoles] = osProtectedRoles
 	}
 
-	if len(allowedOrigins) == 0 {
-		allowedOrigins = []string{"*"}
+	err = memorystore.Provider.UpdateEnvStore(envData)
+	if err != nil {
+		log.Debug("Error while updating env store: ", err)
+		return err
 	}
-
-	envData.SliceEnv[constants.EnvKeyAllowedOrigins] = allowedOrigins
-
-	rolesEnv := strings.TrimSpace(os.Getenv(constants.EnvKeyRoles))
-	rolesSplit := strings.Split(rolesEnv, ",")
-	roles := []string{}
-	if len(rolesEnv) == 0 {
-		roles = []string{"user"}
-	}
-
-	defaultRolesEnv := strings.TrimSpace(os.Getenv(constants.EnvKeyDefaultRoles))
-	defaultRoleSplit := strings.Split(defaultRolesEnv, ",")
-	defaultRoles := []string{}
-
-	if len(defaultRolesEnv) == 0 {
-		defaultRoles = []string{"user"}
-	}
-
-	protectedRolesEnv := strings.TrimSpace(os.Getenv(constants.EnvKeyProtectedRoles))
-	protectedRolesSplit := strings.Split(protectedRolesEnv, ",")
-	protectedRoles := []string{}
-
-	if len(protectedRolesEnv) > 0 {
-		for _, val := range protectedRolesSplit {
-			trimVal := strings.TrimSpace(val)
-			protectedRoles = append(protectedRoles, trimVal)
-		}
-	}
-
-	for _, val := range rolesSplit {
-		trimVal := strings.TrimSpace(val)
-		if trimVal != "" {
-			roles = append(roles, trimVal)
-			if utils.StringSliceContains(defaultRoleSplit, trimVal) {
-				defaultRoles = append(defaultRoles, trimVal)
-			}
-		}
-	}
-
-	if len(roles) > 0 && len(defaultRoles) == 0 && len(defaultRolesEnv) > 0 {
-		log.Debug("Default roles not found in roles list. It can be one from ROLES only")
-		return errors.New(`invalid DEFAULT_ROLE environment variable. It can be one from give ROLES environment variable value`)
-	}
-
-	envData.SliceEnv[constants.EnvKeyRoles] = roles
-	envData.SliceEnv[constants.EnvKeyDefaultRoles] = defaultRoles
-	envData.SliceEnv[constants.EnvKeyProtectedRoles] = protectedRoles
-
-	if os.Getenv(constants.EnvKeyOrganizationName) != "" {
-		envData.StringEnv[constants.EnvKeyOrganizationName] = os.Getenv(constants.EnvKeyOrganizationName)
-	}
-
-	if os.Getenv(constants.EnvKeyOrganizationLogo) != "" {
-		envData.StringEnv[constants.EnvKeyOrganizationLogo] = os.Getenv(constants.EnvKeyOrganizationLogo)
-	}
-
-	envstore.EnvStoreObj.UpdateEnvStore(envData)
 	return nil
 }

server/env/persist_env.go

@@ -1,8 +1,10 @@
 package env
 
 import (
+	"context"
 	"encoding/json"
 	"os"
+	"reflect"
 	"strconv"
 	"strings"
 
@@ -13,14 +15,52 @@ import (
 	"github.com/authorizerdev/authorizer/server/crypto"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/db/models"
-	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/utils"
 )
 
+func fixBackwardCompatibility(data map[string]interface{}) (bool, map[string]interface{}) {
+	result := data
+	// check if env data is stored in older format
+	hasOlderFormat := false
+	if _, ok := result["bool_env"]; ok {
+		for key, value := range result["bool_env"].(map[string]interface{}) {
+			result[key] = value
+		}
+		hasOlderFormat = true
+		delete(result, "bool_env")
+	}
+
+	if _, ok := result["string_env"]; ok {
+		for key, value := range result["string_env"].(map[string]interface{}) {
+			result[key] = value
+		}
+		hasOlderFormat = true
+		delete(result, "string_env")
+	}
+
+	if _, ok := result["slice_env"]; ok {
+		for key, value := range result["slice_env"].(map[string]interface{}) {
+			typeOfValue := reflect.TypeOf(value)
+			if strings.Contains(typeOfValue.String(), "[]string") {
+				result[key] = strings.Join(value.([]string), ",")
+			}
+			if strings.Contains(typeOfValue.String(), "[]interface") {
+				result[key] = strings.Join(utils.ConvertInterfaceToStringSlice(value), ",")
+			}
+		}
+		hasOlderFormat = true
+		delete(result, "slice_env")
+	}
+
+	return hasOlderFormat, result
+}
+
 // GetEnvData returns the env data from database
-func GetEnvData() (envstore.Store, error) {
-	var result envstore.Store
-	env, err := db.Provider.GetEnv()
+func GetEnvData() (map[string]interface{}, error) {
+	var result map[string]interface{}
+	ctx := context.Background()
+	env, err := db.Provider.GetEnv(ctx)
 	// config not found in db
 	if err != nil {
 		log.Debug("Error while getting env data from db: ", err)
@@ -34,7 +74,7 @@ func GetEnvData() (envstore.Store, error) {
 		return result, err
 	}
 
-	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEncryptionKey, decryptedEncryptionKey)
+	memorystore.Provider.UpdateEnvVariable(constants.EnvKeyEncryptionKey, decryptedEncryptionKey)
 
 	b64DecryptedConfig, err := crypto.DecryptB64(env.EnvData)
 	if err != nil {
@@ -54,20 +94,42 @@ func GetEnvData() (envstore.Store, error) {
 		return result, err
 	}
 
+	hasOlderFormat, result := fixBackwardCompatibility(result)
+
+	if hasOlderFormat {
+		err = memorystore.Provider.UpdateEnvStore(result)
+		if err != nil {
+			log.Debug("Error while updating env store: ", err)
+			return result, err
+		}
+
+	}
+
 	return result, err
 }
 
 // PersistEnv persists the environment variables to the database
 func PersistEnv() error {
-	env, err := db.Provider.GetEnv()
+	ctx := context.Background()
+	env, err := db.Provider.GetEnv(ctx)
 	// config not found in db
-	if err != nil {
+	if err != nil || env.EnvData == "" {
 		// AES encryption needs 32 bit key only, so we chop off last 4 characters from 36 bit uuid
 		hash := uuid.New().String()[:36-4]
-		envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEncryptionKey, hash)
+		err := memorystore.Provider.UpdateEnvVariable(constants.EnvKeyEncryptionKey, hash)
+		if err != nil {
+			log.Debug("Error while updating encryption env variable: ", err)
+			return err
+		}
 		encodedHash := crypto.EncryptB64(hash)
 
-		encryptedConfig, err := crypto.EncryptEnvData(envstore.EnvStoreObj.GetEnvStoreClone())
+		res, err := memorystore.Provider.GetEnvStore()
+		if err != nil {
+			log.Debug("Error while getting env store: ", err)
+			return err
+		}
+
+		encryptedConfig, err := crypto.EncryptEnvData(res)
 		if err != nil {
 			log.Debug("Error while encrypting env data: ", err)
 			return err
@@ -78,7 +140,7 @@ func PersistEnv() error {
 			EnvData: encryptedConfig,
 		}
 
-		env, err = db.Provider.AddEnv(env)
+		env, err = db.Provider.AddEnv(ctx, env)
 		if err != nil {
 			log.Debug("Error while persisting env data to db: ", err)
 			return err
@@ -93,7 +155,7 @@ func PersistEnv() error {
 			return err
 		}
 
-		envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEncryptionKey, decryptedEncryptionKey)
+		memorystore.Provider.UpdateEnvVariable(constants.EnvKeyEncryptionKey, decryptedEncryptionKey)
 
 		b64DecryptedConfig, err := crypto.DecryptB64(env.EnvData)
 		if err != nil {
@@ -108,83 +170,81 @@ func PersistEnv() error {
 		}
 
 		// temp store variable
-		var storeData envstore.Store
+		storeData := map[string]interface{}{}
 
 		err = json.Unmarshal(decryptedConfigs, &storeData)
 		if err != nil {
-			log.Debug("Error while unmarshalling env data: ", err)
+			log.Debug("Error while un-marshalling env data: ", err)
 			return err
 		}
 
+		hasOlderFormat, result := fixBackwardCompatibility(storeData)
+		if hasOlderFormat {
+			err = memorystore.Provider.UpdateEnvStore(result)
+			if err != nil {
+				log.Debug("Error while updating env store: ", err)
+				return err
+			}
+
+		}
+
 		// if env is changed via env file or OS env
 		// give that higher preference and update db, but we don't recommend it
 
 		hasChanged := false
-
-		for key, value := range storeData.StringEnv {
+		for key, value := range storeData {
 			// don't override unexposed envs
+			// check only for derivative keys
+			// No need to check for ENCRYPTION_KEY which special key we use for encrypting config data
+			// as we have removed it from json
 			if key != constants.EnvKeyEncryptionKey {
-				// check only for derivative keys
-				// No need to check for ENCRYPTION_KEY which special key we use for encrypting config data
-				// as we have removed it from json
 				envValue := strings.TrimSpace(os.Getenv(key))
-
-				// env is not empty
 				if envValue != "" {
-					if value != envValue {
-						storeData.StringEnv[key] = envValue
-						hasChanged = true
+					switch key {
+					case constants.EnvKeyIsProd, constants.EnvKeyDisableBasicAuthentication, constants.EnvKeyDisableEmailVerification, constants.EnvKeyDisableLoginPage, constants.EnvKeyDisableMagicLinkLogin, constants.EnvKeyDisableSignUp, constants.EnvKeyDisableRedisForEnv, constants.EnvKeyDisableStrongPassword:
+						if envValueBool, err := strconv.ParseBool(envValue); err == nil {
+							if value.(bool) != envValueBool {
+								storeData[key] = envValueBool
+								hasChanged = true
+							}
+						}
+					default:
+						if value != nil && value.(string) != envValue {
+							storeData[key] = envValue
+							hasChanged = true
+						}
 					}
 				}
 			}
 		}
 
-		for key, value := range storeData.BoolEnv {
-			envValue := strings.TrimSpace(os.Getenv(key))
-			// env is not empty
-			if envValue != "" {
-				envValueBool, _ := strconv.ParseBool(envValue)
-				if value != envValueBool {
-					storeData.BoolEnv[key] = envValueBool
-					hasChanged = true
-				}
-			}
-		}
-
-		for key, value := range storeData.SliceEnv {
-			envValue := strings.TrimSpace(os.Getenv(key))
-			// env is not empty
-			if envValue != "" {
-				envStringArr := strings.Split(envValue, ",")
-				if !utils.IsStringArrayEqual(value, envStringArr) {
-					storeData.SliceEnv[key] = envStringArr
-					hasChanged = true
-				}
-			}
-		}
-
 		// handle derivative cases like disabling email verification & magic login
 		// in case SMTP is off but env is set to true
-		if storeData.StringEnv[constants.EnvKeySmtpHost] == "" || storeData.StringEnv[constants.EnvKeySmtpUsername] == "" || storeData.StringEnv[constants.EnvKeySmtpPassword] == "" || storeData.StringEnv[constants.EnvKeySenderEmail] == "" && storeData.StringEnv[constants.EnvKeySmtpPort] == "" {
-			if !storeData.BoolEnv[constants.EnvKeyDisableEmailVerification] {
-				storeData.BoolEnv[constants.EnvKeyDisableEmailVerification] = true
+		if storeData[constants.EnvKeySmtpHost] == "" || storeData[constants.EnvKeySmtpUsername] == "" || storeData[constants.EnvKeySmtpPassword] == "" || storeData[constants.EnvKeySenderEmail] == "" && storeData[constants.EnvKeySmtpPort] == "" {
+			if !storeData[constants.EnvKeyDisableEmailVerification].(bool) {
+				storeData[constants.EnvKeyDisableEmailVerification] = true
 				hasChanged = true
 			}
 
-			if !storeData.BoolEnv[constants.EnvKeyDisableMagicLinkLogin] {
-				storeData.BoolEnv[constants.EnvKeyDisableMagicLinkLogin] = true
+			if !storeData[constants.EnvKeyDisableMagicLinkLogin].(bool) {
+				storeData[constants.EnvKeyDisableMagicLinkLogin] = true
 				hasChanged = true
 			}
 		}
 
-		envstore.EnvStoreObj.UpdateEnvStore(storeData)
+		err = memorystore.Provider.UpdateEnvStore(storeData)
+		if err != nil {
+			log.Debug("Error while updating env store: ", err)
+			return err
+		}
+
 		jwk, err := crypto.GenerateJWKBasedOnEnv()
 		if err != nil {
 			log.Debug("Error while generating JWK: ", err)
 			return err
 		}
 		// updating jwk
-		envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJWK, jwk)
+		memorystore.Provider.UpdateEnvVariable(constants.EnvKeyJWK, jwk)
 
 		if hasChanged {
 			encryptedConfig, err := crypto.EncryptEnvData(storeData)
@@ -194,7 +254,7 @@ func PersistEnv() error {
 			}
 
 			env.EnvData = encryptedConfig
-			_, err = db.Provider.UpdateEnv(env)
+			_, err = db.Provider.UpdateEnv(ctx, env)
 			if err != nil {
 				log.Debug("Failed to Update Config: ", err)
 				return err

server/envstore/store.go

@@ -1,122 +0,0 @@
-package envstore
-
-import (
-	"sync"
-
-	"github.com/authorizerdev/authorizer/server/constants"
-)
-
-var (
-	// ARG_DB_URL is the cli arg variable for the database url
-	ARG_DB_URL *string
-	// ARG_DB_TYPE is the cli arg variable for the database type
-	ARG_DB_TYPE *string
-	// ARG_ENV_FILE is the cli arg variable for the env file
-	ARG_ENV_FILE *string
-	// ARG_LOG_LEVEL is the cli arg variable for the log level
-	ARG_LOG_LEVEL *string
-)
-
-// Store data structure
-type Store struct {
-	StringEnv map[string]string   `json:"string_env"`
-	BoolEnv   map[string]bool     `json:"bool_env"`
-	SliceEnv  map[string][]string `json:"slice_env"`
-}
-
-// EnvStore struct
-type EnvStore struct {
-	mutex sync.Mutex
-	store *Store
-}
-
-var defaultStore = &EnvStore{
-	store: &Store{
-		StringEnv: map[string]string{
-			constants.EnvKeyAdminCookieName:  "authorizer-admin",
-			constants.EnvKeyJwtRoleClaim:     "role",
-			constants.EnvKeyOrganizationName: "Authorizer",
-			constants.EnvKeyOrganizationLogo: "https://www.authorizer.dev/images/logo.png",
-		},
-		BoolEnv: map[string]bool{
-			constants.EnvKeyDisableBasicAuthentication: false,
-			constants.EnvKeyDisableMagicLinkLogin:      false,
-			constants.EnvKeyDisableEmailVerification:   false,
-			constants.EnvKeyDisableLoginPage:           false,
-			constants.EnvKeyDisableSignUp:              false,
-		},
-		SliceEnv: map[string][]string{},
-	},
-}
-
-// EnvStoreObj.GetBoolStoreEnvVariable global variable for EnvStore
-var EnvStoreObj = defaultStore
-
-// UpdateEnvStore to update the whole env store object
-func (e *EnvStore) UpdateEnvStore(store Store) {
-	e.mutex.Lock()
-	defer e.mutex.Unlock()
-	// just override the keys + new keys
-
-	for key, value := range store.StringEnv {
-		e.store.StringEnv[key] = value
-	}
-
-	for key, value := range store.BoolEnv {
-		e.store.BoolEnv[key] = value
-	}
-
-	for key, value := range store.SliceEnv {
-		e.store.SliceEnv[key] = value
-	}
-}
-
-// UpdateEnvVariable to update the particular env variable
-func (e *EnvStore) UpdateEnvVariable(storeIdentifier, key string, value interface{}) {
-	e.mutex.Lock()
-	defer e.mutex.Unlock()
-	switch storeIdentifier {
-	case constants.StringStoreIdentifier:
-		e.store.StringEnv[key] = value.(string)
-	case constants.BoolStoreIdentifier:
-		e.store.BoolEnv[key] = value.(bool)
-	case constants.SliceStoreIdentifier:
-		e.store.SliceEnv[key] = value.([]string)
-	}
-}
-
-// GetStringStoreEnvVariable to get the env variable from string store object
-func (e *EnvStore) GetStringStoreEnvVariable(key string) string {
-	// e.mutex.Lock()
-	// defer e.mutex.Unlock()
-	return e.store.StringEnv[key]
-}
-
-// GetBoolStoreEnvVariable to get the env variable from bool store object
-func (e *EnvStore) GetBoolStoreEnvVariable(key string) bool {
-	// e.mutex.Lock()
-	// defer e.mutex.Unlock()
-	return e.store.BoolEnv[key]
-}
-
-// GetSliceStoreEnvVariable to get the env variable from slice store object
-func (e *EnvStore) GetSliceStoreEnvVariable(key string) []string {
-	// e.mutex.Lock()
-	// defer e.mutex.Unlock()
-	return e.store.SliceEnv[key]
-}
-
-// GetEnvStoreClone to get clone of current env store object
-func (e *EnvStore) GetEnvStoreClone() Store {
-	e.mutex.Lock()
-	defer e.mutex.Unlock()
-
-	result := *e.store
-	return result
-}
-
-func (e *EnvStore) ResetStore() {
-	e.mutex.Lock()
-	defer e.mutex.Unlock()
-	e.store = defaultStore.store
-}

server/go.mod

@@ -20,7 +20,7 @@ require (
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.1 // indirect
 	github.com/robertkrimen/otto v0.0.0-20211024170158-b87d35c0b86f
-	github.com/sirupsen/logrus v1.8.1 // indirect
+	github.com/sirupsen/logrus v1.8.1
 	github.com/stretchr/testify v1.7.0
 	github.com/ugorji/go v1.2.6 // indirect
 	github.com/vektah/gqlparser/v2 v2.2.0

server/graph/model/models_gen.go

@@ -2,6 +2,13 @@
 
 package model
 
+type AddWebhookRequest struct {
+	EventName string                 `json:"event_name"`
+	Endpoint  string                 `json:"endpoint"`
+	Enabled   bool                   `json:"enabled"`
+	Headers   map[string]interface{} `json:"headers"`
+}
+
 type AdminLoginInput struct {
 	AdminSecret string `json:"admin_secret"`
 }
@@ -26,13 +33,13 @@ type DeleteUserInput struct {
 type Env struct {
 	AccessTokenExpiryTime      *string  `json:"ACCESS_TOKEN_EXPIRY_TIME"`
 	AdminSecret                *string  `json:"ADMIN_SECRET"`
-	DatabaseName               string   `json:"DATABASE_NAME"`
-	DatabaseURL                string   `json:"DATABASE_URL"`
-	DatabaseType               string   `json:"DATABASE_TYPE"`
-	DatabaseUsername           string   `json:"DATABASE_USERNAME"`
-	DatabasePassword           string   `json:"DATABASE_PASSWORD"`
-	DatabaseHost               string   `json:"DATABASE_HOST"`
-	DatabasePort               string   `json:"DATABASE_PORT"`
+	DatabaseName               *string  `json:"DATABASE_NAME"`
+	DatabaseURL                *string  `json:"DATABASE_URL"`
+	DatabaseType               *string  `json:"DATABASE_TYPE"`
+	DatabaseUsername           *string  `json:"DATABASE_USERNAME"`
+	DatabasePassword           *string  `json:"DATABASE_PASSWORD"`
+	DatabaseHost               *string  `json:"DATABASE_HOST"`
+	DatabasePort               *string  `json:"DATABASE_PORT"`
 	ClientID                   string   `json:"CLIENT_ID"`
 	ClientSecret               string   `json:"CLIENT_SECRET"`
 	CustomAccessTokenScript    *string  `json:"CUSTOM_ACCESS_TOKEN_SCRIPT"`
@@ -48,13 +55,14 @@ type Env struct {
 	AllowedOrigins             []string `json:"ALLOWED_ORIGINS"`
 	AppURL                     *string  `json:"APP_URL"`
 	RedisURL                   *string  `json:"REDIS_URL"`
-	CookieName                 *string  `json:"COOKIE_NAME"`
 	ResetPasswordURL           *string  `json:"RESET_PASSWORD_URL"`
-	DisableEmailVerification   *bool    `json:"DISABLE_EMAIL_VERIFICATION"`
-	DisableBasicAuthentication *bool    `json:"DISABLE_BASIC_AUTHENTICATION"`
-	DisableMagicLinkLogin      *bool    `json:"DISABLE_MAGIC_LINK_LOGIN"`
-	DisableLoginPage           *bool    `json:"DISABLE_LOGIN_PAGE"`
-	DisableSignUp              *bool    `json:"DISABLE_SIGN_UP"`
+	DisableEmailVerification   bool     `json:"DISABLE_EMAIL_VERIFICATION"`
+	DisableBasicAuthentication bool     `json:"DISABLE_BASIC_AUTHENTICATION"`
+	DisableMagicLinkLogin      bool     `json:"DISABLE_MAGIC_LINK_LOGIN"`
+	DisableLoginPage           bool     `json:"DISABLE_LOGIN_PAGE"`
+	DisableSignUp              bool     `json:"DISABLE_SIGN_UP"`
+	DisableRedisForEnv         bool     `json:"DISABLE_REDIS_FOR_ENV"`
+	DisableStrongPassword      bool     `json:"DISABLE_STRONG_PASSWORD"`
 	Roles                      []string `json:"ROLES"`
 	ProtectedRoles             []string `json:"PROTECTED_ROLES"`
 	DefaultRoles               []string `json:"DEFAULT_ROLES"`
@@ -65,6 +73,10 @@ type Env struct {
 	GithubClientSecret         *string  `json:"GITHUB_CLIENT_SECRET"`
 	FacebookClientID           *string  `json:"FACEBOOK_CLIENT_ID"`
 	FacebookClientSecret       *string  `json:"FACEBOOK_CLIENT_SECRET"`
+	LinkedinClientID           *string  `json:"LINKEDIN_CLIENT_ID"`
+	LinkedinClientSecret       *string  `json:"LINKEDIN_CLIENT_SECRET"`
+	AppleClientID              *string  `json:"APPLE_CLIENT_ID"`
+	AppleClientSecret          *string  `json:"APPLE_CLIENT_SECRET"`
 	OrganizationName           *string  `json:"ORGANIZATION_NAME"`
 	OrganizationLogo           *string  `json:"ORGANIZATION_LOGO"`
 }
@@ -95,6 +107,11 @@ type InviteMemberInput struct {
 	RedirectURI *string  `json:"redirect_uri"`
 }
 
+type ListWebhookLogRequest struct {
+	Pagination *PaginationInput `json:"pagination"`
+	WebhookID  *string          `json:"webhook_id"`
+}
+
 type LoginInput struct {
 	Email    string   `json:"email"`
 	Password string   `json:"password"`
@@ -116,10 +133,13 @@ type Meta struct {
 	IsGoogleLoginEnabled         bool   `json:"is_google_login_enabled"`
 	IsFacebookLoginEnabled       bool   `json:"is_facebook_login_enabled"`
 	IsGithubLoginEnabled         bool   `json:"is_github_login_enabled"`
+	IsLinkedinLoginEnabled       bool   `json:"is_linkedin_login_enabled"`
+	IsAppleLoginEnabled          bool   `json:"is_apple_login_enabled"`
 	IsEmailVerificationEnabled   bool   `json:"is_email_verification_enabled"`
 	IsBasicAuthenticationEnabled bool   `json:"is_basic_authentication_enabled"`
 	IsMagicLinkLoginEnabled      bool   `json:"is_magic_link_login_enabled"`
 	IsSignUpEnabled              bool   `json:"is_sign_up_enabled"`
+	IsStrongPasswordEnabled      bool   `json:"is_strong_password_enabled"`
 }
 
 type OAuthRevokeInput struct {
@@ -179,6 +199,17 @@ type SignUpInput struct {
 	RedirectURI     *string  `json:"redirect_uri"`
 }
 
+type TestEndpointRequest struct {
+	Endpoint  string                 `json:"endpoint"`
+	EventName string                 `json:"event_name"`
+	Headers   map[string]interface{} `json:"headers"`
+}
+
+type TestEndpointResponse struct {
+	HTTPStatus *int64                 `json:"http_status"`
+	Response   map[string]interface{} `json:"response"`
+}
+
 type UpdateAccessInput struct {
 	UserID string `json:"user_id"`
 }
@@ -199,14 +230,14 @@ type UpdateEnvInput struct {
 	JwtPublicKey               *string  `json:"JWT_PUBLIC_KEY"`
 	AllowedOrigins             []string `json:"ALLOWED_ORIGINS"`
 	AppURL                     *string  `json:"APP_URL"`
-	RedisURL                   *string  `json:"REDIS_URL"`
-	CookieName                 *string  `json:"COOKIE_NAME"`
 	ResetPasswordURL           *string  `json:"RESET_PASSWORD_URL"`
 	DisableEmailVerification   *bool    `json:"DISABLE_EMAIL_VERIFICATION"`
 	DisableBasicAuthentication *bool    `json:"DISABLE_BASIC_AUTHENTICATION"`
 	DisableMagicLinkLogin      *bool    `json:"DISABLE_MAGIC_LINK_LOGIN"`
 	DisableLoginPage           *bool    `json:"DISABLE_LOGIN_PAGE"`
 	DisableSignUp              *bool    `json:"DISABLE_SIGN_UP"`
+	DisableRedisForEnv         *bool    `json:"DISABLE_REDIS_FOR_ENV"`
+	DisableStrongPassword      *bool    `json:"DISABLE_STRONG_PASSWORD"`
 	Roles                      []string `json:"ROLES"`
 	ProtectedRoles             []string `json:"PROTECTED_ROLES"`
 	DefaultRoles               []string `json:"DEFAULT_ROLES"`
@@ -217,6 +248,10 @@ type UpdateEnvInput struct {
 	GithubClientSecret         *string  `json:"GITHUB_CLIENT_SECRET"`
 	FacebookClientID           *string  `json:"FACEBOOK_CLIENT_ID"`
 	FacebookClientSecret       *string  `json:"FACEBOOK_CLIENT_SECRET"`
+	LinkedinClientID           *string  `json:"LINKEDIN_CLIENT_ID"`
+	LinkedinClientSecret       *string  `json:"LINKEDIN_CLIENT_SECRET"`
+	AppleClientID              *string  `json:"APPLE_CLIENT_ID"`
+	AppleClientSecret          *string  `json:"APPLE_CLIENT_SECRET"`
 	OrganizationName           *string  `json:"ORGANIZATION_NAME"`
 	OrganizationLogo           *string  `json:"ORGANIZATION_LOGO"`
 }
@@ -251,6 +286,14 @@ type UpdateUserInput struct {
 	Roles         []*string `json:"roles"`
 }
 
+type UpdateWebhookRequest struct {
+	ID        string                 `json:"id"`
+	EventName *string                `json:"event_name"`
+	Endpoint  *string                `json:"endpoint"`
+	Enabled   *bool                  `json:"enabled"`
+	Headers   map[string]interface{} `json:"headers"`
+}
+
 type User struct {
 	ID                  string   `json:"id"`
 	Email               string   `json:"email"`
@@ -307,3 +350,37 @@ type VerificationRequests struct {
 type VerifyEmailInput struct {
 	Token string `json:"token"`
 }
+
+type Webhook struct {
+	ID        string                 `json:"id"`
+	EventName *string                `json:"event_name"`
+	Endpoint  *string                `json:"endpoint"`
+	Enabled   *bool                  `json:"enabled"`
+	Headers   map[string]interface{} `json:"headers"`
+	CreatedAt *int64                 `json:"created_at"`
+	UpdatedAt *int64                 `json:"updated_at"`
+}
+
+type WebhookLog struct {
+	ID         string  `json:"id"`
+	HTTPStatus *int64  `json:"http_status"`
+	Response   *string `json:"response"`
+	Request    *string `json:"request"`
+	WebhookID  *string `json:"webhook_id"`
+	CreatedAt  *int64  `json:"created_at"`
+	UpdatedAt  *int64  `json:"updated_at"`
+}
+
+type WebhookLogs struct {
+	Pagination  *Pagination   `json:"pagination"`
+	WebhookLogs []*WebhookLog `json:"webhook_logs"`
+}
+
+type WebhookRequest struct {
+	ID string `json:"id"`
+}
+
+type Webhooks struct {
+	Pagination *Pagination `json:"pagination"`
+	Webhooks   []*Webhook  `json:"webhooks"`
+}

server/graph/schema.graphqls

@@ -18,10 +18,13 @@ type Meta {
 	is_google_login_enabled: Boolean!
 	is_facebook_login_enabled: Boolean!
 	is_github_login_enabled: Boolean!
+	is_linkedin_login_enabled: Boolean!
+	is_apple_login_enabled: Boolean!
 	is_email_verification_enabled: Boolean!
 	is_basic_authentication_enabled: Boolean!
 	is_magic_link_login_enabled: Boolean!
 	is_sign_up_enabled: Boolean!
+	is_strong_password_enabled: Boolean!
 }
 
 type User {
@@ -89,13 +92,13 @@ type Response {
 type Env {
 	ACCESS_TOKEN_EXPIRY_TIME: String
 	ADMIN_SECRET: String
-	DATABASE_NAME: String!
-	DATABASE_URL: String!
-	DATABASE_TYPE: String!
-	DATABASE_USERNAME: String!
-	DATABASE_PASSWORD: String!
-	DATABASE_HOST: String!
-	DATABASE_PORT: String!
+	DATABASE_NAME: String
+	DATABASE_URL: String
+	DATABASE_TYPE: String
+	DATABASE_USERNAME: String
+	DATABASE_PASSWORD: String
+	DATABASE_HOST: String
+	DATABASE_PORT: String
 	CLIENT_ID: String!
 	CLIENT_SECRET: String!
 	CUSTOM_ACCESS_TOKEN_SCRIPT: String
@@ -111,13 +114,14 @@ type Env {
 	ALLOWED_ORIGINS: [String!]
 	APP_URL: String
 	REDIS_URL: String
-	COOKIE_NAME: String
 	RESET_PASSWORD_URL: String
-	DISABLE_EMAIL_VERIFICATION: Boolean
-	DISABLE_BASIC_AUTHENTICATION: Boolean
-	DISABLE_MAGIC_LINK_LOGIN: Boolean
-	DISABLE_LOGIN_PAGE: Boolean
-	DISABLE_SIGN_UP: Boolean
+	DISABLE_EMAIL_VERIFICATION: Boolean!
+	DISABLE_BASIC_AUTHENTICATION: Boolean!
+	DISABLE_MAGIC_LINK_LOGIN: Boolean!
+	DISABLE_LOGIN_PAGE: Boolean!
+	DISABLE_SIGN_UP: Boolean!
+	DISABLE_REDIS_FOR_ENV: Boolean!
+	DISABLE_STRONG_PASSWORD: Boolean!
 	ROLES: [String!]
 	PROTECTED_ROLES: [String!]
 	DEFAULT_ROLES: [String!]
@@ -128,6 +132,10 @@ type Env {
 	GITHUB_CLIENT_SECRET: String
 	FACEBOOK_CLIENT_ID: String
 	FACEBOOK_CLIENT_SECRET: String
+	LINKEDIN_CLIENT_ID: String
+	LINKEDIN_CLIENT_SECRET: String
+	APPLE_CLIENT_ID: String
+	APPLE_CLIENT_SECRET: String
 	ORGANIZATION_NAME: String
 	ORGANIZATION_LOGO: String
 }
@@ -158,14 +166,14 @@ input UpdateEnvInput {
 	JWT_PUBLIC_KEY: String
 	ALLOWED_ORIGINS: [String!]
 	APP_URL: String
-	REDIS_URL: String
-	COOKIE_NAME: String
 	RESET_PASSWORD_URL: String
 	DISABLE_EMAIL_VERIFICATION: Boolean
 	DISABLE_BASIC_AUTHENTICATION: Boolean
 	DISABLE_MAGIC_LINK_LOGIN: Boolean
 	DISABLE_LOGIN_PAGE: Boolean
 	DISABLE_SIGN_UP: Boolean
+	DISABLE_REDIS_FOR_ENV: Boolean
+	DISABLE_STRONG_PASSWORD: Boolean
 	ROLES: [String!]
 	PROTECTED_ROLES: [String!]
 	DEFAULT_ROLES: [String!]
@@ -176,6 +184,10 @@ input UpdateEnvInput {
 	GITHUB_CLIENT_SECRET: String
 	FACEBOOK_CLIENT_ID: String
 	FACEBOOK_CLIENT_SECRET: String
+	LINKEDIN_CLIENT_ID: String
+	LINKEDIN_CLIENT_SECRET: String
+	APPLE_CLIENT_ID: String
+	APPLE_CLIENT_SECRET: String
 	ORGANIZATION_NAME: String
 	ORGANIZATION_LOGO: String
 }
@@ -312,6 +324,71 @@ input GenerateJWTKeysInput {
 	type: String!
 }
 
+type Webhook {
+	id: ID!
+	event_name: String
+	endpoint: String
+	enabled: Boolean
+	headers: Map
+	created_at: Int64
+	updated_at: Int64
+}
+
+type Webhooks {
+	pagination: Pagination!
+	webhooks: [Webhook!]!
+}
+
+type WebhookLog {
+	id: ID!
+	http_status: Int64
+	response: String
+	request: String
+	webhook_id: ID
+	created_at: Int64
+	updated_at: Int64
+}
+
+type TestEndpointResponse {
+	http_status: Int64
+	response: Map
+}
+
+input ListWebhookLogRequest {
+	pagination: PaginationInput
+	webhook_id: String
+}
+
+input AddWebhookRequest {
+	event_name: String!
+	endpoint: String!
+	enabled: Boolean!
+	headers: Map
+}
+
+input UpdateWebhookRequest {
+	id: ID!
+	event_name: String
+	endpoint: String
+	enabled: Boolean
+	headers: Map
+}
+
+input WebhookRequest {
+	id: ID!
+}
+
+input TestEndpointRequest {
+	endpoint: String!
+	event_name: String!
+	headers: Map
+}
+
+type WebhookLogs {
+	pagination: Pagination!
+	webhook_logs: [WebhookLog!]!
+}
+
 type Mutation {
 	signup(params: SignUpInput!): AuthResponse!
 	login(params: LoginInput!): AuthResponse!
@@ -334,6 +411,10 @@ type Mutation {
 	_revoke_access(param: UpdateAccessInput!): Response!
 	_enable_access(param: UpdateAccessInput!): Response!
 	_generate_jwt_keys(params: GenerateJWTKeysInput!): GenerateJWTKeysResponse!
+	_add_webhook(params: AddWebhookRequest!): Response!
+	_update_webhook(params: UpdateWebhookRequest!): Response!
+	_delete_webhook(params: WebhookRequest!): Response!
+	_test_endpoint(params: TestEndpointRequest!): TestEndpointResponse!
 }
 
 type Query {
@@ -346,4 +427,7 @@ type Query {
 	_verification_requests(params: PaginatedInput): VerificationRequests!
 	_admin_session: Response!
 	_env: Env!
+	_webhook(params: WebhookRequest!): Webhook!
+	_webhooks(params: PaginatedInput): Webhooks!
+	_webhook_logs(params: ListWebhookLogRequest): WebhookLogs!
 }

server/graph/schema.resolvers.go

@@ -91,6 +91,22 @@ func (r *mutationResolver) GenerateJwtKeys(ctx context.Context, params model.Gen
 	return resolvers.GenerateJWTKeysResolver(ctx, params)
 }
 
+func (r *mutationResolver) AddWebhook(ctx context.Context, params model.AddWebhookRequest) (*model.Response, error) {
+	return resolvers.AddWebhookResolver(ctx, params)
+}
+
+func (r *mutationResolver) UpdateWebhook(ctx context.Context, params model.UpdateWebhookRequest) (*model.Response, error) {
+	return resolvers.UpdateWebhookResolver(ctx, params)
+}
+
+func (r *mutationResolver) DeleteWebhook(ctx context.Context, params model.WebhookRequest) (*model.Response, error) {
+	return resolvers.DeleteWebhookResolver(ctx, params)
+}
+
+func (r *mutationResolver) TestEndpoint(ctx context.Context, params model.TestEndpointRequest) (*model.TestEndpointResponse, error) {
+	return resolvers.TestEndpointResolver(ctx, params)
+}
+
 func (r *queryResolver) Meta(ctx context.Context) (*model.Meta, error) {
 	return resolvers.MetaResolver(ctx)
 }
@@ -123,6 +139,18 @@ func (r *queryResolver) Env(ctx context.Context) (*model.Env, error) {
 	return resolvers.EnvResolver(ctx)
 }
 
+func (r *queryResolver) Webhook(ctx context.Context, params model.WebhookRequest) (*model.Webhook, error) {
+	return resolvers.WebhookResolver(ctx, params)
+}
+
+func (r *queryResolver) Webhooks(ctx context.Context, params *model.PaginatedInput) (*model.Webhooks, error) {
+	return resolvers.WebhooksResolver(ctx, params)
+}
+
+func (r *queryResolver) WebhookLogs(ctx context.Context, params *model.ListWebhookLogRequest) (*model.WebhookLogs, error) {
+	return resolvers.WebhookLogsResolver(ctx, params)
+}
+
 // Mutation returns generated.MutationResolver implementation.
 func (r *Resolver) Mutation() generated.MutationResolver { return &mutationResolver{r} }
 

server/handlers/app.go

@@ -8,8 +8,9 @@ import (
 	log "github.com/sirupsen/logrus"
 
 	"github.com/authorizerdev/authorizer/server/constants"
-	"github.com/authorizerdev/authorizer/server/envstore"
-	"github.com/authorizerdev/authorizer/server/utils"
+	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/parsers"
+	"github.com/authorizerdev/authorizer/server/validators"
 )
 
 // State is the struct that holds authorizer url and redirect url
@@ -22,8 +23,8 @@ type State struct {
 // AppHandler is the handler for the /app route
 func AppHandler() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		hostname := utils.GetHost(c)
-		if envstore.EnvStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableLoginPage) {
+		hostname := parsers.GetHost(c)
+		if isLoginPageDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableLoginPage); err != nil || isLoginPageDisabled {
 			log.Debug("Login page is disabled")
 			c.JSON(400, gin.H{"error": "login page is not enabled"})
 			return
@@ -44,7 +45,7 @@ func AppHandler() gin.HandlerFunc {
 			redirect_uri = hostname + "/app"
 		} else {
 			// validate redirect url with allowed origins
-			if !utils.IsValidOrigin(redirect_uri) {
+			if !validators.IsValidOrigin(redirect_uri) {
 				log.Debug("Invalid redirect_uri")
 				c.JSON(400, gin.H{"error": "invalid redirect url"})
 				return
@@ -58,14 +59,27 @@ func AppHandler() gin.HandlerFunc {
 				log.Debug("Failed to push file path: ", err)
 			}
 		}
+
+		orgName, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
+		if err != nil {
+			log.Debug("Failed to get organization name")
+			c.JSON(400, gin.H{"error": "failed to get organization name"})
+			return
+		}
+		orgLogo, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
+		if err != nil {
+			log.Debug("Failed to get organization logo")
+			c.JSON(400, gin.H{"error": "failed to get organization logo"})
+			return
+		}
 		c.HTML(http.StatusOK, "app.tmpl", gin.H{
 			"data": map[string]interface{}{
 				"authorizerURL":    hostname,
 				"redirectURL":      redirect_uri,
 				"scope":            scope,
 				"state":            state,
-				"organizationName": envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName),
-				"organizationLogo": envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo),
+				"organizationName": orgName,
+				"organizationLogo": orgLogo,
 			},
 		})
 	}

server/handlers/authorize.go

@@ -13,8 +13,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/cookie"
 	"github.com/authorizerdev/authorizer/server/db"
-	"github.com/authorizerdev/authorizer/server/envstore"
-	"github.com/authorizerdev/authorizer/server/sessionstore"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/token"
 )
 
@@ -80,7 +79,7 @@ func AuthorizeHandler() gin.HandlerFunc {
 			return
 		}
 
-		if clientID != envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyClientID) {
+		if client, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyClientID); client != clientID || err != nil {
 			if isQuery {
 				gc.Redirect(http.StatusFound, loginURL)
 			} else {
@@ -200,7 +199,7 @@ func AuthorizeHandler() gin.HandlerFunc {
 			return
 		}
 		userID := claims.Subject
-		user, err := db.Provider.GetUserByID(userID)
+		user, err := db.Provider.GetUserByID(gc, userID)
 		if err != nil {
 			if isQuery {
 				gc.Redirect(http.StatusFound, loginURL)
@@ -219,13 +218,18 @@ func AuthorizeHandler() gin.HandlerFunc {
 			return
 		}
 
+		sessionKey := user.ID
+		if claims.LoginMethod != "" {
+			sessionKey = claims.LoginMethod + ":" + user.ID
+		}
+
 		// if user is logged in
-		// based on the response type, generate the response
+		// based on the response type code, generate the response
 		if isResponseTypeCode {
 			// rollover the session for security
-			sessionstore.RemoveState(sessionToken)
+			go memorystore.Provider.DeleteUserSession(sessionKey, claims.Nonce)
 			nonce := uuid.New().String()
-			newSessionTokenData, newSessionToken, err := token.CreateSessionToken(user, nonce, claims.Roles, scope)
+			newSessionTokenData, newSessionToken, err := token.CreateSessionToken(user, nonce, claims.Roles, scope, claims.LoginMethod)
 			if err != nil {
 				if isQuery {
 					gc.Redirect(http.StatusFound, loginURL)
@@ -244,10 +248,10 @@ func AuthorizeHandler() gin.HandlerFunc {
 				return
 			}
 
-			sessionstore.SetState(newSessionToken, newSessionTokenData.Nonce+"@"+user.ID)
+			memorystore.Provider.SetUserSession(user.ID, constants.TokenTypeSessionToken+"_"+newSessionTokenData.Nonce, newSessionToken)
 			cookie.SetSession(gc, newSessionToken)
 			code := uuid.New().String()
-			sessionstore.SetState(codeChallenge, code+"@"+newSessionToken)
+			memorystore.Provider.SetState(codeChallenge, code+"@"+newSessionToken)
 			gc.HTML(http.StatusOK, template, gin.H{
 				"target_origin": redirectURI,
 				"authorization_response": map[string]interface{}{
@@ -263,7 +267,7 @@ func AuthorizeHandler() gin.HandlerFunc {
 
 		if isResponseTypeToken {
 			// rollover the session for security
-			authToken, err := token.CreateAuthToken(gc, user, claims.Roles, scope)
+			authToken, err := token.CreateAuthToken(gc, user, claims.Roles, scope, claims.LoginMethod)
 			if err != nil {
 				if isQuery {
 					gc.Redirect(http.StatusFound, loginURL)
@@ -281,9 +285,10 @@ func AuthorizeHandler() gin.HandlerFunc {
 				}
 				return
 			}
-			sessionstore.RemoveState(sessionToken)
-			sessionstore.SetState(authToken.FingerPrintHash, authToken.FingerPrint+"@"+user.ID)
-			sessionstore.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID)
+
+			go memorystore.Provider.DeleteUserSession(sessionKey, claims.Nonce)
+			memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeSessionToken+"_"+authToken.FingerPrint, authToken.FingerPrintHash)
+			memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeAccessToken+"_"+authToken.FingerPrint, authToken.AccessToken.Token)
 			cookie.SetSession(gc, authToken.FingerPrintHash)
 
 			expiresIn := authToken.AccessToken.ExpiresAt - time.Now().Unix()
@@ -306,7 +311,7 @@ func AuthorizeHandler() gin.HandlerFunc {
 			if authToken.RefreshToken != nil {
 				res["refresh_token"] = authToken.RefreshToken.Token
 				params += "&refresh_token=" + authToken.RefreshToken.Token
-				sessionstore.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID)
+				memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeRefreshToken+"_"+authToken.FingerPrint, authToken.RefreshToken.Token)
 			}
 
 			if isQuery {

server/handlers/dashboard.go

@@ -4,7 +4,7 @@ import (
 	"net/http"
 
 	"github.com/authorizerdev/authorizer/server/constants"
-	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/gin-gonic/gin"
 )
 
@@ -12,8 +12,8 @@ import (
 func DashboardHandler() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		isOnboardingCompleted := false
-
-		if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret) != "" {
+		adminSecret, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret)
+		if err != nil || adminSecret != "" {
 			isOnboardingCompleted = true
 		}
 

server/handlers/jwks.go

@@ -7,14 +7,21 @@ import (
 	log "github.com/sirupsen/logrus"
 
 	"github.com/authorizerdev/authorizer/server/constants"
-	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 )
 
 func JWKsHandler() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		var data map[string]string
-		jwk := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJWK)
-		err := json.Unmarshal([]byte(jwk), &data)
+		jwk, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyJWK)
+		if err != nil {
+			log.Debug("Error getting JWK from memorystore: ", err)
+			c.JSON(500, gin.H{
+				"error": err.Error(),
+			})
+			return
+		}
+		err = json.Unmarshal([]byte(jwk), &data)
 		if err != nil {
 			log.Debug("Failed to parse JWK: ", err)
 			c.JSON(500, gin.H{

server/handlers/logout.go

@@ -1,6 +1,7 @@
 package handlers
 
 import (
+	"encoding/json"
 	"net/http"
 	"strings"
 
@@ -9,7 +10,8 @@ import (
 
 	"github.com/authorizerdev/authorizer/server/cookie"
 	"github.com/authorizerdev/authorizer/server/crypto"
-	"github.com/authorizerdev/authorizer/server/sessionstore"
+	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/token"
 )
 
 // Handler to logout user
@@ -35,9 +37,17 @@ func LogoutHandler() gin.HandlerFunc {
 			return
 		}
 
-		fingerPrint := string(decryptedFingerPrint)
+		var sessionData token.SessionData
+		err = json.Unmarshal([]byte(decryptedFingerPrint), &sessionData)
+		if err != nil {
+			log.Debug("Failed to decrypt fingerprint: ", err)
+			gc.JSON(http.StatusUnauthorized, gin.H{
+				"error": err.Error(),
+			})
+			return
+		}
 
-		sessionstore.RemoveState(fingerPrint)
+		memorystore.Provider.DeleteUserSession(sessionData.Subject, sessionData.Nonce)
 		cookie.DeleteSession(gc)
 
 		if redirectURL != "" {

server/handlers/oauth_callback.go

@@ -2,6 +2,7 @@ package handlers
 
 import (
 	"context"
+	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
@@ -19,49 +20,53 @@ import (
 	"github.com/authorizerdev/authorizer/server/cookie"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/db/models"
-	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/oauth"
-	"github.com/authorizerdev/authorizer/server/sessionstore"
 	"github.com/authorizerdev/authorizer/server/token"
 	"github.com/authorizerdev/authorizer/server/utils"
 )
 
 // OAuthCallbackHandler handles the OAuth callback for various oauth providers
 func OAuthCallbackHandler() gin.HandlerFunc {
-	return func(c *gin.Context) {
-		provider := c.Param("oauth_provider")
-		state := c.Request.FormValue("state")
+	return func(ctx *gin.Context) {
+		provider := ctx.Param("oauth_provider")
+		state := ctx.Request.FormValue("state")
 
-		sessionState := sessionstore.GetState(state)
-		if sessionState == "" {
+		sessionState, err := memorystore.Provider.GetState(state)
+		if sessionState == "" || err != nil {
 			log.Debug("Invalid oauth state: ", state)
-			c.JSON(400, gin.H{"error": "invalid oauth state"})
+			ctx.JSON(400, gin.H{"error": "invalid oauth state"})
 		}
-		sessionstore.GetState(state)
 		// contains random token, redirect url, role
 		sessionSplit := strings.Split(state, "___")
 
 		if len(sessionSplit) < 3 {
 			log.Debug("Unable to get redirect url from state: ", state)
-			c.JSON(400, gin.H{"error": "invalid redirect url"})
+			ctx.JSON(400, gin.H{"error": "invalid redirect url"})
 			return
 		}
 
+		// remove state from store
+		go memorystore.Provider.RemoveState(state)
+
 		stateValue := sessionSplit[0]
 		redirectURL := sessionSplit[1]
 		inputRoles := strings.Split(sessionSplit[2], ",")
 		scopes := strings.Split(sessionSplit[3], ",")
 
-		var err error
 		user := models.User{}
-		code := c.Request.FormValue("code")
+		code := ctx.Request.FormValue("code")
 		switch provider {
-		case constants.SignupMethodGoogle:
+		case constants.AuthRecipeMethodGoogle:
 			user, err = processGoogleUserInfo(code)
-		case constants.SignupMethodGithub:
+		case constants.AuthRecipeMethodGithub:
 			user, err = processGithubUserInfo(code)
-		case constants.SignupMethodFacebook:
+		case constants.AuthRecipeMethodFacebook:
 			user, err = processFacebookUserInfo(code)
+		case constants.AuthRecipeMethodLinkedIn:
+			user, err = processLinkedInUserInfo(code)
+		case constants.AuthRecipeMethodApple:
+			user, err = processAppleUserInfo(code)
 		default:
 			log.Info("Invalid oauth provider")
 			err = fmt.Errorf(`invalid oauth provider`)
@@ -69,17 +74,24 @@ func OAuthCallbackHandler() gin.HandlerFunc {
 
 		if err != nil {
 			log.Debug("Failed to process user info: ", err)
-			c.JSON(400, gin.H{"error": err.Error()})
+			ctx.JSON(400, gin.H{"error": err.Error()})
 			return
 		}
 
-		existingUser, err := db.Provider.GetUserByEmail(user.Email)
+		existingUser, err := db.Provider.GetUserByEmail(ctx, user.Email)
 		log := log.WithField("user", user.Email)
+		isSignUp := false
 
 		if err != nil {
-			if envstore.EnvStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableSignUp) {
+			isSignupDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableSignUp)
+			if err != nil {
+				log.Debug("Failed to get signup disabled env variable: ", err)
+				ctx.JSON(400, gin.H{"error": err.Error()})
+				return
+			}
+			if isSignupDisabled {
 				log.Debug("Failed to signup as disabled")
-				c.JSON(400, gin.H{"error": "signup is disabled for this instance"})
+				ctx.JSON(400, gin.H{"error": "signup is disabled for this instance"})
 				return
 			}
 			// user not registered, register user and generate session token
@@ -87,25 +99,36 @@ func OAuthCallbackHandler() gin.HandlerFunc {
 			// make sure inputRoles don't include protected roles
 			hasProtectedRole := false
 			for _, ir := range inputRoles {
-				if utils.StringSliceContains(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles), ir) {
+				protectedRolesString, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyProtectedRoles)
+				protectedRoles := []string{}
+				if err != nil {
+					log.Debug("Failed to get protected roles: ", err)
+					protectedRolesString = ""
+				} else {
+					protectedRoles = strings.Split(protectedRolesString, ",")
+				}
+				if utils.StringSliceContains(protectedRoles, ir) {
 					hasProtectedRole = true
 				}
 			}
 
 			if hasProtectedRole {
 				log.Debug("Signup is not allowed with protected roles:", inputRoles)
-				c.JSON(400, gin.H{"error": "invalid role"})
+				ctx.JSON(400, gin.H{"error": "invalid role"})
 				return
 			}
 
 			user.Roles = strings.Join(inputRoles, ",")
 			now := time.Now().Unix()
 			user.EmailVerifiedAt = &now
-			user, _ = db.Provider.AddUser(user)
+			user, _ = db.Provider.AddUser(ctx, user)
+			isSignUp = true
 		} else {
+			user = existingUser
 			if user.RevokedTimestamp != nil {
 				log.Debug("User access revoked at: ", user.RevokedTimestamp)
-				c.JSON(400, gin.H{"error": "user access has been revoked"})
+				ctx.JSON(400, gin.H{"error": "user access has been revoked"})
+				return
 			}
 
 			// user exists in db, check if method was google
@@ -114,7 +137,6 @@ func OAuthCallbackHandler() gin.HandlerFunc {
 			if !strings.Contains(signupMethod, provider) {
 				signupMethod = signupMethod + "," + provider
 			}
-			user = existingUser
 			user.SignupMethods = signupMethod
 
 			if user.EmailVerifiedAt == nil {
@@ -140,14 +162,22 @@ func OAuthCallbackHandler() gin.HandlerFunc {
 				// check if it contains protected unassigned role
 				hasProtectedRole := false
 				for _, ur := range unasignedRoles {
-					if utils.StringSliceContains(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles), ur) {
+					protectedRolesString, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyProtectedRoles)
+					protectedRoles := []string{}
+					if err != nil {
+						log.Debug("Failed to get protected roles: ", err)
+						protectedRolesString = ""
+					} else {
+						protectedRoles = strings.Split(protectedRolesString, ",")
+					}
+					if utils.StringSliceContains(protectedRoles, ur) {
 						hasProtectedRole = true
 					}
 				}
 
 				if hasProtectedRole {
 					log.Debug("Invalid role. User is using protected unassigned role")
-					c.JSON(400, gin.H{"error": "invalid role"})
+					ctx.JSON(400, gin.H{"error": "invalid role"})
 					return
 				} else {
 					user.Roles = existingUser.Roles + "," + strings.Join(unasignedRoles, ",")
@@ -156,18 +186,18 @@ func OAuthCallbackHandler() gin.HandlerFunc {
 				user.Roles = existingUser.Roles
 			}
 
-			user, err = db.Provider.UpdateUser(user)
+			user, err = db.Provider.UpdateUser(ctx, user)
 			if err != nil {
 				log.Debug("Failed to update user: ", err)
-				c.JSON(500, gin.H{"error": err.Error()})
+				ctx.JSON(500, gin.H{"error": err.Error()})
 				return
 			}
 		}
 
-		authToken, err := token.CreateAuthToken(c, user, inputRoles, scopes)
+		authToken, err := token.CreateAuthToken(ctx, user, inputRoles, scopes, provider)
 		if err != nil {
 			log.Debug("Failed to create auth token: ", err)
-			c.JSON(500, gin.H{"error": err.Error()})
+			ctx.JSON(500, gin.H{"error": err.Error()})
 		}
 
 		expiresIn := authToken.AccessToken.ExpiresAt - time.Now().Unix()
@@ -177,27 +207,35 @@ func OAuthCallbackHandler() gin.HandlerFunc {
 
 		params := "access_token=" + authToken.AccessToken.Token + "&token_type=bearer&expires_in=" + strconv.FormatInt(expiresIn, 10) + "&state=" + stateValue + "&id_token=" + authToken.IDToken.Token
 
-		cookie.SetSession(c, authToken.FingerPrintHash)
-		sessionstore.SetState(authToken.FingerPrintHash, authToken.FingerPrint+"@"+user.ID)
-		sessionstore.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID)
+		sessionKey := provider + ":" + user.ID
+		cookie.SetSession(ctx, authToken.FingerPrintHash)
+		memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeSessionToken+"_"+authToken.FingerPrint, authToken.FingerPrintHash)
+		memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeAccessToken+"_"+authToken.FingerPrint, authToken.AccessToken.Token)
 
 		if authToken.RefreshToken != nil {
 			params = params + `&refresh_token=` + authToken.RefreshToken.Token
-			sessionstore.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID)
+			memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeRefreshToken+"_"+authToken.FingerPrint, authToken.RefreshToken.Token)
 		}
 
-		go db.Provider.AddSession(models.Session{
-			UserID:    user.ID,
-			UserAgent: utils.GetUserAgent(c.Request),
-			IP:        utils.GetIP(c.Request),
-		})
+		go func() {
+			if isSignUp {
+				utils.RegisterEvent(ctx, constants.UserSignUpWebhookEvent, provider, user)
+			} else {
+				utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, provider, user)
+			}
+			db.Provider.AddSession(ctx, models.Session{
+				UserID:    user.ID,
+				UserAgent: utils.GetUserAgent(ctx.Request),
+				IP:        utils.GetIP(ctx.Request),
+			})
+		}()
 		if strings.Contains(redirectURL, "?") {
 			redirectURL = redirectURL + "&" + params
 		} else {
-			redirectURL = redirectURL + "?" + params
+			redirectURL = redirectURL + "?" + strings.TrimPrefix(params, "&")
 		}
 
-		c.Redirect(http.StatusTemporaryRedirect, redirectURL)
+		ctx.Redirect(http.StatusFound, redirectURL)
 	}
 }
 
@@ -236,7 +274,7 @@ func processGoogleUserInfo(code string) (models.User, error) {
 
 func processGithubUserInfo(code string) (models.User, error) {
 	user := models.User{}
-	token, err := oauth.OAuthProviders.GithubConfig.Exchange(oauth2.NoContext, code)
+	oauth2Token, err := oauth.OAuthProviders.GithubConfig.Exchange(oauth2.NoContext, code)
 	if err != nil {
 		log.Debug("Failed to exchange code for token: ", err)
 		return user, fmt.Errorf("invalid github exchange code: %s", err.Error())
@@ -248,7 +286,7 @@ func processGithubUserInfo(code string) (models.User, error) {
 		return user, fmt.Errorf("error creating github user info request: %s", err.Error())
 	}
 	req.Header = http.Header{
-		"Authorization": []string{fmt.Sprintf("token %s", token.AccessToken)},
+		"Authorization": []string{fmt.Sprintf("token %s", oauth2Token.AccessToken)},
 	}
 
 	response, err := client.Do(req)
@@ -263,6 +301,10 @@ func processGithubUserInfo(code string) (models.User, error) {
 		log.Debug("Failed to read github user info response body: ", err)
 		return user, fmt.Errorf("failed to read github response body: %s", err.Error())
 	}
+	if response.StatusCode >= 400 {
+		log.Debug("Failed to request github user info: ", string(body))
+		return user, fmt.Errorf("failed to request github user info: %s", string(body))
+	}
 
 	userRawData := make(map[string]string)
 	json.Unmarshal(body, &userRawData)
@@ -291,13 +333,13 @@ func processGithubUserInfo(code string) (models.User, error) {
 
 func processFacebookUserInfo(code string) (models.User, error) {
 	user := models.User{}
-	token, err := oauth.OAuthProviders.FacebookConfig.Exchange(oauth2.NoContext, code)
+	oauth2Token, err := oauth.OAuthProviders.FacebookConfig.Exchange(oauth2.NoContext, code)
 	if err != nil {
 		log.Debug("Invalid facebook exchange code: ", err)
 		return user, fmt.Errorf("invalid facebook exchange code: %s", err.Error())
 	}
 	client := http.Client{}
-	req, err := http.NewRequest("GET", constants.FacebookUserInfoURL+token.AccessToken, nil)
+	req, err := http.NewRequest("GET", constants.FacebookUserInfoURL+oauth2Token.AccessToken, nil)
 	if err != nil {
 		log.Debug("Error creating facebook user info request: ", err)
 		return user, fmt.Errorf("error creating facebook user info request: %s", err.Error())
@@ -315,7 +357,10 @@ func processFacebookUserInfo(code string) (models.User, error) {
 		log.Debug("Failed to read facebook response: ", err)
 		return user, fmt.Errorf("failed to read facebook response body: %s", err.Error())
 	}
-
+	if response.StatusCode >= 400 {
+		log.Debug("Failed to request facebook user info: ", string(body))
+		return user, fmt.Errorf("failed to request facebook user info: %s", string(body))
+	}
 	userRawData := make(map[string]interface{})
 	json.Unmarshal(body, &userRawData)
 
@@ -336,3 +381,138 @@ func processFacebookUserInfo(code string) (models.User, error) {
 
 	return user, nil
 }
+
+func processLinkedInUserInfo(code string) (models.User, error) {
+	user := models.User{}
+	oauth2Token, err := oauth.OAuthProviders.LinkedInConfig.Exchange(oauth2.NoContext, code)
+	if err != nil {
+		log.Debug("Failed to exchange code for token: ", err)
+		return user, fmt.Errorf("invalid linkedin exchange code: %s", err.Error())
+	}
+
+	client := http.Client{}
+	req, err := http.NewRequest("GET", constants.LinkedInUserInfoURL, nil)
+	if err != nil {
+		log.Debug("Failed to create linkedin user info request: ", err)
+		return user, fmt.Errorf("error creating linkedin user info request: %s", err.Error())
+	}
+	req.Header = http.Header{
+		"Authorization": []string{fmt.Sprintf("Bearer %s", oauth2Token.AccessToken)},
+	}
+
+	response, err := client.Do(req)
+	if err != nil {
+		log.Debug("Failed to request linkedin user info: ", err)
+		return user, err
+	}
+
+	defer response.Body.Close()
+	body, err := ioutil.ReadAll(response.Body)
+	if err != nil {
+		log.Debug("Failed to read linkedin user info response body: ", err)
+		return user, fmt.Errorf("failed to read linkedin response body: %s", err.Error())
+	}
+
+	if response.StatusCode >= 400 {
+		log.Debug("Failed to request linkedin user info: ", string(body))
+		return user, fmt.Errorf("failed to request linkedin user info: %s", string(body))
+	}
+
+	userRawData := make(map[string]interface{})
+	json.Unmarshal(body, &userRawData)
+
+	req, err = http.NewRequest("GET", constants.LinkedInEmailURL, nil)
+	if err != nil {
+		log.Debug("Failed to create linkedin email info request: ", err)
+		return user, fmt.Errorf("error creating linkedin user info request: %s", err.Error())
+	}
+	req.Header = http.Header{
+		"Authorization": []string{fmt.Sprintf("Bearer %s", oauth2Token.AccessToken)},
+	}
+
+	response, err = client.Do(req)
+	if err != nil {
+		log.Debug("Failed to request linkedin email info: ", err)
+		return user, err
+	}
+
+	defer response.Body.Close()
+	body, err = ioutil.ReadAll(response.Body)
+	if err != nil {
+		log.Debug("Failed to read linkedin email info response body: ", err)
+		return user, fmt.Errorf("failed to read linkedin email response body: %s", err.Error())
+	}
+	if response.StatusCode >= 400 {
+		log.Debug("Failed to request linkedin user info: ", string(body))
+		return user, fmt.Errorf("failed to request linkedin user info: %s", string(body))
+	}
+	emailRawData := make(map[string]interface{})
+	json.Unmarshal(body, &emailRawData)
+
+	firstName := userRawData["localizedFirstName"].(string)
+	lastName := userRawData["localizedLastName"].(string)
+	profilePicture := userRawData["profilePicture"].(map[string]interface{})["displayImage~"].(map[string]interface{})["elements"].([]interface{})[0].(map[string]interface{})["identifiers"].([]interface{})[0].(map[string]interface{})["identifier"].(string)
+	emailAddress := emailRawData["elements"].([]interface{})[0].(map[string]interface{})["handle~"].(map[string]interface{})["emailAddress"].(string)
+
+	user = models.User{
+		GivenName:  &firstName,
+		FamilyName: &lastName,
+		Picture:    &profilePicture,
+		Email:      emailAddress,
+	}
+
+	return user, nil
+}
+
+func processAppleUserInfo(code string) (models.User, error) {
+	user := models.User{}
+	oauth2Token, err := oauth.OAuthProviders.AppleConfig.Exchange(oauth2.NoContext, code)
+	if err != nil {
+		log.Debug("Failed to exchange code for token: ", err)
+		return user, fmt.Errorf("invalid apple exchange code: %s", err.Error())
+	}
+
+	// Extract the ID Token from OAuth2 token.
+	rawIDToken, ok := oauth2Token.Extra("id_token").(string)
+	if !ok {
+		log.Debug("Failed to extract ID Token from OAuth2 token")
+		return user, fmt.Errorf("unable to extract id_token")
+	}
+
+	tokenSplit := strings.Split(rawIDToken, ".")
+	claimsData := tokenSplit[1]
+	decodedClaimsData, err := base64.RawURLEncoding.DecodeString(claimsData)
+	if err != nil {
+		log.Debugf("Failed to decrypt claims %s: %s", claimsData, err.Error())
+		return user, fmt.Errorf("failed to decrypt claims data: %s", err.Error())
+	}
+
+	claims := make(map[string]interface{})
+	err = json.Unmarshal(decodedClaimsData, &claims)
+	if err != nil {
+		log.Debug("Failed to unmarshal claims data: ", err)
+		return user, fmt.Errorf("failed to unmarshal claims data: %s", err.Error())
+	}
+
+	if val, ok := claims["email"]; !ok {
+		log.Debug("Failed to extract email from claims.")
+		return user, fmt.Errorf("unable to extract email, please check the scopes enabled for your app. It needs `email`, `name` scopes")
+	} else {
+		user.Email = val.(string)
+	}
+
+	if val, ok := claims["name"]; ok {
+		nameData := val.(map[string]interface{})
+		if nameVal, ok := nameData["firstName"]; ok {
+			givenName := nameVal.(string)
+			user.GivenName = &givenName
+		}
+
+		if nameVal, ok := nameData["lastName"]; ok {
+			familyName := nameVal.(string)
+			user.FamilyName = &familyName
+		}
+	}
+
+	return user, err
+}

server/handlers/oauth_login.go

@@ -6,18 +6,19 @@ import (
 
 	"github.com/gin-gonic/gin"
 	log "github.com/sirupsen/logrus"
+	"golang.org/x/oauth2"
 
 	"github.com/authorizerdev/authorizer/server/constants"
-	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/oauth"
-	"github.com/authorizerdev/authorizer/server/sessionstore"
-	"github.com/authorizerdev/authorizer/server/utils"
+	"github.com/authorizerdev/authorizer/server/parsers"
+	"github.com/authorizerdev/authorizer/server/validators"
 )
 
 // OAuthLoginHandler set host in the oauth state that is useful for redirecting to oauth_callback
 func OAuthLoginHandler() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		hostname := utils.GetHost(c)
+		hostname := parsers.GetHost(c)
 		// deprecating redirectURL instead use redirect_uri
 		redirectURI := strings.TrimSpace(c.Query("redirectURL"))
 		if redirectURI == "" {
@@ -56,7 +57,25 @@ func OAuthLoginHandler() gin.HandlerFunc {
 
 			// use protected roles verification for admin login only.
 			// though if not associated with user, it will be rejected from oauth_callback
-			if !utils.IsValidRoles(rolesSplit, append([]string{}, append(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles), envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles)...)...)) {
+			rolesString, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyRoles)
+			roles := []string{}
+			if err != nil {
+				log.Debug("Error getting roles: ", err)
+				rolesString = ""
+			} else {
+				roles = strings.Split(rolesString, ",")
+			}
+
+			protectedRolesString, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyProtectedRoles)
+			protectedRoles := []string{}
+			if err != nil {
+				log.Debug("Error getting protected roles: ", err)
+				protectedRolesString = ""
+			} else {
+				protectedRoles = strings.Split(protectedRolesString, ",")
+			}
+
+			if !validators.IsValidRoles(rolesSplit, append([]string{}, append(roles, protectedRoles...)...)) {
 				log.Debug("Invalid roles: ", roles)
 				c.JSON(400, gin.H{
 					"error": "invalid role",
@@ -64,7 +83,16 @@ func OAuthLoginHandler() gin.HandlerFunc {
 				return
 			}
 		} else {
-			roles = strings.Join(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",")
+			defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
+			if err != nil {
+				log.Debug("Error getting default roles: ", err)
+				c.JSON(400, gin.H{
+					"error": "invalid role",
+				})
+				return
+			}
+			roles = defaultRoles
+
 		}
 
 		oauthStateString := state + "___" + redirectURI + "___" + roles + "___" + strings.Join(scope, ",")
@@ -72,37 +100,94 @@ func OAuthLoginHandler() gin.HandlerFunc {
 		provider := c.Param("oauth_provider")
 		isProviderConfigured := true
 		switch provider {
-		case constants.SignupMethodGoogle:
+		case constants.AuthRecipeMethodGoogle:
 			if oauth.OAuthProviders.GoogleConfig == nil {
 				log.Debug("Google OAuth provider is not configured")
 				isProviderConfigured = false
 				break
 			}
-			sessionstore.SetState(oauthStateString, constants.SignupMethodGoogle)
+			err := memorystore.Provider.SetState(oauthStateString, constants.AuthRecipeMethodGoogle)
+			if err != nil {
+				log.Debug("Error setting state: ", err)
+				c.JSON(500, gin.H{
+					"error": "internal server error",
+				})
+				return
+			}
 			// during the init of OAuthProvider authorizer url might be empty
-			oauth.OAuthProviders.GoogleConfig.RedirectURL = hostname + "/oauth_callback/google"
+			oauth.OAuthProviders.GoogleConfig.RedirectURL = hostname + "/oauth_callback/" + constants.AuthRecipeMethodGoogle
 			url := oauth.OAuthProviders.GoogleConfig.AuthCodeURL(oauthStateString)
 			c.Redirect(http.StatusTemporaryRedirect, url)
-		case constants.SignupMethodGithub:
+		case constants.AuthRecipeMethodGithub:
 			if oauth.OAuthProviders.GithubConfig == nil {
 				log.Debug("Github OAuth provider is not configured")
 				isProviderConfigured = false
 				break
 			}
-			sessionstore.SetState(oauthStateString, constants.SignupMethodGithub)
-			oauth.OAuthProviders.GithubConfig.RedirectURL = hostname + "/oauth_callback/github"
+			err := memorystore.Provider.SetState(oauthStateString, constants.AuthRecipeMethodGithub)
+			if err != nil {
+				log.Debug("Error setting state: ", err)
+				c.JSON(500, gin.H{
+					"error": "internal server error",
+				})
+				return
+			}
+			oauth.OAuthProviders.GithubConfig.RedirectURL = hostname + "/oauth_callback/" + constants.AuthRecipeMethodGithub
 			url := oauth.OAuthProviders.GithubConfig.AuthCodeURL(oauthStateString)
 			c.Redirect(http.StatusTemporaryRedirect, url)
-		case constants.SignupMethodFacebook:
+		case constants.AuthRecipeMethodFacebook:
 			if oauth.OAuthProviders.FacebookConfig == nil {
 				log.Debug("Facebook OAuth provider is not configured")
 				isProviderConfigured = false
 				break
 			}
-			sessionstore.SetState(oauthStateString, constants.SignupMethodFacebook)
-			oauth.OAuthProviders.FacebookConfig.RedirectURL = hostname + "/oauth_callback/facebook"
+			err := memorystore.Provider.SetState(oauthStateString, constants.AuthRecipeMethodFacebook)
+			if err != nil {
+				log.Debug("Error setting state: ", err)
+				c.JSON(500, gin.H{
+					"error": "internal server error",
+				})
+				return
+			}
+			oauth.OAuthProviders.FacebookConfig.RedirectURL = hostname + "/oauth_callback/" + constants.AuthRecipeMethodFacebook
 			url := oauth.OAuthProviders.FacebookConfig.AuthCodeURL(oauthStateString)
 			c.Redirect(http.StatusTemporaryRedirect, url)
+		case constants.AuthRecipeMethodLinkedIn:
+			if oauth.OAuthProviders.LinkedInConfig == nil {
+				log.Debug("Linkedin OAuth provider is not configured")
+				isProviderConfigured = false
+				break
+			}
+			err := memorystore.Provider.SetState(oauthStateString, constants.AuthRecipeMethodLinkedIn)
+			if err != nil {
+				log.Debug("Error setting state: ", err)
+				c.JSON(500, gin.H{
+					"error": "internal server error",
+				})
+				return
+			}
+			oauth.OAuthProviders.LinkedInConfig.RedirectURL = hostname + "/oauth_callback/" + constants.AuthRecipeMethodLinkedIn
+			url := oauth.OAuthProviders.LinkedInConfig.AuthCodeURL(oauthStateString)
+			c.Redirect(http.StatusTemporaryRedirect, url)
+		case constants.AuthRecipeMethodApple:
+			if oauth.OAuthProviders.AppleConfig == nil {
+				log.Debug("Apple OAuth provider is not configured")
+				isProviderConfigured = false
+				break
+			}
+			err := memorystore.Provider.SetState(oauthStateString, constants.AuthRecipeMethodApple)
+			if err != nil {
+				log.Debug("Error setting state: ", err)
+				c.JSON(500, gin.H{
+					"error": "internal server error",
+				})
+				return
+			}
+			oauth.OAuthProviders.AppleConfig.RedirectURL = hostname + "/oauth_callback/" + constants.AuthRecipeMethodApple
+			// there is scope encoding issue with oauth2 and how apple expects, hence added scope manually
+			// check: https://github.com/golang/oauth2/issues/449
+			url := oauth.OAuthProviders.AppleConfig.AuthCodeURL(oauthStateString, oauth2.SetAuthURLParam("response_mode", "form_post")) + "&scope=name email"
+			c.Redirect(http.StatusTemporaryRedirect, url)
 		default:
 			log.Debug("Invalid oauth provider: ", provider)
 			c.JSON(422, gin.H{

server/handlers/openid_config.go

@@ -4,15 +4,15 @@ import (
 	"github.com/gin-gonic/gin"
 
 	"github.com/authorizerdev/authorizer/server/constants"
-	"github.com/authorizerdev/authorizer/server/envstore"
-	"github.com/authorizerdev/authorizer/server/utils"
+	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/parsers"
 )
 
 // OpenIDConfigurationHandler handler for open-id configurations
 func OpenIDConfigurationHandler() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		issuer := utils.GetHost(c)
-		jwtType := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtType)
+		issuer := parsers.GetHost(c)
+		jwtType, _ := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyJwtType)
 
 		c.JSON(200, gin.H{
 			"issuer":                                issuer,

server/handlers/revoke_refresh_token.go

@@ -8,12 +8,12 @@ import (
 	log "github.com/sirupsen/logrus"
 
 	"github.com/authorizerdev/authorizer/server/constants"
-	"github.com/authorizerdev/authorizer/server/envstore"
-	"github.com/authorizerdev/authorizer/server/sessionstore"
+	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/token"
 )
 
-// Revoke handler to revoke refresh token
-func RevokeHandler() gin.HandlerFunc {
+// RevokeRefreshTokenHandler handler to revoke refresh token
+func RevokeRefreshTokenHandler() gin.HandlerFunc {
 	return func(gc *gin.Context) {
 		var reqBody map[string]string
 		if err := gc.BindJSON(&reqBody); err != nil {
@@ -37,7 +37,7 @@ func RevokeHandler() gin.HandlerFunc {
 			return
 		}
 
-		if clientID != envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyClientID) {
+		if client, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyClientID); client != clientID || err != nil {
 			log.Debug("Client ID is invalid: ", clientID)
 			gc.JSON(http.StatusBadRequest, gin.H{
 				"error":             "invalid_client_id",
@@ -46,7 +46,24 @@ func RevokeHandler() gin.HandlerFunc {
 			return
 		}
 
-		sessionstore.RemoveState(refreshToken)
+		claims, err := token.ParseJWTToken(refreshToken)
+		if err != nil {
+			log.Debug("Client ID is invalid: ", clientID)
+			gc.JSON(http.StatusBadRequest, gin.H{
+				"error":             err.Error(),
+				"error_description": "Failed to parse jwt",
+			})
+			return
+		}
+
+		userID := claims["sub"].(string)
+		loginMethod := claims["login_method"]
+		sessionToken := userID
+		if loginMethod != nil && loginMethod != "" {
+			sessionToken = loginMethod.(string) + ":" + userID
+		}
+
+		memorystore.Provider.DeleteUserSession(sessionToken, claims["nonce"].(string))
 
 		gc.JSON(http.StatusOK, gin.H{
 			"message": "Token revoked successfully",

server/handlers/token.go

@@ -13,8 +13,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/cookie"
 	"github.com/authorizerdev/authorizer/server/db"
-	"github.com/authorizerdev/authorizer/server/envstore"
-	"github.com/authorizerdev/authorizer/server/sessionstore"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/token"
 )
 
@@ -62,7 +61,7 @@ func TokenHandler() gin.HandlerFunc {
 			return
 		}
 
-		if clientID != envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyClientID) {
+		if client, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyClientID); clientID != client || err != nil {
 			log.Debug("Client ID is invalid: ", clientID)
 			gc.JSON(http.StatusBadRequest, gin.H{
 				"error":             "invalid_client_id",
@@ -73,6 +72,9 @@ func TokenHandler() gin.HandlerFunc {
 
 		var userID string
 		var roles, scope []string
+		loginMethod := ""
+		sessionKey := ""
+
 		if isAuthorizationCodeGrant {
 
 			if codeVerifier == "" {
@@ -98,8 +100,8 @@ func TokenHandler() gin.HandlerFunc {
 			encryptedCode := strings.ReplaceAll(base64.URLEncoding.EncodeToString(hash.Sum(nil)), "+", "-")
 			encryptedCode = strings.ReplaceAll(encryptedCode, "/", "_")
 			encryptedCode = strings.ReplaceAll(encryptedCode, "=", "")
-			sessionData := sessionstore.GetState(encryptedCode)
-			if sessionData == "" {
+			sessionData, err := memorystore.Provider.GetState(encryptedCode)
+			if sessionData == "" || err != nil {
 				log.Debug("Session data is empty")
 				gc.JSON(http.StatusBadRequest, gin.H{
 					"error":             "invalid_code_verifier",
@@ -108,6 +110,7 @@ func TokenHandler() gin.HandlerFunc {
 				return
 			}
 
+			go memorystore.Provider.RemoveState(encryptedCode)
 			// split session data
 			// it contains code@sessiontoken
 			sessionDataSplit := strings.Split(sessionData, "@")
@@ -131,11 +134,16 @@ func TokenHandler() gin.HandlerFunc {
 				})
 				return
 			}
-			// rollover the session for security
-			sessionstore.RemoveState(sessionDataSplit[1])
 			userID = claims.Subject
 			roles = claims.Roles
 			scope = claims.Scope
+			loginMethod = claims.LoginMethod
+			// rollover the session for security
+			sessionKey = userID
+			if loginMethod != "" {
+				sessionKey = loginMethod + ":" + userID
+			}
+			go memorystore.Provider.DeleteUserSession(sessionKey, claims.Nonce)
 		} else {
 			// validate refresh token
 			if refreshToken == "" {
@@ -155,6 +163,7 @@ func TokenHandler() gin.HandlerFunc {
 				})
 			}
 			userID = claims["sub"].(string)
+			loginMethod := claims["login_method"]
 			rolesInterface := claims["roles"].([]interface{})
 			scopeInterface := claims["scope"].([]interface{})
 			for _, v := range rolesInterface {
@@ -163,11 +172,25 @@ func TokenHandler() gin.HandlerFunc {
 			for _, v := range scopeInterface {
 				scope = append(scope, v.(string))
 			}
+
+			sessionKey = userID
+			if loginMethod != nil && loginMethod != "" {
+				sessionKey = loginMethod.(string) + ":" + sessionKey
+			}
 			// remove older refresh token and rotate it for security
-			sessionstore.RemoveState(refreshToken)
+			go memorystore.Provider.DeleteUserSession(sessionKey, claims["nonce"].(string))
 		}
 
-		user, err := db.Provider.GetUserByID(userID)
+		if sessionKey == "" {
+			log.Debug("Error getting sessionKey: ", sessionKey, loginMethod)
+			gc.JSON(http.StatusUnauthorized, gin.H{
+				"error":             "unauthorized",
+				"error_description": "User not found",
+			})
+			return
+		}
+
+		user, err := db.Provider.GetUserByID(gc, userID)
 		if err != nil {
 			log.Debug("Error getting user: ", err)
 			gc.JSON(http.StatusUnauthorized, gin.H{
@@ -177,7 +200,7 @@ func TokenHandler() gin.HandlerFunc {
 			return
 		}
 
-		authToken, err := token.CreateAuthToken(gc, user, roles, scope)
+		authToken, err := token.CreateAuthToken(gc, user, roles, scope, loginMethod)
 		if err != nil {
 			log.Debug("Error creating auth token: ", err)
 			gc.JSON(http.StatusUnauthorized, gin.H{
@@ -186,8 +209,8 @@ func TokenHandler() gin.HandlerFunc {
 			})
 			return
 		}
-		sessionstore.SetState(authToken.FingerPrintHash, authToken.FingerPrint+"@"+user.ID)
-		sessionstore.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID)
+		memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeSessionToken+"_"+authToken.FingerPrint, authToken.FingerPrintHash)
+		memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeAccessToken+"_"+authToken.FingerPrint, authToken.AccessToken.Token)
 		cookie.SetSession(gc, authToken.FingerPrintHash)
 
 		expiresIn := authToken.AccessToken.ExpiresAt - time.Now().Unix()
@@ -205,7 +228,7 @@ func TokenHandler() gin.HandlerFunc {
 
 		if authToken.RefreshToken != nil {
 			res["refresh_token"] = authToken.RefreshToken.Token
-			sessionstore.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID)
+			memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeRefreshToken+"_"+authToken.FingerPrint, authToken.RefreshToken.Token)
 		}
 
 		gc.JSON(http.StatusOK, res)

server/handlers/userinfo.go

@@ -31,7 +31,7 @@ func UserInfoHandler() gin.HandlerFunc {
 		}
 
 		userID := claims["sub"].(string)
-		user, err := db.Provider.GetUserByID(userID)
+		user, err := db.Provider.GetUserByID(gc, userID)
 		if err != nil {
 			log.Debug("Error getting user: ", err)
 			gc.JSON(http.StatusUnauthorized, gin.H{

server/handlers/verify_email.go

@@ -9,10 +9,12 @@ import (
 	"github.com/gin-gonic/gin"
 	log "github.com/sirupsen/logrus"
 
+	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/cookie"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/db/models"
-	"github.com/authorizerdev/authorizer/server/sessionstore"
+	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/parsers"
 	"github.com/authorizerdev/authorizer/server/token"
 	"github.com/authorizerdev/authorizer/server/utils"
 )
@@ -31,7 +33,7 @@ func VerifyEmailHandler() gin.HandlerFunc {
 			return
 		}
 
-		verificationRequest, err := db.Provider.GetVerificationRequestByToken(tokenInQuery)
+		verificationRequest, err := db.Provider.GetVerificationRequestByToken(c, tokenInQuery)
 		if err != nil {
 			log.Debug("Error getting verification request: ", err)
 			errorRes["error_description"] = err.Error()
@@ -40,8 +42,8 @@ func VerifyEmailHandler() gin.HandlerFunc {
 		}
 
 		// verify if token exists in db
-		hostname := utils.GetHost(c)
-		claim, err := token.ParseJWTToken(tokenInQuery, hostname, verificationRequest.Nonce, verificationRequest.Email)
+		hostname := parsers.GetHost(c)
+		claim, err := token.ParseJWTToken(tokenInQuery)
 		if err != nil {
 			log.Debug("Error parsing token: ", err)
 			errorRes["error_description"] = err.Error()
@@ -49,7 +51,14 @@ func VerifyEmailHandler() gin.HandlerFunc {
 			return
 		}
 
-		user, err := db.Provider.GetUserByEmail(claim["sub"].(string))
+		if ok, err := token.ValidateJWTClaims(claim, hostname, verificationRequest.Nonce, verificationRequest.Email); !ok || err != nil {
+			log.Debug("Error validating jwt claims: ", err)
+			errorRes["error_description"] = err.Error()
+			c.JSON(400, errorRes)
+			return
+		}
+
+		user, err := db.Provider.GetUserByEmail(c, verificationRequest.Email)
 		if err != nil {
 			log.Debug("Error getting user: ", err)
 			errorRes["error_description"] = err.Error()
@@ -57,14 +66,16 @@ func VerifyEmailHandler() gin.HandlerFunc {
 			return
 		}
 
+		isSignUp := false
 		// update email_verified_at in users table
 		if user.EmailVerifiedAt == nil {
 			now := time.Now().Unix()
 			user.EmailVerifiedAt = &now
-			db.Provider.UpdateUser(user)
+			isSignUp = true
+			db.Provider.UpdateUser(c, user)
 		}
 		// delete from verification table
-		db.Provider.DeleteVerificationRequest(verificationRequest)
+		db.Provider.DeleteVerificationRequest(c, verificationRequest)
 
 		state := strings.TrimSpace(c.Query("state"))
 		redirectURL := strings.TrimSpace(c.Query("redirect_uri"))
@@ -83,7 +94,11 @@ func VerifyEmailHandler() gin.HandlerFunc {
 		} else {
 			scope = strings.Split(scopeString, " ")
 		}
-		authToken, err := token.CreateAuthToken(c, user, roles, scope)
+		loginMethod := constants.AuthRecipeMethodBasicAuth
+		if verificationRequest.Identifier == constants.VerificationTypeMagicLinkLogin {
+			loginMethod = constants.AuthRecipeMethodMagicLinkLogin
+		}
+		authToken, err := token.CreateAuthToken(c, user, roles, scope, loginMethod)
 		if err != nil {
 			log.Debug("Error creating auth token: ", err)
 			errorRes["error_description"] = err.Error()
@@ -98,13 +113,14 @@ func VerifyEmailHandler() gin.HandlerFunc {
 
 		params := "access_token=" + authToken.AccessToken.Token + "&token_type=bearer&expires_in=" + strconv.FormatInt(expiresIn, 10) + "&state=" + state + "&id_token=" + authToken.IDToken.Token
 
+		sessionKey := loginMethod + ":" + user.ID
 		cookie.SetSession(c, authToken.FingerPrintHash)
-		sessionstore.SetState(authToken.FingerPrintHash, authToken.FingerPrint+"@"+user.ID)
-		sessionstore.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID)
+		memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeSessionToken+"_"+authToken.FingerPrint, authToken.FingerPrintHash)
+		memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeAccessToken+"_"+authToken.FingerPrint, authToken.AccessToken.Token)
 
 		if authToken.RefreshToken != nil {
-			params = params + `&refresh_token=${refresh_token}`
-			sessionstore.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID)
+			params = params + `&refresh_token=` + authToken.RefreshToken.Token
+			memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeRefreshToken+"_"+authToken.FingerPrint, authToken.RefreshToken.Token)
 		}
 
 		if redirectURL == "" {
@@ -114,14 +130,22 @@ func VerifyEmailHandler() gin.HandlerFunc {
 		if strings.Contains(redirectURL, "?") {
 			redirectURL = redirectURL + "&" + params
 		} else {
-			redirectURL = redirectURL + "?" + params
+			redirectURL = redirectURL + "?" + strings.TrimPrefix(params, "&")
 		}
 
-		go db.Provider.AddSession(models.Session{
-			UserID:    user.ID,
-			UserAgent: utils.GetUserAgent(c.Request),
-			IP:        utils.GetIP(c.Request),
-		})
+		go func() {
+			if isSignUp {
+				utils.RegisterEvent(c, constants.UserSignUpWebhookEvent, loginMethod, user)
+			} else {
+				utils.RegisterEvent(c, constants.UserLoginWebhookEvent, loginMethod, user)
+			}
+
+			db.Provider.AddSession(c, models.Session{
+				UserID:    user.ID,
+				UserAgent: utils.GetUserAgent(c.Request),
+				IP:        utils.GetIP(c.Request),
+			})
+		}()
 
 		c.Redirect(http.StatusTemporaryRedirect, redirectURL)
 	}

server/main.go

@@ -6,13 +6,13 @@ import (
 	"github.com/sirupsen/logrus"
 	log "github.com/sirupsen/logrus"
 
+	"github.com/authorizerdev/authorizer/server/cli"
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/env"
-	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/oauth"
 	"github.com/authorizerdev/authorizer/server/routes"
-	"github.com/authorizerdev/authorizer/server/sessionstore"
 )
 
 var VERSION string
@@ -27,23 +27,22 @@ func (u LogUTCFormatter) Format(e *log.Entry) ([]byte, error) {
 }
 
 func main() {
-	envstore.ARG_DB_URL = flag.String("database_url", "", "Database connection string")
-	envstore.ARG_DB_TYPE = flag.String("database_type", "", "Database type, possible values are postgres,mysql,sqlite")
-	envstore.ARG_ENV_FILE = flag.String("env_file", "", "Env file path")
-	envstore.ARG_LOG_LEVEL = flag.String("log_level", "info", "Log level, possible values are debug,info,warn,error,fatal,panic")
+	cli.ARG_DB_URL = flag.String("database_url", "", "Database connection string")
+	cli.ARG_DB_TYPE = flag.String("database_type", "", "Database type, possible values are postgres,mysql,sqlite")
+	cli.ARG_ENV_FILE = flag.String("env_file", "", "Env file path")
+	cli.ARG_LOG_LEVEL = flag.String("log_level", "info", "Log level, possible values are debug,info,warn,error,fatal,panic")
+	cli.ARG_REDIS_URL = flag.String("redis_url", "", "Redis connection string")
 	flag.Parse()
 
 	// global log level
 	logrus.SetFormatter(LogUTCFormatter{&logrus.JSONFormatter{}})
-	logrus.SetReportCaller(true)
 
 	// log instance for gin server
 	log := logrus.New()
 	log.SetFormatter(LogUTCFormatter{&logrus.JSONFormatter{}})
-	log.SetReportCaller(true)
 
 	var logLevel logrus.Level
-	switch *envstore.ARG_LOG_LEVEL {
+	switch *cli.ARG_LOG_LEVEL {
 	case "debug":
 		logLevel = logrus.DebugLevel
 	case "info":
@@ -62,14 +61,26 @@ func main() {
 	logrus.SetLevel(logLevel)
 	log.SetLevel(logLevel)
 
+	// show file path in log for debug or other log levels.
+	if logLevel != logrus.InfoLevel {
+		logrus.SetReportCaller(true)
+		log.SetReportCaller(true)
+	}
+
 	constants.VERSION = VERSION
 
-	// initialize required envs (mainly db & env file path)
-	err := env.InitRequiredEnv()
+	// initialize required envs (mainly db, env file path and redis)
+	err := memorystore.InitRequiredEnv()
 	if err != nil {
 		log.Fatal("Error while initializing required envs: ", err)
 	}
 
+	// initialize memory store
+	err = memorystore.InitMemStore()
+	if err != nil {
+		log.Fatal("Error while initializing memory store: ", err)
+	}
+
 	// initialize db provider
 	err = db.InitDB()
 	if err != nil {
@@ -89,12 +100,6 @@ func main() {
 		log.Fatalln("Error while persisting env: ", err)
 	}
 
-	// initialize session store (redis or in-memory based on env)
-	err = sessionstore.InitSession()
-	if err != nil {
-		log.Fatalln("Error while initializing session store: ", err)
-	}
-
 	// initialize oauth providers based on env
 	err = oauth.InitOAuth()
 	if err != nil {
@@ -103,5 +108,11 @@ func main() {
 
 	router := routes.InitRouter(log)
 	log.Info("Starting Authorizer: ", VERSION)
-	router.Run(":" + envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyPort))
+	port, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyPort)
+	if err != nil {
+		log.Info("Error while getting port from env using default port 8080: ", err)
+		port = "8080"
+	}
+
+	router.Run(":" + port)
 }

server/memorystore/memory_store.go

@@ -0,0 +1,77 @@
+package memorystore
+
+import (
+	"encoding/json"
+
+	log "github.com/sirupsen/logrus"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/memorystore/providers"
+	"github.com/authorizerdev/authorizer/server/memorystore/providers/inmemory"
+	"github.com/authorizerdev/authorizer/server/memorystore/providers/redis"
+)
+
+// Provider returns the current database provider
+var Provider providers.Provider
+
+// InitMemStore initializes the memory store
+func InitMemStore() error {
+	var err error
+
+	defaultEnvs := map[string]interface{}{
+		// string envs
+		constants.EnvKeyJwtRoleClaim:     "role",
+		constants.EnvKeyOrganizationName: "Authorizer",
+		constants.EnvKeyOrganizationLogo: "https://www.authorizer.dev/images/logo.png",
+
+		// boolean envs
+		constants.EnvKeyDisableBasicAuthentication: false,
+		constants.EnvKeyDisableMagicLinkLogin:      false,
+		constants.EnvKeyDisableEmailVerification:   false,
+		constants.EnvKeyDisableLoginPage:           false,
+		constants.EnvKeyDisableSignUp:              false,
+		constants.EnvKeyDisableStrongPassword:      false,
+	}
+
+	requiredEnvs := RequiredEnvStoreObj.GetRequiredEnv()
+	requiredEnvMap := make(map[string]interface{})
+	requiredEnvBytes, err := json.Marshal(requiredEnvs)
+	if err != nil {
+		log.Debug("Error while marshalling required envs: ", err)
+		return err
+	}
+	err = json.Unmarshal(requiredEnvBytes, &requiredEnvMap)
+	if err != nil {
+		log.Debug("Error while unmarshalling required envs: ", err)
+		return err
+	}
+
+	// merge default envs with required envs
+	for key, val := range requiredEnvMap {
+		defaultEnvs[key] = val
+	}
+
+	redisURL := requiredEnvs.RedisURL
+	if redisURL != "" && !requiredEnvs.disableRedisForEnv {
+		log.Info("Initializing Redis memory store")
+		Provider, err = redis.NewRedisProvider(redisURL)
+		if err != nil {
+			return err
+		}
+
+		// set default envs in redis
+		Provider.UpdateEnvStore(defaultEnvs)
+
+		return nil
+	}
+
+	log.Info("using in memory store to save sessions")
+	// if redis url is not set use in memory store
+	Provider, err = inmemory.NewInMemoryProvider()
+	if err != nil {
+		return err
+	}
+	// set default envs in local env
+	Provider.UpdateEnvStore(defaultEnvs)
+	return nil
+}