[BB-1588] - Add Wrap Errors With Grpc - JumpCloud Connector (#23)

* add wrap errors

* refactor client layer to handle erros and pagination in a centralized way

* use session storage as cache to get system users

* fix client package location

* address lint issues

* fix inconsistent error management for list directories

* address coderabbit comments

* fix typos

---------

Co-authored-by: Luisina Santos <luisina.santos@conductorone.com>

Author: mateoHernandez123

cmd/baton-jumpcloud/main.go

@@ -6,11 +6,17 @@ import (
 	cfg "github.com/conductorone/baton-jumpcloud/pkg/config"
 	"github.com/conductorone/baton-jumpcloud/pkg/connector"
 	"github.com/conductorone/baton-sdk/pkg/config"
+	"github.com/conductorone/baton-sdk/pkg/connectorrunner"
 )
 
 var version = "dev"
 
 func main() {
 	ctx := context.Background()
-	config.RunConnector(ctx, "baton-jumpcloud", version, cfg.ConfigurationSchema, connector.NewLambdaConnector)
+	config.RunConnector(ctx,
+		"baton-jumpcloud",
+		version,
+		cfg.ConfigurationSchema,
+		connector.NewLambdaConnector,
+		connectorrunner.WithSessionStoreEnabled())
 }

go.sum

@@ -0,0 +1,265 @@
+package client
+
+import (
+	"context"
+
+	"github.com/conductorone/baton-jumpcloud/pkg/client/extension"
+	"github.com/conductorone/baton-jumpcloud/pkg/client/jcapi1"
+	"github.com/conductorone/baton-jumpcloud/pkg/client/jcapi2"
+	"github.com/conductorone/baton-sdk/pkg/uhttp"
+)
+
+type Client struct {
+	_client1        *jcapi1.APIClient
+	_client2        *jcapi2.APIClient
+	extensionClient *uhttp.BaseHttpClient
+	apiKey          string
+	orgId           string
+}
+
+func NewClient(ctx context.Context, apiKey string, orgId string) (*Client, error) {
+	httpClient, err := uhttp.NewClient(ctx, uhttp.WithLogger(true, nil), uhttp.WithUserAgent("baton-jumpcloud/0.1.0"))
+	if err != nil {
+		return nil, err
+	}
+
+	cc1 := jcapi1.NewConfiguration()
+	cc1.HTTPClient = httpClient
+	cc1.UserAgent = "baton-jumpcloud/0.1.0"
+
+	cc2 := jcapi2.NewConfiguration()
+	cc2.HTTPClient = httpClient
+	cc2.UserAgent = "baton-jumpcloud/0.1.0"
+
+	if orgId != "" {
+		// optional, only needed by API keys linked to multi-tenant admins
+		cc1.AddDefaultHeader("x-org-id", orgId)
+		cc2.AddDefaultHeader("x-org-id", orgId)
+	}
+
+	client1 := jcapi1.NewAPIClient(cc1)
+	client2 := jcapi2.NewAPIClient(cc2)
+
+	baseHttpClient, err := uhttp.NewBaseHttpClientWithContext(ctx, httpClient)
+	if err != nil {
+		return nil, err
+	}
+
+	return &Client{
+		_client1:        client1,
+		_client2:        client2,
+		extensionClient: baseHttpClient,
+		apiKey:          apiKey,
+		orgId:           orgId,
+	}, nil
+}
+
+func (jc *Client) client1(ctx context.Context) (context.Context, *jcapi1.APIClient) {
+	return context.WithValue(ctx, jcapi1.ContextAPIKeys, map[string]jcapi1.APIKey{
+		"x-api-key": {
+			Key: jc.apiKey,
+		},
+	}), jc._client1
+}
+
+func (jc *Client) client2(ctx context.Context) (context.Context, *jcapi2.APIClient) {
+	return context.WithValue(ctx, jcapi2.ContextAPIKeys, map[string]jcapi2.APIKey{
+		"x-api-key": {
+			Key: jc.apiKey,
+		},
+	}), jc._client2
+}
+
+func (jc *Client) ListDirectories(ctx context.Context, opts *Options) ([]jcapi2.Directory, error) {
+	ctx, client := jc.client2(ctx)
+
+	if opts == nil {
+		opts = &Options{}
+	}
+	limit := opts.getLimit()
+	page := opts.getPage()
+	directories, resp, err := client.DirectoriesApi.DirectoriesList(ctx).Limit(limit).Skip(page).Execute()
+	if err != nil {
+		return nil, wrapSDKError(err, resp, "failed to list directories")
+	}
+
+	defer resp.Body.Close()
+
+	return directories, nil
+}
+
+func (jc *Client) GetUserByID(ctx context.Context, userID string) (*jcapi1.Userreturn, error) {
+	userGetRequest := &extension.UserGetRequest{
+		Client: jc.extensionClient,
+		ApiKey: jc.apiKey,
+		OrgId:  jc.orgId,
+		UserID: userID,
+	}
+
+	user, resp, err := userGetRequest.Execute(ctx)
+	if err != nil {
+		return nil, wrapSDKError(err, resp, "failed to get user by ID")
+	}
+	defer resp.Body.Close()
+
+	return user, nil
+}
+
+func (jc *Client) ListSystemUsers(ctx context.Context, opts *Options) ([]jcapi1.Systemuserreturn, string, error) {
+	ctx, client := jc.client1(ctx)
+
+	if opts == nil {
+		opts = &Options{}
+	}
+	limit := opts.getLimit()
+	page := opts.getPage()
+	systemUsers, resp, err := client.SystemusersApi.SystemusersList(ctx).Skip(page).Limit(limit).Execute()
+	if err != nil {
+		return nil, "", wrapSDKError(err, resp, "failed to list users")
+	}
+	defer resp.Body.Close()
+
+	pageToken := getNextPageToken(len(systemUsers.Results), page)
+
+	return systemUsers.Results, pageToken, nil
+}
+
+func (jc *Client) ListAdminUsers(ctx context.Context, opts *Options) ([]jcapi1.Userreturn, string, error) {
+	if opts == nil {
+		opts = &Options{}
+	}
+	page := opts.getPage()
+
+	userListRequest := &extension.UserListRequest{
+		Client: jc.extensionClient,
+		ApiKey: jc.apiKey,
+		OrgId:  jc.orgId,
+	}
+
+	users, resp, err := userListRequest.Skip(page).Execute(ctx)
+	if err != nil {
+		return nil, "", wrapSDKError(err, resp, "failed to list admin users")
+	}
+	defer resp.Body.Close()
+
+	pageToken := getNextPageToken(len(users), page)
+
+	return users, pageToken, nil
+}
+
+func (jc *Client) GetSystemUserByID(ctx context.Context, userID string) (*jcapi1.Systemuserreturn, error) {
+	ctx, client := jc.client1(ctx)
+
+	user, resp, err := client.SystemusersApi.SystemusersGet(ctx, userID).Execute()
+	if err != nil {
+		return nil, wrapSDKError(err, resp, "failed to fetch system user by ID")
+	}
+	defer resp.Body.Close()
+
+	return user, nil
+}
+
+func (jc *Client) ListGroups(ctx context.Context, opts *Options) ([]jcapi2.UserGroup, string, error) {
+	ctx, client := jc.client2(ctx)
+
+	if opts == nil {
+		opts = &Options{}
+	}
+	limit := opts.getLimit()
+	page := opts.getPage()
+	groups, resp, err := client.UserGroupsApi.GroupsUserList(ctx).Skip(page).Limit(limit).Execute()
+	if err != nil {
+		return nil, "", wrapSDKError(err, resp, "failed to list groups")
+	}
+	defer resp.Body.Close()
+
+	pageToken := getNextPageToken(len(groups), page)
+	return groups, pageToken, nil
+}
+
+func (jc *Client) ListGroupMembers(ctx context.Context, groupID string, opts *Options) ([]jcapi2.GraphConnection, string, error) {
+	ctx, client := jc.client2(ctx)
+
+	if opts == nil {
+		opts = &Options{}
+	}
+	limit := opts.getLimit()
+	page := opts.getPage()
+	members, resp, err := client.UserGroupMembersMembershipApi.GraphUserGroupMembersList(ctx, groupID).Skip(page).Limit(limit).Execute()
+	if err != nil {
+		return nil, "", wrapSDKError(err, resp, "failed to list group members")
+	}
+	defer resp.Body.Close()
+
+	pageToken := getNextPageToken(len(members), page)
+	return members, pageToken, nil
+}
+
+func (jc *Client) AddGroupMember(ctx context.Context, groupID string, memberID string) error {
+	ctx, client := jc.client2(ctx)
+
+	resp, err := client.UserGroupMembersMembershipApi.GraphUserGroupMembersPost(ctx, groupID).Body(jcapi2.GraphOperationUserGroupMember{
+		Id:   memberID,
+		Op:   "add",
+		Type: "user",
+	}).Execute()
+	if err != nil {
+		return wrapSDKError(err, resp, "failed to add group member")
+	}
+	defer resp.Body.Close()
+
+	return nil
+}
+
+func (jc *Client) RemoveGroupMember(ctx context.Context, groupID string, memberID string) error {
+	ctx, client := jc.client2(ctx)
+
+	resp, err := client.UserGroupMembersMembershipApi.GraphUserGroupMembersPost(ctx, groupID).Body(jcapi2.GraphOperationUserGroupMember{
+		Id:   memberID,
+		Op:   "remove",
+		Type: "user",
+	}).Execute()
+	if err != nil {
+		return wrapSDKError(err, resp, "failed to remove group member")
+	}
+	defer resp.Body.Close()
+
+	return nil
+}
+
+func (jc *Client) ListApplications(ctx context.Context, opts *Options) ([]jcapi1.Application, string, error) {
+	ctx, client := jc.client1(ctx)
+
+	if opts == nil {
+		opts = &Options{}
+	}
+	limit := opts.getLimit()
+	page := opts.getPage()
+	applications, resp, err := client.ApplicationsApi.ApplicationsList(ctx).Skip(page).Limit(limit).Execute()
+	if err != nil {
+		return nil, "", wrapSDKError(err, resp, "failed to list applications")
+	}
+	defer resp.Body.Close()
+
+	pageToken := getNextPageToken(len(applications.Results), page)
+	return applications.Results, pageToken, nil
+}
+
+func (jc *Client) ListApplicationAssociations(ctx context.Context, applicationID string, opts *Options) ([]jcapi2.GraphConnection, string, error) {
+	ctx, client := jc.client2(ctx)
+
+	if opts == nil {
+		opts = &Options{}
+	}
+	limit := opts.getLimit()
+	page := opts.getPage()
+	targets := opts.getTargets()
+	associations, resp, err := client.ApplicationsApi.GraphApplicationAssociationsList(ctx, applicationID).Skip(page).Limit(limit).Targets(targets).Execute()
+	if err != nil {
+		return nil, "", wrapSDKError(err, resp, "failed to list application associations")
+	}
+	defer resp.Body.Close()
+
+	pageToken := getNextPageToken(len(associations), page)
+	return associations, pageToken, nil
+}

pkg/client/client.go

@@ -0,0 +1,110 @@
+package extension
+
+import (
+	"context"
+	"net/http"
+	"net/url"
+	"strconv"
+
+	"github.com/conductorone/baton-jumpcloud/pkg/client/jcapi1"
+	"github.com/conductorone/baton-sdk/pkg/uhttp"
+)
+
+type UserListRequest struct {
+	Client *uhttp.BaseHttpClient
+	ApiKey string
+	OrgId  string
+	Page   int32
+}
+
+type listUserResponse struct {
+	TotalCount int64               `json:"totalCount"`
+	Results    []jcapi1.Userreturn `json:"results"`
+}
+
+func (ulr *UserListRequest) Skip(skip int32) *UserListRequest {
+	ulr.Page = skip
+	return ulr
+}
+
+func (ulr *UserListRequest) Execute(ctx context.Context) ([]jcapi1.Userreturn, *http.Response, error) {
+	// curl --request PUT \
+	// --url https://console.jumpcloud.com/api/users/{id} \
+	// --header 'content-type: application/json' \
+	// --header 'x-api-key: REPLACE_KEY_VALUE' \
+	// --header 'x-org-id: ' \
+	// --data '{"email":"user@example.com","enableMultiFactor":true,"firstname":"string","growthData":{},"lastWhatsNewChecked":"2019-08-24","lastname":"string","roleName":"string"}'
+	//
+	// JumpCloud doesn't export the List endpoint in their
+	// OpenAPI spec, but they do export the PUT...
+	// .... so.. here we go!
+
+	qp := url.Values{}
+	if ulr.Page != 0 {
+		qp.Set("skip", strconv.FormatInt(int64(ulr.Page), 10))
+	}
+
+	u := &url.URL{
+		Scheme:   "https",
+		Host:     "console.jumpcloud.com",
+		Path:     "/api/users",
+		RawQuery: qp.Encode(),
+	}
+
+	var reqOpts []uhttp.RequestOption
+	reqOpts = append(reqOpts, uhttp.WithAcceptJSONHeader())
+	reqOpts = append(reqOpts, uhttp.WithHeader("x-api-key", ulr.ApiKey))
+	if ulr.OrgId != "" {
+		reqOpts = append(reqOpts, uhttp.WithHeader("x-org-id", ulr.OrgId))
+	}
+
+	req, err := ulr.Client.NewRequest(ctx, http.MethodGet, u, reqOpts...)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	rv := &listUserResponse{}
+	resp, err := ulr.Client.Do(req, uhttp.WithJSONResponse(rv))
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return rv.Results, resp, nil
+}
+
+type UserGetRequest struct {
+	Client *uhttp.BaseHttpClient
+	ApiKey string
+	OrgId  string
+	UserID string
+}
+
+// Execute fetches an admin user by ID.
+// Uses uhttp.Do() with WithJSONResponse for automatic JSON unmarshaling and error handling.
+func (ugr *UserGetRequest) Execute(ctx context.Context) (*jcapi1.Userreturn, *http.Response, error) {
+	u := &url.URL{
+		Scheme: "https",
+		Host:   "console.jumpcloud.com",
+		Path:   "/api/users/" + url.PathEscape(ugr.UserID),
+	}
+
+	var reqOpts []uhttp.RequestOption
+	reqOpts = append(reqOpts, uhttp.WithAcceptJSONHeader())
+	reqOpts = append(reqOpts, uhttp.WithHeader("x-api-key", ugr.ApiKey))
+	if ugr.OrgId != "" {
+		reqOpts = append(reqOpts, uhttp.WithHeader("x-org-id", ugr.OrgId))
+	}
+
+	req, err := ugr.Client.NewRequest(ctx, http.MethodGet, u, reqOpts...)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	rv := &jcapi1.Userreturn{}
+	resp, err := ugr.Client.Do(req, uhttp.WithJSONResponse(rv))
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return rv, resp, nil
+}