ISSUE #398

Author: vladyslav-fenchak

packages/plugins/minos-discovery-kong/minos/plugins/kong/client.py

@@ -90,6 +90,7 @@ async def create_route(
         methods: list[str],
         paths: list[str],
         service: str,
+        regex_priority: int,
         strip_path: bool = False,
     ):
         url = f"{endpoint}/routes"
@@ -98,6 +99,7 @@ async def create_route(
             "methods": methods,
             "paths": paths,
             "service": {"id": service},
+            "regex_priority": regex_priority,
             "strip_path": strip_path,
         }
 
@@ -180,7 +182,7 @@ async def activate_jwt_plugin_on_route(self, route_id: str):
             resp = await client.post(f"{self.route}/routes/{route_id}/plugins", json=payload)
             return resp
 
-    async def get_jwt_token(
+    async def generate_jwt_token(
         self, key: str, secret: str, algorithm: str = "HS256", exp: datetime = None, nbf: datetime = None
     ) -> str:
         payload = {"iss": key, "exp": exp, "nbf": nbf}
@@ -194,3 +196,17 @@ async def get_jwt_token(
             payload["nbf"] = current
 
         return jwt.encode(payload, secret, algorithm=algorithm)
+
+    @staticmethod
+    async def decode_token(token: str, algorithm: str = "HS256"):
+        return jwt.decode(token, options={"verify_signature": False}, algorithms=[algorithm])
+
+    async def get_jwt_by_id(self, id: str):
+        async with httpx.AsyncClient() as client:
+            resp = await client.get(f"{self.route}/jwts/{id}")
+            return resp
+
+    async def get_consumer_jwts(self, consumer: str):
+        async with httpx.AsyncClient() as client:
+            resp = await client.get(f"{self.route}/consumers/{consumer}/jwt")
+            return resp

packages/plugins/minos-discovery-kong/minos/plugins/kong/discovery.py

@@ -103,13 +103,18 @@ async def subscribe(
         for endpoint in endpoints:
             endpointClass = Endpoint(endpoint["url"])
 
+            regex_priority = 0
+            if "regex_priority" in endpoint:
+                regex_priority = endpoint["regex_priority"]
+
             fn = partial(
                 self.client.create_route,
                 self.route,
                 ["http"],
                 [endpoint["method"]],
                 [endpointClass.path_as_str],
                 content_service["id"],
+                regex_priority,
                 False,
             )
             response = await self.with_circuit_breaker(fn)  # send the route request

packages/plugins/minos-discovery-kong/tests/test_kong/test_client.py

@@ -151,6 +151,7 @@ async def test_activate_basic_auth_plugin_on_route(self):
             methods=["GET"],
             paths=["/foo"],
             service=res["id"],
+            regex_priority=2,
             strip_path=False,
         )
 
@@ -178,6 +179,7 @@ async def test_activate_jwt_plugin_on_route(self):
             methods=["GET"],
             paths=["/foo"],
             service=res["id"],
+            regex_priority=0,
             strip_path=False,
         )
 
@@ -201,7 +203,7 @@ async def test_jwt_token_generation(self):
         self.assertTrue(201 == response.status_code)
         resp = response.json()
 
-        token = await self.kong.get_jwt_token(key=resp["key"], secret=resp["secret"])
+        token = await self.kong.generate_jwt_token(key=resp["key"], secret=resp["secret"])
 
         self.assertGreater(len(token), 50)
 
@@ -219,7 +221,7 @@ async def test_jwt_token_generation_with_expiration(self):
         resp = response.json()
 
         current = datetime.now(tz=utc)
-        token = await self.kong.get_jwt_token(
+        token = await self.kong.generate_jwt_token(
             key=resp["key"],
             secret=resp["secret"],
             exp=current + timedelta(minutes=10),
@@ -228,6 +230,56 @@ async def test_jwt_token_generation_with_expiration(self):
 
         self.assertGreater(len(token), 50)
 
+    async def test_token_decode(self):
+        res = await self.kong.decode_token(
+            "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJ5ZTBRdURsNG03UW1qbnpFR0pJaUVyQnZieFBqSXM3VyIsImV4cCI6MTY1"
+            "MDM2NzE0NywibmJmIjoxNjUwMzY3MDI3fQ.SDH5Zq1mUSU0GkCyC_kF81_uoiF45u62Hgwnuv4wl5U")
+        self.assertIn('iss', res)
+        self.assertIn('exp', res)
+        self.assertIn('nbf', res)
+
+    async def test_get_token_by_id(self):
+        user_uuid = uuid4()
+        user_name = self.generate_underscore_uuid()
+        response = await self.kong.create_consumer(username=user_name, user=user_uuid, tags=[])
+
+        self.assertTrue(201 == response.status_code)
+        resp = response.json()
+
+        response = await self.kong.add_jwt_to_consumer(consumer=resp["id"])
+
+        self.assertTrue(201 == response.status_code)
+        resp = response.json()
+
+        token = await self.kong.generate_jwt_token(key=resp["key"], secret=resp["secret"])
+
+        self.assertGreater(len(token), 50)
+
+        response = await self.kong.get_jwt_by_id(resp['id'])
+        self.assertTrue(200 == response.status_code)
+        resp = response.json()
+
+        self.assertIn('key', resp)
+        self.assertIn('secret', resp)
+
+    async def test_get_consumer_jwts(self):
+        user_uuid = uuid4()
+        user_name = self.generate_underscore_uuid()
+        response = await self.kong.create_consumer(username=user_name, user=user_uuid, tags=[])
+
+        self.assertTrue(201 == response.status_code)
+        resp = response.json()
+        consumer_id = resp["id"]
+        response = await self.kong.add_jwt_to_consumer(consumer=resp["id"])
+
+        self.assertTrue(201 == response.status_code)
+
+        response = await self.kong.get_consumer_jwts(consumer_id)
+        self.assertTrue(200 == response.status_code)
+        resp = response.json()
+
+        self.assertEqual(len(resp['data']), 1)
+
 
 class TestKongClientFromConfig(unittest.IsolatedAsyncioTestCase):
     KONG_HOST = os.getenv("KONG_HOST", "localhost")

packages/plugins/minos-discovery-kong/tests/test_kong/test_discovery.py

@@ -87,9 +87,9 @@ async def test_subscribe_with_auth(self):
             5660,
             name,
             [
-                {"url": "/", "method": "GET", "authenticated": True, "authorized_groups": ["super_admin", "admin"]},
-                {"url": "/foo", "method": "POST", "authenticated": True, "authorized_groups": ["super_admin", "admin"]},
-                {"url": "/bar", "method": "GET", "authenticated": True, "authorized_groups": ["super_admin", "admin"]},
+                {"url": "/", "method": "GET", "authenticated": True, "authorized_groups": ["super_admin", "admin"], "regex_priority": 0},
+                {"url": "/foo", "method": "POST", "authenticated": True, "authorized_groups": ["super_admin", "admin"], "regex_priority": 0},
+                {"url": "/bar", "method": "GET", "authenticated": True, "authorized_groups": ["super_admin", "admin"], "regex_priority": 0},
             ],
         )
         self.assertTrue(201 == response.status_code)