chore: fix all linting errors

Author: languitar

.gitignore

@@ -9,4 +9,4 @@ kotlin_gen
 /version.txt
 /node_modules
 **/.ideaconfig
-**/.mpsconfig
+**/.mpsconfig

.idea/copyright/Modelix.xml

@@ -34,4 +34,4 @@ publishing {
             from(components["kotlin"])
         }
     }
-}
+}

.idea/copyright/profiles_settings.xml

@@ -14,9 +14,9 @@
 package org.modelix.authorization
 
 import com.auth0.jwt.interfaces.DecodedJWT
-import io.ktor.server.auth.*
+import io.ktor.server.auth.Principal
 
 class AccessTokenPrincipal(val jwt: DecodedJWT) : Principal {
     fun getUserName(): String? = jwt.getClaim("email")?.asString()
         ?: jwt.getClaim("preferred_username")?.asString()
-}
+}

authorization/build.gradle.kts

@@ -15,7 +15,8 @@ package org.modelix.authorization
 
 enum class EPermissionType(vararg val includedTypes: EPermissionType) {
     READ,
-    WRITE(READ);
+    WRITE(READ),
+    ;
 
     fun includes(type: EPermissionType): Boolean = type == this || includedTypes.any { it.includes(type) }
-}
+}

authorization/src/main/kotlin/org/modelix/authorization/AccessTokenPrincipal.kt

@@ -41,13 +41,17 @@ object KeycloakUtils {
 
     val authzClient: AuthzClient by lazy {
         require(isEnabled()) { "Keycloak is not enabled" }
-        patchUrls(AuthzClient.create(Configuration(
-            BASE_URL,
-            REALM,
-            CLIENT_ID,
-            mapOf("secret" to CLIENT_SECRET),
-            null
-        )))
+        patchUrls(
+            AuthzClient.create(
+                Configuration(
+                    BASE_URL,
+                    REALM,
+                    CLIENT_ID,
+                    mapOf("secret" to CLIENT_SECRET),
+                    null,
+                ),
+            ),
+        )
     }
 
     val jwkProvider: JwkProvider by lazy {
@@ -112,11 +116,15 @@ object KeycloakUtils {
     }
 
     private fun createAccessToken(identityToken: DecodedJWT, permissions: List<Pair<String, List<String>>>): DecodedJWT {
-        return JWT.decode(authzClient.authorization(identityToken.token).authorize(AuthorizationRequest().also {
-            for (permission in permissions) {
-                it.addPermission(permission.first, permission.second)
-            }
-        }).token)
+        return JWT.decode(
+            authzClient.authorization(identityToken.token).authorize(
+                AuthorizationRequest().also {
+                    for (permission in permissions) {
+                        it.addPermission(permission.first, permission.second)
+                    }
+                },
+            ).token,
+        )
     }
 
     @Synchronized
@@ -153,18 +161,18 @@ object KeycloakUtils {
         val requests = permissions.map {
             PermissionRequest(
                 ensureResourcesExists(it.first, null).id,
-                *it.second.map { it.name }.toTypedArray()
+                *it.second.map { it.name }.toTypedArray(),
             )
         }
         val ticketResponse = authzClient.protection().permission().create(requests)
-        val authResponse = authzClient.authorization(/* service account */).authorize(AuthorizationRequest(ticketResponse.ticket))
+        val authResponse = authzClient.authorization().authorize(AuthorizationRequest(ticketResponse.ticket))
         return JWT.decode(authResponse.token)
     }
 
     @Synchronized
     fun ensureResourcesExists(
         resourceSpec: KeycloakResource,
-        owner: DecodedJWT? = null
+        owner: DecodedJWT? = null,
     ): ResourceRepresentation {
         return existingResources.get(resourceSpec.name) {
             var resource = authzClient.protection().resource().findByNameAnyOwner(resourceSpec.name)
@@ -181,15 +189,14 @@ object KeycloakUtils {
                 if (resourceSpec.type.createByUser) {
                     attributes = mapOf(
                         "created-by" to listOfNotNull(owner?.subject, owner?.getClaim("email")?.asString()),
-                        "creation-timestamp" to listOf(Instant.now().epochSecond.toString())
+                        "creation-timestamp" to listOf(Instant.now().epochSecond.toString()),
                     )
                 }
             }
             resource = protection.resource().create(resource)
             permissionCache.invalidateAll()
             return@get resource
         }
-
     }
 }
 
@@ -217,9 +224,7 @@ fun EPermissionType.toKeycloakScope(): KeycloakScope = when (this) {
     EPermissionType.WRITE -> KeycloakScope.WRITE
 }
 
-data class KeycloakResource(val name: String, val type: KeycloakResourceType) {
-
-}
+data class KeycloakResource(val name: String, val type: KeycloakResourceType)
 
 data class KeycloakResourceType(val name: String, val scopes: Set<KeycloakScope>, val createByUser: Boolean = false) {
     fun createInstance(resourceName: String) = KeycloakResource(this.name + "/" + resourceName, this)
@@ -246,7 +251,7 @@ private fun ProtectedResource.findByNameAnyOwner(name: String): ResourceRepresen
             true,
             true,
             null,
-            null
+            null,
         )
     return resources.firstOrNull()
-}
+}

authorization/src/main/kotlin/org/modelix/authorization/EPermissionType.kt

@@ -16,20 +16,33 @@ package org.modelix.authorization
 import com.auth0.jwt.JWT
 import com.auth0.jwt.algorithms.Algorithm
 import com.auth0.jwt.interfaces.DecodedJWT
-import io.ktor.client.*
-import io.ktor.client.engine.cio.*
-import io.ktor.http.*
-import io.ktor.http.auth.*
-import io.ktor.server.application.*
-import io.ktor.server.auth.*
-import io.ktor.server.auth.jwt.*
-import io.ktor.server.plugins.forwardedheaders.*
-import io.ktor.server.plugins.statuspages.*
-import io.ktor.server.request.*
-import io.ktor.server.response.*
-import io.ktor.server.routing.*
-import io.ktor.util.*
-import io.ktor.util.pipeline.*
+import io.ktor.client.HttpClient
+import io.ktor.client.engine.cio.CIO
+import io.ktor.http.HttpStatusCode
+import io.ktor.http.auth.AuthScheme
+import io.ktor.http.auth.HttpAuthHeader
+import io.ktor.server.application.Application
+import io.ktor.server.application.ApplicationCall
+import io.ktor.server.application.ApplicationCallPipeline
+import io.ktor.server.application.call
+import io.ktor.server.application.install
+import io.ktor.server.auth.Authentication
+import io.ktor.server.auth.AuthenticationContext
+import io.ktor.server.auth.AuthenticationProvider
+import io.ktor.server.auth.authenticate
+import io.ktor.server.auth.jwt.jwt
+import io.ktor.server.auth.parseAuthorizationHeader
+import io.ktor.server.auth.principal
+import io.ktor.server.plugins.forwardedheaders.XForwardedHeaders
+import io.ktor.server.plugins.statuspages.StatusPages
+import io.ktor.server.request.header
+import io.ktor.server.response.respond
+import io.ktor.server.response.respondText
+import io.ktor.server.routing.Route
+import io.ktor.server.routing.get
+import io.ktor.server.routing.routing
+import io.ktor.util.AttributeKey
+import io.ktor.util.pipeline.PipelineContext
 import java.security.interfaces.RSAPublicKey
 
 private const val jwtAuth = "jwtAuth"
@@ -65,7 +78,7 @@ fun Application.installAuthentication(unitTestMode: Boolean = false) {
                         if (token != null) {
                             return@validate token.nullIfInvalid()?.let { AccessTokenPrincipal(it) }
                         }
-                    } catch (e : Exception) {
+                    } catch (e: Exception) {
                     }
                     null
                 }
@@ -77,11 +90,11 @@ fun Application.installAuthentication(unitTestMode: Boolean = false) {
             when (cause) {
                 is NoPermissionException -> call.respondText(
                     text = cause.message ?: "",
-                    status = HttpStatusCode.Forbidden
+                    status = HttpStatusCode.Forbidden,
                 )
                 is NotLoggedInException -> call.respondText(
                     text = cause.message ?: "",
-                    status = HttpStatusCode.Unauthorized
+                    status = HttpStatusCode.Unauthorized,
                 )
                 else -> {
                     val text = """
@@ -108,37 +121,39 @@ fun Application.installAuthentication(unitTestMode: Boolean = false) {
                     } catch (e: Exception) {
                         e.message
                     }
-                    call.respondText("""
+                    call.respondText(
+                        """
                                 |Token: ${jwt.token}
                                 |
                                 |Validation result: $validationError
                                 |
                                 |$claims
-                                |""".trimMargin())
+                                |
+                        """.trimMargin(),
+                    )
                 }
             }
         }
     }
-
 }
 
-fun Route.requiresPermission(resource: KeycloakResource, permissionType: EPermissionType, body: Route.()->Unit) {
+fun Route.requiresPermission(resource: KeycloakResource, permissionType: EPermissionType, body: Route.() -> Unit) {
     requiresPermission(resource, permissionType.toKeycloakScope(), body)
 }
 
-fun Route.requiresRead(resource: KeycloakResource, body: Route.()->Unit) {
+fun Route.requiresRead(resource: KeycloakResource, body: Route.() -> Unit) {
     requiresPermission(resource, KeycloakScope.READ, body)
 }
 
-fun Route.requiresWrite(resource: KeycloakResource, body: Route.()->Unit) {
+fun Route.requiresWrite(resource: KeycloakResource, body: Route.() -> Unit) {
     requiresPermission(resource, KeycloakScope.WRITE, body)
 }
 
-fun Route.requiresDelete(resource: KeycloakResource, body: Route.()->Unit) {
+fun Route.requiresDelete(resource: KeycloakResource, body: Route.() -> Unit) {
     requiresPermission(resource, KeycloakScope.DELETE, body)
 }
 
-fun Route.requiresPermission(resource: KeycloakResource, scope: KeycloakScope, body: Route.()->Unit) {
+fun Route.requiresPermission(resource: KeycloakResource, scope: KeycloakScope, body: Route.() -> Unit) {
     authenticate(jwtAuth) {
         intercept(ApplicationCallPipeline.Call) {
             call.checkPermission(resource, scope)
@@ -147,7 +162,7 @@ fun Route.requiresPermission(resource: KeycloakResource, scope: KeycloakScope, b
     }
 }
 
-fun Route.requiresLogin(body: Route.()->Unit) {
+fun Route.requiresLogin(body: Route.() -> Unit) {
     authenticate(jwtAuth) {
         body()
     }
@@ -215,7 +230,7 @@ fun DecodedJWT.nullIfInvalid(): DecodedJWT? {
 }
 
 private var cachedServiceAccountToken: DecodedJWT? = null
-val serviceAccountTokenProvider: ()->String = {
+val serviceAccountTokenProvider: () -> String = {
     var token: DecodedJWT? = cachedServiceAccountToken?.nullIfInvalid()
     if (token == null) {
         token = KeycloakUtils.getServiceAccountToken()

authorization/src/main/kotlin/org/modelix/authorization/KeycloakUtils.kt

@@ -13,12 +13,11 @@
  */
 package org.modelix.authorization
 
-class NoPermissionException(val user: AccessTokenPrincipal?, val resourceId: String?, val scope: String?, message: String)
-    : RuntimeException(message) {
+class NoPermissionException(val user: AccessTokenPrincipal?, val resourceId: String?, val scope: String?, message: String) :
+    RuntimeException(message) {
 
-        constructor(message: String)
-            : this(null, null, null, message)
-        constructor(user: AccessTokenPrincipal, permissionId: String, type: String)
-            : this(user, permissionId, type, "${user.getUserName()} has no $type permission on '$permissionId'")
-
-    }
+    constructor(message: String) :
+        this(null, null, null, message)
+    constructor(user: AccessTokenPrincipal, permissionId: String, type: String) :
+        this(user, permissionId, type, "${user.getUserName()} has no $type permission on '$permissionId'")
+}

authorization/src/main/kotlin/org/modelix/authorization/KtorAuthUtils.kt

@@ -13,5 +13,4 @@
  */
 package org.modelix.authorization
 
-class NotLoggedInException : RuntimeException("No valid JWT token found in the request headers") {
-}
+class NotLoggedInException : RuntimeException("No valid JWT token found in the request headers")