Merge pull request #44 from sdslabs/Update-Kratos

Update kratos

Makefile

@@ -7,6 +7,15 @@ GOIMPORTS := $(GOPATH_BIN)/goimports
 GO_PACKAGES = $(shell go list ./... | grep -v vendor)
 PACKAGE_BASE := github.com/sdslabs/nymeria
 
+DB_HOST = $(shell awk '/db:/,/db_name:/' config.yaml | grep 'host:' | sed -n 's/.*host: *"\?\([^"]*\)"\?/\1/p')
+DB_PORT = $(shell awk '/db:/,/db_name:/' config.yaml | grep 'port:' | sed -n 's/.*port: *"\?\([^"]*\)"\?/\1/p')
+DB_USER = $(shell awk '/db:/,/db_name:/' config.yaml | grep 'user:' | sed -n 's/.*user: *"\?\([^"]*\)"\?/\1/p')
+DB_PASS = $(shell awk '/db:/,/db_name:/' config.yaml | grep 'password:' | sed -n 's/.*password: *"\?\([^"]*\)"\?/\1/p')
+DB_NAME = $(shell awk '/db:/,/db_name:/' config.yaml | grep 'db_name:' | sed -n 's/.*db_name: *"\?\([^"]*\)"\?/\1/p')
+
+UP_MIGRATION_FILE = db/migrations/000001_init_schema.up.sql
+DOWN_MIGRATION_FILE = db/migrations/000001_init_schema.down.sql
+
 .PHONY: help vendor build run dev lint format clean
 
 help:
@@ -39,7 +48,7 @@ install-golangci-lint:
 	@echo "=====> Installing golangci-lint..."
 	@curl -sSfL \
 	 	https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | \
-	 	sh -s -- -b $(GOPATH_BIN) v1.52.2
+	 	sh -s -- -b $(GOPATH_BIN) v1.62.2
 
 lint: install-golangci-lint
 	@$(GO) vet $(GO_PACKAGES)
@@ -73,4 +82,10 @@ install-air:
 	@curl -sSfL https://raw.githubusercontent.com/cosmtrek/air/master/install.sh | sh -s -- -b $(GOPATH_BIN)
 	@echo "Air installed successfully"	
 
-
+apply-migration:
+	@echo "Applying migration..."
+	PGPASSWORD=$(DB_PASS) psql -h $(DB_HOST) -p $(DB_PORT) -U $(DB_USER) -d $(DB_NAME) -f $(UP_MIGRATION_FILE)
+
+rollback-migration:
+	@echo "Rolling back migration..."
+	PGPASSWORD=$(DB_PASS) psql -h $(DB_HOST) -p $(DB_PORT) -U $(DB_USER) -d $(DB_NAME) -f $(DOWN_MIGRATION_FILE)

README.md

@@ -84,7 +84,7 @@ Enter the Kratos directory and  Change the Kratos Version to v0.10.0
 
 ```sh
  cd kratos
- git checkout v0.10.0
+ git checkout v1.3.1
 ```
 
 Download the dependencies
@@ -110,5 +110,5 @@ Copy the Kratos config file and identity schema from nymeria
 Run the following command to use Kratos in containerized form
 
 ```sh
- docker-compose -f quickstart.yml -f quickstart-standalone.yml -f quickstart-postgres.yml up --build --force-recreate
+ docker compose -f quickstart.yml -f quickstart-standalone.yml -f quickstart-postgres.yml up --build --force-recreate
 ```

api/admin.go

@@ -5,12 +5,12 @@ import (
 	"fmt"
 	"net/http"
 	"os"
-	"strconv"
-	"strings"
 
 	"github.com/gin-gonic/gin"
 
+	"github.com/sdslabs/nymeria/helper"
 	"github.com/sdslabs/nymeria/log"
+	"github.com/sdslabs/nymeria/pkg/middleware"
 	"github.com/sdslabs/nymeria/pkg/wrapper/kratos/admin"
 )
 
@@ -23,25 +23,14 @@ func HandleCreateIdentityFlow(c *gin.Context) {
 	if err != nil {
 		log.ErrorLogger("Unable to process JSON body", err)
 
-		errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
+		errCode := helper.ExtractErrorCode(err)
 		c.JSON(errCode, gin.H{
 			"error":   err.Error(),
 			"message": "Unable to process JSON body",
 		})
 		return
 	}
 
-	if err != nil {
-		log.ErrorLogger("Unable to convert JSON to map", err)
-
-		errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
-		c.JSON(errCode, gin.H{
-			"error":   err.Error(),
-			"message": "Unable to convert JSON to map",
-		})
-		return
-	}
-
 	createdIdentity, r, err := admin.CreateIdentityFlowWrapper(t)
 
 	if err != nil {
@@ -75,7 +64,7 @@ func HandleGetIdentityFlow(c *gin.Context) {
 	if err != nil {
 		log.ErrorLogger("Unable to convert map to json", err)
 
-		errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
+		errCode := helper.ExtractErrorCode(err)
 		c.JSON(errCode, gin.H{
 			"error":   err.Error(),
 			"message": "Unable to convert map to json",
@@ -90,7 +79,7 @@ func HandleGetIdentityFlow(c *gin.Context) {
 	if err != nil {
 		log.ErrorLogger("Unable to convert JSON to map", err)
 
-		errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
+		errCode := helper.ExtractErrorCode(err)
 		c.JSON(errCode, gin.H{
 			"error":   err.Error(),
 			"message": "Unable to convert JSON to map",
@@ -113,14 +102,35 @@ func HandleDeleteIdentityFlow(c *gin.Context) {
 	if err != nil {
 		log.ErrorLogger("Unable to process JSON body", err)
 
-		errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
+		errCode := helper.ExtractErrorCode(err)
 		c.JSON(errCode, gin.H{
 			"error":   err.Error(),
 			"message": "Unable to process JSON body",
 		})
 		return
 	}
 
+	session, err := middleware.GetSession(c)
+	if err != nil {
+		log.ErrorLogger("Unable to get session", err)
+		errCode := helper.ExtractErrorCode(err)
+		c.JSON(errCode, gin.H{
+			"error":   err.Error(),
+			"message": "Unable to get session",
+		})
+		return
+	}
+	identity := session.GetIdentity()
+	id := identity.GetId()
+
+	if id == t.Identity {
+		c.JSON(http.StatusBadRequest, gin.H{
+			"error":   "Bad request",
+			"message": "Cannot delete own identity",
+		})
+		return
+	}
+
 	r, err := admin.DeleteIdentityFlowWrapper(t.Identity)
 
 	if err != nil {
@@ -159,14 +169,35 @@ func HandleBanIdentity(c *gin.Context) {
 	if err != nil {
 		log.ErrorLogger("Unable to process JSON body", err)
 
-		errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
+		errCode := helper.ExtractErrorCode(err)
 		c.JSON(errCode, gin.H{
 			"error":   err.Error(),
 			"message": "Unable to process JSON body",
 		})
 		return
 	}
 
+	session, err := middleware.GetSession(c)
+	if err != nil {
+		log.ErrorLogger("Unable to get session", err)
+		errCode := helper.ExtractErrorCode(err)
+		c.JSON(errCode, gin.H{
+			"error":   err.Error(),
+			"message": "Unable to get session",
+		})
+		return
+	}
+	identity := session.GetIdentity()
+	identityId := identity.GetId()
+
+	if identityId == t.Identity {
+		c.JSON(http.StatusBadRequest, gin.H{
+			"error":   "Bad request",
+			"message": "Cannot ban own identity",
+		})
+		return
+	}
+
 	identityResult, r, err := admin.GetIdentityFlowWrapper(t.Identity)
 
 	if err != nil {
@@ -200,7 +231,7 @@ func HandleRemoveBanIdentity(c *gin.Context) {
 	if err != nil {
 		log.ErrorLogger("Unable to process JSON body", err)
 
-		errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
+		errCode := helper.ExtractErrorCode(err)
 		c.JSON(errCode, gin.H{
 			"error":   err.Error(),
 			"message": "Unable to process JSON body",
@@ -241,14 +272,35 @@ func HandleRoleSwitch(c *gin.Context) {
 	if err != nil {
 		log.ErrorLogger("Unable to process JSON body", err)
 
-		errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
+		errCode := helper.ExtractErrorCode(err)
 		c.JSON(errCode, gin.H{
 			"error":   err.Error(),
 			"message": "Unable to process JSON body",
 		})
 		return
 	}
 
+	session, err := middleware.GetSession(c)
+	if err != nil {
+		log.ErrorLogger("Unable to get session", err)
+		errCode := helper.ExtractErrorCode(err)
+		c.JSON(errCode, gin.H{
+			"error":   err.Error(),
+			"message": "Unable to get session",
+		})
+		return
+	}
+	identity := session.GetIdentity()
+	identityId := identity.GetId()
+
+	if identityId == t.Identity {
+		c.JSON(http.StatusBadRequest, gin.H{
+			"error":   "Bad request",
+			"message": "Cannot switch own role",
+		})
+		return
+	}
+
 	identityResult, r, err := admin.GetIdentityFlowWrapper(t.Identity)
 
 	if err != nil {

api/application.go

@@ -18,7 +18,7 @@ func HandleGetApplication(c *gin.Context) {
 	if err != nil {
 		log.ErrorLogger("Unable to get application data", err)
 
-		errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
+		errCode := helper.ExtractErrorCode(err)
 		c.JSON(errCode, gin.H{
 			"error":   strings.Split(err.Error(), " ")[1],
 			"message": "Unable to get application data",
@@ -39,7 +39,7 @@ func HandlePostApplication(c *gin.Context) {
 	if err != nil {
 		log.ErrorLogger("Unable to process json body", err)
 
-		errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
+		errCode := helper.ExtractErrorCode(err)
 		c.JSON(errCode, gin.H{
 			"error":   strings.Split(err.Error(), " ")[1],
 			"message": "Unable to process json body",
@@ -73,7 +73,7 @@ func HandlePutApplication(c *gin.Context) {
 	if err != nil {
 		log.ErrorLogger("Unable to process json body", err)
 
-		errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
+		errCode := helper.ExtractErrorCode(err)
 		c.JSON(errCode, gin.H{
 			"error":   strings.Split(err.Error(), " ")[1],
 			"message": "Unable to process json body",
@@ -107,7 +107,7 @@ func HandleDeleteApplication(c *gin.Context) {
 	if err != nil {
 		log.ErrorLogger("Unable to process json body", err)
 
-		errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
+		errCode := helper.ExtractErrorCode(err)
 		c.JSON(errCode, gin.H{
 			"error":   strings.Split(err.Error(), " ")[1],
 			"message": "Unable to process json body",
@@ -141,7 +141,7 @@ func HandleUpdateClientSecret(c *gin.Context) {
 	if err != nil {
 		log.ErrorLogger("Unable to process json body", err)
 
-		errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
+		errCode := helper.ExtractErrorCode(err)
 		c.JSON(errCode, gin.H{
 			"error":   strings.Split(err.Error(), " ")[1],
 			"message": "Unable to process json body",

api/login.go

@@ -8,6 +8,7 @@ import (
 	"github.com/gin-gonic/gin"
 
 	"github.com/sdslabs/nymeria/config"
+	"github.com/sdslabs/nymeria/helper"
 	"github.com/sdslabs/nymeria/log"
 	"github.com/sdslabs/nymeria/pkg/wrapper/kratos/login"
 )
@@ -19,7 +20,8 @@ func HandleGetLoginFlow(c *gin.Context) {
 	if err != nil {
 		log.ErrorLogger("Initialize Login Failed", err)
 
-		errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
+		errCode := helper.ExtractErrorCode(err)
+
 		c.JSON(errCode, gin.H{
 			"error":   err.Error(),
 			"message": "Initialize Login Failed",
@@ -42,7 +44,7 @@ func HandlePostLoginFlow(c *gin.Context) {
 	if err != nil {
 		log.ErrorLogger("Unable to process json body", err)
 
-		errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
+		errCode := helper.ExtractErrorCode(err)
 		c.JSON(errCode, gin.H{
 			"error":   err.Error(),
 			"message": "Unable to process json body",
@@ -55,28 +57,36 @@ func HandlePostLoginFlow(c *gin.Context) {
 	if err != nil {
 		log.ErrorLogger("Cookie not found", err)
 
-		errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
+		errCode := helper.ExtractErrorCode(err)
 		c.JSON(errCode, gin.H{
 			"error":   err.Error(),
 			"message": "Cookie not found",
 		})
 		return
 	}
 
-	identity, session, err := login.SubmitLoginFlowWrapper(cookie, t.FlowID, t.CsrfToken, t.Password, t.Identifier) // _ is USERID
+	identity, session, errMsg, err := login.SubmitLoginFlowWrapper(cookie, t.FlowID, t.CsrfToken, t.Password, t.Identifier) // _ is USERID
 
-	if err != nil {
+	if session == "" {
 		log.ErrorLogger("Post login flow failed", err)
 
 		errCode, _ := strconv.Atoi((strings.Split(err.Error(), " "))[0])
 		c.JSON(errCode, gin.H{
 			"error":   err.Error(),
-			"message": "Kratos post login flow failed",
+			"message": errMsg,
 		})
 		return
 	}
-
 	c.SetCookie("sdslabs_session", session, 3600, "/", config.NymeriaConfig.URL.Domain, true, true)
+
+	if err != nil {
+		c.JSON(http.StatusOK, gin.H{
+			"status": "aal1 done",
+			"person": nil,
+		})
+		return
+	}
+
 	c.JSON(http.StatusOK, gin.H{
 		"status": "user logged in",
 		"person": identity,