enhanced auth

viant · Jan 2, 2025 · c6d0cf1 · c6d0cf1
1 parent 56e79db
commit c6d0cf1
Show file tree

Hide file tree

Showing 7 changed files with 27 additions and 20 deletions.
diff --git a/cmd/options/auth.go b/cmd/options/auth.go
@@ -9,8 +9,8 @@ type (
 	Auth struct {
 		HMAC     string     `short:"A" long:"jwtHMAC" description:"HMACKeyPath|EncKey" `
 		RSA      string     `short:"J" long:"jwtRSA" description:"PublicKeyPath|EncKey" `
-		Firebase string     `short:"F" long:"firebase" description:"Firebase secrets" `
-		Cognito  string     `short:"T" long:"cognito" description:"Cognito pollId|secrets" `
+		Firebase string     `short:"F" long:"firebase" description:"Firebase secrets;WebAPIKey secret" `
+		Cognito  string     `short:"T" long:"cognito" description:"secrets|EncKey" `
 		Custom   CustomAuth `short:"E" long:"customAuth" description:"Custom AuthSQL" `
 	}
 )

diff --git a/doc/security/README.md b/doc/security/README.md
@@ -36,6 +36,7 @@ Datly uses Oauth Identity token with JWT Claims verification with one of the fol
 - **config.JWTValidator** allows you to specify RSA, HMAC or Public OAth Certificate base authentication. 
 - **config.Cognito** allows you to specify Cognito integration settings.
 
+
 The following dql examples, defines $Jwt header based parameter with JWTClaim codec 
 and Authentication data view parameters to check if UserID from JWT Claims exists in USERS table.
 
@@ -134,7 +135,9 @@ or Cognito to get certificate generate for the AWS user pool.
     },
     "CertURL": "public_cert_url"
   },
-  "Cognito": {}
+  "Cognito": {
+
+  }
 }
 ```
 

diff --git a/go.mod b/go.mod
@@ -30,7 +30,7 @@ require (
 	github.com/viant/godiff v0.4.1
 	github.com/viant/parsly v0.3.3-0.20240717150634-e1afaedb691b
 	github.com/viant/pgo v0.11.0
-	github.com/viant/scy v0.14.0
+	github.com/viant/scy v0.15.1
 	github.com/viant/sqlx v0.16.2
 	github.com/viant/structql v0.5.2
 	github.com/viant/toolbox v0.36.0
@@ -52,7 +52,7 @@ require (
 	github.com/viant/aerospike v0.2.11-0.20241108195857-ed524b97800d
 	github.com/viant/structology v0.6.1
 	github.com/viant/tagly v0.2.1-0.20240521205717-55de744e893c
-	github.com/viant/xdatly v0.5.4-0.20241017200152-dec35dd60752
+	github.com/viant/xdatly v0.5.4-0.20241231172300-89f1db57f47a
 	github.com/viant/xdatly/extension v0.0.0-20231013204918-ecf3c2edf259
 	github.com/viant/xdatly/handler v0.0.0-20241231172300-89f1db57f47a
 	github.com/viant/xdatly/types/core v0.0.0-20240109065401-9758ebacb4bb
@@ -146,5 +146,3 @@ require (
 	google.golang.org/protobuf v1.33.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 )
-
-replace github.com/viant/xdatly/handler => ../xdatly/handler
diff --git a/go.sum b/go.sum
@@ -1115,8 +1115,10 @@ github.com/viant/parsly v0.3.3-0.20240717150634-e1afaedb691b h1:3q166tV28yFdbFV+
 github.com/viant/parsly v0.3.3-0.20240717150634-e1afaedb691b/go.mod h1:85fneXJbErKMGhSQto3A5ElTQCwl3t74U9cSV0waBHw=
 github.com/viant/pgo v0.11.0 h1:PNuYVhwTfyrAHGBO6lxaMFuHP4NkjKV8ULecz3OWk8c=
 github.com/viant/pgo v0.11.0/go.mod h1:MFzHmkRFZlciugEgUvpl/3grK789PBSH4dUVSLOSo+Q=
-github.com/viant/scy v0.14.0 h1:lk5gYVEQCSttvQEtj3Pz4Z54OYzbShhkt31gzIi22A0=
-github.com/viant/scy v0.14.0/go.mod h1:yHDc9YmfDqhxiMPZcCRS+rb9KUjMNZniWZ9LMQoM0KI=
+github.com/viant/scy v0.15.0 h1:xu5WJXZcpJbPccc8ahsWjKZWGgx0TM81t8pNmvMnHd4=
+github.com/viant/scy v0.15.0/go.mod h1:yHDc9YmfDqhxiMPZcCRS+rb9KUjMNZniWZ9LMQoM0KI=
+github.com/viant/scy v0.15.1 h1:wHAjDu4dwwKGrHPrk+T7FiRwbCl52qIE3CXunlTkNjE=
+github.com/viant/scy v0.15.1/go.mod h1:yHDc9YmfDqhxiMPZcCRS+rb9KUjMNZniWZ9LMQoM0KI=
 github.com/viant/sqlparser v0.7.5 h1:LLJ/Y2uaqDKm94U2mr6ewnBuNl3L3+nvkDFRolM6w5M=
 github.com/viant/sqlparser v0.7.5/go.mod h1:2QRGiGZYk2/pjhORGG1zLVQ9JO+bXFhqIVi31mkCRPg=
 github.com/viant/sqlx v0.16.2 h1:8IJiWrEt83kjcR4RplWtUDUodxyIo9p5lH0oL0693nk=
@@ -1137,8 +1139,12 @@ github.com/viant/x v0.3.0 h1:/3A0z/uySGxMo6ixH90VAcdjI00w5e3REC1zg5hzhJA=
 github.com/viant/x v0.3.0/go.mod h1:54jP3qV+nnQdNDaWxEwGTAAzCu9sx9er9htiwTW/Mcw=
 github.com/viant/xdatly v0.5.4-0.20241017200152-dec35dd60752 h1:hAJkO/OOnaeF5ZrKbdJAhpFN0macbfxVWVYjNnV2py0=
 github.com/viant/xdatly v0.5.4-0.20241017200152-dec35dd60752/go.mod h1:YwNS31k5r1Ldw5s7wmQXUKaalN6BWcfX9qePO/b/ilc=
+github.com/viant/xdatly v0.5.4-0.20241231172300-89f1db57f47a h1:oddMZ6BxJysW+PPJED6/3hngyH9+QvlP6fAc25i/YoA=
+github.com/viant/xdatly v0.5.4-0.20241231172300-89f1db57f47a/go.mod h1:7PvSJ8wDt1nESDFZSkVxPo5GKuPrJdCk5a5jRhPPub8=
 github.com/viant/xdatly/extension v0.0.0-20231013204918-ecf3c2edf259 h1:9Yry3PUBDzc4rWacOYvAq/TKrTV0agvMF0gwm2gaoHI=
 github.com/viant/xdatly/extension v0.0.0-20231013204918-ecf3c2edf259/go.mod h1:fb8YgbVadk8X5ZLz49LWGzWmQlZd7Y/I5wE0ru44bIo=
+github.com/viant/xdatly/handler v0.0.0-20241231172300-89f1db57f47a h1:ERyZGu1drynEIQ/NIBkY675hbulFjw8WpGKYILHXmn0=
+github.com/viant/xdatly/handler v0.0.0-20241231172300-89f1db57f47a/go.mod h1:LRFkkkCHUPdvoVG1r6TdH98Z6CF86pLfzjfrLYhRNGY=
 github.com/viant/xdatly/types/core v0.0.0-20240109065401-9758ebacb4bb h1:X4emK6TIR6IXiFlQz9wEdCi5RJMG3dg3e8+VLQ2zhnM=
 github.com/viant/xdatly/types/core v0.0.0-20240109065401-9758ebacb4bb/go.mod h1:LJN2m8xJjtYNCvyvNrVanJwvzj8+hYCuPswL8H4qRG0=
 github.com/viant/xdatly/types/custom v0.0.0-20240801144911-4c2bfca4c23a h1:jecH7mH63gj1zJwD18SdvSHM9Ttr9FEOnhHkYfkCNkI=

diff --git a/internal/translator/oauth.go b/internal/translator/oauth.go
@@ -32,19 +32,22 @@ func (c *Config) updateAuth(ctx context.Context) error {
 	}
 
 	if res := c.repository.Firebase; res != "" {
+		webAPIRes := ""
+		if idx := strings.Index(res, ";"); idx != -1 {
+			webAPIRes = res[idx+1:]
+			res = res[:idx]
+		}
 		cfg.Firebase = &firebase.Config{
-			WebAPIKey: getScyResource(res),
+			Secrets: getScyResource(res),
+		}
+		if webAPIRes != "" {
+			cfg.Firebase.WebAPIKey = getScyResource(webAPIRes)
 		}
 	}
 
 	if res := c.repository.Cognito; res != "" {
-		parts := strings.Split(res, "|")
-		if len(parts) != 2 {
-			return fmt.Errorf("invalid cognito auth resource: %v, expected poolID|secret", res)
-		}
 		cfg.Cognito = &cognito.Config{
-			PoolID:   parts[0],
-			Resource: getScyResource(parts[1]),
+			Resource: getScyResource(res),
 		}
 	}
 

diff --git a/internal/translator/view.go b/internal/translator/view.go
@@ -77,10 +77,6 @@ func (v *View) applyShorthands(viewlet *Viewlet) {
 		setter.SetStringIfEmpty(&v.Schema.DataType, v.DataType)
 	}
 
-	if v.AsyncTableName != "" {
-
-	}
-
 	if len(v.Warmup) > 0 {
 		v.View.Cache.Warmup = v.buildCacheWarmup(v.Warmup, viewlet)
 	}

diff --git a/view/extension/codec/bauth.go b/view/extension/codec/bauth.go
@@ -61,6 +61,7 @@ type BasicAuthSecret struct {
 func (i *BasicAuthSecret) ResultType(paramType reflect.Type) (reflect.Type, error) {
 	return reflect.TypeOf(""), nil
 }
+
 func (i *BasicAuthSecret) Value(ctx context.Context, raw interface{}, options ...codec.Option) (interface{}, error) {
 	_, secret, err := ExtractBasicAuth(raw.(string))
 	if err != nil {