Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 20 additions & 3 deletions cmd/command/transcribe.go
Original file line number Diff line number Diff line change
Expand Up @@ -174,8 +174,12 @@ func applyAuth(cfg *gateway.Config, auth *options.Auth) {
return
}
if strings.TrimSpace(auth.RSA) != "" {
cfg.JWTValidator = &verifier.Config{RSA: getScyResources(auth.RSA)}
cfg.JwtSigner = &signer.Config{RSA: getScyResource(strings.Split(auth.RSA, ";")[0])}
publicRes, privateRes := splitAuthResourcePair(auth.RSA)
cfg.JWTValidator = &verifier.Config{RSA: getScyResources(publicRes)}
if privateRes == "" {
privateRes = publicRes
}
cfg.JwtSigner = &signer.Config{RSA: getScyResource(privateRes)}
}
if strings.TrimSpace(auth.HMAC) != "" {
cfg.JWTValidator = &verifier.Config{HMAC: getScyResource(auth.HMAC)}
Expand All @@ -195,7 +199,7 @@ func getScyResource(location string) *scy.Resource {

func getScyResources(location string) []*scy.Resource {
var result []*scy.Resource
for _, item := range strings.Split(location, "-") {
for _, item := range strings.Split(location, ";") {
item = strings.TrimSpace(item)
if item == "" {
continue
Expand All @@ -205,6 +209,19 @@ func getScyResources(location string) []*scy.Resource {
return result
}

func splitAuthResourcePair(location string) (string, string) {
location = strings.TrimSpace(location)
if location == "" {
return "", ""
}
parts := strings.SplitN(location, ";", 2)
publicRes := strings.TrimSpace(parts[0])
if len(parts) == 1 {
return publicRes, ""
}
return publicRes, strings.TrimSpace(parts[1])
}

func existingBootstrapSources(ctx context.Context, fs afs.Service, cfgURL string) []string {
data, err := fs.DownloadWithURL(ctx, cfgURL)
if err != nil {
Expand Down
36 changes: 36 additions & 0 deletions cmd/command/transcribe_auth_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
package command

import (
"strings"
"testing"

"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/viant/datly/cmd/options"
"github.com/viant/datly/gateway"
)

func TestApplyAuth_RSAUsesSemicolonSeparatedKeys(t *testing.T) {
cfg := &gateway.Config{}
auth := &options.Auth{
RSA: "./github.com/viant-internal/public.pem|pubKey;./github.com/viant-internal/private.pem|privKey",
}

applyAuth(cfg, auth)

require.NotNil(t, cfg.JWTValidator)
require.Len(t, cfg.JWTValidator.RSA, 1)
assert.True(t, strings.HasSuffix(cfg.JWTValidator.RSA[0].URL, "/github.com/viant-internal/public.pem"), cfg.JWTValidator.RSA[0].URL)
assert.Equal(t, "pubKey", cfg.JWTValidator.RSA[0].Key)
require.NotNil(t, cfg.JwtSigner)
require.NotNil(t, cfg.JwtSigner.RSA)
assert.True(t, strings.HasSuffix(cfg.JwtSigner.RSA.URL, "/github.com/viant-internal/private.pem"), cfg.JwtSigner.RSA.URL)
assert.Equal(t, "privKey", cfg.JwtSigner.RSA.Key)
}

func TestGetScyResources_PreservesHyphenatedPaths(t *testing.T) {
resources := getScyResources("./github.com/viant-internal/public.pem|pubKey")
require.Len(t, resources, 1)
assert.True(t, strings.HasSuffix(resources[0].URL, "/github.com/viant-internal/public.pem"), resources[0].URL)
assert.Equal(t, "pubKey", resources[0].Key)
}
2 changes: 1 addition & 1 deletion internal/translator/oauth.go
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,7 @@ func getScyResource(location string) *scy.Resource {

func getScyResources(location string) []*scy.Resource {
var result []*scy.Resource
for _, location := range strings.Split(location, "-") {
for _, location := range strings.Split(location, ";") {
if strings.TrimSpace(location) == "" {
continue
}
Expand Down
42 changes: 42 additions & 0 deletions internal/translator/oauth_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
package translator

import (
"context"
"strings"
"testing"

"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/viant/datly/cmd/options"
"github.com/viant/datly/gateway"
"github.com/viant/datly/gateway/runtime/standalone"
)

func TestConfig_updateAuth_RSAUsesSemicolonSeparatedKeys(t *testing.T) {
cfg := &Config{
repository: &options.Repository{
Auth: options.Auth{
RSA: "./github.com/viant-internal/public.pem|pubKey;./github.com/viant-internal/private.pem|privKey",
},
},
Config: &standalone.Config{Config: &gateway.Config{}},
}

err := cfg.updateAuth(context.Background())
require.NoError(t, err)
require.NotNil(t, cfg.Config.Config.JWTValidator)
require.Len(t, cfg.Config.Config.JWTValidator.RSA, 1)
assert.True(t, strings.HasSuffix(cfg.Config.Config.JWTValidator.RSA[0].URL, "/github.com/viant-internal/public.pem"), cfg.Config.Config.JWTValidator.RSA[0].URL)
assert.Equal(t, "pubKey", cfg.Config.Config.JWTValidator.RSA[0].Key)
require.NotNil(t, cfg.Config.Config.JwtSigner)
require.NotNil(t, cfg.Config.Config.JwtSigner.RSA)
assert.True(t, strings.HasSuffix(cfg.Config.Config.JwtSigner.RSA.URL, "/github.com/viant-internal/private.pem"), cfg.Config.Config.JwtSigner.RSA.URL)
assert.Equal(t, "privKey", cfg.Config.Config.JwtSigner.RSA.Key)
}

func TestGetScyResources_PreservesHyphenatedPaths(t *testing.T) {
resources := getScyResources("./github.com/viant-internal/public.pem|pubKey")
require.Len(t, resources, 1)
assert.True(t, strings.HasSuffix(resources[0].URL, "/github.com/viant-internal/public.pem"), resources[0].URL)
assert.Equal(t, "pubKey", resources[0].Key)
}
Loading