Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(auth): use split auth specs in app #692

Merged
merged 14 commits into from
Nov 8, 2022
Merged

feat(auth): use split auth specs in app #692

merged 14 commits into from
Nov 8, 2022

Conversation

njlie
Copy link
Contributor

@njlie njlie commented Oct 25, 2022
edited
Loading

Changes proposed in this pull request

  • Updates the AS to use the split openAPI specs.

Context

With the updated OpenAPI specs, this branch now suffers from #630
Also, should be updated to use #684 once it is merged in.

Checklist

  • Related issues linked using fixes #number
  • Tests added/updated
  • Documentation added
  • Make sure that all checks pass

@github-actions github-actions bot added pkg: auth Changes in the GNAP auth package. type: source Changes business logic type: tests Testing related labels Oct 25, 2022
@njlie njlie force-pushed the nl-use-split-openapi branch from db2d126 to d68bd20 Compare October 26, 2022 19:23
@wilsonianb
Copy link
Contributor

Also, should be updated to use #684 once it is merged in.

I vote this waits for #684

@njlie njlie force-pushed the nl-use-split-openapi branch from fd155a8 to 52547fb Compare November 2, 2022 00:01
@sabineschaller
Copy link
Member

@njlie Can you please finish that now that #684 has been merged? I want to see if this solves my response must be null issue when requesting a grant.

@wilsonianb
Copy link
Contributor

@njlie Want to open a pull request in https://github.com/interledger/open-payments removing/fixing whatever access restriction are causing problems (maybe just use the uniqueItems/maxItems for now), and update this to use the specs on main?

@njlie njlie force-pushed the nl-use-split-openapi branch from 52547fb to da02c37 Compare November 3, 2022 21:16
@njlie
Copy link
Contributor Author

njlie commented Nov 3, 2022
edited
Loading

@njlie Want to open a pull request in interledger/open-payments removing/fixing whatever access restriction are causing problems (maybe just use the uniqueItems/maxItems for now), and update this to use the specs on main?

Sounds good.

@wilsonianb interledger/open-payments#208

wilsonianb
wilsonianb reviewed Nov 3, 2022
View reviewed changes
packages/auth/package.json Outdated
@@ -11,7 +11,7 @@
"build": "pnpm build:deps && tsc --build tsconfig.json",
"clean": "rm -fr dist/",
"fetch-schemas": "./scripts/get-op-schema.sh",
"test": "jest --passWithNoTests --maxWorkers=50%",
"test": "pnpm fetch-schemas && jest --passWithNoTests --maxWorkers=50%",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In the spirit of #684 (comment), I think we shouldn't cause a local dev to inadvertently nuke their local schemas.

packages/auth/src/index.ts Outdated
@@ -104,7 +104,16 @@ export function initIocContainer(

container.singleton('openApi', async (deps) => {
const config = await deps.use('config')
return await createOpenAPI(config.authServerSpec)
const clientSpec = await createOpenAPI(config.authServerSpec)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What if get-op-schema.sh also fetched the auth server spec, and we just used the local file (remove config.authServerSpec) as with the other specs?
That way we ensure all the OpenAPI specs in auth are using the same version of the schemas.

@github-actions github-actions bot added the type: ci Changes to the CI label Nov 3, 2022
wilsonianb
wilsonianb reviewed Nov 3, 2022
View reviewed changes
packages/auth/scripts/get-op-schema.sh Outdated
Comment on lines 13 to 14
curl -o "$OUTDIR/schemas.yaml" https://raw.githubusercontent.com/interledger/open-payments/main/openapi/schemas.yaml
curl -o "$OUTDIR/auth-server.yaml" https://raw.githubusercontent.com/interledger/open-payments/main/openapi/auth-server.yaml
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should either pin to (current) head of main
or support an env var when running fetch-schemas, something like:

Suggested change
curl -o "$OUTDIR/schemas.yaml" https://raw.githubusercontent.com/interledger/open-payments/main/openapi/schemas.yaml
curl -o "$OUTDIR/auth-server.yaml" https://raw.githubusercontent.com/interledger/open-payments/main/openapi/auth-server.yaml
curl -o "$OUTDIR/schemas.yaml" https://raw.githubusercontent.com/interledger/open-payments/${OPEN_PAYMENTS_COMMIT:-main}/openapi/schemas.yaml
curl -o "$OUTDIR/client.yaml" https://raw.githubusercontent.com/interledger/open-payments/${OPEN_PAYMENTS_COMMIT:-main}/openapi/auth-server.yaml

packages/auth/src/index.ts Outdated
@@ -103,8 +103,7 @@ export function initIocContainer(
})

container.singleton('openApi', async (deps) => {
const config = await deps.use('config')
const clientSpec = await createOpenAPI(config.authServerSpec)
const clientSpec = await createOpenAPI('./openapi/auth-server.yaml')
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What if we rename the fetched AS spec to match the existing local specs:

Suggested change
const clientSpec = await createOpenAPI('./openapi/auth-server.yaml')
const clientSpec = await createOpenAPI('./openapi/client.yaml')

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I feel compelled to use the original name since it's being pulled in from somewhere external. The association with that spec's externality seems stronger that way, and it's holding the actual GNAP implementation so I feel auth-server might be a better name anyways.

@njlie njlie force-pushed the nl-use-split-openapi branch from d327912 to 21c3c1f Compare November 4, 2022 00:13
wilsonianb
wilsonianb reviewed Nov 4, 2022
View reviewed changes
.github/workflows/lint_test_build.yml
@@ -46,6 +46,7 @@ jobs:
- uses: actions/checkout@v2
- uses: ./.github/workflows/rafiki/env-setup
- run: pnpm --filter openapi build
- run: pnpm --filter auth fetch-schemas
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually, I wonder if fetch-schemas also needs to be run in the Dockerfile
https://github.com/interledger/rafiki/blob/main/packages/auth/Dockerfile#L18

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, local env fails as is with:

local-peer-auth-1     | {"level":50,"time":1667568836819,"pid":1,"hostname":"f5cbb380f8b7","msg":"ResolverError: Error opening file \"/workspace/openapi/auth-server.yaml\" \nENOENT: no such file or directory, open '/workspace/openapi/auth-server.yaml'\n    at ReadFileContext.callback (/workspace/node_modules/.pnpm/@[email protected]/node_modules/@apidevtools/json-schema-ref-parser/lib/resolvers/file.js:52:20)\n    at FSReqCallback.readFileAfterOpen [as oncomplete] (node:fs:323:13)"}

I'm thinking instead of adding fetch-schemas to the Dockerfile, we just add it to https://github.com/interledger/rafiki#environment-setup
That way localenv can run with modified specs.

wilsonianb
wilsonianb requested changes Nov 4, 2022
View reviewed changes
.github/workflows/lint_test_build.yml
@@ -46,6 +46,7 @@ jobs:
- uses: actions/checkout@v2
- uses: ./.github/workflows/rafiki/env-setup
- run: pnpm --filter openapi build
- run: pnpm --filter auth fetch-schemas
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, local env fails as is with:

local-peer-auth-1     | {"level":50,"time":1667568836819,"pid":1,"hostname":"f5cbb380f8b7","msg":"ResolverError: Error opening file \"/workspace/openapi/auth-server.yaml\" \nENOENT: no such file or directory, open '/workspace/openapi/auth-server.yaml'\n    at ReadFileContext.callback (/workspace/node_modules/.pnpm/@[email protected]/node_modules/@apidevtools/json-schema-ref-parser/lib/resolvers/file.js:52:20)\n    at FSReqCallback.readFileAfterOpen [as oncomplete] (node:fs:323:13)"}

I'm thinking instead of adding fetch-schemas to the Dockerfile, we just add it to https://github.com/interledger/rafiki#environment-setup
That way localenv can run with modified specs.

packages/auth/src/index.ts Outdated
Comment on lines 106 to 110
const authServerSpec = await createOpenAPI('./openapi/auth-server.yaml')
const resourceServerSpec = await createOpenAPI(
'./openapi/resource-server.yaml'
)
const idpSpec = await createOpenAPI('./openapi/id-provider.yaml')
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

auth build script needs to add these to the dist folder:

rafiki/packages/auth/package.json

Line 11 in 8898075

"build": "pnpm build:deps && tsc --build tsconfig.json",

See backend's copy-files:

rafiki/packages/backend/package.json

Lines 8 to 10 in 8898075

"build": "pnpm build:deps && tsc --build tsconfig.json && pnpm copy-files",
"clean": "rm -fr dist/",
"copy-files": "cp src/graphql/schema.graphql dist/graphql/",

(this is causing local env to fail even after running fetch-schemas)

@wilsonianb wilsonianb mentioned this pull request Nov 4, 2022
Merged
4 tasks
@njlie njlie requested a review from wilsonianb November 8, 2022 01:24
@njlie njlie force-pushed the nl-use-split-openapi branch from 983d511 to c7f1f8a Compare November 8, 2022 01:29
wilsonianb
wilsonianb reviewed Nov 8, 2022
View reviewed changes
packages/auth/package.json Outdated
"clean": "rm -fr dist/",
"fetch-schemas": "./scripts/get-op-schema.sh",
"test": "jest --passWithNoTests --maxWorkers=50%",
"prepack": "pnpm build"
"prepack": "pnpm build",
"copy-files": "pnpm fetch-schemas && cp -r ./openapi ./dist"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
"copy-files": "pnpm fetch-schemas && cp -r ./openapi ./dist"
"copy-files": "cp -r ./openapi ./dist"

Otherwise copy-files & build nuke local modified specs.

@njlie njlie requested a review from wilsonianb November 8, 2022 02:05
@njlie njlie force-pushed the nl-use-split-openapi branch from edd7d01 to 00f7a8b Compare November 8, 2022 02:06
wilsonianb
wilsonianb approved these changes Nov 8, 2022
View reviewed changes
Copy link
Contributor

@wilsonianb wilsonianb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍
local env works as long after running:

pnpm --filter auth fetch-schemas

@njlie njlie merged commit d808c85 into main Nov 8, 2022
@njlie njlie deleted the nl-use-split-openapi branch November 8, 2022 02:46
@wilsonianb wilsonianb mentioned this pull request Nov 10, 2022
Closed
@wilsonianb wilsonianb mentioned this pull request Nov 30, 2022
Merged
4 tasks
@huijing huijing added the type: documentation (archived) Improvements or additions to documentation label Oct 30, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wilsonianb wilsonianb wilsonianb approved these changes

Assignees
No one assigned
Labels
pkg: auth Changes in the GNAP auth package. type: ci Changes to the CI type: documentation (archived) Improvements or additions to documentation type: source Changes business logic type: tests Testing related
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@njlie @wilsonianb @sabineschaller @huijing