sourcefuse · yeshamavani · Dec 13, 2024 · Dec 13, 2024 · Dec 13, 2024
diff --git a/package-lock.json b/package-lock.json
diff --git a/...nt-management-service/migrations/pg/migrations/20240925102459-add-table-tenant-configs.js b/...nt-management-service/migrations/pg/migrations/20240925102459-add-table-tenant-configs.js
@@ -0,0 +1,59 @@
+'use strict';
+
+var dbm;
+var type;
+var seed;
+var fs = require('fs');
+var path = require('path');
+var Promise;
+
+/**
+ * We receive the dbmigrate dependency from dbmigrate initially.
+ * This enables us to not have to rely on NODE_PATH.
+ */
+exports.setup = function (options, seedLink) {
+  dbm = options.dbmigrate;
+  type = dbm.dataType;
+  seed = seedLink;
+  Promise = options.Promise;
+};
+
+exports.up = function (db) {
+  var filePath = path.join(
+    __dirname,
+    'sqls',
+    '20240925102459-add-table-tenant-configs-up.sql',
+  );
+  return new Promise(function (resolve, reject) {
+    fs.readFile(filePath, {encoding: 'utf-8'}, function (err, data) {
+      if (err) return reject(err);
+      console.log('received data: ' + data);
+
+      resolve(data);
+    });
+  }).then(function (data) {
+    return db.runSql(data);
+  });
+};
+
+exports.down = function (db) {
+  var filePath = path.join(
+    __dirname,
+    'sqls',
+    '20240925102459-add-table-tenant-configs-down.sql',
+  );
+  return new Promise(function (resolve, reject) {
+    fs.readFile(filePath, {encoding: 'utf-8'}, function (err, data) {
+      if (err) return reject(err);
+      console.log('received data: ' + data);
+
+      resolve(data);
+    });
+  }).then(function (data) {
+    return db.runSql(data);
+  });
+};
+
+exports._meta = {
+  version: 1,
+};
diff --git a/...nt-service/migrations/pg/migrations/sqls/20240925102459-add-table-tenant-configs-down.sql b/...nt-service/migrations/pg/migrations/sqls/20240925102459-add-table-tenant-configs-down.sql
@@ -0,0 +1 @@
+drop table main.tenant_mgmt_configs;
diff --git a/...ment-service/migrations/pg/migrations/sqls/20240925102459-add-table-tenant-configs-up.sql b/...ment-service/migrations/pg/migrations/sqls/20240925102459-add-table-tenant-configs-up.sql
@@ -0,0 +1,33 @@
+CREATE TABLE IF NOT EXISTS main.tenant_mgmt_configs
+(
+    id uuid NOT NULL DEFAULT (md5(((random())::text || (clock_timestamp())::text)))::uuid,
+    config_key varchar(100) NOT NULL,
+    config_value jsonb NOT NULL,
+    created_on timestamptz DEFAULT CURRENT_TIMESTAMP NOT NULL,
+    modified_on timestamptz DEFAULT CURRENT_TIMESTAMP NOT NULL,
+    created_by uuid,
+    modified_by uuid,
+    deleted boolean DEFAULT FALSE NOT NULL,
+    deleted_by uuid,
+    deleted_on timestamptz,
+    tenant_id uuid NOT NULL,
+    CONSTRAINT pk_tenant_configs_id PRIMARY KEY (id),
+    CONSTRAINT fk_tenant_configs_tenants FOREIGN KEY (tenant_id)
+        REFERENCES main.tenants(id)
+);
+
+
+CREATE OR REPLACE FUNCTION main.moddatetime()
+    RETURNS TRIGGER
+    LANGUAGE plpgsql
+    AS $function$
+BEGIN
+    NEW.modified_on = now();
+    RETURN NEW;
+END;
+$function$;
+
+CREATE TRIGGER mdt_tenant_configs
+    BEFORE UPDATE ON main.tenant_mgmt_configs
+    FOR EACH ROW
+    EXECUTE FUNCTION main.moddatetime('modified_on');
diff --git a/services/tenant-management-service/package.json b/services/tenant-management-service/package.json
@@ -81,6 +81,8 @@
         "@opentelemetry/sdk-trace-base": "^1.15.0",
         "@opentelemetry/sdk-trace-node": "^1.15.0",
         "@sourceloop/core": "^14.1.0",
+        "aws-sdk": "^2.1691.0",
+        "axios": "^1.7.7",
         "dotenv": "^16.0.3",
         "dotenv-extended": "^2.9.0",
         "handlebars": "^4.7.8",
@@ -101,10 +103,12 @@
         "@loopback/build": "^11.0.2",
         "@loopback/eslint-config": "^15.0.2",
         "@loopback/testlab": "^7.0.2",
+        "@types/auth0": "^3.3.10",
         "@types/jsonwebtoken": "^9.0.5",
         "@types/moment": "^2.13.0",
         "@types/node": "^18.11.9",
         "@types/pdfkit": "^0.13.4",
+        "auth0": "^4.10.0",
         "eslint": "^8.57.0",
         "nodemon": "^2.0.21",
         "nyc": "^15.1.0",

diff --git a/services/tenant-management-service/src/__tests__/acceptance/webhook.controller.acceptance.ts b/services/tenant-management-service/src/__tests__/acceptance/webhook.controller.acceptance.ts
@@ -115,11 +115,11 @@ describe('WebhookController', () => {
     });
 
     it('should return 401 status for a webhook call with an expired timestamp', async () => {
-      const sixSeconds = 6000;
+      const TIMESTAMP_TOLERANCE_MS = 20000; // 20 seconds
       // generate token that was set 6 seconds ago
       const headers = await buildHeaders(
         webhookPayload,
-        Date.now() - sixSeconds,
+        Date.now() - TIMESTAMP_TOLERANCE_MS,
       );
       await client
         .post('/webhook')

diff --git a/services/tenant-management-service/src/component.ts b/services/tenant-management-service/src/component.ts
@@ -30,48 +30,51 @@ import {
   AuthorizationBindings,
   AuthorizationComponent,
 } from 'loopback4-authorization';
-import {
-  EventConnectorBinding,
-  LEAD_TOKEN_VERIFIER,
-  SYSTEM_USER,
-  TenantManagementServiceBindings,
-} from './keys';
-import {ITenantManagementServiceConfig} from './types';
-import {InvoiceController} from './controllers/invoice.controller';
 import {
   ContactController,
   HomePageController,
-  LeadTenantController,
   LeadController,
+  LeadTenantController,
   PingController,
+  TenantMgmtConfigController,
+  TenantMgmtConfigTenantController,
   TenantController,
 } from './controllers';
+import {InvoiceController} from './controllers/invoice.controller';
+import {
+  EventConnectorBinding,
+  LEAD_TOKEN_VERIFIER,
+  SYSTEM_USER,
+  TenantManagementServiceBindings,
+} from './keys';
 import {
   Address,
   Contact,
+  CreateLeadDTO,
   Invoice,
   Lead,
   LeadToken,
+  ProvisioningDTO,
   Resource,
   Tenant,
-  WebhookSecret,
-  CreateLeadDTO,
-  ProvisioningDTO,
+  TenantMgmtConfig,
   TenantOnboardDTO,
   VerifyLeadResponseDTO,
   WebhookDTO,
+  WebhookSecret,
 } from './models';
+import {LeadTokenVerifierProvider, SystemUserProvider} from './providers';
 import {
   AddressRepository,
   ContactRepository,
   InvoiceRepository,
-  LeadTokenRepository,
   LeadRepository,
+  LeadTokenRepository,
   ResourceRepository,
+  TenantMgmtConfigRepository,
   TenantRepository,
   WebhookSecretRepository,
 } from './repositories';
-import {LeadTokenVerifierProvider, SystemUserProvider} from './providers';
 import {
   CryptoHelperService,
   EventConnector,
@@ -81,6 +84,8 @@ import {
   OnboardingService,
   ProvisioningService,
 } from './services';
+import {ITenantManagementServiceConfig} from './types';
+
 export class TenantManagementServiceComponent implements Component {
   constructor(
     @inject(CoreBindings.APPLICATION_INSTANCE)
@@ -120,6 +125,7 @@ export class TenantManagementServiceComponent implements Component {
       ResourceRepository,
       TenantRepository,
       WebhookSecretRepository,
+      TenantMgmtConfigRepository,
     ];
 
     this.models = [
@@ -136,6 +142,7 @@ export class TenantManagementServiceComponent implements Component {
       TenantOnboardDTO,
       VerifyLeadResponseDTO,
       WebhookDTO,
+      TenantMgmtConfig,
     ];
 
     this.controllers = [
@@ -146,6 +153,8 @@ export class TenantManagementServiceComponent implements Component {
       LeadController,
       PingController,
       TenantController,
+      TenantMgmtConfigController,
+      TenantMgmtConfigTenantController,
     ];
 
     this.bindings = [

diff --git a/services/tenant-management-service/src/controllers/idp.controller.ts b/services/tenant-management-service/src/controllers/idp.controller.ts
@@ -0,0 +1,69 @@
+import {inject, intercept} from '@loopback/core';
+import {getModelSchemaRef, post, requestBody} from '@loopback/rest';
+import {
+  CONTENT_TYPE,
+  OPERATION_SECURITY_SPEC,
+  rateLimitKeyGenPublic,
+  STATUS_CODE,
+} from '@sourceloop/core';
+import {authorize} from 'loopback4-authorization';
+import {ratelimit} from 'loopback4-ratelimiter';
+import {TenantManagementServiceBindings, CALLABCK_VERIFIER} from '../keys';
+import {IdpDetailsDTO} from '../models/dtos/idp-details-dto.model';
+import {ConfigureIdpFunc, IdPKey, IdpResp} from '../types';
+
+const basePath = '/manage/users';
+export class IdpController {
+  constructor(
+    @inject(TenantManagementServiceBindings.IDP_KEYCLOAK)
+    private readonly idpKeycloakProvider: ConfigureIdpFunc<IdpResp>,
+    @inject(TenantManagementServiceBindings.IDP_AUTH0)
+    private readonly idpAuth0Provider: ConfigureIdpFunc<IdpResp>,
+  ) {}
+
+  @intercept(CALLABCK_VERIFIER)
+  @ratelimit(true, {
+    max: parseInt(process.env.WEBHOOK_API_MAX_ATTEMPTS ?? '10'),
+    keyGenerator: rateLimitKeyGenPublic,
+  })
+  @authorize({
+    permissions: ['*'],
+  })
+  @post(`${basePath}`, {
+    security: OPERATION_SECURITY_SPEC,
+    responses: {
+      [STATUS_CODE.NO_CONTENT]: {
+        description: 'Webhook success',
+      },
+    },
+  })
+  async idpConfigure(
+    @requestBody({
+      content: {
+        [CONTENT_TYPE.JSON]: {
+          schema: getModelSchemaRef(IdpDetailsDTO, {
+            title: 'IdpDetailsDTO',
+          }),
+        },
+      },
+    })
+    payload: IdpDetailsDTO,
+  ): Promise<IdpResp> {
+    let res: IdpResp = {
+      authId: '',
+    };
+    switch (payload.tenant.identityProvider) {
+      case IdPKey.AUTH0:
+        res = await this.idpAuth0Provider(payload);
+        break;
+      case IdPKey.COGNITO:
+        break;
+      case IdPKey.KEYCLOAK:
+        res = await this.idpKeycloakProvider(payload);
+        break;
+      default:
+        break;
+    }
+    return res;
+  }
+}
diff --git a/services/tenant-management-service/src/controllers/index.ts b/services/tenant-management-service/src/controllers/index.ts
@@ -6,3 +6,6 @@ export * from './lead-tenant.controller';
 export * from './tenant.controller';
 export * from './webhook.controller';
 export * from './invoice.controller';
+export * from './tenant-mgmt-config.controller';
+export * from './tenant-mgmt-config-tenant.controller';
+export * from './idp.controller';
diff --git a/services/tenant-management-service/src/controllers/tenant-mgmt-config-tenant.controller.ts b/services/tenant-management-service/src/controllers/tenant-mgmt-config-tenant.controller.ts
@@ -0,0 +1,40 @@
+import {repository} from '@loopback/repository';
+import {param, get, getModelSchemaRef} from '@loopback/rest';
+import {TenantMgmtConfig, Tenant} from '../models';
+import {TenantMgmtConfigRepository} from '../repositories';
+import {authenticate, STRATEGY} from 'loopback4-authentication';
+import {authorize} from 'loopback4-authorization';
+import {PermissionKey} from '../permissions';
+import {OPERATION_SECURITY_SPEC, STATUS_CODE} from '@sourceloop/core';
+
+const basePath = '/tenant-configs/{id}/tenant';
+export class TenantMgmtConfigTenantController {
+  constructor(
+    @repository(TenantMgmtConfigRepository)
+    public tenantConfigRepository: TenantMgmtConfigRepository,
+  ) {}
+  @authorize({
+    permissions: [PermissionKey.ViewTenantConfig],
+  })
+  @authenticate(STRATEGY.BEARER, {
+    passReqToCallback: true,
+  })
+  @get(`${basePath}`, {
+    security: OPERATION_SECURITY_SPEC,
+    responses: {
+      [STATUS_CODE.OK]: {
+        description: 'Tenant belonging to TenantConfig',
+        content: {
+          'application/json': {
+            schema: getModelSchemaRef(Tenant),
+          },
+        },
+      },
+    },
+  })
+  async getTenant(
+    @param.path.string('id') id: typeof TenantMgmtConfig.prototype.id,
+  ): Promise<Tenant> {
+    return this.tenantConfigRepository.tenant(id);
+  }
+}