Implement JWT OAS conversion

apidef/oas/authentication.go

@@ -1,13 +1,16 @@
 package oas
 
 import (
+	"reflect"
+
 	"github.com/TykTechnologies/tyk/apidef"
 )
 
 type Authentication struct {
 	Enabled                bool   `bson:"enabled" json:"enabled"` // required
 	StripAuthorizationData bool   `bson:"stripAuthorizationData,omitempty" json:"stripAuthorizationData,omitempty"`
 	Token                  *Token `bson:"token,omitempty" json:"token,omitempty"`
+	JWT                    *JWT   `bson:"jwt,omitempty" json:"jwt,omitempty"`
 }
 
 func (a *Authentication) Fill(api apidef.APIDefinition) {
@@ -25,6 +28,22 @@ func (a *Authentication) Fill(api apidef.APIDefinition) {
 
 		a.Token.Fill(api.UseStandardAuth, authToken)
 	}
+
+	if reflect.DeepEqual(a.Token, &Token{}) {
+		a.Token = nil
+	}
+
+	if _, ok := api.AuthConfigs["jwt"]; ok {
+		if a.JWT == nil {
+			a.JWT = &JWT{}
+		}
+
+		a.JWT.Fill(api)
+	}
+
+	if reflect.DeepEqual(a.JWT, &JWT{}) {
+		a.JWT = nil
+	}
 }
 
 func (a *Authentication) ExtractTo(api *apidef.APIDefinition) {
@@ -34,6 +53,10 @@ func (a *Authentication) ExtractTo(api *apidef.APIDefinition) {
 	if a.Token != nil {
 		a.Token.ExtractTo(api)
 	}
+
+	if a.JWT != nil {
+		a.JWT.ExtractTo(api)
+	}
 }
 
 type Token struct {
@@ -80,21 +103,6 @@ func (t *Token) ExtractTo(api *apidef.APIDefinition) {
 	api.AuthConfigs["authToken"] = authConfig
 }
 
-/*type JWT struct {
-	SkipKid                 bool              `json:"skip-kid,omitempty"`
-	Source                  string            `json:"source,omitempty"`
-	SigningMethod           string            `json:"signing-method,omitempty"`
-	NotBeforeValidationSkew uint64            `json:"not-before-validation-skew,omitempty"`
-	IssuedAtValidationSkew  uint64            `json:"issued-at-validation-skew,omitempty"`
-	ExpiresAtValidationSkew uint64            `json:"expires-at-validation-skew,omitempty"`
-	IdentityBaseField       string            `json:"identity-base-field,omitempty"`
-	ClientBaseField         string            `json:"client-base-field,omitempty"`
-	ScopeToPolicyMapping    map[string]string `json:"scope-to-policy-mapping,omitempty"`
-	PolicyFieldName         string            `json:"policy-field-name,omitempty"`
-	ScopeClaimName          string            `json:"scope-claim-name,omitempty"`
-	DefaultPolicies         []string          `json:"default-policies,omitempty"`
-}*/
-
 type AuthSources struct {
 	Header HeaderAuthSource `bson:"header" json:"header"` // required
 	Cookie *AuthSource      `bson:"cookie,omitempty" json:"cookie,omitempty"`
@@ -192,3 +200,63 @@ func (s *Signature) ExtractTo(authConfig *apidef.AuthConfig) {
 	authConfig.Signature.ErrorCode = s.ErrorCode
 	authConfig.Signature.ErrorMessage = s.ErrorMessage
 }
+
+type JWT struct {
+	Enabled                 bool `bson:"enabled" json:"enabled"` // required
+	AuthSources             `bson:",inline" json:",inline"`
+	Source                  string            `json:"source,omitempty"`
+	SigningMethod           string            `bson:"signingMethod,omitempty" json:"signingMethod,omitempty"`
+	IdentityBaseField       string            `bson:"identityBaseField,omitempty" json:"identityBaseField,omitempty"`
+	SkipKid                 bool              `bson:"skipKid,omitempty" json:"skipKid,omitempty"`
+	ScopeClaimName          string            `bson:"scopeClaimName,omitempty" json:"scopeClaimName,omitempty"`
+	ScopeToPolicyMapping    map[string]string `bson:"scopeToPolicyMapping,omitempty" json:"scopeToPolicyMapping,omitempty"`
+	PolicyFieldName         string            `bson:"policyFieldName,omitempty" json:"policyFieldName,omitempty"`
+	ClientBaseField         string            `bson:"clientBaseField,omitempty" json:"clientBaseField,omitempty"`
+	DefaultPolicies         []string          `bson:"defaultPolicies,omitempty" json:"defaultPolicies,omitempty"`
+	IssuedAtValidationSkew  uint64            `bson:"issuedAtValidationSkew,omitempty" json:"issuedAtValidationSkew,omitempty"`
+	NotBeforeValidationSkew uint64            `bson:"notBeforeValidationSkew,omitempty" json:"notBeforeValidationSkew,omitempty"`
+	ExpiresAtValidationSkew uint64            `bson:"expiresAtValidationSkew,omitempty" json:"expiresAtValidationSkew,omitempty"`
+}
+
+func (j *JWT) Fill(api apidef.APIDefinition) {
+	j.AuthSources.Fill(api.AuthConfigs["jwt"])
+
+	j.Enabled = api.EnableJWT
+	j.Source = api.JWTSource
+	j.SigningMethod = api.JWTSigningMethod
+	j.IdentityBaseField = api.JWTIdentityBaseField
+	j.SkipKid = api.JWTSkipKid
+	j.ScopeClaimName = api.JWTScopeClaimName
+	j.ScopeToPolicyMapping = api.JWTScopeToPolicyMapping
+	j.PolicyFieldName = api.JWTPolicyFieldName
+	j.ClientBaseField = api.JWTClientIDBaseField
+	j.DefaultPolicies = api.JWTDefaultPolicies
+	j.IssuedAtValidationSkew = api.JWTIssuedAtValidationSkew
+	j.NotBeforeValidationSkew = api.JWTNotBeforeValidationSkew
+	j.ExpiresAtValidationSkew = api.JWTExpiresAtValidationSkew
+}
+
+func (j *JWT) ExtractTo(api *apidef.APIDefinition) {
+	authConfig := apidef.AuthConfig{}
+	j.AuthSources.ExtractTo(&authConfig)
+
+	if api.AuthConfigs == nil {
+		api.AuthConfigs = make(map[string]apidef.AuthConfig)
+	}
+
+	api.AuthConfigs["jwt"] = authConfig
+
+	api.EnableJWT = j.Enabled
+	api.JWTSource = j.Source
+	api.JWTSigningMethod = j.SigningMethod
+	api.JWTIdentityBaseField = j.IdentityBaseField
+	api.JWTSkipKid = j.SkipKid
+	api.JWTScopeClaimName = j.ScopeClaimName
+	api.JWTScopeToPolicyMapping = j.ScopeToPolicyMapping
+	api.JWTPolicyFieldName = j.PolicyFieldName
+	api.JWTClientIDBaseField = j.ClientBaseField
+	api.JWTDefaultPolicies = j.DefaultPolicies
+	api.JWTIssuedAtValidationSkew = j.IssuedAtValidationSkew
+	api.JWTNotBeforeValidationSkew = j.NotBeforeValidationSkew
+	api.JWTExpiresAtValidationSkew = j.ExpiresAtValidationSkew
+}

apidef/oas/authentication_test.go

@@ -32,7 +32,15 @@ func TestToken(t *testing.T) {
 }
 
 func TestJWT(t *testing.T) {
-	// will be implemented
+	var emptyJWT JWT
+
+	var convertedAPI apidef.APIDefinition
+	emptyJWT.ExtractTo(&convertedAPI)
+
+	var resultJWT JWT
+	resultJWT.Fill(convertedAPI)
+
+	assert.Equal(t, emptyJWT, resultJWT)
 }
 
 func TestAuthSources(t *testing.T) {

apidef/oas/root_test.go

@@ -142,5 +142,10 @@ func FillTestAuthConfigs(t *testing.T, index int) map[string]apidef.AuthConfig {
 	Fill(t, &a, index)
 	authConfigs["authToken"] = a
 
+	a.UseCertificate = false
+	a.Signature = apidef.SignatureConfig{}
+	a.ValidateSignature = false
+	authConfigs["jwt"] = a
+
 	return authConfigs
 }

go.mod

@@ -15,7 +15,6 @@ require (
 	github.com/TykTechnologies/leakybucket v0.0.0-20170301023702-71692c943e3c
 	github.com/TykTechnologies/murmur3 v0.0.0-20180602122059-1915e687e465
 	github.com/TykTechnologies/openid2go v0.0.0-20200312160651-00c254a52b19
-	github.com/alecthomas/jsonschema v0.0.0-20210127012834-19bc6f27d155 // indirect
 	github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 // indirect
 	github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d // indirect
 	github.com/bshuster-repo/logrus-logstash-hook v0.4.1
@@ -34,7 +33,6 @@ require (
 	github.com/gemnasium/logrus-graylog-hook v2.0.7+incompatible
 	github.com/getkin/kin-openapi v0.32.0
 	github.com/getsentry/raven-go v0.2.0 // indirect
-	github.com/ghodss/yaml v1.0.0 // indirect
 	github.com/go-redis/redis/v8 v8.3.1
 	github.com/gocraft/health v0.0.0-20170925182251-8675af27fef0
 	github.com/golang/protobuf v1.4.2
@@ -82,7 +80,6 @@ require (
 	github.com/valyala/fasthttp v1.15.1
 	github.com/x-cray/logrus-prefixed-formatter v0.5.2
 	github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
-	github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
 	github.com/xeipuuv/gojsonschema v1.2.0
 	github.com/xenolf/lego v0.3.2-0.20170618175828-28ead50ff1ca // indirect
 	golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e

go.sum

@@ -41,6 +41,7 @@ github.com/TykTechnologies/murmur3 v0.0.0-20180602122059-1915e687e465/go.mod h1:
 github.com/TykTechnologies/openid2go v0.0.0-20200312160651-00c254a52b19 h1:mgi8xtMR6Pxj/5Rncalb67ArL8TCJbHSQmMfJg9lE4s=
 github.com/TykTechnologies/openid2go v0.0.0-20200312160651-00c254a52b19/go.mod h1:rGlqNE4CvxZIeiHp0mgrw+/jdGSjJzkZ0n78hhHMdfM=
 <<<<<<< HEAD
+<<<<<<< HEAD
 github.com/agnivade/levenshtein v1.0.1/go.mod h1:CURSv5d9Uaml+FovSIICkLbAUZ9S4RqaHDIsdSBg7lM=
 github.com/agnivade/levenshtein v1.0.3/go.mod h1:4SFRZbbXWLF4MU1T9Qg0pGgH3Pjs+t6ie5efyrwRJXs=
 github.com/agnivade/levenshtein v1.1.0/go.mod h1:veldBMzWxcCG2ZvUTKD2kJNRdCk5hVbJomOvKkmgYbo=
@@ -50,6 +51,8 @@ github.com/agnivade/levenshtein v1.1.1/go.mod h1:veldBMzWxcCG2ZvUTKD2kJNRdCk5hVb
 github.com/alecthomas/jsonschema v0.0.0-20210127012834-19bc6f27d155 h1:d61MfV8YBu9jq9VXqIAl2T3WBbIIAuAnPzf8dOBKCAY=
 github.com/alecthomas/jsonschema v0.0.0-20210127012834-19bc6f27d155/go.mod h1:/n6+1/DWPltRLWL/VKyUxg6tzsl5kHUCcraimt4vr60=
 >>>>>>> f8d21a6f (Implement fill and extract functions)
+=======
+>>>>>>> 152a3abd (Implement JWT OAS conversion)
 github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 h1:JYp7IbQjafoB+tBA3gMyHYHrpOtNuDiK/uB5uXxq5wM=
 github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d h1:UQZhZ2O0vMHr2cI+DC1Mbh0TJxzA3RcLoMsFw+aXw7E=
@@ -274,8 +277,6 @@ github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpO
 github.com/huandu/xstrings v1.2.1/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE=
 github.com/huandu/xstrings v1.3.0 h1:gvV6jG9dTgFEncxo+AF7PH6MZXi/vZl25owA/8Dg8Wo=
 github.com/huandu/xstrings v1.3.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE=
-github.com/iancoleman/orderedmap v0.0.0-20190318233801-ac98e3ecb4b0 h1:i462o439ZjprVSFSZLZxcsoAe592sZB1rci2Z8j4wdk=
-github.com/iancoleman/orderedmap v0.0.0-20190318233801-ac98e3ecb4b0/go.mod h1:N0Wam8K1arqPXNWjMo21EXnBPOPp36vB07FNRdD2geA=
 github.com/iancoleman/strcase v0.0.0-20191112232945-16388991a334/go.mod h1:SK73tn/9oHe+/Y0h39VT4UCxmurVJkR5NA7kMEAOgSE=
 github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
 github.com/imdario/mergo v0.3.9 h1:UauaLniWCFHWd+Jp9oCEkTBj8VO/9DKg3PV3VCNMDIg=
@@ -484,7 +485,6 @@ github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+
 github.com/stretchr/testify v1.2.1/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
-github.com/stretchr/testify v1.3.1-0.20190311161405-34c6fa2dc709/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
 github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
@@ -526,8 +526,6 @@ github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb h1:zGWFAtiMc
 github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU=
 github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 h1:EzJWgHovont7NscjpAxXsDA8S8BMYve8Y5+7cuRE7R0=
 github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ=
-github.com/xeipuuv/gojsonschema v0.0.0-20171025060643-212d8a0df7ac h1:4VBKAdTNqxLs00+bB+9Lnosfg6keGxPEXZ28e7hZV3A=
-github.com/xeipuuv/gojsonschema v0.0.0-20171025060643-212d8a0df7ac/go.mod h1:5yf86TLmAcydyeJq5YvxkGPE2fm/u4myDekKRoLuqhs=
 github.com/xeipuuv/gojsonschema v1.2.0 h1:LhYJRs+L4fBtjZUfuSZIKGeVu0QRy8e5Xi7D17UxZ74=
 github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y=
 github.com/xenolf/lego v0.3.2-0.20170618175828-28ead50ff1ca h1:HmO0j2gywlGvJEtnSRqupP2pNb2Uoue+Et3efiOLWN8=