Add api_key resource

Refactor code

Author: palson-cf

client/account.go

@@ -3,13 +3,11 @@ package client
 import (
 	"errors"
 	"fmt"
-	"strconv"
-
-	"github.com/google/martian/log"
 	"github.com/imdario/mergo"
+	"log"
+	"strconv"
 )
 
-
 type DockerRegistry struct {
 	Kind                string `json:"kind"`
 	BehindFirewall      bool   `json:"behindFirewall"`
@@ -120,7 +118,7 @@ type Account struct {
 	IncreasedAttention          bool                `json:"increasedAttention,omitempty"`
 	LocalUserPasswordIDPEnabled bool                `json:"localUserPasswordIDPEnabled,omitempty"`
 	CodefreshEnv                string              `json:"codefreshEnv,omitempty"`
-	ID                          string              `json:"_id,omitempty,omitempty"`
+	ID                          string              `json:"_id,omitempty"`
 	BadgeToken                  string              `json:"badgeToken,omitempty"`
 	CreatedAt                   string              `json:"createdAt,omitempty"`
 	UpdatedAt                   string              `json:"updatedAt,omitempty"`
@@ -129,7 +127,6 @@ type Account struct {
 	CfcrRepositoryPath          string              `json:"cfcrRepositoryPath,omitempty"`
 	Notifications               []NotificationEvent `json:"notifications,omitempty"`
 	RepoPermission              string              `json:"repoPermission,omitempty"`
-	__V                         int                 `json:"__v,omitempty"`
 	Limits                      *Limits             `json:"limits,omitempty"`
 	Features                    map[string]bool     `json:"features,omitempty"`
 	// Features                    *Features           `json:"features,omitempty"`
@@ -149,7 +146,7 @@ func (account *Account) SetFeatures(m map[string]interface{}) {
 		value := v.(string)
 		b, err := strconv.ParseBool(value)
 		if err != nil {
-			log.Errorf("[ERROR] Can't parse '%s = %s' as boolean", k, value)
+			log.Fatalf("[ERROR] Can't parse '%s = %s' as boolean", k, value)
 		}
 		res[k] = b
 	}
@@ -220,7 +217,12 @@ func (client *Client) UpdateAccount(account *Account) (*Account, error) {
 	}
 
 	existingAccount, err := client.GetAccountByID(id)
-	if err = mergo.Merge(account, existingAccount); err != nil {
+	if  err != nil {
+		return nil, err
+	}
+
+	err = mergo.Merge(account, existingAccount)
+	if  err != nil {
 		return nil, err
 	}
 

client/api_key.go

@@ -0,0 +1,221 @@
+package client
+
+import (
+	"errors"
+	"fmt"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
+	"log"
+	"net/http"
+)
+
+type ApiKeySubject struct {
+	Type string `json:"type,omitempty"`
+	Ref  string `json:"ref,omitempty"`
+}
+
+type ApiKeyScopeSnapshot struct {
+	Scopes []string `json:"scopes,omitempty"`
+	ID     string   `json:"_id,omitempty"`
+	Date   string   `json:"date,omitempty"`
+	V      int      `json:"__v,omitempty"`
+}
+
+type ApiKey struct {
+	Subject       ApiKeySubject       `json:"subject,omitempty"`
+	ID            string              `json:"_id,omitempty"`
+	Name          string              `json:"name"`
+	Scopes        []string            `json:"scopes,omitempty"`
+	TokenPrefix   string              `json:"tokenPrefix,omitempty"`
+	ScopeSnapshot ApiKeyScopeSnapshot `json:"scopeSnapshot,omitempty"`
+	Created       string              `json:"created,omitempty"`
+}
+
+func (client *Client) GetAPIKey(keyID string) (*ApiKey, error) {
+
+	opts := RequestOptions{
+		Path:   fmt.Sprintf("/auth/key/%s", keyID),
+		Method: "GET",
+	}
+
+	resp, err := client.RequestAPI(&opts)
+
+	if err != nil {
+		return nil, err
+	}
+
+	var apiKey ApiKey
+
+	err = DecodeResponseInto(resp, &apiKey)
+	if err != nil {
+		return nil, err
+	}
+
+	return &apiKey, nil
+}
+
+func (client *Client) DeleteAPIKey(keyID string) error {
+
+	opts := RequestOptions{
+		Path:   fmt.Sprintf("/auth/key/%s", keyID),
+		Method: "DELETE",
+	}
+
+	resp, err := client.RequestAPI(&opts)
+	if err != nil {
+		fmt.Println(string(resp))
+		return err
+	}
+
+	return nil
+}
+
+func (client *Client) UpdateAPIKey(key *ApiKey) error {
+
+	keyID := key.ID
+	if keyID == "" {
+		return errors.New("[ERROR] Key ID is empty")
+	}
+
+	body, err := EncodeToJSON(key)
+	if err != nil {
+		return err
+	}
+
+	opts := RequestOptions{
+		Path:   fmt.Sprintf("/auth/key/%s", keyID),
+		Method: "PATCH",
+		Body:   body,
+	}
+
+	resp, err := client.RequestAPI(&opts)
+
+	if err != nil {
+		fmt.Println(string(resp))
+		return err
+	}
+
+	return nil
+}
+
+func (client *Client) CreateApiKey(accountId string, apiKey *ApiKey) (string, error) {
+
+	// Check collaborataros
+	account, err := client.GetAccountByID(accountId)
+	if err != nil {
+		return "", err
+	}
+	if account.Limits == nil {
+		log.Fatal("[ERROR] Collaborators are not set")
+	}
+
+	// add user
+	userPrefix := acctest.RandString(10)
+	userName := "tfuser" + userPrefix
+	userEmail := userName + "@codefresh.io"
+
+	user, err := client.AddNewUserToAccount(accountId, userName, userEmail)
+	if err != nil {
+		return "", err
+	}
+	userID := user.ID
+
+	// activate
+	_, err = client.ActivateUser(userID)
+	if err != nil {
+		return "", err
+	}
+
+	// set user as account admin
+	err = client.SetUserAsAccountAdmin(accountId, userID)
+	if err != nil {
+		return "", nil
+	}
+
+	// login as user
+	xAccessToken, err := client.GetXAccessToken(userID)
+	if err != nil {
+		return "", err
+	}
+
+	// generate token
+	apiToken, err := client.GenerateToken(xAccessToken, apiKey)
+	if err != nil {
+		return "", err
+	}
+
+	return apiToken, nil
+
+}
+
+func (client *Client) GetXAccessToken(userID string) (string, error) {
+
+	url := fmt.Sprintf("%s/admin/user/loginAsUser?userId=%s", client.Host, userID)
+	request, err := http.NewRequest("GET", url, nil)
+	if err != nil {
+		return "", err
+	}
+
+	request.Header.Set("Authorization", client.Token)
+	request.Header.Set("Content-Type", "application/json; charset=utf-8")
+
+	resp, err := client.Client.Do(request)
+	if err != nil {
+		return "", err
+	}
+
+	defer resp.Body.Close()
+
+	for _, cookie := range resp.Cookies() {
+		if cookie.Name == "cf-access-token" {
+			return cookie.Value, nil
+		}
+	}
+
+	return "", nil
+}
+
+func (client *Client) GenerateToken(xToken string, apiKey *ApiKey) (string, error) {
+
+	body, err := EncodeToJSON(apiKey)
+	if err != nil {
+		return "", err
+	}
+
+	opts := RequestOptions{
+		Path:         "/auth/key",
+		Method:       "POST",
+		XAccessToken: xToken,
+		Body:         body,
+	}
+
+	resp, err := client.RequestApiXAccessToken(&opts)
+
+	if err != nil {
+		return "", err
+	}
+
+	return string(resp), nil
+}
+
+func (client *Client) GetApiKeysList() ([]ApiKey, error) {
+	fullPath := "/auth/keys"
+	opts := RequestOptions{
+		Path:   fullPath,
+		Method: "GET",
+	}
+
+	resp, err := client.RequestAPI(&opts)
+
+	if err != nil {
+		return nil, err
+	}
+
+	var apiKeys []ApiKey
+
+	err = DecodeResponseInto(resp, &apiKeys)
+	if err != nil {
+		return nil, err
+	}
+
+	return apiKeys, nil
+}

client/client.go

@@ -18,10 +18,11 @@ type Client struct {
 
 // RequestOptions  path, method, etc
 type RequestOptions struct {
-	Path   string
-	Method string
-	Body   []byte
-	QS     map[string]string
+	Path         string
+	Method       string
+	Body         []byte
+	QS           map[string]string
+	XAccessToken string
 }
 
 // NewClient returns a new client configured to communicate on a server with the
@@ -68,6 +69,37 @@ func (client *Client) RequestAPI(opt *RequestOptions) ([]byte, error) {
 	return body, nil
 }
 
+func (client *Client) RequestApiXAccessToken(opt *RequestOptions) ([]byte, error) {
+	finalURL := fmt.Sprintf("%s%s", client.Host, opt.Path)
+	if opt.QS != nil {
+		finalURL += ToQS(opt.QS)
+	}
+	request, err := http.NewRequest(opt.Method, finalURL, bytes.NewBuffer(opt.Body))
+	if err != nil {
+		return nil, err
+	}
+
+	request.Header.Set("x-access-token", opt.XAccessToken)
+	request.Header.Set("Content-Type", "application/json; charset=utf-8")
+
+	resp, err := client.Client.Do(request)
+
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	body, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return nil, fmt.Errorf("Failed to read body %v %v", resp.StatusCode, resp.Status)
+	}
+
+	if resp.StatusCode != 200 {
+		return nil, fmt.Errorf("%v, %s", resp.Status, string(body))
+	}
+	return body, nil
+}
+
 // ToQS add extra parameters to path
 func ToQS(qs map[string]string) string {
 	var arr = []string{}

client/team.go

@@ -157,7 +157,7 @@ func (client *Client) DeleteTeam(id string) error {
 
 func (client *Client) SynchronizeClientWithGroup(name, ssoType string, notifications bool) error {
 
-	fullPath := fmt.Sprintf("/team/group/synchronize/name/%s/type/%s?disableNotifications=%b", name, ssoType, notifications)
+	fullPath := fmt.Sprintf("/team/group/synchronize/name/%s/type/%s?disableNotifications=%t", name, ssoType, notifications)
 	opts := RequestOptions{
 		Path:   fullPath,
 		Method: "GET",
@@ -188,7 +188,7 @@ func (client *Client) AddUserToTeam(teamID, userID string) error {
 	return nil
 }
 
-func (client *Client) DeleteUserFromTeam(teamID, userID string)  error {
+func (client *Client) DeleteUserFromTeam(teamID, userID string) error {
 
 	fullPath := fmt.Sprintf("/team/%s/%s/deleteUserFromTeam", teamID, userID)
 	opts := RequestOptions{
@@ -237,18 +237,18 @@ func GetUsersDiff(desiredUsers []string, existingUsers []TeamUser) (usersToAdd [
 	usersToAdd = []string{}
 	usersToDelete = []string{}
 
-	for _, user := range existingUsers{
+	for _, user := range existingUsers {
 		existingUsersIDs = append(existingUsersIDs, user.ID)
 	}
 
-	for _, id := range existingUsersIDs{
+	for _, id := range existingUsersIDs {
 		ok := find(desiredUsers, id)
 		if !ok {
 			usersToDelete = append(usersToDelete, id)
 		}
 	}
 
-	for _, id := range desiredUsers{
+	for _, id := range desiredUsers {
 		ok := find(existingUsersIDs, id)
 		if !ok {
 			usersToAdd = append(usersToAdd, id)
@@ -259,10 +259,10 @@ func GetUsersDiff(desiredUsers []string, existingUsers []TeamUser) (usersToAdd [
 }
 
 func find(slice []string, val string) bool {
-    for _, item := range slice {
-        if item == val {
-            return true
-        }
-    }
-    return false
+	for _, item := range slice {
+		if item == val {
+			return true
+		}
+	}
+	return false
 }