software-engineering/policy-service
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f829088b5bc400d72b38623cbab0ef15eb3f51c3
policy-service/lib/policy_service_web/router.ex
HaimKortovich 1692fa29da
All checks were successful
Build and Publish / build-release (push) Successful in 1m12s
Details
fix keyword
2026-05-13 17:34:59 -05:00

92 lines
2.3 KiB
Elixir
Raw Blame History

defmodule PolicyServiceWeb.Router do
use PolicyServiceWeb, :router
alias PolicyServiceWeb.PolicyController
alias PolicyServiceWeb.HealthController
pipeline :api do
plug OpenApiSpex.Plug.PutApiSpec, module: PolicyServiceWeb.ApiSpec
end
pipeline :auth do
plug Oidcc.Plug.ExtractAuthorization
plug Oidcc.Plug.RequireAuthorization
plug PolicyServiceWeb.Plugs.RequireOrganizationId
plug PolicyServiceWeb.Plugs.ExtractOrganizationId
plug :introspect
end
pipeline :read do
plug :authorize_roles, required_permissions: ["policy:read"]
end
pipeline :submit_solicitation do
plug :authorize_roles, required_permissions: ["policy:submit_solicitation"]
end
pipeline :create_request do
plug :authorize_roles, required_permissions: ["policy:create_request"]
end
get "/health", HealthController, :health
get "/health/ready", HealthController, :ready
scope "/swaggerui" do
get "/", OpenApiSpex.Plug.SwaggerUI, path: "/api/openapi"
end
scope "/api" do
pipe_through [:api]
get "/openapi", OpenApiSpex.Plug.RenderSpec, []
scope "/v1" do
pipe_through [:auth]
scope "/" do
pipe_through [:read]
get "/policies", PolicyController, :index
get "/policies/:application_id", PolicyController, :show
end
scope "/" do
pipe_through [:create_request]
post "/policies", PolicyController, :create
end
scope "/" do
pipe_through [:submit_solicitation]
post "/policies/:application_id/accept", PolicyController, :accept
end
end
end
def introspect(conn, _opts) do
zitadel = Application.get_env(:policy_service, :zitadel)
opts =
Oidcc.Plug.IntrospectToken.init(
provider: PolicyService.ZitadelProvider,
client_id: zitadel[:client_id],
client_secret: zitadel[:client_secret],
token_introspection_opts: %{client_self_only: false}
)
Oidcc.Plug.IntrospectToken.call(
conn,
opts
)
end
def authorize_roles(conn, opts) do
zitadel = Application.get_env(:policy_service, :zitadel)
o =
PolicyServiceWeb.Plugs.AuthorizeRoles.init(roles_claim: zitadel[:roles_claim])
PolicyServiceWeb.Plugs.AuthorizeRoles.call(conn, Keyword.merge(opts, o))
end
end
Reference in New Issue View Git Blame Copy Permalink