HaimKortovich
141104822e
Some checks failed
Build and Publish / build-release (push) Failing after 5s
124 lines
3.3 KiB
Elixir
124 lines
3.3 KiB
Elixir
defmodule ProviderServiceWeb.Router do
|
|
use Phoenix.Router
|
|
import Plug.Conn
|
|
|
|
alias ProviderServiceWeb.Plugs
|
|
|
|
pipeline :api do
|
|
plug(:accepts, ["json"])
|
|
plug(OpenApiSpex.Plug.PutApiSpec, module: ProviderServiceWeb.ApiSpec)
|
|
end
|
|
|
|
pipeline :auth do
|
|
plug(Oidcc.Plug.ExtractAuthorization)
|
|
plug(Oidcc.Plug.RequireAuthorization)
|
|
plug(ProviderServiceWeb.Plugs.RequireOrganizationId)
|
|
plug(ProviderServiceWeb.Plugs.ExtractOrganizationId)
|
|
plug(:introspect)
|
|
end
|
|
|
|
pipeline :read do
|
|
plug(:authorize_roles, required_permissions: ["provider:read"])
|
|
end
|
|
|
|
pipeline :manage do
|
|
plug(:authorize_roles, required_permissions: ["provider:manage"])
|
|
end
|
|
|
|
get("/health", ProviderServiceWeb.HealthController, :health)
|
|
get("/health/ready", ProviderServiceWeb.HealthController, :ready)
|
|
|
|
scope "/api" do
|
|
pipe_through(:api)
|
|
|
|
get("/openapi", OpenApiSpex.Plug.RenderSpec, [])
|
|
|
|
scope "/v1" do
|
|
pipe_through([:auth])
|
|
|
|
scope "/" do
|
|
pipe_through([:read])
|
|
get("/providers", ProviderServiceWeb.ProviderController, :index)
|
|
get("/providers/:provider_id", ProviderServiceWeb.ProviderController, :show)
|
|
get("/providers/:provider_id/templates", ProviderServiceWeb.TemplateController, :index)
|
|
end
|
|
|
|
scope "/" do
|
|
pipe_through([:manage])
|
|
post("/providers", ProviderServiceWeb.ProviderController, :create)
|
|
put("/providers/:provider_id", ProviderServiceWeb.ProviderController, :update)
|
|
|
|
post(
|
|
"/providers/:provider_id/deactivate",
|
|
ProviderServiceWeb.ProviderController,
|
|
:deactivate
|
|
)
|
|
|
|
post(
|
|
"/providers/:provider_id/reactivate",
|
|
ProviderServiceWeb.ProviderController,
|
|
:reactivate
|
|
)
|
|
|
|
post(
|
|
"/providers/:provider_id/templates",
|
|
ProviderServiceWeb.TemplateController,
|
|
:upload_template
|
|
)
|
|
|
|
post(
|
|
"/providers/:provider_id/templates/:template_id/activate",
|
|
ProviderServiceWeb.TemplateController,
|
|
:activate
|
|
)
|
|
|
|
post(
|
|
"/providers/:provider_id/templates/:template_id/deactivate",
|
|
ProviderServiceWeb.TemplateController,
|
|
:deactivate
|
|
)
|
|
|
|
post(
|
|
"/providers/:provider_id/templates/:template_id/set-default",
|
|
ProviderServiceWeb.TemplateController,
|
|
:set_default
|
|
)
|
|
|
|
delete(
|
|
"/providers/:provider_id/templates/:template_id",
|
|
ProviderServiceWeb.TemplateController,
|
|
:remove
|
|
)
|
|
end
|
|
end
|
|
end
|
|
|
|
defp introspect(conn, _opts) do
|
|
zitadel = Application.get_env(:provider_service, :zitadel)
|
|
|
|
opts =
|
|
Oidcc.Plug.IntrospectToken.init(
|
|
provider: ProviderService.ZitadelProvider,
|
|
client_id: zitadel[:client_id],
|
|
client_secret: zitadel[:client_secret],
|
|
token_introspection_opts: %{client_self_only: false}
|
|
)
|
|
|
|
Oidcc.Plug.IntrospectToken.call(conn, opts)
|
|
end
|
|
|
|
defp authorize_roles(conn, opts) do
|
|
zitadel = Application.get_env(:provider_service, :zitadel)
|
|
|
|
init_opts = Plugs.AuthorizeRoles.init(roles_claim: zitadel[:roles_claim])
|
|
|
|
Plugs.AuthorizeRoles.call(conn, Keyword.merge(opts, init_opts))
|
|
end
|
|
|
|
if Mix.env() == :dev do
|
|
scope "/swaggerui" do
|
|
get("/", OpenApiSpex.Plug.SwaggerUI, path: "/api/openapi")
|
|
end
|
|
end
|
|
end
|