Initial commit: Open sourcing all of the Maple Open Technologies code.

2025-12-02 14:33:08 -05:00 · 2025-12-02 14:33:08 -05:00 · 755d54a99d
commit 755d54a99d
2010 changed files with 448675 additions and 0 deletions
--- a/cloud/maplefile-backend/pkg/security/jwt/jwt.go
+++ b/cloud/maplefile-backend/pkg/security/jwt/jwt.go
@ -0,0 +1,47 @@
+package jwt
+
+import (
+	"errors"
+	"time"
+
+	"codeberg.org/mapleopentech/monorepo/cloud/maplefile-backend/config"
+	"codeberg.org/mapleopentech/monorepo/cloud/maplefile-backend/pkg/security/jwt_utils"
+	sbytes "codeberg.org/mapleopentech/monorepo/cloud/maplefile-backend/pkg/security/securebytes"
+)
+
+// JWTProvider provides interface for abstracting JWT generation.
+type JWTProvider interface {
+	GenerateJWTToken(uuid string, ad time.Duration) (string, time.Time, error)
+	GenerateJWTTokenPair(uuid string, ad time.Duration, rd time.Duration) (string, time.Time, string, time.Time, error)
+	ProcessJWTToken(reqToken string) (string, error)
+}
+
+type jwtProvider struct {
+	hmacSecret *sbytes.SecureBytes
+}
+
+// NewProvider Constructor that returns the JWT generator.
+func NewJWTProvider(cfg *config.Configuration) JWTProvider {
+	// Convert JWT secret string to SecureBytes
+	secret, _ := sbytes.NewSecureBytes([]byte(cfg.JWT.Secret))
+	return jwtProvider{
+		hmacSecret: secret,
+	}
+}
+
+// GenerateJWTToken generates a single JWT token.
+func (p jwtProvider) GenerateJWTToken(uuid string, ad time.Duration) (string, time.Time, error) {
+	return jwt_utils.GenerateJWTToken(p.hmacSecret.Bytes(), uuid, ad)
+}
+
+// GenerateJWTTokenPair Generate the `access token` and `refresh token` for the secret key.
+func (p jwtProvider) GenerateJWTTokenPair(uuid string, ad time.Duration, rd time.Duration) (string, time.Time, string, time.Time, error) {
+	return jwt_utils.GenerateJWTTokenPair(p.hmacSecret.Bytes(), uuid, ad, rd)
+}
+
+func (p jwtProvider) ProcessJWTToken(reqToken string) (string, error) {
+	if p.hmacSecret == nil {
+		return "", errors.New("HMAC secret is required")
+	}
+	return jwt_utils.ProcessJWTToken(p.hmacSecret.Bytes(), reqToken)
+}
--- a/cloud/maplefile-backend/pkg/security/jwt/jwt_test.go
+++ b/cloud/maplefile-backend/pkg/security/jwt/jwt_test.go
@ -0,0 +1,98 @@
+package jwt
+
+import (
+	"testing"
+	"time"
+
+	"github.com/stretchr/testify/assert"
+
+	"codeberg.org/mapleopentech/monorepo/cloud/maplefile-backend/config"
+)
+
+func setupTestProvider(t *testing.T) JWTProvider {
+	cfg := &config.Configuration{
+		JWT: config.JWTConfig{
+			Secret: "test-secret",
+		},
+	}
+	return NewJWTProvider(cfg)
+}
+
+func TestNewProvider(t *testing.T) {
+	provider := setupTestProvider(t)
+	assert.NotNil(t, provider)
+}
+
+func TestGenerateJWTToken(t *testing.T) {
+	provider := setupTestProvider(t)
+	uuid := "test-uuid"
+	duration := time.Hour
+
+	token, expiry, err := provider.GenerateJWTToken(uuid, duration)
+
+	assert.NoError(t, err)
+	assert.NotEmpty(t, token)
+	assert.True(t, expiry.After(time.Now()))
+	assert.True(t, expiry.Before(time.Now().Add(duration).Add(time.Second)))
+}
+
+func TestGenerateJWTTokenPair(t *testing.T) {
+	provider := setupTestProvider(t)
+	uuid := "test-uuid"
+	accessDuration := time.Hour
+	refreshDuration := time.Hour * 24
+
+	accessToken, accessExpiry, refreshToken, refreshExpiry, err := provider.GenerateJWTTokenPair(uuid, accessDuration, refreshDuration)
+
+	assert.NoError(t, err)
+	assert.NotEmpty(t, accessToken)
+	assert.NotEmpty(t, refreshToken)
+	assert.True(t, accessExpiry.After(time.Now()))
+	assert.True(t, refreshExpiry.After(time.Now()))
+	assert.True(t, accessExpiry.Before(time.Now().Add(accessDuration).Add(time.Second)))
+	assert.True(t, refreshExpiry.Before(time.Now().Add(refreshDuration).Add(time.Second)))
+}
+
+func TestProcessJWTToken(t *testing.T) {
+	provider := setupTestProvider(t)
+	uuid := "test-uuid"
+	duration := time.Hour
+
+	// Generate a token first
+	token, _, err := provider.GenerateJWTToken(uuid, duration)
+	assert.NoError(t, err)
+
+	// Process the generated token
+	processedUUID, err := provider.ProcessJWTToken(token)
+	assert.NoError(t, err)
+	assert.Equal(t, uuid, processedUUID)
+}
+
+func TestProcessJWTToken_InvalidToken(t *testing.T) {
+	provider := setupTestProvider(t)
+
+	_, err := provider.ProcessJWTToken("invalid-token")
+	assert.Error(t, err)
+}
+
+func TestProcessJWTToken_NilSecret(t *testing.T) {
+	provider := jwtProvider{
+		hmacSecret: nil,
+	}
+
+	_, err := provider.ProcessJWTToken("any-token")
+	assert.Error(t, err)
+	assert.Equal(t, "HMAC secret is required", err.Error())
+}
+
+func TestProcessJWTToken_ExpiredToken(t *testing.T) {
+	provider := setupTestProvider(t)
+	uuid := "test-uuid"
+	duration := -time.Hour // negative duration for expired token
+
+	token, _, err := provider.GenerateJWTToken(uuid, duration)
+	assert.NoError(t, err)
+
+	_, err = provider.ProcessJWTToken(token)
+	assert.Error(t, err)
+}
--- a/cloud/maplefile-backend/pkg/security/jwt/provider.go
+++ b/cloud/maplefile-backend/pkg/security/jwt/provider.go
@ -0,0 +1,10 @@
+package jwt
+
+import (
+	"codeberg.org/mapleopentech/monorepo/cloud/maplefile-backend/config"
+)
+
+// ProvideJWTProvider provides a JWT provider instance for Wire DI
+func ProvideJWTProvider(cfg *config.Config) JWTProvider {
+	return NewJWTProvider(cfg)
+}