diff --git a/backend/src/app/auth/oidc.clj b/backend/src/app/auth/oidc.clj index 34e2cee57..9e07a21e2 100644 --- a/backend/src/app/auth/oidc.clj +++ b/backend/src/app/auth/oidc.clj @@ -22,7 +22,6 @@ [app.loggers.audit :as audit] [app.main :as-alias main] [app.rpc.commands.profile :as profile] - [app.setup :as-alias setup] [app.tokens :as tokens] [app.util.json :as json] [app.util.time :as dt] @@ -414,7 +413,7 @@ ::props])) (defn get-info - [{:keys [provider ::setup/props] :as cfg} {:keys [params] :as request}] + [{:keys [provider ::main/props] :as cfg} {:keys [params] :as request}] (when-let [error (get params :error)] (ex/raise :type :internal :code :error-on-retrieving-code @@ -509,7 +508,7 @@ (if profile (let [sxf (session/create-fn cfg (:id profile)) token (or (:invitation-token info) - (tokens/generate (::setup/props cfg) + (tokens/generate (::main/props cfg) {:iss :auth :exp (dt/in-future "15m") :profile-id (:id profile)})) @@ -537,7 +536,7 @@ :iss :prepared-register :is-active true :exp (dt/in-future {:hours 48})) - token (tokens/generate (::setup/props cfg) info) + token (tokens/generate (::main/props cfg) info) params (d/without-nils {:token token :fullname (:fullname info)}) @@ -552,7 +551,7 @@ (defn- auth-handler [cfg {:keys [params] :as request}] (let [props (audit/extract-utm-params params) - state (tokens/generate (::setup/props cfg) + state (tokens/generate (::main/props cfg) {:iss :oauth :invitation-token (:invitation-token params) :props props @@ -619,7 +618,7 @@ [_] (s/keys :req [::session/manager ::http/client - ::setup/props + ::main/props ::db/pool ::providers])) diff --git a/backend/src/app/http.clj b/backend/src/app/http.clj index a696d5477..1e605cdb0 100644 --- a/backend/src/app/http.clj +++ b/backend/src/app/http.clj @@ -23,7 +23,6 @@ [app.metrics :as mtx] [app.rpc :as-alias rpc] [app.rpc.doc :as-alias rpc.doc] - [app.setup :as-alias setup] [clojure.spec.alpha :as s] [integrant.core :as ig] [promesa.exec :as px] @@ -137,7 +136,7 @@ ::rpc/routes ::rpc.doc/routes ::oidc/routes - ::setup/props + ::main/props ::assets/routes ::debug/routes ::db/pool diff --git a/backend/src/app/http/access_token.clj b/backend/src/app/http/access_token.clj index 0d1865f10..bfddbb42d 100644 --- a/backend/src/app/http/access_token.clj +++ b/backend/src/app/http/access_token.clj @@ -10,7 +10,6 @@ [app.config :as cf] [app.db :as db] [app.main :as-alias main] - [app.setup :as-alias setup] [app.tokens :as tokens] [ring.request :as rreq])) @@ -43,7 +42,7 @@ (defn- wrap-soft-auth "Soft Authentication, will be executed synchronously on the undertow worker thread." - [handler {:keys [::setup/props]}] + [handler {:keys [::main/props]}] (letfn [(handle-request [request] (try (let [token (get-token request) diff --git a/backend/src/app/http/awsns.clj b/backend/src/app/http/awsns.clj index 88060bb20..7508be8a2 100644 --- a/backend/src/app/http/awsns.clj +++ b/backend/src/app/http/awsns.clj @@ -13,7 +13,6 @@ [app.db.sql :as sql] [app.http.client :as http] [app.main :as-alias main] - [app.setup :as-alias setup] [app.tokens :as tokens] [app.worker :as-alias wrk] [clojure.spec.alpha :as s] @@ -31,7 +30,7 @@ (defmethod ig/pre-init-spec ::routes [_] (s/keys :req [::http/client - ::setup/props + ::main/props ::db/pool])) (defmethod ig/init-key ::routes @@ -107,7 +106,7 @@ [cfg headers] (let [tdata (get headers "x-penpot-data")] (when-not (str/empty? tdata) - (let [result (tokens/verify (::setup/props cfg) {:token tdata :iss :profile-identity})] + (let [result (tokens/verify (::main/props cfg) {:token tdata :iss :profile-identity})] (:profile-id result))))) (defn- parse-notification diff --git a/backend/src/app/http/client.clj b/backend/src/app/http/client.clj index 9ef4cc4b2..5b4a8541c 100644 --- a/backend/src/app/http/client.clj +++ b/backend/src/app/http/client.clj @@ -55,8 +55,8 @@ convention." ([cfg-or-client request] (let [client (resolve-client cfg-or-client)] - (send! client request {:sync? true}))) + (send! client request {}))) ([cfg-or-client request options] (let [client (resolve-client cfg-or-client)] - (send! client request (merge {:sync? true} options))))) + (send! client request options)))) diff --git a/backend/src/app/http/debug.clj b/backend/src/app/http/debug.clj index a453c6872..1d2a129cf 100644 --- a/backend/src/app/http/debug.clj +++ b/backend/src/app/http/debug.clj @@ -20,7 +20,6 @@ [app.rpc.commands.auth :as auth] [app.rpc.commands.files-create :refer [create-file]] [app.rpc.commands.profile :as profile] - [app.setup :as-alias setup] [app.srepl.helpers :as srepl] [app.storage :as-alias sto] [app.storage.tmp :as tmp] @@ -341,7 +340,7 @@ ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; (defn- resend-email-notification - [{:keys [::db/pool ::setup/props] :as cfg} {:keys [params] :as request}] + [{:keys [::db/pool ::main/props] :as cfg} {:keys [params] :as request}] (when-not (contains? params :force) (ex/raise :type :validation diff --git a/backend/src/app/http/session.clj b/backend/src/app/http/session.clj index c4a3f0ba6..7ff6dfa01 100644 --- a/backend/src/app/http/session.clj +++ b/backend/src/app/http/session.clj @@ -15,7 +15,6 @@ [app.db.sql :as sql] [app.http.session.tasks :as-alias tasks] [app.main :as-alias main] - [app.setup :as-alias setup] [app.tokens :as tokens] [app.util.time :as dt] [clojure.spec.alpha :as s] @@ -139,7 +138,7 @@ (declare ^:private gen-token) (defn create-fn - [{:keys [::manager ::setup/props]} profile-id] + [{:keys [::manager ::main/props]} profile-id] (us/assert! ::manager manager) (us/assert! ::us/uuid profile-id) @@ -197,7 +196,7 @@ (neg? (compare default-renewal-max-age elapsed))))) (defn- wrap-soft-auth - [handler {:keys [::manager ::setup/props]}] + [handler {:keys [::manager ::main/props]}] (us/assert! ::manager manager) (letfn [(handle-request [request] (try diff --git a/backend/src/app/loggers/audit.clj b/backend/src/app/loggers/audit.clj index aead09110..45c36334a 100644 --- a/backend/src/app/loggers/audit.clj +++ b/backend/src/app/loggers/audit.clj @@ -24,7 +24,6 @@ [app.main :as-alias main] [app.rpc :as-alias rpc] [app.rpc.retry :as rtry] - [app.setup :as-alias setup] [app.tokens :as tokens] [app.util.services :as-alias sv] [app.util.time :as dt] @@ -262,7 +261,7 @@ (s/def ::tasks/uri ::us/string) (defmethod ig/pre-init-spec ::tasks/archive-task [_] - (s/keys :req [::db/pool ::setup/props ::http.client/client])) + (s/keys :req [::db/pool ::main/props ::http.client/client])) (defmethod ig/init-key ::tasks/archive [_ cfg] @@ -288,7 +287,7 @@ (px/sleep 100) (recur (+ total ^long n))) (when (pos? total) - (l/dbg :hint "events archived" :total total))))))))) + (l/debug :hint "events archived" :total total))))))))) (def ^:private sql:retrieve-batch-of-audit-log "select * @@ -323,7 +322,7 @@ :context])) (send [events] - (let [token (tokens/generate (::setup/props cfg) + (let [token (tokens/generate (::main/props cfg) {:iss "authentication" :iat (dt/now) :uid uuid/zero}) @@ -332,11 +331,11 @@ "origin" (cf/get :public-uri) "cookie" (u/map->query-string {:auth-token token})} params {:uri uri - :timeout 12000 + :timeout 6000 :method :post :headers headers :body body} - resp (http.client/req! cfg params)] + resp (http.client/req! cfg params {:sync? true})] (if (= (:status resp) 204) true (do @@ -356,7 +355,7 @@ (map row->event)) events (into [] xform rows)] (when-not (empty? events) - (l/trc :hint "archive events chunk" :uri uri :events (count events)) + (l/trace :hint "archive events chunk" :uri uri :events (count events)) (when (send events) (mark-as-archived conn rows) (count events))))))) diff --git a/backend/src/app/main.clj b/backend/src/app/main.clj index e0177110f..47e43f5cf 100644 --- a/backend/src/app/main.clj +++ b/backend/src/app/main.clj @@ -221,7 +221,7 @@ {::db/pool (ig/ref ::db/pool)} ::http.awsns/routes - {::setup/props (ig/ref ::setup/props) + {::props (ig/ref ::setup/props) ::db/pool (ig/ref ::db/pool) ::http.client/client (ig/ref ::http.client/client)} @@ -262,7 +262,7 @@ ::oidc/routes {::http.client/client (ig/ref ::http.client/client) ::db/pool (ig/ref ::db/pool) - ::setup/props (ig/ref ::setup/props) + ::props (ig/ref ::setup/props) ::oidc/providers {:google (ig/ref ::oidc.providers/google) :github (ig/ref ::oidc.providers/github) :gitlab (ig/ref ::oidc.providers/gitlab) @@ -274,7 +274,7 @@ ::db/pool (ig/ref ::db/pool) ::rpc/routes (ig/ref ::rpc/routes) ::rpc.doc/routes (ig/ref ::rpc.doc/routes) - ::setup/props (ig/ref ::setup/props) + ::props (ig/ref ::setup/props) ::mtx/routes (ig/ref ::mtx/routes) ::oidc/routes (ig/ref ::oidc/routes) ::http.debug/routes (ig/ref ::http.debug/routes) @@ -286,7 +286,7 @@ {::db/pool (ig/ref ::db/pool) ::session/manager (ig/ref ::session/manager) ::sto/storage (ig/ref ::sto/storage) - ::setup/props (ig/ref ::setup/props)} + ::props (ig/ref ::setup/props)} ::http.ws/routes {::db/pool (ig/ref ::db/pool) @@ -322,7 +322,7 @@ ::rpc/climit (ig/ref ::rpc/climit) ::rpc/rlimit (ig/ref ::rpc/rlimit) ::setup/templates (ig/ref ::setup/templates) - ::setup/props (ig/ref ::setup/props)} + ::props (ig/ref ::setup/props)} :app.rpc.doc/routes {:methods (ig/ref :app.rpc/methods)} @@ -331,7 +331,7 @@ {::rpc/methods (ig/ref :app.rpc/methods) ::db/pool (ig/ref ::db/pool) ::session/manager (ig/ref ::session/manager) - ::setup/props (ig/ref ::setup/props)} + ::props (ig/ref ::setup/props)} ::wrk/registry {::mtx/metrics (ig/ref ::mtx/metrics) @@ -388,7 +388,7 @@ :app.tasks.telemetry/handler {::db/pool (ig/ref ::db/pool) ::http.client/client (ig/ref ::http.client/client) - ::setup/props (ig/ref ::setup/props)} + ::props (ig/ref ::setup/props)} [::srepl/urepl ::srepl/server] {::srepl/port (cf/get :urepl-port 6062) @@ -402,7 +402,7 @@ ::setup/props {::db/pool (ig/ref ::db/pool) - ::setup/key (cf/get :secret-key) + ::key (cf/get :secret-key) ;; NOTE: this dependency is only necessary for proper initialization ordering, props ;; module requires the migrations to run before initialize. @@ -412,7 +412,7 @@ {} ::audit.tasks/archive - {::setup/props (ig/ref ::setup/props) + {::props (ig/ref ::setup/props) ::db/pool (ig/ref ::db/pool) ::http.client/client (ig/ref ::http.client/client)} diff --git a/backend/src/app/rpc.clj b/backend/src/app/rpc.clj index ea49b6b70..8ae7a38d6 100644 --- a/backend/src/app/rpc.clj +++ b/backend/src/app/rpc.clj @@ -27,7 +27,6 @@ [app.rpc.helpers :as rph] [app.rpc.retry :as retry] [app.rpc.rlimit :as rlimit] - [app.setup :as-alias setup] [app.storage :as-alias sto] [app.util.services :as sv] [app.util.time :as dt] @@ -249,7 +248,7 @@ ::ldap/provider ::sto/storage ::mtx/metrics - ::setup/props] + ::main/props] :opt [::climit ::rlimit])) @@ -266,7 +265,7 @@ (defmethod ig/pre-init-spec ::routes [_] (s/keys :req [::methods ::db/pool - ::setup/props + ::main/props ::session/manager])) (defmethod ig/init-key ::routes diff --git a/backend/src/app/rpc/commands/access_token.clj b/backend/src/app/rpc/commands/access_token.clj index 06a6e516c..dd10f3371 100644 --- a/backend/src/app/rpc/commands/access_token.clj +++ b/backend/src/app/rpc/commands/access_token.clj @@ -13,7 +13,6 @@ [app.rpc :as-alias rpc] [app.rpc.doc :as-alias doc] [app.rpc.quotes :as quotes] - [app.setup :as-alias setup] [app.tokens :as tokens] [app.util.services :as sv] [app.util.time :as dt] @@ -24,7 +23,7 @@ (dissoc row :perms)) (defn create-access-token - [{:keys [::db/conn ::setup/props]} profile-id name expiration] + [{:keys [::db/conn ::main/props]} profile-id name expiration] (let [created-at (dt/now) token-id (uuid/next) token (tokens/generate props {:iss "access-token" @@ -48,7 +47,7 @@ [{:keys [::db/pool] :as system} profile-id name expiration] (db/with-atomic [conn pool] (let [props (:app.setup/props system)] - (create-access-token {::db/conn conn ::setup/props props} + (create-access-token {::db/conn conn ::main/props props} profile-id name expiration)))) diff --git a/backend/src/app/rpc/commands/auth.clj b/backend/src/app/rpc/commands/auth.clj index e87979007..8e9671e59 100644 --- a/backend/src/app/rpc/commands/auth.clj +++ b/backend/src/app/rpc/commands/auth.clj @@ -26,7 +26,6 @@ [app.rpc.commands.teams :as teams] [app.rpc.doc :as-alias doc] [app.rpc.helpers :as rph] - [app.setup :as-alias setup] [app.tokens :as tokens] [app.util.services :as sv] [app.util.time :as dt] @@ -89,7 +88,7 @@ (profile/strip-private-attrs)) invitation (when-let [token (:invitation-token params)] - (tokens/verify (::setup/props cfg) {:token token :iss :team-invitation})) + (tokens/verify (::main/props cfg) {:token token :iss :team-invitation})) ;; If invitation member-id does not matches the profile-id, we just proceed to ignore the ;; invitation because invitations matches exactly; and user can't login with other email and @@ -134,7 +133,7 @@ (defn recover-profile [{:keys [::db/pool] :as cfg} {:keys [token password]}] (letfn [(validate-token [token] - (let [tdata (tokens/verify (::setup/props cfg) {:token token :iss :password-recovery})] + (let [tdata (tokens/verify (::main/props cfg) {:token token :iss :password-recovery})] (:profile-id tdata))) (update-password [conn profile-id] @@ -171,7 +170,7 @@ :code :registration-disabled))) (when (contains? params :invitation-token) - (let [invitation (tokens/verify (::setup/props cfg) {:token (:invitation-token params) :iss :team-invitation})] + (let [invitation (tokens/verify (::main/props cfg) {:token (:invitation-token params) :iss :team-invitation})] (when-not (= (:email params) (:member-email invitation)) (ex/raise :type :restriction :code :email-does-not-match-invitation @@ -234,7 +233,7 @@ params (d/without-nils params) - token (tokens/generate (::setup/props cfg) params)] + token (tokens/generate (::main/props cfg) params)] (with-meta {:token token} {::audit/profile-id uuid/zero}))) @@ -341,7 +340,7 @@ (defn register-profile [{:keys [::db/conn] :as cfg} {:keys [token fullname] :as params}] - (let [claims (tokens/verify (::setup/props cfg) {:token token :iss :prepared-register}) + (let [claims (tokens/verify (::main/props cfg) {:token token :iss :prepared-register}) params (-> claims (into params) (assoc :fullname fullname)) @@ -358,7 +357,7 @@ (create-profile-rels! conn)))) invitation (when-let [token (:invitation-token params)] - (tokens/verify (::setup/props cfg) {:token token :iss :team-invitation}))] + (tokens/verify (::main/props cfg) {:token token :iss :team-invitation}))] ;; If profile is filled in claims, means it tries to register ;; again, so we proceed to update the modified-at attr @@ -378,7 +377,7 @@ ;; email. (and (some? invitation) (= (:email profile) (:member-email invitation))) (let [claims (assoc invitation :member-id (:id profile)) - token (tokens/generate (::setup/props cfg) claims) + token (tokens/generate (::main/props cfg) claims) resp {:invitation-token token}] (-> resp (rph/with-transform (session/create-fn cfg (:id profile))) @@ -405,7 +404,7 @@ ;; In all other cases, send a verification email. :else (do - (send-email-verification! conn (::setup/props cfg) profile) + (send-email-verification! conn (::main/props cfg) profile) (rph/with-meta profile {::audit/replace-props (audit/profile->props profile) ::audit/profile-id (:id profile)}))))) @@ -430,14 +429,14 @@ (defn request-profile-recovery [{:keys [::db/pool] :as cfg} {:keys [email] :as params}] (letfn [(create-recovery-token [{:keys [id] :as profile}] - (let [token (tokens/generate (::setup/props cfg) + (let [token (tokens/generate (::main/props cfg) {:iss :password-recovery :exp (dt/in-future "15m") :profile-id id})] (assoc profile :token token))) (send-email-notification [conn profile] - (let [ptoken (tokens/generate (::setup/props cfg) + (let [ptoken (tokens/generate (::main/props cfg) {:iss :profile-identity :profile-id (:id profile) :exp (dt/in-future {:days 30})})] diff --git a/backend/src/app/rpc/commands/ldap.clj b/backend/src/app/rpc/commands/ldap.clj index 780f0e100..bb86aec90 100644 --- a/backend/src/app/rpc/commands/ldap.clj +++ b/backend/src/app/rpc/commands/ldap.clj @@ -18,7 +18,6 @@ [app.rpc.commands.profile :as profile] [app.rpc.doc :as-alias doc] [app.rpc.helpers :as rph] - [app.setup :as-alias setup] [app.tokens :as tokens] [app.util.services :as sv] [clojure.spec.alpha :as s])) @@ -41,7 +40,7 @@ {::rpc/auth false ::doc/added "1.15" ::doc/module :auth} - [{:keys [::setup/props ::ldap/provider] :as cfg} params] + [{:keys [::main/props ::ldap/provider] :as cfg} params] (when-not provider (ex/raise :type :restriction :code :ldap-not-initialized diff --git a/backend/src/app/rpc/commands/profile.clj b/backend/src/app/rpc/commands/profile.clj index ccb6a8b2e..6ef2ef90d 100644 --- a/backend/src/app/rpc/commands/profile.clj +++ b/backend/src/app/rpc/commands/profile.clj @@ -23,7 +23,6 @@ [app.rpc.climit :as climit] [app.rpc.doc :as-alias doc] [app.rpc.helpers :as rph] - [app.setup :as-alias setup] [app.storage :as sto] [app.tokens :as tokens] [app.util.services :as sv] @@ -297,12 +296,12 @@ (defn- request-email-change! [{:keys [::conn] :as cfg} {:keys [profile email] :as params}] - (let [token (tokens/generate (::setup/props cfg) + (let [token (tokens/generate (::main/props cfg) {:iss :change-email :exp (dt/in-future "15m") :profile-id (:id profile) :email email}) - ptoken (tokens/generate (::setup/props cfg) + ptoken (tokens/generate (::main/props cfg) {:iss :profile-identity :profile-id (:id profile) :exp (dt/in-future {:days 30})})] diff --git a/backend/src/app/rpc/commands/teams.clj b/backend/src/app/rpc/commands/teams.clj index f62f8bc6a..4b5f07700 100644 --- a/backend/src/app/rpc/commands/teams.clj +++ b/backend/src/app/rpc/commands/teams.clj @@ -26,7 +26,6 @@ [app.rpc.helpers :as rph] [app.rpc.permissions :as perms] [app.rpc.quotes :as quotes] - [app.setup :as-alias setup] [app.storage :as sto] [app.tokens :as tokens] [app.util.services :as sv] @@ -692,7 +691,7 @@ (defn- create-invitation-token [cfg {:keys [profile-id valid-until team-id member-id member-email role]}] - (tokens/generate (::setup/props cfg) + (tokens/generate (::main/props cfg) {:iss :team-invitation :exp valid-until :profile-id profile-id @@ -703,7 +702,7 @@ (defn- create-profile-identity-token [cfg profile] - (tokens/generate (::setup/props cfg) + (tokens/generate (::main/props cfg) {:iss :profile-identity :profile-id (:id profile) :exp (dt/in-future {:days 30})})) diff --git a/backend/src/app/rpc/commands/verify_token.clj b/backend/src/app/rpc/commands/verify_token.clj index e072c90d6..49c76c110 100644 --- a/backend/src/app/rpc/commands/verify_token.clj +++ b/backend/src/app/rpc/commands/verify_token.clj @@ -18,7 +18,6 @@ [app.rpc.doc :as-alias doc] [app.rpc.helpers :as rph] [app.rpc.quotes :as quotes] - [app.setup :as-alias setup] [app.tokens :as tokens] [app.tokens.spec.team-invitation :as-alias spec.team-invitation] [app.util.services :as sv] @@ -39,7 +38,7 @@ ::doc/module :auth} [{:keys [::db/pool] :as cfg} {:keys [token] :as params}] (db/with-atomic [conn pool] - (let [claims (tokens/verify (::setup/props cfg) {:token token}) + (let [claims (tokens/verify (::main/props cfg) {:token token}) cfg (assoc cfg :conn conn)] (process-token cfg params claims)))) diff --git a/backend/src/app/setup.clj b/backend/src/app/setup.clj index d187f3e5f..8e889e2b4 100644 --- a/backend/src/app/setup.clj +++ b/backend/src/app/setup.clj @@ -50,15 +50,16 @@ :cause cause)))) instance-id))) -(s/def ::key ::us/string) -(s/def ::props (s/map-of ::us/keyword some?)) +(s/def ::main/key ::us/string) +(s/def ::main/props + (s/map-of ::us/keyword some?)) (defmethod ig/pre-init-spec ::props [_] (s/keys :req [::db/pool] - :opt [::key])) + :opt [::main/key])) (defmethod ig/init-key ::props - [_ {:keys [::db/pool ::key] :as cfg}] + [_ {:keys [::db/pool ::main/key] :as cfg}] (db/with-atomic [conn pool] (db/xact-lock! conn 0) (when-not key diff --git a/backend/src/app/tasks/telemetry.clj b/backend/src/app/tasks/telemetry.clj index 43c0b26f9..d040a08f9 100644 --- a/backend/src/app/tasks/telemetry.clj +++ b/backend/src/app/tasks/telemetry.clj @@ -15,7 +15,6 @@ [app.db :as db] [app.http.client :as http] [app.main :as-alias main] - [app.setup :as-alias setup] [app.util.json :as json] [clojure.spec.alpha :as s] [integrant.core :as ig] @@ -33,10 +32,10 @@ (defmethod ig/pre-init-spec ::handler [_] (s/keys :req [::http/client ::db/pool - ::setup/props])) + ::main/props])) (defmethod ig/init-key ::handler - [_ {:keys [::db/pool ::setup/props] :as cfg}] + [_ {:keys [::db/pool ::main/props] :as cfg}] (fn [{:keys [send? enabled?] :or {send? true enabled? false}}] (let [subs {:newsletter-updates (get-subscriptions-newsletter-updates pool) :newsletter-news (get-subscriptions-newsletter-news pool)}