feat: add authentication helpers for Ruby and Go (#119)

flipt-io · Jan 24, 2024 · d41a1a8 · d41a1a8
1 parent 1dbb888
commit d41a1a8
Show file tree

Hide file tree

Showing 7 changed files with 81 additions and 27 deletions.
diff --git a/flipt-client-go/evaluation.go b/flipt-client-go/evaluation.go
@@ -89,17 +89,21 @@ func WithUpdateInterval(updateInterval int) clientOption {
 	}
 }
 
-// WithAuthentication allows for configuring an authentication method to communicate with a protected Flipt server.
-func WithAuthentication(authentication any) clientOption {
+// WithClientTokenAuthentication allows authenticating with Flipt using a static client token.
+func WithClientTokenAuthentication(token string) clientOption {
 	return func(c *Client) {
-		c.authentication = authentication
+		c.authentication = clientTokenAuthentication{
+			Token: token,
+		}
 	}
 }
 
-// WithReference allows for specifying a reference to fetch flag state data from.
-func WithReference(ref string) clientOption {
+// WithJWTAuthentication allows authenticating with Flipt using a JSON Web Token.
+func WithJWTAuthentication(token string) clientOption {
 	return func(c *Client) {
-		c.ref = ref
+		c.authentication = jwtAuthentication{
+			Token: token,
+		}
 	}
 }
 

diff --git a/flipt-client-go/evaluation_test.go b/flipt-client-go/evaluation_test.go
@@ -7,11 +7,13 @@ import (
 
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
-	evaluation "go.flipt.io/flipt-client"
+	flipt "go.flipt.io/flipt-client"
 )
 
-var fliptUrl string
-var authToken string
+var (
+	fliptUrl  string
+	authToken string
+)
 
 func init() {
 	fliptUrl = os.Getenv("FLIPT_URL")
@@ -26,9 +28,7 @@ func init() {
 }
 
 func TestVariant(t *testing.T) {
-	evaluationClient, err := evaluation.NewClient(evaluation.WithURL(fliptUrl), evaluation.WithAuthentication(evaluation.ClientTokenAuthentication{
-		Token: authToken,
-	}))
+	evaluationClient, err := flipt.NewClient(flipt.WithURL(fliptUrl), flipt.WithClientTokenAuthentication(authToken))
 	require.NoError(t, err)
 
 	variant, err := evaluationClient.EvaluateVariant(context.TODO(), "flag1", "someentity", map[string]string{
@@ -45,9 +45,7 @@ func TestVariant(t *testing.T) {
 }
 
 func TestBoolean(t *testing.T) {
-	evaluationClient, err := evaluation.NewClient(evaluation.WithURL(fliptUrl), evaluation.WithAuthentication(evaluation.ClientTokenAuthentication{
-		Token: authToken,
-	}))
+	evaluationClient, err := flipt.NewClient(flipt.WithURL(fliptUrl), flipt.WithClientTokenAuthentication(authToken))
 	require.NoError(t, err)
 
 	boolean, err := evaluationClient.EvaluateBoolean(context.TODO(), "flag_boolean", "someentity", map[string]string{
@@ -63,9 +61,7 @@ func TestBoolean(t *testing.T) {
 }
 
 func TestVariantFailure(t *testing.T) {
-	evaluationClient, err := evaluation.NewClient(evaluation.WithURL(fliptUrl), evaluation.WithAuthentication(evaluation.ClientTokenAuthentication{
-		Token: authToken,
-	}))
+	evaluationClient, err := flipt.NewClient(flipt.WithURL(fliptUrl), flipt.WithClientTokenAuthentication(authToken))
 	require.NoError(t, err)
 
 	variant, err := evaluationClient.EvaluateVariant(context.TODO(), "nonexistent", "someentity", map[string]string{
@@ -79,9 +75,7 @@ func TestVariantFailure(t *testing.T) {
 }
 
 func TestBooleanFailure(t *testing.T) {
-	evaluationClient, err := evaluation.NewClient(evaluation.WithURL(fliptUrl), evaluation.WithAuthentication(evaluation.ClientTokenAuthentication{
-		Token: authToken,
-	}))
+	evaluationClient, err := flipt.NewClient(flipt.WithURL(fliptUrl), flipt.WithClientTokenAuthentication(authToken))
 	require.NoError(t, err)
 
 	boolean, err := evaluationClient.EvaluateBoolean(context.TODO(), "nonexistent", "someentity", map[string]string{

diff --git a/flipt-client-go/models.go b/flipt-client-go/models.go
@@ -7,11 +7,11 @@ type evaluationRequest struct {
 	Context      map[string]string `json:"context"`
 }
 
-type ClientTokenAuthentication struct {
+type clientTokenAuthentication struct {
 	Token string `json:"client_token"`
 }
 
-type JWTAuthentication struct {
+type jwtAuthentication struct {
 	Token string `json:"jwt_token"`
 }
 

diff --git a/flipt-client-ruby/lib/flipt_client.rb b/flipt-client-ruby/lib/flipt_client.rb
@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require 'flipt_client/version'
+require 'flipt_client/models'
 require 'ffi'
 require 'json'
 
@@ -41,11 +42,18 @@ def self.libfile
     # @param namespace [String] namespace
     # @param opts [Hash] options
     # @option opts [String] :url Flipt server url
-    # @option opts [String] :auth_token Flipt api key
+    # @option opts [AuthenticationStrategy] :authentication strategy to authenticate with Flipt
     # @option opts [Integer] :update_interval interval in seconds to update the cache
     # @option opts [String] :reference reference to use for namespace data
     def initialize(namespace = 'default', opts = {})
       @namespace = namespace
+
+      # set default no auth if not provided
+      authentication = opts.fetch(:authentication, Flipt::NoAuthentication.new)
+      raise ArgumentError, "invalid authentication strategy" unless authentication && authentication.is_a?(Flipt::AuthenticationStrategy)
+
+      opts[:authentication] = authentication.strategy
+
       namespace_list = [namespace]
       ns = FFI::MemoryPointer.new(:pointer, namespace_list.size)
       namespace_list.each_with_index do |namespace, i|

diff --git a/flipt-client-ruby/lib/flipt_client/models.rb b/flipt-client-ruby/lib/flipt_client/models.rb
@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+module Flipt
+  class AuthenticationStrategy
+    def strategy
+        raise NotImplementedError
+    end
+  end
+
+  class NoAuthentication < AuthenticationStrategy
+    def strategy
+      nil
+    end
+  end
+
+  class ClientTokenAuthentication < AuthenticationStrategy
+    def initialize(token)
+        @token = token
+    end
+
+    def strategy
+      {
+        client_token: @token
+      }
+    end
+  end
+
+  class JWTAuthentication < AuthenticationStrategy
+    def initialize(token)
+      @token = token
+    end
+
+    def strategy
+      {
+        jwt_token: @token
+      }
+    end
+  end
+end
diff --git a/flipt-client-ruby/spec/evaluation_spec.rb b/flipt-client-ruby/spec/evaluation_spec.rb
@@ -6,7 +6,7 @@
   before(:all) do
     url = ENV.fetch('FLIPT_URL', 'http://localhost:8080')
     auth_token = ENV.fetch('FLIPT_AUTH_TOKEN', 'secret')
-    @client = Flipt::EvaluationClient.new('default', { url: url, authentication: { client_token: auth_token } })
+    @client = Flipt::EvaluationClient.new('default', { url: url, authentication: Flipt::ClientTokenAuthentication.new(auth_token)} )
   end
 
   describe '#evaluate_variant' do

diff --git a/flipt-evaluation/src/parser/mod.rs b/flipt-evaluation/src/parser/mod.rs
@@ -234,11 +234,20 @@ mod tests {
         );
     }
 
+    #[test]
+    fn test_deserialize_no_auth() {
+        let json = r#""#;
+
+        let unwrapped_string: Authentication = serde_json::from_str(&json).unwrap_or_default();
+
+        assert_eq!(unwrapped_string, Authentication::None);
+    }
+
     #[test]
     fn test_deserialize_client_token() {
         let json = r#"{"client_token":"secret"}"#;
 
-        let unwrapped_string: Authentication = serde_json::from_str(&json).unwrap();
+        let unwrapped_string: Authentication = serde_json::from_str(&json).unwrap_or_default();
 
         assert_eq!(
             unwrapped_string,
@@ -250,7 +259,7 @@ mod tests {
     fn test_deserialize_jwt_token() {
         let json = r#"{"jwt_token":"secret"}"#;
 
-        let unwrapped_string: Authentication = serde_json::from_str(&json).unwrap();
+        let unwrapped_string: Authentication = serde_json::from_str(&json).unwrap_or_default();
 
         assert_eq!(unwrapped_string, Authentication::JwtToken("secret".into()));
     }