Adds implementation for Auth Server Using Goth

[PuneetPunamiya]

Changes

Submitter Checklist

These are the criteria that every PR should meet, please check them off as you
review them:

• Includes tests (if functionality changed/added)
• Run API Unit Tests, Lint Checks, API Design, Golden Files with make api-check
• Run UI Unit Tests, Lint Checks with make ui-check
• Commit messages follow commit message best practices

See the contribution guide for more details.

[PuneetPunamiya]

For now we are adding this to avoid the comment from the goth library while running the auth server

[sm43]

having this as separate dir, does it means it will have a separate image?

[sm43]

if it is possible we should try to run this on different port but with the existing api server

[sm43]

running this server as a thread

[sm43]

maintaining different images not a good idea if we can package in one

[PuneetPunamiya]

Yes it will have a separate image

I think the ultimate aim of having a separate auth server is it's reusability and transparency from api server, running it in existing api server with different port might break this. Also if someone just wants the auth server, but building the image would also have the api in it, which would be of no use for the user

Also do you mean adding it in existing server means designing the api endpoints for auth using GOA,
If yes then for auth we have used Gorilla mux, the reason behind using gorilla was Goth library which we are using for authentication requires http.ResponseWriter and http.Request, which were not able to access using GOA

[sm43]

is code available with all provider?

[sm43]

what is the primary info across all platform? mail id could be

[PuneetPunamiya]

is code available with all provider?

yes

what is the primary info across all platform? mail id could be

Yes we can have mail as primary for all the platforms but saying that we need to keep in mind for the users who are already logged in before we add that

[vinamra28]

a couple of comments else looks fine from my side.

[vinamra28]

yes if auth server returns error at some point then the api server would still be in running state.

2021-11-15T20:44:36.247+0530	INFO	log/logger.go:33	HTTP Request	{"service": "http", "id": "aq_UyPLp", "status": 200, "bytes": 611, "time": "1.071069ms"}
2021-11-15T20:44:36.247+0530	ERROR	service/auth.go:143	hello world error	{"service": "auth"}
github.com/tektoncd/hub/api/pkg/auth/service.(*service).HubAuthenticate
	/home/vj/go/src/github.com/tektoncd/hub/api/pkg/auth/service/auth.go:143
net/http.HandlerFunc.ServeHTTP
	/usr/local/go/src/net/http/server.go:2049
github.com/gorilla/mux.(*Router).ServeHTTP
	/home/vj/go/pkg/mod/github.com/gorilla/mux@v1.8.0/mux.go:210
github.com/gorilla/handlers.(*cors).ServeHTTP
	/home/vj/go/pkg/mod/github.com/gorilla/handlers@v1.5.1/cors.go:138
net/http.serverHandler.ServeHTTP
	/usr/local/go/src/net/http/server.go:2867
net/http.(*conn).serve
	/usr/local/go/src/net/http/server.go:1932
2021-11-15T20:44:36.248+0530	INFO	log/logger.go:33	HTTP Request	{"service": "http", "id": "FCXdNplQ", "req": "GET /v1/catalogs", "from": "::1"}
2021-11-15T20:44:36.248+0530	INFO	log/logger.go:33	HTTP Request	{"service": "http", "id": "kYJJ0u5Q", "req": "GET /resources", "from": "::1"}
2021-11-15T20:44:36.249+0530	INFO	app/gorm_logger.go:85	/home/vj/go/src/github.com/tektoncd/hub/api/v1/service/catalog/catalog.go:46
[1.664ms] [rows:1] SELECT * FROM "catalogs" WHERE "catalogs"."deleted_at" IS NULL ORDER BY id	{"service": "catalog", "id": "FCXdNplQ"}

If you see the above case I manually logged the error randomly in one of the auth functions, the API server still worked

I think that should be the case only right, I mean if ui is showing the error for auth then api server should be still running right ??

[vinamra28]

should configure this on the basis of env variable ENVIRONMENT ?

[PuneetPunamiya]

How about when we read providers from env ?

[sm43]

isProd := false we will be serving over https right?

[piyush-garg]

Are we adding an env in config? How we are changing it?

[vinamra28]

can we add a TODO comment over here to configure these values dynamically?

[sm43]

when we want to add a new provide let say google? will there be code change?

[vinamra28]

yes

[PuneetPunamiya]

nope

[PuneetPunamiya]

I mean the logic for adding the provider for auth

[vinamra28]

/cc @piyush-garg @sm43

[sm43]

service named utils 😅 ?

[sm43]

yes we have !

[vinamra28]

/lgtm

[vinamra28]

/lgtm

[pratap0007]

/lgtm

[sm43]

/approve
/meow

[tekton-robot]

@sm43:

In response to this:

/approve
/meow

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[tekton-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: sm43

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [sm43]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment