Merge pull request #16 from andy89923/fix/oauth

free5gc · Feb 7, 2024 · 1870c00 · 1870c00
2 parents 479cb8a + d5abea6
commit 1870c00
Show file tree

Hide file tree

Showing 6 changed files with 16 additions and 14 deletions.
diff --git a/internal/context/context.go b/internal/context/context.go
@@ -21,7 +21,7 @@ func Init() {
 }
 
 type NFContext interface {
-	AuthorizationCheck(token, serviceName string) error
+	AuthorizationCheck(token string, serviceName models.ServiceName) error
 }
 
 var _ NFContext = &CHFContext{}
@@ -49,14 +49,14 @@ type CHFContext struct {
 	AccountSessionIdGenerator *idgenerator.IDGenerator
 }
 
-func (c *CHFContext) AuthorizationCheck(token, serviceName string) error {
+func (c *CHFContext) AuthorizationCheck(token string, serviceName models.ServiceName) error {
 	if !c.OAuth2Required {
 		logger.UtilLog.Debugf("CHFContext::AuthorizationCheck: OAuth2 not required\n")
 		return nil
 	}
 
 	logger.UtilLog.Debugf("CHFContext::AuthorizationCheck: token[%s] serviceName[%s]\n", token, serviceName)
-	return oauth.VerifyOAuth(token, serviceName, c.NrfCertPem)
+	return oauth.VerifyOAuth(token, string(serviceName), c.NrfCertPem)
 }
 
 func (context *CHFContext) AddChfUeToUePool(ue *ChfUe, supi string) {
@@ -115,12 +115,12 @@ func (c *CHFContext) GetSelfID() string {
 	return c.NfId
 }
 
-func (c *CHFContext) GetTokenCtx(scope string, targetNF models.NfType) (
+func (c *CHFContext) GetTokenCtx(serviceName models.ServiceName, targetNF models.NfType) (
 	context.Context, *models.ProblemDetails, error,
 ) {
 	if !c.OAuth2Required {
 		return context.TODO(), nil, nil
 	}
 	return oauth.GetTokenCtx(models.NfType_CHF, targetNF,
-		c.NfId, c.NrfUri, scope)
+		c.NfId, c.NrfUri, string(serviceName))
 }
diff --git a/internal/sbi/consumer/nf_discovery.go b/internal/sbi/consumer/nf_discovery.go
@@ -18,7 +18,7 @@ func SendSearchNFInstances(
 	configuration.SetBasePath(nrfUri)
 	client := Nnrf_NFDiscovery.NewAPIClient(configuration)
 
-	ctx, _, err := chf_context.GetSelf().GetTokenCtx("nnrf-disc", models.NfType_NRF)
+	ctx, _, err := chf_context.GetSelf().GetTokenCtx(models.ServiceName_NNRF_DISC, models.NfType_NRF)
 	if err != nil {
 		return nil, err
 	}

diff --git a/internal/sbi/consumer/nf_management.go b/internal/sbi/consumer/nf_management.go
@@ -97,7 +97,7 @@ func SendRegisterNFInstance(nrfUri, nfInstanceId string, profile models.NfProfil
 func SendDeregisterNFInstance() (problemDetails *models.ProblemDetails, err error) {
 	logger.ConsumerLog.Infof("Send Deregister NFInstance")
 
-	ctx, pd, err := chf_context.GetSelf().GetTokenCtx("nnrf-nfm", models.NfType_NRF)
+	ctx, pd, err := chf_context.GetSelf().GetTokenCtx(models.ServiceName_NNRF_NFM, models.NfType_NRF)
 	if err != nil {
 		return pd, err
 	}

diff --git a/internal/sbi/convergedcharging/routers.go b/internal/sbi/convergedcharging/routers.go
@@ -25,8 +25,6 @@ import (
 	logger_util "github.com/free5gc/util/logger"
 )
 
-const serviceName string = string(models.ServiceName_NCHF_CONVERGEDCHARGING)
-
 // Route is the information for every URI.
 type Route struct {
 	// Name is the name of this Route.
@@ -52,7 +50,7 @@ func NewRouter() *gin.Engine {
 func AddService(engine *gin.Engine) *gin.RouterGroup {
 	group := engine.Group(factory.ConvergedChargingResUriPrefix)
 
-	routerAuthorizationCheck := util.NewRouterAuthorizationCheck(serviceName)
+	routerAuthorizationCheck := util.NewRouterAuthorizationCheck(models.ServiceName_NCHF_CONVERGEDCHARGING)
 	group.Use(func(c *gin.Context) {
 		routerAuthorizationCheck.Check(c, chf_context.GetSelf())
 	})

diff --git a/internal/util/router_auth_check.go b/internal/util/router_auth_check.go
@@ -5,16 +5,17 @@ import (
 
 	chf_context "github.com/free5gc/chf/internal/context"
 	"github.com/free5gc/chf/internal/logger"
+	"github.com/free5gc/openapi/models"
 	"github.com/gin-gonic/gin"
 )
 
 type NFContextGetter func() *chf_context.CHFContext
 
 type RouterAuthorizationCheck struct {
-	serviceName string
+	serviceName models.ServiceName
 }
 
-func NewRouterAuthorizationCheck(serviceName string) *RouterAuthorizationCheck {
+func NewRouterAuthorizationCheck(serviceName models.ServiceName) *RouterAuthorizationCheck {
 	return &RouterAuthorizationCheck{
 		serviceName: serviceName,
 	}

diff --git a/internal/util/router_auth_check_test.go b/internal/util/router_auth_check_test.go
@@ -5,6 +5,7 @@ import (
 	"net/http/httptest"
 	"testing"
 
+	"github.com/free5gc/openapi/models"
 	"github.com/gin-gonic/gin"
 	"github.com/pkg/errors"
 )
@@ -20,7 +21,7 @@ func newMockCHFContext() *mockCHFContext {
 	return &mockCHFContext{}
 }
 
-func (m *mockCHFContext) AuthorizationCheck(token string, serviceName string) error {
+func (m *mockCHFContext) AuthorizationCheck(token string, serviceName models.ServiceName) error {
 	if token == Valid {
 		return nil
 	}
@@ -81,7 +82,9 @@ func TestRouterAuthorizationCheck_Check(t *testing.T) {
 			}
 			c.Request.Header.Set("Authorization", tt.args.token)
 
-			rac := NewRouterAuthorizationCheck("testService")
+			var serviceName models.ServiceName = "testService"
+
+			rac := NewRouterAuthorizationCheck(serviceName)
 			rac.Check(c, newMockCHFContext())
 			if w.Code != tt.want.statusCode {
 				t.Errorf("StatusCode should be %d, but got %d", tt.want.statusCode, w.Code)