├── user_consumer
    ├── test
    │   ├── test_helper.exs
    │   ├── user_consumer_web
    │   │   └── views
    │   │   │   └── error_view_test.exs
    │   └── support
    │   │   ├── channel_case.ex
    │   │   └── conn_case.ex
    ├── README.md
    ├── .formatter.exs
    ├── lib
    │   ├── user_consumer.ex
    │   ├── user_consumer_web
    │   │   ├── router.ex
    │   │   ├── views
    │   │   │   ├── error_helpers.ex
    │   │   │   └── error_view.ex
    │   │   ├── channels
    │   │   │   └── user_socket.ex
    │   │   ├── endpoint.ex
    │   │   ├── plug
    │   │   │   └── sso_user_consumer.ex
    │   │   └── controllers
    │   │   │   └── placeholder_controller.ex
    │   ├── user_consumer
    │   │   └── application.ex
    │   └── user_consumer_web.ex
    ├── config
    │   ├── test.exs
    │   ├── config.exs
    │   ├── dev.exs
    │   └── prod.exs
    ├── .gitignore
    ├── mix.exs
    └── mix.lock
├── assets
    ├── js
    │   └── app.js
    ├── .babelrc
    ├── static
    │   ├── favicon.ico
    │   ├── images
    │   │   └── phoenix.png
    │   └── robots.txt
    ├── css
    │   └── app.scss
    ├── package.json
    └── webpack.config.js
├── priv
    ├── repo
    │   ├── migrations
    │   │   ├── .formatter.exs
    │   │   ├── 20200318055008_add_name_to_users.exs
    │   │   ├── 20200215192702_create_users.exs
    │   │   ├── 20200318054354_drop_sso_token_foreign_key.exs
    │   │   ├── 20200315042833_add_guid_to_users.exs
    │   │   ├── 20200215194435_add_pow_email_confirmation_to_users.exs
    │   │   ├── 20200417041204_add_pow_invitation_to_users.exs
    │   │   ├── 20200319033538_create_user_identities.exs
    │   │   └── 20200216050100_create_sso_tokens.exs
    │   └── seeds.exs
    ├── cert
    │   ├── selfsigned.pem
    │   └── selfsigned_key.pem
    └── gettext
    │   ├── en
    │       └── LC_MESSAGES
    │       │   └── errors.po
    │   └── errors.pot
├── test
    ├── test_helper.exs
    ├── user_service_web
    │   ├── views
    │   │   ├── page_view_test.exs
    │   │   ├── layout_view_test.exs
    │   │   └── error_view_test.exs
    │   └── controllers
    │   │   └── page_controller_test.exs
    └── support
    │   ├── channel_case.ex
    │   ├── conn_case.ex
    │   └── data_case.ex
├── lib
    ├── user_service_web
    │   ├── views
    │   │   ├── layout_view.ex
    │   │   ├── placeholder_view.ex
    │   │   ├── pow
    │   │   │   ├── session_view.ex
    │   │   │   └── registration_view.ex
    │   │   ├── pow_invitation
    │   │   │   ├── invitation_view.ex
    │   │   │   └── mailer_view.ex
    │   │   ├── pow_reset_password
    │   │   │   ├── reset_password_view.ex
    │   │   │   └── mailer_view.ex
    │   │   ├── pow_email_confirmation
    │   │   │   └── mailer_view.ex
    │   │   ├── pow_assent
    │   │   │   └── registration_view.ex
    │   │   ├── error_view.ex
    │   │   └── error_helpers.ex
    │   ├── controllers
    │   │   ├── api
    │   │   │   ├── auth_error_handler.ex
    │   │   │   └── tokens_controller.ex
    │   │   ├── placeholder_controller.ex
    │   │   ├── external_redirect_controller.ex
    │   │   └── sso
    │   │   │   └── verify_controller.ex
    │   ├── templates
    │   │   ├── layout
    │   │   │   ├── _flash.html.eex
    │   │   │   └── app.html.eex
    │   │   ├── pow_invitation
    │   │   │   ├── mailer
    │   │   │   │   ├── invitation.text.eex
    │   │   │   │   └── invitation.html.eex
    │   │   │   └── invitation
    │   │   │   │   ├── show.html.eex
    │   │   │   │   ├── new.html.eex
    │   │   │   │   └── edit.html.eex
    │   │   ├── pow_reset_password
    │   │   │   ├── mailer
    │   │   │   │   ├── reset_password.text.eex
    │   │   │   │   └── reset_password.html.eex
    │   │   │   └── reset_password
    │   │   │   │   ├── new.html.eex
    │   │   │   │   └── edit.html.eex
    │   │   ├── pow_email_confirmation
    │   │   │   └── mailer
    │   │   │   │   ├── email_confirmation.text.eex
    │   │   │   │   └── email_confirmation.html.eex
    │   │   ├── pow_assent
    │   │   │   └── registration
    │   │   │   │   └── add_user_id.html.eex
    │   │   ├── placeholder
    │   │   │   └── show.html.eex
    │   │   └── pow
    │   │   │   ├── session
    │   │   │       └── new.html.eex
    │   │   │   └── registration
    │   │   │       ├── new.html.eex
    │   │   │       └── edit.html.eex
    │   ├── pow
    │   │   ├── mailer.ex
    │   │   ├── routes.ex
    │   │   └── redis_cache.ex
    │   ├── plug
    │   │   ├── redirect_to.ex
    │   │   └── fetch_user_plug.ex
    │   ├── gettext.ex
    │   ├── endpoint.ex
    │   └── router.ex
    ├── user_service
    │   ├── access
    │   │   ├── context.ex
    │   │   └── token.ex
    │   ├── repo.ex
    │   ├── users.ex
    │   ├── user_identities
    │   │   └── user_identity.ex
    │   ├── access.ex
    │   ├── application.ex
    │   ├── redix.ex
    │   ├── sso
    │   │   ├── sso_token.ex
    │   │   ├── cookie.ex
    │   │   ├── store.ex
    │   │   └── plug.ex
    │   ├── sso.ex
    │   └── users
    │   │   └── user.ex
    ├── user_service.ex
    ├── ecto
    │   └── trimmed_string.ex
    ├── salesloft
    │   └── provider.ex
    └── user_service_web.ex
├── .formatter.exs
├── config
    ├── test.exs
    ├── prod.secret.exs
    ├── config.exs
    ├── prod.exs
    └── dev.exs
├── LICENSE
├── .gitignore
├── mix.exs
├── README.md
└── mix.lock


/user_consumer/test/test_helper.exs:
--------------------------------------------------------------------------------
1 | ExUnit.start()
2 | 


--------------------------------------------------------------------------------
/assets/js/app.js:
--------------------------------------------------------------------------------
1 | import css from "../css/app.scss"
2 | 
3 | import "phoenix_html"
4 | 


--------------------------------------------------------------------------------
/assets/.babelrc:
--------------------------------------------------------------------------------
1 | {
2 |     "presets": [
3 |         "@babel/preset-env"
4 |     ]
5 | }
6 | 


--------------------------------------------------------------------------------
/priv/repo/migrations/.formatter.exs:
--------------------------------------------------------------------------------
1 | [
2 |   import_deps: [:ecto_sql],
3 |   inputs: ["*.exs"]
4 | ]
5 | 


--------------------------------------------------------------------------------
/test/test_helper.exs:
--------------------------------------------------------------------------------
1 | ExUnit.start()
2 | Ecto.Adapters.SQL.Sandbox.mode(UserService.Repo, :manual)
3 | 


--------------------------------------------------------------------------------
/user_consumer/README.md:
--------------------------------------------------------------------------------
1 | # User Consumer
2 | 
3 | View instructions in the parent folder's README.
4 | 


--------------------------------------------------------------------------------
/assets/static/favicon.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sb8244/pow_starter_pack/HEAD/assets/static/favicon.ico


--------------------------------------------------------------------------------
/assets/static/images/phoenix.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sb8244/pow_starter_pack/HEAD/assets/static/images/phoenix.png


--------------------------------------------------------------------------------
/lib/user_service_web/views/layout_view.ex:
--------------------------------------------------------------------------------
1 | defmodule UserServiceWeb.LayoutView do
2 |   use UserServiceWeb, :view
3 | end
4 | 


--------------------------------------------------------------------------------
/lib/user_service_web/views/placeholder_view.ex:
--------------------------------------------------------------------------------
1 | defmodule UserServiceWeb.PlaceholderView do
2 |   use UserServiceWeb, :view
3 | end
4 | 


--------------------------------------------------------------------------------
/lib/user_service_web/views/pow/session_view.ex:
--------------------------------------------------------------------------------
1 | defmodule UserServiceWeb.Pow.SessionView do
2 |   use UserServiceWeb, :view
3 | end
4 | 


--------------------------------------------------------------------------------
/user_consumer/.formatter.exs:
--------------------------------------------------------------------------------
1 | [
2 |   import_deps: [:phoenix],
3 |   inputs: ["*.{ex,exs}", "{config,lib,test}/**/*.{ex,exs}"]
4 | ]
5 | 


--------------------------------------------------------------------------------
/lib/user_service/access/context.ex:
--------------------------------------------------------------------------------
1 | defmodule UserService.Access.Context do
2 |   @enforce_keys [:guid]
3 |   defstruct @enforce_keys
4 | end
5 | 


--------------------------------------------------------------------------------
/lib/user_service_web/views/pow/registration_view.ex:
--------------------------------------------------------------------------------
1 | defmodule UserServiceWeb.Pow.RegistrationView do
2 |   use UserServiceWeb, :view
3 | end
4 | 


--------------------------------------------------------------------------------
/test/user_service_web/views/page_view_test.exs:
--------------------------------------------------------------------------------
1 | defmodule UserServiceWeb.PageViewTest do
2 |   use UserServiceWeb.ConnCase, async: true
3 | end
4 | 


--------------------------------------------------------------------------------
/lib/user_service/repo.ex:
--------------------------------------------------------------------------------
1 | defmodule UserService.Repo do
2 |   use Ecto.Repo,
3 |     otp_app: :user_service,
4 |     adapter: Ecto.Adapters.Postgres
5 | end
6 | 


--------------------------------------------------------------------------------
/lib/user_service/users.ex:
--------------------------------------------------------------------------------
1 | defmodule UserService.Users do
2 |   def get_user(id) do
3 |     UserService.Repo.get(UserService.Users.User, id)
4 |   end
5 | end
6 | 


--------------------------------------------------------------------------------
/lib/user_service_web/views/pow_invitation/invitation_view.ex:
--------------------------------------------------------------------------------
1 | defmodule UserServiceWeb.PowInvitation.InvitationView do
2 |   use UserServiceWeb, :view
3 | end
4 | 


--------------------------------------------------------------------------------
/lib/user_service_web/views/pow_reset_password/reset_password_view.ex:
--------------------------------------------------------------------------------
1 | defmodule UserServiceWeb.PowResetPassword.ResetPasswordView do
2 |   use UserServiceWeb, :view
3 | end
4 | 


--------------------------------------------------------------------------------
/.formatter.exs:
--------------------------------------------------------------------------------
1 | [
2 |   import_deps: [:ecto, :phoenix],
3 |   inputs: ["*.{ex,exs}", "priv/*/seeds.exs", "{config,lib,test}/**/*.{ex,exs}"],
4 |   subdirectories: ["priv/*/migrations"],
5 |   line_length: 160
6 | ]
7 | 


--------------------------------------------------------------------------------
/lib/user_service_web/views/pow_invitation/mailer_view.ex:
--------------------------------------------------------------------------------
1 | defmodule UserServiceWeb.PowInvitation.MailerView do
2 |   use UserServiceWeb, :mailer_view
3 | 
4 |   def subject(:invitation, _assigns), do: "You've been invited"
5 | end
6 | 


--------------------------------------------------------------------------------
/assets/static/robots.txt:
--------------------------------------------------------------------------------
1 | # See http://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file
2 | #
3 | # To ban all spiders from the entire site uncomment the next two lines:
4 | # User-agent: *
5 | # Disallow: /
6 | 


--------------------------------------------------------------------------------
/lib/user_service_web/views/pow_email_confirmation/mailer_view.ex:
--------------------------------------------------------------------------------
1 | defmodule UserServiceWeb.PowEmailConfirmation.MailerView do
2 |   use UserServiceWeb, :mailer_view
3 | 
4 |   def subject(:email_confirmation, _assigns), do: "Welcome to APP_NAME!"
5 | end
6 | 


--------------------------------------------------------------------------------
/lib/user_service_web/views/pow_reset_password/mailer_view.ex:
--------------------------------------------------------------------------------
1 | defmodule UserServiceWeb.PowResetPassword.MailerView do
2 |   use UserServiceWeb, :mailer_view
3 | 
4 |   def subject(:reset_password, _assigns), do: "APP_NAME: Reset password link"
5 | end
6 | 


--------------------------------------------------------------------------------
/test/user_service_web/controllers/page_controller_test.exs:
--------------------------------------------------------------------------------
1 | defmodule UserServiceWeb.PageControllerTest do
2 |   use UserServiceWeb.ConnCase
3 | 
4 |   test "GET /", %{conn: conn} do
5 |     conn = get(conn, "/")
6 |     assert html_response(conn, 200) =~ "Welcome to Phoenix!"
7 |   end
8 | end
9 | 


--------------------------------------------------------------------------------
/assets/css/app.scss:
--------------------------------------------------------------------------------
 1 | $primary: #247BA0;
 2 | 
 3 | @import "~bootstrap/scss/bootstrap";
 4 | 
 5 | html, body {
 6 |   height: 100%;
 7 | 
 8 |   background: aliceblue;
 9 | }
10 | 
11 | body {
12 |   display: flex;
13 |   align-items: center;
14 | }
15 | 
16 | .card-padded {
17 |   padding: 100px 50px;
18 | }
19 | 


--------------------------------------------------------------------------------
/lib/user_service.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserService do
 2 |   @moduledoc """
 3 |   UserService keeps the contexts that define your domain
 4 |   and business logic.
 5 | 
 6 |   Contexts are also responsible for managing your data, regardless
 7 |   if it comes from the database, an external API or others.
 8 |   """
 9 | end
10 | 


--------------------------------------------------------------------------------
/lib/user_service_web/controllers/api/auth_error_handler.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserServiceWeb.Api.AuthErrorHandler do
 2 |   use UserServiceWeb, :controller
 3 | 
 4 |   def call(conn, :not_authenticated) do
 5 |     conn
 6 |     |> put_status(401)
 7 |     |> json(%{error: "You must be signed in to access this"})
 8 |   end
 9 | end
10 | 


--------------------------------------------------------------------------------
/lib/user_service_web/templates/layout/_flash.html.eex:
--------------------------------------------------------------------------------
1 | <%= if get_flash(@conn, :info) do %>
2 |   <p class="alert alert-info" role="alert"><%= get_flash(@conn, :info) %></p>
3 | <% end %>
4 | 
5 | <%= if get_flash(@conn, :error) do %>
6 |   <p class="alert alert-warning" role="alert"><%= get_flash(@conn, :error) %></p>
7 | <% end %>
8 | 


--------------------------------------------------------------------------------
/lib/user_service/user_identities/user_identity.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserService.UserIdentities.UserIdentity do
 2 |   use Ecto.Schema
 3 |   use PowAssent.Ecto.UserIdentities.Schema, user: UserService.Users.User
 4 | 
 5 |   schema "user_identities" do
 6 |     pow_assent_user_identity_fields()
 7 | 
 8 |     timestamps()
 9 |   end
10 | end
11 | 


--------------------------------------------------------------------------------
/lib/user_service_web/controllers/placeholder_controller.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserServiceWeb.PlaceholderController do
 2 |   use UserServiceWeb, :controller
 3 | 
 4 |   plug Pow.Plug.RequireAuthenticated, error_handler: Pow.Phoenix.PlugErrorHandler
 5 | 
 6 |   def show(conn, _params) do
 7 |     render(conn, "show.html")
 8 |   end
 9 | end
10 | 


--------------------------------------------------------------------------------
/user_consumer/lib/user_consumer.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserConsumer do
 2 |   @moduledoc """
 3 |   UserConsumer keeps the contexts that define your domain
 4 |   and business logic.
 5 | 
 6 |   Contexts are also responsible for managing your data, regardless
 7 |   if it comes from the database, an external API or others.
 8 |   """
 9 | end
10 | 


--------------------------------------------------------------------------------
/priv/repo/migrations/20200318055008_add_name_to_users.exs:
--------------------------------------------------------------------------------
 1 | defmodule UserService.Repo.Migrations.AddNameToUsers do
 2 |   use Ecto.Migration
 3 | 
 4 |   def change do
 5 |     alter table(:users) do
 6 |       add :first_name, :text, null: false, default: ""
 7 |       add :last_name, :text, null: false, default: ""
 8 |     end
 9 |   end
10 | end
11 | 


--------------------------------------------------------------------------------
/test/user_service_web/views/layout_view_test.exs:
--------------------------------------------------------------------------------
1 | defmodule UserServiceWeb.LayoutViewTest do
2 |   use UserServiceWeb.ConnCase, async: true
3 | 
4 |   # When testing helpers, you may want to import Phoenix.HTML and
5 |   # use functions such as safe_to_string() to convert the helper
6 |   # result into an HTML string.
7 |   # import Phoenix.HTML
8 | end
9 | 


--------------------------------------------------------------------------------
/user_consumer/config/test.exs:
--------------------------------------------------------------------------------
 1 | use Mix.Config
 2 | 
 3 | # We don't run a server during test. If one is required,
 4 | # you can enable the server option below.
 5 | config :user_consumer, UserConsumerWeb.Endpoint,
 6 |   http: [port: 4002],
 7 |   server: false
 8 | 
 9 | # Print only warnings and errors during test
10 | config :logger, level: :warn
11 | 


--------------------------------------------------------------------------------
/lib/ecto/trimmed_string.ex:
--------------------------------------------------------------------------------
 1 | defmodule Ecto.TrimmedString do
 2 |   def type, do: :string
 3 | 
 4 |   def cast(binary) when is_binary(binary), do: {:ok, String.trim(binary)}
 5 |   def cast(other), do: Ecto.Type.cast(:string, other)
 6 | 
 7 |   def load(data), do: Ecto.Type.load(:string, data)
 8 | 
 9 |   def dump(data), do: Ecto.Type.dump(:string, data)
10 | end
11 | 


--------------------------------------------------------------------------------
/lib/user_service_web/templates/pow_invitation/mailer/invitation.text.eex:
--------------------------------------------------------------------------------
 1 | Hi,
 2 | 
 3 | You've been invited to join <%= @invited_by_user_id %> on APP_NAME. Please use the following link to accept your invitation:
 4 | 
 5 | <%= @url %>
 6 | 
 7 | If you have any questions, you can reply to this email and we'll get back to you!
 8 | 
 9 | Thanks!
10 | The Team at APP_NAME
11 | 


--------------------------------------------------------------------------------
/lib/user_service_web/templates/pow_reset_password/mailer/reset_password.text.eex:
--------------------------------------------------------------------------------
 1 | Hi,
 2 | 
 3 | You can reset your password using the following link. If you didn't request a password reset, then please disregard this email.
 4 | 
 5 | <%= @url %>
 6 | 
 7 | If you have any questions, you can reply to this email and we'll get back to you!
 8 | 
 9 | Thanks!
10 | The Team at APP_NAME
11 | 


--------------------------------------------------------------------------------
/user_consumer/lib/user_consumer_web/router.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserConsumerWeb.Router do
 2 |   use UserConsumerWeb, :router
 3 | 
 4 |   pipeline :api do
 5 |     plug :accepts, ["json"]
 6 |     plug UserConsumerWeb.Plug.SsoUserConsumer
 7 |   end
 8 | 
 9 |   scope "/", UserConsumerWeb do
10 |     pipe_through :api
11 | 
12 |     get "/", PlaceholderController, :show
13 |   end
14 | end
15 | 


--------------------------------------------------------------------------------
/priv/repo/migrations/20200215192702_create_users.exs:
--------------------------------------------------------------------------------
 1 | defmodule UserService.Repo.Migrations.CreateUsers do
 2 |   use Ecto.Migration
 3 | 
 4 |   def change do
 5 |     create table(:users) do
 6 |       add :email, :string, null: false
 7 |       add :password_hash, :string
 8 | 
 9 |       timestamps()
10 |     end
11 | 
12 |     create unique_index(:users, [:email])
13 |   end
14 | end
15 | 


--------------------------------------------------------------------------------
/lib/user_service_web/templates/pow_reset_password/mailer/reset_password.html.eex:
--------------------------------------------------------------------------------
1 | <p>Hi,</p>
2 | 
3 | <p>You can reset your password using <%= link("this link", to: @url) %>. If you didn't request a password reset, then please disregard this email.</p>
4 | 
5 | <p>If you have any questions, you can reply to this email and we'll get back to you!</p>
6 | 
7 | <p>Thanks!<br />The Team at APP_NAME</p>
8 | 


--------------------------------------------------------------------------------
/lib/user_service/access.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserService.Access do
 2 |   alias UserService.Access.{Context, Token}
 3 | 
 4 |   @token_access_minutes 60
 5 | 
 6 |   def user_access_token(%UserService.Users.User{guid: guid}) do
 7 |     %Context{guid: guid}
 8 |     |> Token.sign_auth_token()
 9 |   end
10 | 
11 |   def token_duration_in_seconds() do
12 |     @token_access_minutes * 60
13 |   end
14 | end
15 | 


--------------------------------------------------------------------------------
/lib/user_service_web/templates/pow_invitation/mailer/invitation.html.eex:
--------------------------------------------------------------------------------
 1 | <p>Hi,</p>
 2 | 
 3 | <p>You've been invited to join <%= @invited_by_user_id %> on APP_NAME. Please use the following link to accept your invitation:</p>
 4 | 
 5 | <p><%= link(@url, to: @url) %></p>
 6 | 
 7 | <p>If you have any questions, you can reply to this email and we'll get back to you!</p>
 8 | 
 9 | <p>Thanks!<br />The Team at APP_NAME</p>
10 | 


--------------------------------------------------------------------------------
/priv/repo/seeds.exs:
--------------------------------------------------------------------------------
 1 | # Script for populating the database. You can run it as:
 2 | #
 3 | #     mix run priv/repo/seeds.exs
 4 | #
 5 | # Inside the script, you can read and write to any of your
 6 | # repositories directly:
 7 | #
 8 | #     UserService.Repo.insert!(%UserService.SomeSchema{})
 9 | #
10 | # We recommend using the bang functions (`insert!`, `update!`
11 | # and so on) as they will fail if something goes wrong.
12 | 


--------------------------------------------------------------------------------
/priv/repo/migrations/20200318054354_drop_sso_token_foreign_key.exs:
--------------------------------------------------------------------------------
 1 | defmodule UserService.Repo.Migrations.DropSsoTokenForeignKey do
 2 |   use Ecto.Migration
 3 | 
 4 |   def up do
 5 |     drop constraint("sso_tokens", "sso_tokens_user_id_fkey")
 6 |   end
 7 | 
 8 |   def down do
 9 |     alter table("sso_tokens") do
10 |       modify :user_id, references(:users, on_delete: :nothing), null: false
11 |     end
12 |   end
13 | end
14 | 


--------------------------------------------------------------------------------
/priv/repo/migrations/20200315042833_add_guid_to_users.exs:
--------------------------------------------------------------------------------
 1 | defmodule UserService.Repo.Migrations.AddGuidToUsers do
 2 |   use Ecto.Migration
 3 | 
 4 |   def change do
 5 |     execute "CREATE EXTENSION pgcrypto", "DROP EXTENSION pgcrypto"
 6 | 
 7 |     alter table(:users) do
 8 |       add :guid, :uuid, null: false, default: fragment("gen_random_uuid()")
 9 |     end
10 | 
11 |     create unique_index(:users, [:guid])
12 |   end
13 | end
14 | 


--------------------------------------------------------------------------------
/lib/user_service_web/views/pow_assent/registration_view.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserServiceWeb.PowAssent.RegistrationView do
 2 |   use UserServiceWeb, :view
 3 | 
 4 |   def provider_message(%{params: %{"provider" => "github"}}), do: "with Github."
 5 |   def provider_message(_), do: "."
 6 | 
 7 |   def email_taken?(%{errors: errors}) do
 8 |     Enum.find(errors, fn
 9 |       {:email, {_, [{:constraint, :unique}, _]}} -> true
10 |       _ -> false
11 |     end)
12 |   end
13 | end
14 | 


--------------------------------------------------------------------------------
/priv/repo/migrations/20200215194435_add_pow_email_confirmation_to_users.exs:
--------------------------------------------------------------------------------
 1 | defmodule UserService.Repo.Migrations.AddPowEmailConfirmationToUsers do
 2 |   use Ecto.Migration
 3 | 
 4 |   def change do
 5 |     alter table(:users) do
 6 |       add :email_confirmation_token, :string
 7 |       add :email_confirmed_at, :utc_datetime
 8 |       add :unconfirmed_email, :string
 9 |     end
10 | 
11 |     create unique_index(:users, [:email_confirmation_token])
12 |   end
13 | end
14 | 


--------------------------------------------------------------------------------
/priv/repo/migrations/20200417041204_add_pow_invitation_to_users.exs:
--------------------------------------------------------------------------------
 1 | defmodule UserService.Repo.Migrations.AddPowInvitationToUsers do
 2 |   use Ecto.Migration
 3 | 
 4 |   def change do
 5 |     alter table(:users) do
 6 |       add :invitation_token, :string
 7 |       add :invitation_accepted_at, :utc_datetime
 8 |       add :invited_by_id, references("users", on_delete: :nothing)
 9 |     end
10 | 
11 |     create unique_index(:users, [:invitation_token])
12 |   end
13 | end
14 | 


--------------------------------------------------------------------------------
/lib/user_service_web/templates/pow_email_confirmation/mailer/email_confirmation.text.eex:
--------------------------------------------------------------------------------
 1 | Hi,
 2 | 
 3 | Welcome to APP_NAME, thanks for signing up! You're on your way to DO_SOMETHING_GREAT.
 4 | 
 5 | To get started, Confirm your email address using the following link and follow the setup in app!
 6 | 
 7 | <%= @url %>
 8 | 
 9 | We hope you enjoy THE_PRODUCT. You can reply to this email if you have any questions, we'll get back to you as soon as possible.
10 | 
11 | Thanks,
12 | The Team at APP_NAME
13 | 


--------------------------------------------------------------------------------
/priv/repo/migrations/20200319033538_create_user_identities.exs:
--------------------------------------------------------------------------------
 1 | defmodule UserService.Repo.Migrations.CreateUserIdentities do
 2 |   use Ecto.Migration
 3 | 
 4 |   def change do
 5 |     create table(:user_identities) do
 6 |       add :provider, :string, null: false
 7 |       add :uid, :string, null: false
 8 |       add :user_id, :integer
 9 | 
10 |       timestamps()
11 |     end
12 | 
13 |     create unique_index(:user_identities, [:uid, :provider])
14 |     create index(:user_identities, :user_id)
15 |   end
16 | end
17 | 


--------------------------------------------------------------------------------
/test/user_service_web/views/error_view_test.exs:
--------------------------------------------------------------------------------
 1 | defmodule UserServiceWeb.ErrorViewTest do
 2 |   use UserServiceWeb.ConnCase, async: true
 3 | 
 4 |   # Bring render/3 and render_to_string/3 for testing custom views
 5 |   import Phoenix.View
 6 | 
 7 |   test "renders 404.html" do
 8 |     assert render_to_string(UserServiceWeb.ErrorView, "404.html", []) == "Not Found"
 9 |   end
10 | 
11 |   test "renders 500.html" do
12 |     assert render_to_string(UserServiceWeb.ErrorView, "500.html", []) == "Internal Server Error"
13 |   end
14 | end
15 | 


--------------------------------------------------------------------------------
/lib/user_service_web/controllers/api/tokens_controller.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserServiceWeb.Api.TokensController do
 2 |   use UserServiceWeb, :controller
 3 | 
 4 |   def create(conn, _params) do
 5 |     json(conn, payload(Pow.Plug.current_user(conn)))
 6 |   end
 7 | 
 8 |   defp payload(user) do
 9 |     %{
10 |       duration_in_seconds: UserService.Access.token_duration_in_seconds(),
11 |       now_utc: :erlang.system_time(:seconds),
12 |       subject: user.guid,
13 |       token: UserService.Access.user_access_token(user)
14 |     }
15 |   end
16 | end
17 | 


--------------------------------------------------------------------------------
/priv/repo/migrations/20200216050100_create_sso_tokens.exs:
--------------------------------------------------------------------------------
 1 | defmodule UserService.Repo.Migrations.CreateSsoTokens do
 2 |   use Ecto.Migration
 3 | 
 4 |   def change do
 5 |     create table(:sso_tokens) do
 6 |       add :token, :text, null: false
 7 |       add :expires_at, :utc_datetime_usec, null: false
 8 |       add :user_id, references(:users, on_delete: :nothing), null: false
 9 | 
10 |       timestamps(type: :utc_datetime_usec)
11 |     end
12 | 
13 |     create index(:sso_tokens, [:user_id])
14 |     create unique_index(:sso_tokens, [:token])
15 |   end
16 | end
17 | 


--------------------------------------------------------------------------------
/config/test.exs:
--------------------------------------------------------------------------------
 1 | use Mix.Config
 2 | 
 3 | # Configure your database
 4 | config :user_service, UserService.Repo,
 5 |   username: "postgres",
 6 |   password: "postgres",
 7 |   database: "user_service_test",
 8 |   hostname: "localhost",
 9 |   pool: Ecto.Adapters.SQL.Sandbox
10 | 
11 | # We don't run a server during test. If one is required,
12 | # you can enable the server option below.
13 | config :user_service, UserServiceWeb.Endpoint,
14 |   http: [port: 4002],
15 |   server: false
16 | 
17 | # Print only warnings and errors during test
18 | config :logger, level: :warn
19 | 


--------------------------------------------------------------------------------
/lib/user_service/application.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserService.Application do
 2 |   @moduledoc false
 3 | 
 4 |   use Application
 5 | 
 6 |   def start(_type, _args) do
 7 |     children = [
 8 |       UserService.Redix,
 9 |       UserService.Repo,
10 |       UserServiceWeb.Endpoint
11 |     ]
12 | 
13 |     opts = [strategy: :one_for_one, name: UserService.Supervisor]
14 |     Supervisor.start_link(children, opts)
15 |   end
16 | 
17 |   def config_change(changed, _new, removed) do
18 |     UserServiceWeb.Endpoint.config_change(changed, removed)
19 |     :ok
20 |   end
21 | end
22 | 


--------------------------------------------------------------------------------
/lib/user_service_web/templates/pow_email_confirmation/mailer/email_confirmation.html.eex:
--------------------------------------------------------------------------------
 1 | <%# Template left unstyled, due to custom needs for any particular app %>
 2 | 
 3 | <p>Hi,</p>
 4 | 
 5 | <p>Welcome to APP_NAME, thanks for signing up! You're on your way to DO_SOMETHING_GREAT.</p>
 6 | 
 7 | <p>To get started, <%= link("confirm your email address", to: @url) %> and follow the setup in app!</p>
 8 | 
 9 | <p>We hope you enjoy THE_PRODUCT. You can reply to this email if you have any questions, we'll get back to you as soon as possible.</p>
10 | 
11 | <p>Thanks,<br />The Team at APP_NAME</p>
12 | 


--------------------------------------------------------------------------------
/user_consumer/lib/user_consumer_web/views/error_helpers.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserConsumerWeb.ErrorHelpers do
 2 |   @moduledoc """
 3 |   Conveniences for translating and building error messages.
 4 |   """
 5 | 
 6 |   @doc """
 7 |   Translates an error message.
 8 |   """
 9 |   def translate_error({msg, opts}) do
10 |     # Because the error messages we show in our forms and APIs
11 |     # are defined inside Ecto, we need to translate them dynamically.
12 |     Enum.reduce(opts, msg, fn {key, value}, acc ->
13 |       String.replace(acc, "%{#{key}}", to_string(value))
14 |     end)
15 |   end
16 | end
17 | 


--------------------------------------------------------------------------------
/user_consumer/test/user_consumer_web/views/error_view_test.exs:
--------------------------------------------------------------------------------
 1 | defmodule UserConsumerWeb.ErrorViewTest do
 2 |   use UserConsumerWeb.ConnCase, async: true
 3 | 
 4 |   # Bring render/3 and render_to_string/3 for testing custom views
 5 |   import Phoenix.View
 6 | 
 7 |   test "renders 404.json" do
 8 |     assert render(UserConsumerWeb.ErrorView, "404.json", []) == %{errors: %{detail: "Not Found"}}
 9 |   end
10 | 
11 |   test "renders 500.json" do
12 |     assert render(UserConsumerWeb.ErrorView, "500.json", []) ==
13 |              %{errors: %{detail: "Internal Server Error"}}
14 |   end
15 | end
16 | 


--------------------------------------------------------------------------------
/lib/user_service_web/views/error_view.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserServiceWeb.ErrorView do
 2 |   use UserServiceWeb, :view
 3 | 
 4 |   # If you want to customize a particular status code
 5 |   # for a certain format, you may uncomment below.
 6 |   # def render("500.html", _assigns) do
 7 |   #   "Internal Server Error"
 8 |   # end
 9 | 
10 |   # By default, Phoenix returns the status message from
11 |   # the template name. For example, "404.html" becomes
12 |   # "Not Found".
13 |   def template_not_found(template, _assigns) do
14 |     Phoenix.Controller.status_message_from_template(template)
15 |   end
16 | end
17 | 


--------------------------------------------------------------------------------
/user_consumer/lib/user_consumer_web/views/error_view.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserConsumerWeb.ErrorView do
 2 |   use UserConsumerWeb, :view
 3 | 
 4 |   # If you want to customize a particular status code
 5 |   # for a certain format, you may uncomment below.
 6 |   # def render("500.json", _assigns) do
 7 |   #   %{errors: %{detail: "Internal Server Error"}}
 8 |   # end
 9 | 
10 |   # By default, Phoenix returns the status message from
11 |   # the template name. For example, "404.json" becomes
12 |   # "Not Found".
13 |   def template_not_found(template, _assigns) do
14 |     %{errors: %{detail: Phoenix.Controller.status_message_from_template(template)}}
15 |   end
16 | end
17 | 


--------------------------------------------------------------------------------
/lib/user_service_web/templates/pow_invitation/invitation/show.html.eex:
--------------------------------------------------------------------------------
 1 | <div class="card-group">
 2 |   <div class="card shadow border-0 bg-primary text-white card-padded">
 3 |     <h2>Invite Your Teammates</h2>
 4 |     <p>We'll send an email to your teammate for them to join your team.</p>
 5 |   </div>
 6 | 
 7 |   <div class="card card-padded shadow border-0">
 8 |     <p>
 9 |       You can send your teammate the following URL: <a href="<%= @url %>"><%= @url %></a>
10 |     </p>
11 | 
12 |     <div class="btn-group w-100">
13 |       <%= link "Cancel", to: Routes.pow_session_path(@conn, :new), class: "btn btn-light w-50" %>
14 |     </div>
15 |   </div>
16 | </div>
17 | 


--------------------------------------------------------------------------------
/lib/user_service_web/controllers/external_redirect_controller.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserServiceWeb.ExternalRedirectController do
 2 |   use UserServiceWeb, :controller
 3 | 
 4 |   alias UserServiceWeb.Plug.RedirectTo
 5 | 
 6 |   def show(conn, _params) do
 7 |     case external_url(conn) do
 8 |       nil ->
 9 |         redirect(conn, to: "/")
10 | 
11 |       url ->
12 |         conn
13 |         |> clear_url()
14 |         |> redirect(external: url)
15 |     end
16 |   end
17 | 
18 |   defp external_url(conn) do
19 |     get_session(conn, RedirectTo.session_key())
20 |   end
21 | 
22 |   defp clear_url(conn) do
23 |     delete_session(conn, RedirectTo.session_key())
24 |   end
25 | end
26 | 


--------------------------------------------------------------------------------
/lib/user_service/access/token.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserService.Access.Token do
 2 |   use Joken.Config
 3 | 
 4 |   alias UserService.Access.Context
 5 | 
 6 |   @impl true
 7 |   def token_config do
 8 |     default_claims(iss: "user-service", skip: [:aud])
 9 |   end
10 | 
11 |   def sign_auth_token(%Context{guid: guid}) do
12 |     signer = Joken.Signer.create("HS256", secret())
13 |     generate_and_sign!(%{"guid" => guid, "exp" => expiration()}, signer)
14 |   end
15 | 
16 |   defp secret() do
17 |     Application.fetch_env!(:user_service, :api_signer_secret)
18 |   end
19 | 
20 |   defp expiration() do
21 |     :erlang.system_time(:seconds) + UserService.Access.token_duration_in_seconds()
22 |   end
23 | end
24 | 


--------------------------------------------------------------------------------
/lib/user_service_web/pow/mailer.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserServiceWeb.Pow.Mailer do
 2 |   use Pow.Phoenix.Mailer
 3 |   use Bamboo.Mailer, otp_app: :user_service
 4 | 
 5 |   import Bamboo.Email
 6 | 
 7 |   @impl true
 8 |   def cast(%{user: user, subject: subject, text: text, html: html}) do
 9 |     new_email(
10 |       to: user.email,
11 |       from: from_address(),
12 |       subject: subject,
13 |       html_body: html,
14 |       text_body: text
15 |     )
16 |   end
17 | 
18 |   @impl true
19 |   def process(email) do
20 |     deliver_now(email)
21 |   end
22 | 
23 |   defp from_address() do
24 |     Application.fetch_env!(:user_service, __MODULE__)
25 |     |> Keyword.fetch!(:from_address)
26 |   end
27 | end
28 | 


--------------------------------------------------------------------------------
/lib/user_service/redix.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserService.Redix do
 2 |   @pool_size 15
 3 | 
 4 |   def child_spec(_args) do
 5 |     redis_url = Application.get_env(:user_service, :redis_uri)
 6 | 
 7 |     children =
 8 |       for i <- 0..(@pool_size - 1) do
 9 |         Supervisor.child_spec({Redix, {redis_url, name: :"redix_#{i}"}}, id: {Redix, i})
10 |       end
11 | 
12 |     %{
13 |       id: RedixSupervisor,
14 |       type: :supervisor,
15 |       start: {Supervisor, :start_link, [children, [strategy: :one_for_one]]}
16 |     }
17 |   end
18 | 
19 |   def instance_name() do
20 |     :"redix_#{random_index()}"
21 |   end
22 | 
23 |   defp random_index() do
24 |     rem(System.unique_integer([:positive]), @pool_size)
25 |   end
26 | end
27 | 


--------------------------------------------------------------------------------
/lib/user_service_web/plug/redirect_to.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserServiceWeb.Plug.RedirectTo do
 2 |   import Plug.Conn
 3 | 
 4 |   def session_key(), do: :saved_redirect_to
 5 | 
 6 |   def init(_) do
 7 |     []
 8 |   end
 9 | 
10 |   def call(conn = %{query_params: %{"redirect_to" => redirect_to}}, _opts) do
11 |     put_session(conn, session_key(), validated_redirect_to(redirect_to))
12 |   end
13 | 
14 |   def call(conn, _), do: conn
15 | 
16 |   defp validated_redirect_to(url) do
17 |     uri = URI.parse(url)
18 | 
19 |     if uri.scheme && String.ends_with?(uri.host, cookie_domain()) do
20 |       url
21 |     else
22 |       nil
23 |     end
24 |   end
25 | 
26 |   defp cookie_domain(), do: Application.get_env(:user_service, :sso_cookie_domain)
27 | end
28 | 


--------------------------------------------------------------------------------
/lib/user_service_web/templates/layout/app.html.eex:
--------------------------------------------------------------------------------
 1 | <!DOCTYPE html>
 2 | <html lang="en">
 3 |   <head>
 4 |     <meta charset="utf-8"/>
 5 |     <meta http-equiv="X-UA-Compatible" content="IE=edge"/>
 6 |     <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
 7 |     <title><%= assigns[:page_title] || "UserService · Phoenix Framework" %></title>
 8 |     <link rel="stylesheet" href="<%= Routes.static_path(@conn, "/css/app.css") %>"/>
 9 |     <%= csrf_meta_tag() %>
10 |   </head>
11 | 
12 |   <body>
13 |     <main role="main" class="container">
14 |       <%= render @view_module, @view_template, assigns %>
15 |     </main>
16 | 
17 |     <script type="text/javascript" src="<%= Routes.static_path(@conn, "/js/app.js") %>"></script>
18 |   </body>
19 | </html>
20 | 


--------------------------------------------------------------------------------
/lib/user_service/sso/sso_token.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserService.Sso.SsoToken do
 2 |   use Ecto.Schema
 3 |   import Ecto.Changeset
 4 | 
 5 |   schema "sso_tokens" do
 6 |     field :expires_at, :utc_datetime_usec
 7 |     field :token, :string
 8 |     field :user_id, :id
 9 | 
10 |     timestamps(type: :utc_datetime_usec)
11 |   end
12 | 
13 |   @doc false
14 |   def changeset(attrs) do
15 |     attrs =
16 |       if attrs[:token] == :random do
17 |         length = 64
18 |         token = :crypto.strong_rand_bytes(length) |> Base.encode64() |> binary_part(0, length)
19 |         Map.put(attrs, :token, token)
20 |       else
21 |         attrs
22 |       end
23 | 
24 |     %__MODULE__{}
25 |     |> cast(attrs, [:token, :expires_at, :user_id])
26 |     |> validate_required([:token, :expires_at, :user_id])
27 |   end
28 | end
29 | 


--------------------------------------------------------------------------------
/lib/user_service_web/controllers/sso/verify_controller.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserServiceWeb.Sso.VerifyController do
 2 |   @moduledoc """
 3 |   TODO: In production environment, this should be secured with an server-server secret. For starters, possibly just
 4 |         a list of secrets kept in config.
 5 |   """
 6 | 
 7 |   use UserServiceWeb, :controller
 8 | 
 9 |   def create(conn, %{"sso_token" => token}) do
10 |     case UserService.Sso.get_user_for_sso_token(token) do
11 |       {:ok, user} ->
12 |         conn
13 |         |> json(serialize(user))
14 | 
15 |       {:error, reason} ->
16 |         conn
17 |         |> put_status(422)
18 |         |> json(%{error: "invalid_token", reason: reason})
19 |     end
20 |   end
21 | 
22 |   defp serialize(user) do
23 |     %{
24 |       email: user.email,
25 |       guid: user.guid
26 |     }
27 |   end
28 | end
29 | 


--------------------------------------------------------------------------------
/lib/user_service_web/gettext.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserServiceWeb.Gettext do
 2 |   @moduledoc """
 3 |   A module providing Internationalization with a gettext-based API.
 4 | 
 5 |   By using [Gettext](https://hexdocs.pm/gettext),
 6 |   your module gains a set of macros for translations, for example:
 7 | 
 8 |       import UserServiceWeb.Gettext
 9 | 
10 |       # Simple translation
11 |       gettext("Here is the string to translate")
12 | 
13 |       # Plural translation
14 |       ngettext("Here is the string to translate",
15 |                "Here are the strings to translate",
16 |                3)
17 | 
18 |       # Domain-based translation
19 |       dgettext("errors", "Here is the error message to translate")
20 | 
21 |   See the [Gettext Docs](https://hexdocs.pm/gettext) for detailed usage.
22 |   """
23 |   use Gettext, otp_app: :user_service
24 | end
25 | 


--------------------------------------------------------------------------------
/user_consumer/.gitignore:
--------------------------------------------------------------------------------
 1 | # The directory Mix will write compiled artifacts to.
 2 | /_build/
 3 | 
 4 | # If you run "mix test --cover", coverage assets end up here.
 5 | /cover/
 6 | 
 7 | # The directory Mix downloads your dependencies sources to.
 8 | /deps/
 9 | 
10 | # Where 3rd-party dependencies like ExDoc output generated docs.
11 | /doc/
12 | 
13 | # Ignore .fetch files in case you like to edit your project deps locally.
14 | /.fetch
15 | 
16 | # If the VM crashes, it generates a dump, let's ignore it too.
17 | erl_crash.dump
18 | 
19 | # Also ignore archive artifacts (built via "mix archive.build").
20 | *.ez
21 | 
22 | # Ignore package tarball (built via "mix hex.build").
23 | user_consumer-*.tar
24 | 
25 | # Since we are building assets from assets/,
26 | # we ignore priv/static. You may want to comment
27 | # this depending on your deployment strategy.
28 | /priv/static/
29 | 


--------------------------------------------------------------------------------
/assets/package.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "repository": {},
 3 |   "license": "MIT",
 4 |   "scripts": {
 5 |     "deploy": "webpack --mode production",
 6 |     "watch": "webpack --mode development --watch"
 7 |   },
 8 |   "dependencies": {
 9 |     "phoenix_html": "../deps/phoenix_html"
10 |   },
11 |   "devDependencies": {
12 |     "@babel/core": "^7.0.0",
13 |     "@babel/preset-env": "^7.0.0",
14 |     "babel-loader": "^8.0.0",
15 |     "bootstrap": "^4.4.1",
16 |     "copy-webpack-plugin": "^5.1.1",
17 |     "css-loader": "^3.4.2",
18 |     "extract-text-webpack-plugin": "^4.0.0-beta.0",
19 |     "mini-css-extract-plugin": "^0.9.0",
20 |     "node-sass": "^4.13.1",
21 |     "optimize-css-assets-webpack-plugin": "^5.0.1",
22 |     "sass-loader": "^8.0.2",
23 |     "style-loader": "^1.1.3",
24 |     "terser-webpack-plugin": "^2.3.2",
25 |     "webpack": "4.41.5",
26 |     "webpack-cli": "^3.3.2"
27 |   }
28 | }
29 | 


--------------------------------------------------------------------------------
/lib/user_service_web/templates/pow_assent/registration/add_user_id.html.eex:
--------------------------------------------------------------------------------
 1 | <div class="card-group">
 2 |   <div class="card shadow border-0 bg-primary text-white card-padded">
 3 |     <h2>Whoops!</h2>
 4 |     <p>We weren't able to sign you in <%= provider_message(@conn) %></p>
 5 |   </div>
 6 | 
 7 |   <div class="card shadow border-0 card-padded">
 8 |     <%= if email_taken?(@changeset) do %>
 9 |       <p>We could not verify that your account is configured to use this login provider.</p>
10 |     <% else %>
11 |       <p>We can not log you in using this login provider.</p>
12 |     <% end %>
13 | 
14 |     <p>
15 |       Please <%= link("login", to: Routes.login_path(@conn, :new)) %> with your email and password, or with a
16 |       different provider. You can <%= link "reset your password", to: Routes.pow_reset_password_reset_password_path(@conn, :new) %>
17 |       if you forgot it.
18 |     </p>
19 |   </div>
20 | </div>
21 | 


--------------------------------------------------------------------------------
/lib/user_service_web/templates/placeholder/show.html.eex:
--------------------------------------------------------------------------------
 1 | <div class="card-group">
 2 |   <div class="card shadow border-0 bg-primary card-padded">
 3 |     <%= if Pow.Plug.current_user(@conn).first_name != "" do %>
 4 |       <h2 class="text-white mb-4">Welcome, <%= Pow.Plug.current_user(@conn).first_name %></h2>
 5 |     <% else %>
 6 |       <h2 class="text-white mb-4">Welcome</h2>
 7 |     <% end %>
 8 | 
 9 |     <a class="btn btn-lg btn-light" href="http://test.localhost.development:4001/">Continue to App</a>
10 |   </div>
11 | 
12 |   <div class="card card-padded shadow border-0">
13 |     <p>You're logged in as <%= Pow.Plug.current_user(@conn).email %></p>
14 | 
15 |     <%= link "Edit Your Info", to: Routes.pow_registration_path(@conn, :edit) %>
16 |     <%= link "Invite Your Teammates", to: Routes.pow_invitation_invitation_path(@conn, :new) %>
17 |     <%= link "Log Out", to: Routes.logout_path(@conn, :delete) %>
18 |   </div>
19 | </div>
20 | 


--------------------------------------------------------------------------------
/lib/user_service_web/pow/routes.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserServiceWeb.Pow.Routes do
 2 |   use Pow.Phoenix.Routes
 3 | 
 4 |   alias UserServiceWeb.Router.Helpers, as: Routes
 5 |   alias UserServiceWeb.Plug.RedirectTo
 6 | 
 7 |   @impl true
 8 |   def user_not_authenticated_path(conn) do
 9 |     Routes.pow_session_path(conn, :new)
10 |   end
11 | 
12 |   @impl true
13 |   def after_sign_in_path(conn) do
14 |     case external_url(conn) do
15 |       nil ->
16 |         "/"
17 | 
18 |       _ ->
19 |         Routes.external_redirect_path(conn, :show)
20 |     end
21 |   end
22 | 
23 |   @impl true
24 |   def after_sign_out_path(conn, routes_module \\ __MODULE__) do
25 |     case external_url(conn) do
26 |       nil ->
27 |         routes_module.session_path(conn, :new)
28 | 
29 |       _ ->
30 |         Routes.external_redirect_path(conn, :show)
31 |     end
32 |   end
33 | 
34 |   defp external_url(conn) do
35 |     Plug.Conn.get_session(conn, RedirectTo.session_key())
36 |   end
37 | end
38 | 


--------------------------------------------------------------------------------
/lib/user_service/sso/cookie.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserService.Sso.Cookie do
 2 |   def cookie_name() do
 3 |     "sso_session"
 4 |   end
 5 | 
 6 |   def cookie_domain() do
 7 |     Application.get_env(:user_service, :sso_cookie_domain)
 8 |   end
 9 | 
10 |   def sign_token(%{token: token, expires_at: expires_at}) do
11 |     secret = Application.get_env(:user_service, :sso_secret)
12 | 
13 |     Phoenix.Token.sign(secret, "sso_salt", %{token: token, expires_at: expires_at})
14 |   end
15 | 
16 |   def verify_session(token) do
17 |     secret = Application.get_env(:user_service, :sso_secret)
18 |     now = System.system_time(:second)
19 | 
20 |     case Phoenix.Token.verify(secret, "sso_salt", token, max_age: :infinity) do
21 |       {:ok, payload = %{expires_at: expire_at_s}} when expire_at_s > now ->
22 |         {:valid, payload}
23 | 
24 |       {:ok, expired_payload} ->
25 |         {:expired, expired_payload}
26 | 
27 |       {:error, e} ->
28 |         {:invalid, e}
29 |     end
30 |   end
31 | end
32 | 


--------------------------------------------------------------------------------
/lib/user_service_web/plug/fetch_user_plug.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserServiceWeb.Plug.FetchUserPlug do
 2 |   @moduledoc """
 3 |   Plug to refetch the current user from Pow, to ensure that it's always up to date.
 4 | 
 5 |   From: https://hexdocs.pm/pow/1.0.19/sync_user.html#content
 6 | 
 7 |   Motivation: Not every controller may need the most up-to-date user (it could be cached and used), but
 8 |               it's easier to assume an un-cached user and then cache if there's performance issues in the
 9 |               future.
10 |   """
11 | 
12 |   @behaviour Plug
13 | 
14 |   @impl true
15 |   def init(opts), do: opts
16 | 
17 |   @impl true
18 |   def call(conn, _opts) do
19 |     config = Pow.Plug.fetch_config(conn)
20 | 
21 |     case Pow.Plug.current_user(conn, config) do
22 |       nil ->
23 |         conn
24 | 
25 |       user ->
26 |         reloaded_user = UserService.Users.get_user(user.id)
27 |         Pow.Plug.assign_current_user(conn, reloaded_user, config)
28 |     end
29 |   end
30 | end
31 | 


--------------------------------------------------------------------------------
/lib/user_service/sso.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserService.Sso do
 2 |   @moduledoc """
 3 |   SSO cookie management for the current user on login. This SSO cookie can be used
 4 |   by other domains under the same parent in order to provide server-server verified SSO session.
 5 |   """
 6 | 
 7 |   alias __MODULE__.{Cookie, Plug, Store}
 8 | 
 9 |   def plug(), do: Plug
10 | 
11 |   def get_user_for_sso_token(sso_token) do
12 |     with {:verify, {:valid, %{token: token}}} <- {:verify, Cookie.verify_session(sso_token)},
13 |          {:find_token, %{user_id: id}} <- {:find_token, Store.find_valid_token(token)},
14 |          {:find_user, user = %{}} <- {:find_user, UserService.Users.get_user(id)} do
15 |       {:ok, user}
16 |     else
17 |       {:verify, {:invalid, _}} ->
18 |         {:error, :invalid_session}
19 | 
20 |       {:verify, _e} ->
21 |         {:error, :verifying_session}
22 | 
23 |       {:find_token, _} ->
24 |         {:error, :finding_token}
25 | 
26 |       {:find_user, _} ->
27 |         {:error, :finding_user}
28 |     end
29 |   end
30 | end
31 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | Copyright 2020 Stephen Bussey
2 | 
3 | Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
4 | 
5 | The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
6 | 
7 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
8 | 


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
 1 | # The directory Mix will write compiled artifacts to.
 2 | /_build/
 3 | 
 4 | # If you run "mix test --cover", coverage assets end up here.
 5 | /cover/
 6 | 
 7 | # The directory Mix downloads your dependencies sources to.
 8 | /deps/
 9 | 
10 | # Where 3rd-party dependencies like ExDoc output generated docs.
11 | /doc/
12 | 
13 | # Ignore .fetch files in case you like to edit your project deps locally.
14 | /.fetch
15 | 
16 | # If the VM crashes, it generates a dump, let's ignore it too.
17 | erl_crash.dump
18 | 
19 | # Also ignore archive artifacts (built via "mix archive.build").
20 | *.ez
21 | 
22 | # Ignore package tarball (built via "mix hex.build").
23 | user_service-*.tar
24 | 
25 | # If NPM crashes, it generates a log, let's ignore it too.
26 | npm-debug.log
27 | 
28 | # The directory NPM downloads your dependencies sources to.
29 | /assets/node_modules/
30 | 
31 | # Since we are building assets from assets/,
32 | # we ignore priv/static. You may want to comment
33 | # this depending on your deployment strategy.
34 | /priv/static/
35 | 
36 | *.secret.exs
37 | 


--------------------------------------------------------------------------------
/user_consumer/lib/user_consumer/application.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserConsumer.Application do
 2 |   # See https://hexdocs.pm/elixir/Application.html
 3 |   # for more information on OTP Applications
 4 |   @moduledoc false
 5 | 
 6 |   use Application
 7 | 
 8 |   def start(_type, _args) do
 9 |     # List all child processes to be supervised
10 |     children = [
11 |       # Start the endpoint when the application starts
12 |       UserConsumerWeb.Endpoint
13 |       # Starts a worker by calling: UserConsumer.Worker.start_link(arg)
14 |       # {UserConsumer.Worker, arg},
15 |     ]
16 | 
17 |     # See https://hexdocs.pm/elixir/Supervisor.html
18 |     # for other strategies and supported options
19 |     opts = [strategy: :one_for_one, name: UserConsumer.Supervisor]
20 |     Supervisor.start_link(children, opts)
21 |   end
22 | 
23 |   # Tell Phoenix to update the endpoint configuration
24 |   # whenever the application is updated.
25 |   def config_change(changed, _new, removed) do
26 |     UserConsumerWeb.Endpoint.config_change(changed, removed)
27 |     :ok
28 |   end
29 | end
30 | 


--------------------------------------------------------------------------------
/lib/user_service/sso/store.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserService.Sso.Store do
 2 |   @moduledoc """
 3 |   SSO cookie management for the current user on login. This SSO cookie can be used
 4 |   by other domains under the same parent in order to provide server-server verified SSO session.
 5 |   """
 6 | 
 7 |   import Ecto.Query
 8 | 
 9 |   alias UserService.Repo
10 |   alias UserService.Sso.SsoToken
11 | 
12 |   @one_month 60 * 60 * 24 * 30
13 | 
14 |   def create_sso_token_for_user!(_user = %{id: user_id}) when not is_nil(user_id) do
15 |     expiry = (System.system_time(:second) + @one_month) |> DateTime.from_unix!()
16 | 
17 |     SsoToken.changeset(%{token: :random, expires_at: expiry, user_id: user_id})
18 |     |> Repo.insert!()
19 |   end
20 | 
21 |   def find_valid_token(token) do
22 |     now = DateTime.utc_now()
23 | 
24 |     from(sso in SsoToken, where: sso.token == ^token and sso.expires_at > ^now)
25 |     |> Repo.one()
26 |   end
27 | 
28 |   def delete_sso_token(token: token) do
29 |     from(sso in SsoToken, where: sso.token == ^token)
30 |     |> Repo.delete_all()
31 |   end
32 | end
33 | 


--------------------------------------------------------------------------------
/user_consumer/test/support/channel_case.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserConsumerWeb.ChannelCase do
 2 |   @moduledoc """
 3 |   This module defines the test case to be used by
 4 |   channel tests.
 5 | 
 6 |   Such tests rely on `Phoenix.ChannelTest` and also
 7 |   import other functionality to make it easier
 8 |   to build common data structures and query the data layer.
 9 | 
10 |   Finally, if the test case interacts with the database,
11 |   we enable the SQL sandbox, so changes done to the database
12 |   are reverted at the end of every test. If you are using
13 |   PostgreSQL, you can even run database tests asynchronously
14 |   by setting `use UserConsumerWeb.ChannelCase, async: true`, although
15 |   this option is not recommended for other databases.
16 |   """
17 | 
18 |   use ExUnit.CaseTemplate
19 | 
20 |   using do
21 |     quote do
22 |       # Import conveniences for testing with channels
23 |       use Phoenix.ChannelTest
24 | 
25 |       # The default endpoint for testing
26 |       @endpoint UserConsumerWeb.Endpoint
27 |     end
28 |   end
29 | 
30 |   setup _tags do
31 |     :ok
32 |   end
33 | end
34 | 


--------------------------------------------------------------------------------
/user_consumer/config/config.exs:
--------------------------------------------------------------------------------
 1 | # This file is responsible for configuring your application
 2 | # and its dependencies with the aid of the Mix.Config module.
 3 | #
 4 | # This configuration file is loaded before any dependency and
 5 | # is restricted to this project.
 6 | 
 7 | # General application configuration
 8 | use Mix.Config
 9 | 
10 | # Configures the endpoint
11 | config :user_consumer, UserConsumerWeb.Endpoint,
12 |   url: [host: "localhost"],
13 |   secret_key_base: "raMcS2w6t+EqlpSUODuKbXu2AaQJet64a8OhqXBomZLEgfd+fnbnkJsZLPynOuo2",
14 |   render_errors: [view: UserConsumerWeb.ErrorView, accepts: ~w(json)],
15 |   pubsub: [name: UserConsumer.PubSub, adapter: Phoenix.PubSub.PG2],
16 |   live_view: [signing_salt: "gbWRJRhF"]
17 | 
18 | # Configures Elixir's Logger
19 | config :logger, :console,
20 |   format: "$time $metadata[$level] $message\n",
21 |   metadata: [:request_id]
22 | 
23 | # Use Jason for JSON parsing in Phoenix
24 | config :phoenix, :json_library, Jason
25 | 
26 | # Import environment specific config. This must remain at the bottom
27 | # of this file so it overrides the configuration defined above.
28 | import_config "#{Mix.env()}.exs"
29 | 


--------------------------------------------------------------------------------
/lib/user_service_web/templates/pow_reset_password/reset_password/new.html.eex:
--------------------------------------------------------------------------------
 1 | <div class="card-group">
 2 |   <div class="card shadow border-0 bg-primary text-white card-padded">
 3 |     <h2>Reset your password</h2>
 4 |     <p>We'll confirm your email and then you can set a new password.</p>
 5 |   </div>
 6 | 
 7 |   <div class="card card-padded shadow border-0">
 8 |     <%= form_for @changeset, @action, [as: :user], fn f -> %>
 9 |       <%= if @changeset.action do %>
10 |         <div class="alert alert-danger">
11 |           <p>Oops, something went wrong! Please check the errors below.</p>
12 |         </div>
13 |       <% end %>
14 | 
15 |       <div class="form-group">
16 |         <%= label f, :email, class: invalid_class(f, :email) %>
17 |         <%= text_input f, :email, class: "form-control #{invalid_class(f, :email)}", required: true %>
18 |         <%= error_tag f, :email %>
19 |       </div>
20 | 
21 |       <div class="btn-group w-100">
22 |         <%= submit "Send email", class: "btn btn-primary w-50" %>
23 |         <%= link "Cancel", to: Routes.pow_session_path(@conn, :new), class: "btn btn-light w-50" %>
24 |       </div>
25 |     <% end %>
26 |   </div>
27 | </div>
28 | 


--------------------------------------------------------------------------------
/user_consumer/mix.exs:
--------------------------------------------------------------------------------
 1 | defmodule UserConsumer.MixProject do
 2 |   use Mix.Project
 3 | 
 4 |   def project do
 5 |     [
 6 |       app: :user_consumer,
 7 |       version: "0.1.0",
 8 |       elixir: "~> 1.5",
 9 |       elixirc_paths: elixirc_paths(Mix.env()),
10 |       compilers: [:phoenix] ++ Mix.compilers(),
11 |       start_permanent: Mix.env() == :prod,
12 |       deps: deps()
13 |     ]
14 |   end
15 | 
16 |   # Configuration for the OTP application.
17 |   #
18 |   # Type `mix help compile.app` for more information.
19 |   def application do
20 |     [
21 |       mod: {UserConsumer.Application, []},
22 |       extra_applications: [:logger, :runtime_tools]
23 |     ]
24 |   end
25 | 
26 |   # Specifies which paths to compile per environment.
27 |   defp elixirc_paths(:test), do: ["lib", "test/support"]
28 |   defp elixirc_paths(_), do: ["lib"]
29 | 
30 |   # Specifies your project dependencies.
31 |   #
32 |   # Type `mix help deps` for examples and options.
33 |   defp deps do
34 |     [
35 |       {:phoenix, "~> 1.4.13"},
36 |       {:phoenix_pubsub, "~> 1.1"},
37 |       {:jason, "~> 1.0"},
38 |       {:plug_cowboy, "~> 2.0"},
39 |       {:mojito, "~> 0.6.1"}
40 |     ]
41 |   end
42 | end
43 | 


--------------------------------------------------------------------------------
/user_consumer/test/support/conn_case.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserConsumerWeb.ConnCase do
 2 |   @moduledoc """
 3 |   This module defines the test case to be used by
 4 |   tests that require setting up a connection.
 5 | 
 6 |   Such tests rely on `Phoenix.ConnTest` and also
 7 |   import other functionality to make it easier
 8 |   to build common data structures and query the data layer.
 9 | 
10 |   Finally, if the test case interacts with the database,
11 |   we enable the SQL sandbox, so changes done to the database
12 |   are reverted at the end of every test. If you are using
13 |   PostgreSQL, you can even run database tests asynchronously
14 |   by setting `use UserConsumerWeb.ConnCase, async: true`, although
15 |   this option is not recommended for other databases.
16 |   """
17 | 
18 |   use ExUnit.CaseTemplate
19 | 
20 |   using do
21 |     quote do
22 |       # Import conveniences for testing with connections
23 |       use Phoenix.ConnTest
24 |       alias UserConsumerWeb.Router.Helpers, as: Routes
25 | 
26 |       # The default endpoint for testing
27 |       @endpoint UserConsumerWeb.Endpoint
28 |     end
29 |   end
30 | 
31 |   setup _tags do
32 |     {:ok, conn: Phoenix.ConnTest.build_conn()}
33 |   end
34 | end
35 | 


--------------------------------------------------------------------------------
/lib/user_service_web/templates/pow_invitation/invitation/new.html.eex:
--------------------------------------------------------------------------------
 1 | <div class="card-group">
 2 |   <div class="card shadow border-0 bg-primary text-white card-padded">
 3 |     <h2>Invite Your Teammates</h2>
 4 |     <p>We'll send an email to your teammate for them to join your team.</p>
 5 |   </div>
 6 | 
 7 |   <div class="card card-padded shadow border-0">
 8 |     <%= render UserServiceWeb.LayoutView, "_flash.html", assigns %>
 9 | 
10 |     <%= form_for @changeset, @action, [as: :user], fn f -> %>
11 |       <%= if @changeset.action do %>
12 |         <div class="alert alert-danger">
13 |           <p>Oops, something went wrong! Please check the errors below.</p>
14 |         </div>
15 |       <% end %>
16 | 
17 |       <div class="form-group">
18 |         <%= label f, :email, class: invalid_class(f, :email) %>
19 |         <%= text_input f, :email, class: "form-control #{invalid_class(f, :email)}", required: true %>
20 |         <%= error_tag f, :email %>
21 |       </div>
22 | 
23 |       <div class="btn-group w-100">
24 |         <%= submit "Send email", class: "btn btn-primary w-50" %>
25 |         <%= link "Cancel", to: Routes.pow_session_path(@conn, :new), class: "btn btn-light w-50" %>
26 |       </div>
27 |     <% end %>
28 |   </div>
29 | </div>
30 | 


--------------------------------------------------------------------------------
/user_consumer/lib/user_consumer_web/channels/user_socket.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserConsumerWeb.UserSocket do
 2 |   use Phoenix.Socket
 3 | 
 4 |   ## Channels
 5 |   # channel "room:*", UserConsumerWeb.RoomChannel
 6 | 
 7 |   # Socket params are passed from the client and can
 8 |   # be used to verify and authenticate a user. After
 9 |   # verification, you can put default assigns into
10 |   # the socket that will be set for all channels, ie
11 |   #
12 |   #     {:ok, assign(socket, :user_id, verified_user_id)}
13 |   #
14 |   # To deny connection, return `:error`.
15 |   #
16 |   # See `Phoenix.Token` documentation for examples in
17 |   # performing token verification on connect.
18 |   def connect(_params, socket, _connect_info) do
19 |     {:ok, socket}
20 |   end
21 | 
22 |   # Socket id's are topics that allow you to identify all sockets for a given user:
23 |   #
24 |   #     def id(socket), do: "user_socket:#{socket.assigns.user_id}"
25 |   #
26 |   # Would allow you to broadcast a "disconnect" event and terminate
27 |   # all active sockets and channels for a given user:
28 |   #
29 |   #     UserConsumerWeb.Endpoint.broadcast("user_socket:#{user.id}", "disconnect", %{})
30 |   #
31 |   # Returning `nil` makes this socket anonymous.
32 |   def id(_socket), do: nil
33 | end
34 | 


--------------------------------------------------------------------------------
/test/support/channel_case.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserServiceWeb.ChannelCase do
 2 |   @moduledoc """
 3 |   This module defines the test case to be used by
 4 |   channel tests.
 5 | 
 6 |   Such tests rely on `Phoenix.ChannelTest` and also
 7 |   import other functionality to make it easier
 8 |   to build common data structures and query the data layer.
 9 | 
10 |   Finally, if the test case interacts with the database,
11 |   we enable the SQL sandbox, so changes done to the database
12 |   are reverted at the end of every test. If you are using
13 |   PostgreSQL, you can even run database tests asynchronously
14 |   by setting `use UserServiceWeb.ChannelCase, async: true`, although
15 |   this option is not recommended for other databases.
16 |   """
17 | 
18 |   use ExUnit.CaseTemplate
19 | 
20 |   using do
21 |     quote do
22 |       # Import conveniences for testing with channels
23 |       use Phoenix.ChannelTest
24 | 
25 |       # The default endpoint for testing
26 |       @endpoint UserServiceWeb.Endpoint
27 |     end
28 |   end
29 | 
30 |   setup tags do
31 |     :ok = Ecto.Adapters.SQL.Sandbox.checkout(UserService.Repo)
32 | 
33 |     unless tags[:async] do
34 |       Ecto.Adapters.SQL.Sandbox.mode(UserService.Repo, {:shared, self()})
35 |     end
36 | 
37 |     :ok
38 |   end
39 | end
40 | 


--------------------------------------------------------------------------------
/lib/salesloft/provider.ex:
--------------------------------------------------------------------------------
 1 | defmodule SalesLoft.Provider do
 2 |   @moduledoc """
 3 |   This is here to demonstrate how simple it is to make a custom OAuth provider.
 4 | 
 5 |   SalesLoft requires SSL for all redirect URIs for security reasons (except for localhost). Because I'm
 6 |   using a custom domain for this, I currently have to run it in SSL mode and things just get really weird
 7 |   with the self-signed cert.
 8 |   """
 9 | 
10 |   use Assent.Strategy.OAuth2.Base
11 | 
12 |   @impl true
13 |   def default_config(_config) do
14 |     [
15 |       site: "https://accounts.salesloft.com/",
16 |       authorize_url: "https://accounts.salesloft.com/oauth/authorize",
17 |       token_url: "https://accounts.salesloft.com/oauth/token",
18 |       user_url: "https://api.salesloft.com/v2/me",
19 |       authorization_params: [],
20 |       auth_method: :client_secret_post
21 |     ]
22 |   end
23 | 
24 |   @impl true
25 |   def normalize(_config, %{"data" => user}) do
26 |     {:ok,
27 |      %{
28 |        "sub" => user["guid"],
29 |        "given_name" => user["first_name"],
30 |        "family_name" => user["last_name"],
31 |        "email" => user["email"],
32 |        # change to true to bypass need for verification
33 |        "email_verified" => false
34 |      }}
35 |   end
36 | end
37 | 


--------------------------------------------------------------------------------
/lib/user_service_web/templates/pow_reset_password/reset_password/edit.html.eex:
--------------------------------------------------------------------------------
 1 | <div class="card-group">
 2 |   <div class="card shadow border-0 bg-primary text-white card-padded">
 3 |     <h2>Reset your password</h2>
 4 |     <p>All that's left is to set your new password.</p>
 5 |   </div>
 6 | 
 7 |   <div class="card card-padded shadow border-0">
 8 |     <%= form_for @changeset, @action, [as: :user, method: :put], fn f -> %>
 9 |       <div class="form-group">
10 |         <%= label f, :password, class: invalid_class(f, :password) %>
11 |         <%= password_input f, :password, class: "form-control #{invalid_class(f, :password)}" %>
12 |         <%= error_tag f, :password %>
13 |       </div>
14 | 
15 |       <div class="form-group">
16 |         <%= label f, :password_confirmation, class: invalid_class(f, :password_confirmation) %>
17 |         <%= password_input f, :password_confirmation, class: "form-control #{invalid_class(f, :password_confirmation)}" %>
18 |         <%= error_tag f, :password_confirmation %>
19 |       </div>
20 | 
21 |       <div class="btn-group w-100">
22 |         <%= submit "Reset password", class: "btn btn-primary w-50" %>
23 |         <%= link "Cancel", to: Routes.pow_session_path(@conn, :new), class: "btn btn-light w-50" %>
24 |       </div>
25 |     <% end %>
26 |   </div>
27 | </div>
28 | 


--------------------------------------------------------------------------------
/test/support/conn_case.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserServiceWeb.ConnCase do
 2 |   @moduledoc """
 3 |   This module defines the test case to be used by
 4 |   tests that require setting up a connection.
 5 | 
 6 |   Such tests rely on `Phoenix.ConnTest` and also
 7 |   import other functionality to make it easier
 8 |   to build common data structures and query the data layer.
 9 | 
10 |   Finally, if the test case interacts with the database,
11 |   we enable the SQL sandbox, so changes done to the database
12 |   are reverted at the end of every test. If you are using
13 |   PostgreSQL, you can even run database tests asynchronously
14 |   by setting `use UserServiceWeb.ConnCase, async: true`, although
15 |   this option is not recommended for other databases.
16 |   """
17 | 
18 |   use ExUnit.CaseTemplate
19 | 
20 |   using do
21 |     quote do
22 |       # Import conveniences for testing with connections
23 |       use Phoenix.ConnTest
24 |       alias UserServiceWeb.Router.Helpers, as: Routes
25 | 
26 |       # The default endpoint for testing
27 |       @endpoint UserServiceWeb.Endpoint
28 |     end
29 |   end
30 | 
31 |   setup tags do
32 |     :ok = Ecto.Adapters.SQL.Sandbox.checkout(UserService.Repo)
33 | 
34 |     unless tags[:async] do
35 |       Ecto.Adapters.SQL.Sandbox.mode(UserService.Repo, {:shared, self()})
36 |     end
37 | 
38 |     {:ok, conn: Phoenix.ConnTest.build_conn()}
39 |   end
40 | end
41 | 


--------------------------------------------------------------------------------
/priv/cert/selfsigned.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN CERTIFICATE-----
 2 | MIIDjjCCAnagAwIBAgIID2neKjEQJwYwDQYJKoZIhvcNAQELBQAwQzEaMBgGA1UE
 3 | CgwRUGhvZW5peCBGcmFtZXdvcmsxJTAjBgNVBAMMHFNlbGYtc2lnbmVkIHRlc3Qg
 4 | Y2VydGlmaWNhdGUwHhcNMjAwMzE5MDAwMDAwWhcNMjEwMzE5MDAwMDAwWjBDMRow
 5 | GAYDVQQKDBFQaG9lbml4IEZyYW1ld29yazElMCMGA1UEAwwcU2VsZi1zaWduZWQg
 6 | dGVzdCBjZXJ0aWZpY2F0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
 7 | AN3lNLmeJeAbvxNXXZBMk7EzGoLtVWLb4Jy0ZrkG2vYfpwQQSo0c3lCl62ro3usq
 8 | Syns501sip5m7cEBegiwVID+VzCg0hvkHjOdXgZ4uN1OcLKRs6qW01w1h7u+Hq8c
 9 | ecTIOzFd5EJuDdJUBIJbllk/kzlH0LWTQtsr///jEvubOnlfSLMuqRHbALPp/KrU
10 | vk8CXnwAHhKQlzZUPwGMYpDRxUCK3U6t6QZ3MSQnuQdspH9Go1MZ1d3V3zlIgcqK
11 | 4qvBd+wkCt2WINNqp9KPVyGEcYOvB5f2Wk0AvtvptTS4eNGu3R1LPIYktMLcN4Yw
12 | AfMNbxdHpbbP9Q3EaYjL0AUCAwEAAaOBhTCBgjAMBgNVHRMBAf8EAjAAMA4GA1Ud
13 | DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0O
14 | BBYEFASOZM8Qulsgb+E2I95WdNsaHLH1MCQGA1UdEQQdMBuCGWlkcC5sb2NhbGhv
15 | c3QuZGV2ZWxvcG1lbnQwDQYJKoZIhvcNAQELBQADggEBANx0MT/nnzDbhAcDBujn
16 | VMlumC3vWG0dqyLypo/fPi+gXWTY4eFkeznD/bOKrTqanswPhxQomevnX5ZHREkC
17 | HAHbjoOfHhLv8F+sIeGRDXKVQO2shJWNphOxAQqQUL5Vf3F8ghIVKTFyMntDQ3yg
18 | a0+7fmckldAUHPXYYM188auaeAXC7Wc3/Uzq57IsjBsczGPoSdR7klJaoRUmzeeD
19 | 2kKa1sfuU2ySiFoVSYdlVLkpH4qbpiznq8oaV1hqZXNqYxTDjT5I94YeFYaGvdXw
20 | oTRpkV1m8hJSKxiPNoeBfckrI2CSdFfabBD63CT0Pk8kaYIoTV2K5sJm+70dzwLi
21 | l+o=
22 | -----END CERTIFICATE-----
23 | 
24 | 


--------------------------------------------------------------------------------
/config/prod.secret.exs:
--------------------------------------------------------------------------------
 1 | # In this file, we load production configuration and secrets
 2 | # from environment variables. You can also hardcode secrets,
 3 | # although such is generally not recommended and you have to
 4 | # remember to add this file to your .gitignore.
 5 | use Mix.Config
 6 | 
 7 | database_url =
 8 |   System.get_env("DATABASE_URL") ||
 9 |     raise """
10 |     environment variable DATABASE_URL is missing.
11 |     For example: ecto://USER:PASS@HOST/DATABASE
12 |     """
13 | 
14 | config :user_service, UserService.Repo,
15 |   # ssl: true,
16 |   url: database_url,
17 |   pool_size: String.to_integer(System.get_env("POOL_SIZE") || "10")
18 | 
19 | secret_key_base =
20 |   System.get_env("SECRET_KEY_BASE") ||
21 |     raise """
22 |     environment variable SECRET_KEY_BASE is missing.
23 |     You can generate one by calling: mix phx.gen.secret
24 |     """
25 | 
26 | config :user_service, UserServiceWeb.Endpoint,
27 |   http: [
28 |     port: String.to_integer(System.get_env("PORT") || "4000"),
29 |     transport_options: [socket_opts: [:inet6]]
30 |   ],
31 |   secret_key_base: secret_key_base
32 | 
33 | # ## Using releases (Elixir v1.9+)
34 | #
35 | # If you are doing OTP releases, you need to instruct Phoenix
36 | # to start each relevant endpoint:
37 | #
38 | #     config :user_service, UserServiceWeb.Endpoint, server: true
39 | #
40 | # Then you can assemble a release by calling `mix release`.
41 | # See `mix help release` for more information.
42 | 


--------------------------------------------------------------------------------
/user_consumer/lib/user_consumer_web/endpoint.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserConsumerWeb.Endpoint do
 2 |   use Phoenix.Endpoint, otp_app: :user_consumer
 3 | 
 4 |   # The session will be stored in the cookie and signed,
 5 |   # this means its contents can be read but not tampered with.
 6 |   # Set :encryption_salt if you would also like to encrypt it.
 7 |   @session_options [
 8 |     store: :cookie,
 9 |     key: "_user_consumer_key",
10 |     signing_salt: "IudYggNf"
11 |   ]
12 | 
13 |   socket "/socket", UserConsumerWeb.UserSocket,
14 |     websocket: true,
15 |     longpoll: false
16 | 
17 |   # Serve at "/" the static files from "priv/static" directory.
18 |   #
19 |   # You should set gzip to true if you are running phx.digest
20 |   # when deploying your static files in production.
21 |   plug Plug.Static,
22 |     at: "/",
23 |     from: :user_consumer,
24 |     gzip: false,
25 |     only: ~w(css fonts images js favicon.ico robots.txt)
26 | 
27 |   # Code reloading can be explicitly enabled under the
28 |   # :code_reloader configuration of your endpoint.
29 |   if code_reloading? do
30 |     plug Phoenix.CodeReloader
31 |   end
32 | 
33 |   plug Plug.RequestId
34 |   plug Plug.Telemetry, event_prefix: [:phoenix, :endpoint]
35 | 
36 |   plug Plug.Parsers,
37 |     parsers: [:urlencoded, :multipart, :json],
38 |     pass: ["*/*"],
39 |     json_decoder: Phoenix.json_library()
40 | 
41 |   plug Plug.MethodOverride
42 |   plug Plug.Head
43 |   plug Plug.Session, @session_options
44 |   plug UserConsumerWeb.Router
45 | end
46 | 


--------------------------------------------------------------------------------
/lib/user_service_web/templates/pow/session/new.html.eex:
--------------------------------------------------------------------------------
 1 | <div class="card-group">
 2 |   <div class="card shadow border-0 bg-primary text-white card-padded">
 3 |     <h2>Welcome to ThingCorp</h2>
 4 |     <p>We help you do things—You are going to get so much done.</p>
 5 |   </div>
 6 | 
 7 |   <div class="card shadow border-0 card-padded">
 8 |     <%= render UserServiceWeb.LayoutView, "_flash.html", assigns %>
 9 | 
10 |     <%= form_for @changeset, @action, [as: :user], fn f -> %>
11 |       <div class="form-group">
12 |         <%= label f, Pow.Ecto.Schema.user_id_field(@changeset) %>
13 |         <%= text_input f, Pow.Ecto.Schema.user_id_field(@changeset), value: "a@a.com", class: "form-control" %>
14 |       </div>
15 | 
16 |       <div class="form-group">
17 |         <%= label f, :password, class: invalid_class(f, :password) %>
18 |         <%= password_input f, :password, value: "password", class: "form-control #{invalid_class(f, :password)}" %>
19 |       </div>
20 | 
21 |       <div class="btn-group w-100">
22 |         <%= submit "Sign in", class: "btn btn-primary w-50" %>
23 |         <%= link "Sign up", to: Routes.pow_registration_path(@conn, :new), class: "btn btn-light w-50" %>
24 |       </div>
25 |     <% end %>
26 | 
27 |     <div class="text-center mt-3">
28 |       <%= link "Forgot password?", to: Routes.pow_reset_password_reset_password_path(@conn, :new) %>
29 |     </div>
30 | 
31 |     <%= for link <- PowAssent.Phoenix.ViewHelpers.provider_links(@conn) do %>
32 |       <%= content_tag(:span, link) %>
33 |     <% end %>
34 |   </div>
35 | </div>
36 | 


--------------------------------------------------------------------------------
/assets/webpack.config.js:
--------------------------------------------------------------------------------
 1 | const path = require('path');
 2 | const glob = require('glob');
 3 | const MiniCssExtractPlugin = require('mini-css-extract-plugin');
 4 | const TerserPlugin = require('terser-webpack-plugin');
 5 | const OptimizeCSSAssetsPlugin = require('optimize-css-assets-webpack-plugin');
 6 | const CopyWebpackPlugin = require('copy-webpack-plugin');
 7 | 
 8 | module.exports = (env, options) => ({
 9 |   optimization: {
10 |     minimizer: [
11 |       new TerserPlugin({ cache: true, parallel: true, sourceMap: false }),
12 |       new OptimizeCSSAssetsPlugin({})
13 |     ]
14 |   },
15 |   entry: {
16 |     './js/app.js': glob.sync('./vendor/**/*.js').concat(['./js/app.js'])
17 |   },
18 |   output: {
19 |     filename: 'app.js',
20 |     path: path.resolve(__dirname, '../priv/static/js')
21 |   },
22 |   module: {
23 |     rules: [
24 |       {
25 |         test: /\.js$/,
26 |         exclude: /node_modules/,
27 |         use: {
28 |           loader: 'babel-loader'
29 |         }
30 |       },
31 |       {
32 |         test: /\.scss$/,
33 |         use: [
34 |             MiniCssExtractPlugin.loader,
35 |             {
36 |               loader: 'css-loader'
37 |             },
38 |             {
39 |               loader: 'sass-loader',
40 |               options: {
41 |                 sourceMap: true
42 |               }
43 |             }
44 |           ]
45 |       }
46 |     ]
47 |   },
48 |   plugins: [
49 |     new MiniCssExtractPlugin({ filename: '../css/app.css' }),
50 |     new CopyWebpackPlugin([{ from: 'static/', to: '../' }])
51 |   ]
52 | });
53 | 


--------------------------------------------------------------------------------
/lib/user_service/users/user.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserService.Users.User do
 2 |   use Ecto.Schema
 3 |   use Pow.Ecto.Schema
 4 |   use PowAssent.Ecto.Schema
 5 |   use Pow.Extension.Ecto.Schema, extensions: [PowResetPassword, PowEmailConfirmation, PowInvitation]
 6 | 
 7 |   import Ecto.Changeset
 8 | 
 9 |   schema "users" do
10 |     field(:guid, Ecto.UUID, read_after_writes: true)
11 |     field(:first_name, Ecto.TrimmedString)
12 |     field(:last_name, Ecto.TrimmedString)
13 | 
14 |     pow_user_fields()
15 | 
16 |     timestamps()
17 |   end
18 | 
19 |   def changeset(user_or_changeset, attrs) do
20 |     user_or_changeset
21 |     |> pow_changeset(attrs)
22 |     |> pow_extension_changeset(attrs)
23 |     |> cast(attrs, [:first_name, :last_name])
24 |   end
25 | 
26 |   def user_identity_changeset(user_or_changeset, user_identity, attrs, user_id_attrs) do
27 |     attrs = extract_name_attrs(attrs)
28 | 
29 |     user_or_changeset
30 |     |> cast(attrs, [:first_name, :last_name])
31 |     |> pow_assent_user_identity_changeset(user_identity, attrs, user_id_attrs)
32 |   end
33 | 
34 |   defp extract_name_attrs(attrs = %{"given_name" => fname, "family_name" => lname}) do
35 |     Map.merge(attrs, %{"first_name" => fname, "last_name" => lname})
36 |   end
37 | 
38 |   defp extract_name_attrs(attrs = %{"name" => name}) do
39 |     String.split(name, " ", parts: 2)
40 |     |> case do
41 |       [name] ->
42 |         Map.put(attrs, "first_name", name)
43 | 
44 |       [fname, lname] ->
45 |         Map.merge(attrs, %{"first_name" => fname, "last_name" => lname})
46 |     end
47 |   end
48 | 
49 |   defp extract_name_attrs(attrs), do: attrs
50 | end
51 | 


--------------------------------------------------------------------------------
/user_consumer/config/dev.exs:
--------------------------------------------------------------------------------
 1 | use Mix.Config
 2 | 
 3 | # For development, we disable any cache and enable
 4 | # debugging and code reloading.
 5 | #
 6 | # The watchers configuration can be used to run external
 7 | # watchers to your application. For example, we use it
 8 | # with webpack to recompile .js and .css sources.
 9 | config :user_consumer, UserConsumerWeb.Endpoint,
10 |   http: [port: 4001],
11 |   debug_errors: true,
12 |   code_reloader: true,
13 |   check_origin: false,
14 |   watchers: []
15 | 
16 | # ## SSL Support
17 | #
18 | # In order to use HTTPS in development, a self-signed
19 | # certificate can be generated by running the following
20 | # Mix task:
21 | #
22 | #     mix phx.gen.cert
23 | #
24 | # Note that this task requires Erlang/OTP 20 or later.
25 | # Run `mix help phx.gen.cert` for more information.
26 | #
27 | # The `http:` config above can be replaced with:
28 | #
29 | #     https: [
30 | #       port: 4001,
31 | #       cipher_suite: :strong,
32 | #       keyfile: "priv/cert/selfsigned_key.pem",
33 | #       certfile: "priv/cert/selfsigned.pem"
34 | #     ],
35 | #
36 | # If desired, both `http:` and `https:` keys can be
37 | # configured to run both http and https servers on
38 | # different ports.
39 | 
40 | # Do not include metadata nor timestamps in development logs
41 | config :logger, :console, format: "[$level] $message\n"
42 | 
43 | # Set a higher stacktrace during development. Avoid configuring such
44 | # in production as building large stacktraces may be expensive.
45 | config :phoenix, :stacktrace_depth, 20
46 | 
47 | # Initialize plugs at runtime for faster development compilation
48 | config :phoenix, :plug_init_mode, :runtime
49 | 


--------------------------------------------------------------------------------
/lib/user_service_web/endpoint.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserServiceWeb.Endpoint do
 2 |   use Phoenix.Endpoint, otp_app: :user_service
 3 | 
 4 |   # The session will be stored in the cookie and signed,
 5 |   # this means its contents can be read but not tampered with.
 6 |   # Set :encryption_salt if you would also like to encrypt it.
 7 |   @session_options [
 8 |     store: :cookie,
 9 |     key: "_user_service_key",
10 |     signing_salt: "ZzAv/xnC"
11 |   ]
12 | 
13 |   # Serve at "/" the static files from "priv/static" directory.
14 |   #
15 |   # You should set gzip to true if you are running phx.digest
16 |   # when deploying your static files in production.
17 |   plug Plug.Static,
18 |     at: "/",
19 |     from: :user_service,
20 |     gzip: false,
21 |     only: ~w(css fonts images js favicon.ico robots.txt)
22 | 
23 |   # Code reloading can be explicitly enabled under the
24 |   # :code_reloader configuration of your endpoint.
25 |   if code_reloading? do
26 |     socket "/phoenix/live_reload/socket", Phoenix.LiveReloader.Socket
27 |     plug Phoenix.LiveReloader
28 |     plug Phoenix.CodeReloader
29 |   end
30 | 
31 |   plug Plug.RequestId
32 |   plug Plug.Telemetry, event_prefix: [:phoenix, :endpoint]
33 | 
34 |   plug Plug.Parsers,
35 |     parsers: [:urlencoded, :multipart, :json],
36 |     pass: ["*/*"],
37 |     json_decoder: Phoenix.json_library()
38 | 
39 |   plug Plug.MethodOverride
40 |   plug Plug.Head
41 |   plug Plug.Session, @session_options
42 |   plug Pow.Plug.Session, otp_app: :user_service
43 | 
44 |   plug PowPersistentSession.Plug.Cookie,
45 |     persistent_session_ttl: 1000 * 60 * 60 * 24 * 60
46 | 
47 |   plug UserServiceWeb.Plug.FetchUserPlug
48 | 
49 |   plug UserService.Sso.plug()
50 | 
51 |   plug UserServiceWeb.Router
52 | end
53 | 


--------------------------------------------------------------------------------
/priv/cert/selfsigned_key.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN RSA PRIVATE KEY-----
 2 | MIIEowIBAAKCAQEA3eU0uZ4l4Bu/E1ddkEyTsTMagu1VYtvgnLRmuQba9h+nBBBK
 3 | jRzeUKXrauje6ypLKeznTWyKnmbtwQF6CLBUgP5XMKDSG+QeM51eBni43U5wspGz
 4 | qpbTXDWHu74erxx5xMg7MV3kQm4N0lQEgluWWT+TOUfQtZNC2yv//+MS+5s6eV9I
 5 | sy6pEdsAs+n8qtS+TwJefAAeEpCXNlQ/AYxikNHFQIrdTq3pBncxJCe5B2ykf0aj
 6 | UxnV3dXfOUiByoriq8F37CQK3ZYg02qn0o9XIYRxg68Hl/ZaTQC+2+m1NLh40a7d
 7 | HUs8hiS0wtw3hjAB8w1vF0elts/1DcRpiMvQBQIDAQABAoIBAFVRnz9LxsZwBL08
 8 | F3a3awZ0Xto+xVkYsDmwx9qW/zQpoX9XgELX+cdKtMVLuwLzJSl+tMU5WedkLkDK
 9 | /5A9tJBQu1ewTnl48f/on1Gfs30sfvq6OTn7elN3JbSTeprcORnn35KwxmagiGH5
10 | +i3hZ2LzpfkdWuumLsu1FF7ggdkJ9EdCAjhuOE4cHop8yiK4EOlUMp4s/rLg8rEY
11 | 1fvNwURiwfTr5I0gdg4YMoD5NG6HDP8e15XTnYUAYfIzU+cAf9pFRm8/f5gzeLtX
12 | 093Ziemf2rpHZUtKwEcVcFeSnxYskPZAodxIYCqxR52t8u5vuVJJlOuRNX9UXw1J
13 | aFlPSuECgYEA9dmCdrOJbUuUTJMeyHR+6HrABT3A6XEz3f4AKrhBVQtGATJoY9zR
14 | EOOHozyTiiuEDaxlpuQv4E6NGkSY1QPS7HxFLJkzjt/POmXYHe21QGAehcVQWBTg
15 | zs85rxhWwqQTWVCyR/in6DOhVx7J/I88yOUwSzDgUDa6qNQOT6jRNM0CgYEA5w6D
16 | UEB5/7h0mJIDkhZu/jfES2xFjmsDsXfZH1fVY5aiJJcu0rZ/ZhMA8M/r0l98GC2h
17 | zJuAE8RGeVNGb3ZoFPW4Kj2TTm4/f/cCeEgC1u8jDMUF2SrsOM7Mr3clsIMtcnR8
18 | IR3UOIGD0d842/ulqQxfFWbDUwQaOzEpr2uUSBkCgYEAliwm5RsF9x0TmTLEuu1u
19 | F9PjN1BhZjcf15ovv+iM/8XDHTgNS/K2Qfq5/5whA2VRZIjKDweTtxBEYKdGM9gC
20 | HzJJjtSGCd/sVV+gg6eP76LHAi9kxGj8aVdrhOj5FivjJcuFGzFoXw4qn2zPNNbJ
21 | 6m0U8tkIK/dCTZ46n64fHIECgYBTA3nWSXQLlj/92OgDgp/aIjsaRgovgu9OwZp2
22 | kl4Oa75RmyetePgIumcqHenCKaAyJ6LsGipH78rKKEs0HLyEW0wRkRHtqdqSpTJz
23 | +JtckYpsOhVB0xQPzOzpVctqwZaAeq1mUItAyfeMXcDV+HGqbNF0pPkkSGMMRTuO
24 | 1P3vcQKBgBFR6vcHhQ8USdomW+zZ96Em9Cu517XW7rYQmHw/W0aRX62Knxk55IDk
25 | +li/30pccF4IDMO3yaFjkY0KY7LqzZxuHH7UbewGBkByPw9M2PaKGY0SZDffTDO9
26 | RBa6+J6glIINLvLbLU9vsqvVeplt1P7eiq+B+1xBO9NO7yeDZytc
27 | -----END RSA PRIVATE KEY-----
28 | 
29 | 


--------------------------------------------------------------------------------
/test/support/data_case.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserService.DataCase do
 2 |   @moduledoc """
 3 |   This module defines the setup for tests requiring
 4 |   access to the application's data layer.
 5 | 
 6 |   You may define functions here to be used as helpers in
 7 |   your tests.
 8 | 
 9 |   Finally, if the test case interacts with the database,
10 |   we enable the SQL sandbox, so changes done to the database
11 |   are reverted at the end of every test. If you are using
12 |   PostgreSQL, you can even run database tests asynchronously
13 |   by setting `use UserService.DataCase, async: true`, although
14 |   this option is not recommended for other databases.
15 |   """
16 | 
17 |   use ExUnit.CaseTemplate
18 | 
19 |   using do
20 |     quote do
21 |       alias UserService.Repo
22 | 
23 |       import Ecto
24 |       import Ecto.Changeset
25 |       import Ecto.Query
26 |       import UserService.DataCase
27 |     end
28 |   end
29 | 
30 |   setup tags do
31 |     :ok = Ecto.Adapters.SQL.Sandbox.checkout(UserService.Repo)
32 | 
33 |     unless tags[:async] do
34 |       Ecto.Adapters.SQL.Sandbox.mode(UserService.Repo, {:shared, self()})
35 |     end
36 | 
37 |     :ok
38 |   end
39 | 
40 |   @doc """
41 |   A helper that transforms changeset errors into a map of messages.
42 | 
43 |       assert {:error, changeset} = Accounts.create_user(%{password: "short"})
44 |       assert "password is too short" in errors_on(changeset).password
45 |       assert %{password: ["password is too short"]} = errors_on(changeset)
46 | 
47 |   """
48 |   def errors_on(changeset) do
49 |     Ecto.Changeset.traverse_errors(changeset, fn {message, opts} ->
50 |       Regex.replace(~r"%{(\w+)}", message, fn _, key ->
51 |         opts |> Keyword.get(String.to_existing_atom(key), key) |> to_string()
52 |       end)
53 |     end)
54 |   end
55 | end
56 | 


--------------------------------------------------------------------------------
/user_consumer/lib/user_consumer_web.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserConsumerWeb do
 2 |   @moduledoc """
 3 |   The entrypoint for defining your web interface, such
 4 |   as controllers, views, channels and so on.
 5 | 
 6 |   This can be used in your application as:
 7 | 
 8 |       use UserConsumerWeb, :controller
 9 |       use UserConsumerWeb, :view
10 | 
11 |   The definitions below will be executed for every view,
12 |   controller, etc, so keep them short and clean, focused
13 |   on imports, uses and aliases.
14 | 
15 |   Do NOT define functions inside the quoted expressions
16 |   below. Instead, define any helper function in modules
17 |   and import those modules here.
18 |   """
19 | 
20 |   def controller do
21 |     quote do
22 |       use Phoenix.Controller, namespace: UserConsumerWeb
23 | 
24 |       import Plug.Conn
25 |       alias UserConsumerWeb.Router.Helpers, as: Routes
26 |     end
27 |   end
28 | 
29 |   def view do
30 |     quote do
31 |       use Phoenix.View,
32 |         root: "lib/user_consumer_web/templates",
33 |         namespace: UserConsumerWeb
34 | 
35 |       # Import convenience functions from controllers
36 |       import Phoenix.Controller, only: [get_flash: 1, get_flash: 2, view_module: 1]
37 | 
38 |       import UserConsumerWeb.ErrorHelpers
39 |       alias UserConsumerWeb.Router.Helpers, as: Routes
40 |     end
41 |   end
42 | 
43 |   def router do
44 |     quote do
45 |       use Phoenix.Router
46 |       import Plug.Conn
47 |       import Phoenix.Controller
48 |     end
49 |   end
50 | 
51 |   def channel do
52 |     quote do
53 |       use Phoenix.Channel
54 |     end
55 |   end
56 | 
57 |   @doc """
58 |   When used, dispatch to the appropriate controller/view/etc.
59 |   """
60 |   defmacro __using__(which) when is_atom(which) do
61 |     apply(__MODULE__, which, [])
62 |   end
63 | end
64 | 


--------------------------------------------------------------------------------
/config/config.exs:
--------------------------------------------------------------------------------
 1 | # This file is responsible for configuring your application
 2 | # and its dependencies with the aid of the Mix.Config module.
 3 | #
 4 | # This configuration file is loaded before any dependency and
 5 | # is restricted to this project.
 6 | 
 7 | # General application configuration
 8 | use Mix.Config
 9 | 
10 | config :user_service,
11 |   ecto_repos: [UserService.Repo],
12 |   redis_uri: "redis://localhost:6379",
13 |   redis_namespace: "user-service-#{Mix.env()}"
14 | 
15 | config :user_service, :pow,
16 |   cache_store_backend: UserServiceWeb.Pow.RedisCache,
17 |   controller_callbacks: Pow.Extension.Phoenix.ControllerCallbacks,
18 |   extensions: [PowResetPassword, PowEmailConfirmation, PowPersistentSession, PowInvitation],
19 |   mailer_backend: UserServiceWeb.Pow.Mailer,
20 |   repo: UserService.Repo,
21 |   routes_backend: UserServiceWeb.Pow.Routes,
22 |   user: UserService.Users.User,
23 |   web_module: UserServiceWeb,
24 |   web_mailer_module: UserServiceWeb
25 | 
26 | # Configures the endpoint
27 | config :user_service, UserServiceWeb.Endpoint,
28 |   secret_key_base: "1gFAHb0Z8SHK5afTHBYoSeg++nByjZCTGiGTxFAsZeGCTAYVIHVhXVGRZTW29cta",
29 |   render_errors: [view: UserServiceWeb.ErrorView, accepts: ~w(html json)],
30 |   pubsub: [name: UserService.PubSub, adapter: Phoenix.PubSub.PG2],
31 |   live_view: [signing_salt: "Da+AaQgF"]
32 | 
33 | config :cors_plug,
34 |   origin: [],
35 |   max_age: 86400,
36 |   methods: ["GET", "POST"]
37 | 
38 | # Configures Elixir's Logger
39 | config :logger, :console,
40 |   format: "$time $metadata[$level] $message\n",
41 |   metadata: [:request_id]
42 | 
43 | # Use Jason for JSON parsing in Phoenix
44 | config :phoenix, :json_library, Jason
45 | 
46 | # Import environment specific config. This must remain at the bottom
47 | # of this file so it overrides the configuration defined above.
48 | import_config "#{Mix.env()}.exs"
49 | 


--------------------------------------------------------------------------------
/lib/user_service_web/views/error_helpers.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserServiceWeb.ErrorHelpers do
 2 |   @moduledoc """
 3 |   Conveniences for translating and building error messages.
 4 |   """
 5 | 
 6 |   use Phoenix.HTML
 7 | 
 8 |   @doc """
 9 |   Generates tag for inlined form input errors.
10 |   """
11 |   def error_tag(form, field) do
12 |     Enum.map(Keyword.get_values(form.errors, field), fn error ->
13 |       content_tag(:span, translate_error(error), class: "invalid-feedback")
14 |     end)
15 |   end
16 | 
17 |   def invalid_class(form, field) do
18 |     if Enum.any?(Keyword.get_values(form.errors, field)) do
19 |       "is-invalid text-danger"
20 |     else
21 |       ""
22 |     end
23 |   end
24 | 
25 |   @doc """
26 |   Translates an error message using gettext.
27 |   """
28 |   def translate_error({msg, opts}) do
29 |     # When using gettext, we typically pass the strings we want
30 |     # to translate as a static argument:
31 |     #
32 |     #     # Translate "is invalid" in the "errors" domain
33 |     #     dgettext("errors", "is invalid")
34 |     #
35 |     #     # Translate the number of files with plural rules
36 |     #     dngettext("errors", "1 file", "%{count} files", count)
37 |     #
38 |     # Because the error messages we show in our forms and APIs
39 |     # are defined inside Ecto, we need to translate them dynamically.
40 |     # This requires us to call the Gettext module passing our gettext
41 |     # backend as first argument.
42 |     #
43 |     # Note we use the "errors" domain, which means translations
44 |     # should be written to the errors.po file. The :count option is
45 |     # set by Ecto and indicates we should also apply plural rules.
46 |     if count = opts[:count] do
47 |       Gettext.dngettext(UserServiceWeb.Gettext, "errors", msg, msg, count, opts)
48 |     else
49 |       Gettext.dgettext(UserServiceWeb.Gettext, "errors", msg, opts)
50 |     end
51 |   end
52 | end
53 | 


--------------------------------------------------------------------------------
/lib/user_service_web/router.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserServiceWeb.Router do
 2 |   use UserServiceWeb, :router
 3 |   use Pow.Phoenix.Router
 4 |   use Pow.Extension.Phoenix.Router, extensions: [PowResetPassword, PowEmailConfirmation, PowInvitation]
 5 |   use PowAssent.Phoenix.Router
 6 | 
 7 |   pipeline :browser do
 8 |     plug :accepts, ["html"]
 9 |     plug :fetch_session
10 |     plug :fetch_flash
11 |     plug :protect_from_forgery
12 |     plug :put_secure_browser_headers
13 |     plug UserServiceWeb.Plug.RedirectTo
14 |   end
15 | 
16 |   pipeline :skip_csrf_protection do
17 |     plug :accepts, ["html"]
18 |     plug :fetch_session
19 |     plug :fetch_flash
20 |     plug :put_secure_browser_headers
21 |   end
22 | 
23 |   pipeline :sso_api do
24 |     plug :accepts, ["json"]
25 |   end
26 | 
27 |   pipeline :api_protected do
28 |     plug CORSPlug
29 |     plug :accepts, ["json"]
30 |     plug Pow.Plug.RequireAuthenticated, error_handler: UserServiceWeb.Api.AuthErrorHandler
31 |   end
32 | 
33 |   scope "/" do
34 |     pipe_through :browser
35 | 
36 |     pow_routes()
37 |     pow_extension_routes()
38 |     pow_assent_routes()
39 | 
40 |     get "/login", Pow.Phoenix.SessionController, :new, as: :login
41 |     get "/logout", Pow.Phoenix.SessionController, :delete, as: :logout
42 |     get "/register", Pow.Phoenix.RegistrationController, :new, as: :register
43 | 
44 |     if Mix.env() == :dev do
45 |       forward "/sent_emails", Bamboo.SentEmailViewerPlug
46 |     end
47 |   end
48 | 
49 |   scope "/" do
50 |     pipe_through :skip_csrf_protection
51 | 
52 |     pow_assent_authorization_post_callback_routes()
53 |   end
54 | 
55 |   scope "/", UserServiceWeb do
56 |     pipe_through :browser
57 | 
58 |     get "/external_redirect", ExternalRedirectController, :show, as: :external_redirect
59 |     get "/", PlaceholderController, :show
60 |   end
61 | 
62 |   scope "/api", UserServiceWeb.Api do
63 |     pipe_through :api_protected
64 | 
65 |     post "/tokens", TokensController, :create
66 |   end
67 | 
68 |   scope "/sso_api", UserServiceWeb.Sso do
69 |     pipe_through :sso_api
70 | 
71 |     post "/verify", VerifyController, :create
72 |   end
73 | end
74 | 


--------------------------------------------------------------------------------
/lib/user_service_web/templates/pow_invitation/invitation/edit.html.eex:
--------------------------------------------------------------------------------
 1 | <div class="card-group">
 2 |   <div class="card shadow border-0 bg-primary text-white card-padded">
 3 |     <h2>Welcome!</h2>
 4 |     <p>Finish signing up to get started.</p>
 5 |   </div>
 6 | 
 7 |   <div class="card card-padded shadow border-0">
 8 |     <%= form_for @changeset, @action, [as: :user], fn f -> %>
 9 |       <div class="form-group">
10 |         <%= label f, :email, class: invalid_class(f, :email) %>
11 |         <%= text_input f, :email, class: "form-control #{invalid_class(f, :email)}" %>
12 |         <%= error_tag f, :email %>
13 |       </div>
14 | 
15 |       <div class="form-row">
16 |         <div class="col-md form-group">
17 |           <%= label f, :first_name, class: invalid_class(f, :first_name) %>
18 |           <%= text_input f, :first_name, class: "form-control #{invalid_class(f, :first_name)}" %>
19 |           <%= error_tag f, :first_name %>
20 |         </div>
21 | 
22 |         <div class="col-md form-group">
23 |           <%= label f, :last_name, class: invalid_class(f, :last_name) %>
24 |           <%= text_input f, :last_name, class: "form-control #{invalid_class(f, :last_name)}" %>
25 |           <%= error_tag f, :last_name %>
26 |         </div>
27 |       </div>
28 | 
29 |       <div class="form-group">
30 |         <%= label f, :password, class: invalid_class(f, :password) %>
31 |         <%= password_input f, :password, class: "form-control #{invalid_class(f, :password)}" %>
32 |         <%= error_tag f, :password %>
33 |       </div>
34 | 
35 |       <div class="form-group">
36 |         <%= label f, :password_confirmation, class: invalid_class(f, :password_confirmation) %>
37 |         <%= password_input f, :password_confirmation, class: "form-control #{invalid_class(f, :password_confirmation)}" %>
38 |         <%= error_tag f, :password_confirmation %>
39 |       </div>
40 | 
41 |       <div class="btn-group w-100">
42 |         <%= submit "Sign up", class: "btn btn-primary w-50" %>
43 |         <%= link "Cancel", to: Routes.pow_session_path(@conn, :new), class: "btn btn-light w-50" %>
44 |       </div>
45 |     <% end %>
46 |   </div>
47 | </div>
48 | 


--------------------------------------------------------------------------------
/mix.exs:
--------------------------------------------------------------------------------
 1 | defmodule UserService.MixProject do
 2 |   use Mix.Project
 3 | 
 4 |   def project do
 5 |     [
 6 |       app: :user_service,
 7 |       version: "0.1.0",
 8 |       elixir: "~> 1.5",
 9 |       elixirc_paths: elixirc_paths(Mix.env()),
10 |       compilers: [:phoenix, :gettext] ++ Mix.compilers(),
11 |       start_permanent: Mix.env() == :prod,
12 |       aliases: aliases(),
13 |       deps: deps()
14 |     ]
15 |   end
16 | 
17 |   # Configuration for the OTP application.
18 |   #
19 |   # Type `mix help compile.app` for more information.
20 |   def application do
21 |     [
22 |       mod: {UserService.Application, []},
23 |       extra_applications: [:logger, :runtime_tools]
24 |     ]
25 |   end
26 | 
27 |   # Specifies which paths to compile per environment.
28 |   defp elixirc_paths(:test), do: ["lib", "test/support"]
29 |   defp elixirc_paths(_), do: ["lib"]
30 | 
31 |   # Specifies your project dependencies.
32 |   #
33 |   # Type `mix help deps` for examples and options.
34 |   defp deps do
35 |     [
36 |       {:phoenix, "~> 1.4.13"},
37 |       {:phoenix_pubsub, "~> 1.1"},
38 |       {:phoenix_ecto, "~> 4.0"},
39 |       {:ecto_sql, "~> 3.1"},
40 |       {:postgrex, ">= 0.0.0"},
41 |       {:phoenix_html, "~> 2.11"},
42 |       {:phoenix_live_reload, "~> 1.2", only: :dev},
43 |       {:gettext, "~> 0.11"},
44 |       {:jason, "~> 1.0"},
45 |       {:plug_cowboy, "~> 2.0"},
46 |       {:pow, "~> 1.0.18"},
47 |       {:redix, ">= 0.0.0"},
48 |       {:bamboo, "~> 1.4"},
49 |       {:joken, "~> 2.0"},
50 |       {:cors_plug, "~> 2.0"},
51 |       {:pow_assent, "~> 0.4.6"},
52 |       {:certifi, "~> 2.4"},
53 |       {:ssl_verify_fun, "~> 1.1"}
54 |     ]
55 |   end
56 | 
57 |   # Aliases are shortcuts or tasks specific to the current project.
58 |   # For example, to create, migrate and run the seeds file at once:
59 |   #
60 |   #     $ mix ecto.setup
61 |   #
62 |   # See the documentation for `Mix` for more info on aliases.
63 |   defp aliases do
64 |     [
65 |       "ecto.setup": ["ecto.create", "ecto.migrate", "run priv/repo/seeds.exs"],
66 |       "ecto.reset": ["ecto.drop", "ecto.setup"],
67 |       test: ["ecto.create --quiet", "ecto.migrate", "test"]
68 |     ]
69 |   end
70 | end
71 | 


--------------------------------------------------------------------------------
/lib/user_service_web.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserServiceWeb do
 2 |   @moduledoc """
 3 |   The entrypoint for defining your web interface, such
 4 |   as controllers, views, channels and so on.
 5 | 
 6 |   This can be used in your application as:
 7 | 
 8 |       use UserServiceWeb, :controller
 9 |       use UserServiceWeb, :view
10 | 
11 |   The definitions below will be executed for every view,
12 |   controller, etc, so keep them short and clean, focused
13 |   on imports, uses and aliases.
14 | 
15 |   Do NOT define functions inside the quoted expressions
16 |   below. Instead, define any helper function in modules
17 |   and import those modules here.
18 |   """
19 | 
20 |   def controller do
21 |     quote do
22 |       use Phoenix.Controller, namespace: UserServiceWeb
23 | 
24 |       import Plug.Conn
25 |       import UserServiceWeb.Gettext
26 |       alias UserServiceWeb.Router.Helpers, as: Routes
27 |     end
28 |   end
29 | 
30 |   def view do
31 |     quote do
32 |       use Phoenix.View,
33 |         root: "lib/user_service_web/templates",
34 |         namespace: UserServiceWeb
35 | 
36 |       # Import convenience functions from controllers
37 |       import Phoenix.Controller, only: [get_flash: 1, get_flash: 2, view_module: 1]
38 | 
39 |       # Use all HTML functionality (forms, tags, etc)
40 |       use Phoenix.HTML
41 | 
42 |       import UserServiceWeb.ErrorHelpers
43 |       import UserServiceWeb.Gettext
44 |       alias UserServiceWeb.Router.Helpers, as: Routes
45 |     end
46 |   end
47 | 
48 |   def router do
49 |     quote do
50 |       use Phoenix.Router
51 |       import Plug.Conn
52 |       import Phoenix.Controller
53 |     end
54 |   end
55 | 
56 |   def channel do
57 |     quote do
58 |       use Phoenix.Channel
59 |       import UserServiceWeb.Gettext
60 |     end
61 |   end
62 | 
63 |   def mailer_view do
64 |     quote do
65 |       use Phoenix.View,
66 |         root: "lib/user_service_web/templates",
67 |         namespace: UserServiceWeb
68 | 
69 |       use Phoenix.HTML
70 |     end
71 |   end
72 | 
73 |   @doc """
74 |   When used, dispatch to the appropriate controller/view/etc.
75 |   """
76 |   defmacro __using__(which) when is_atom(which) do
77 |     apply(__MODULE__, which, [])
78 |   end
79 | end
80 | 


--------------------------------------------------------------------------------
/config/prod.exs:
--------------------------------------------------------------------------------
 1 | use Mix.Config
 2 | 
 3 | # For production, don't forget to configure the url host
 4 | # to something meaningful, Phoenix uses this information
 5 | # when generating URLs.
 6 | #
 7 | # Note we also include the path to a cache manifest
 8 | # containing the digested version of static files. This
 9 | # manifest is generated by the `mix phx.digest` task,
10 | # which you should run after static files are built and
11 | # before starting your production server.
12 | config :user_service, UserServiceWeb.Endpoint,
13 |   url: [host: "example.com", port: 80],
14 |   cache_static_manifest: "priv/static/cache_manifest.json"
15 | 
16 | # Do not print debug messages in production
17 | config :logger, level: :info
18 | 
19 | # ## SSL Support
20 | #
21 | # To get SSL working, you will need to add the `https` key
22 | # to the previous section and set your `:url` port to 443:
23 | #
24 | #     config :user_service, UserServiceWeb.Endpoint,
25 | #       ...
26 | #       url: [host: "example.com", port: 443],
27 | #       https: [
28 | #         port: 443,
29 | #         cipher_suite: :strong,
30 | #         keyfile: System.get_env("SOME_APP_SSL_KEY_PATH"),
31 | #         certfile: System.get_env("SOME_APP_SSL_CERT_PATH"),
32 | #         transport_options: [socket_opts: [:inet6]]
33 | #       ]
34 | #
35 | # The `cipher_suite` is set to `:strong` to support only the
36 | # latest and more secure SSL ciphers. This means old browsers
37 | # and clients may not be supported. You can set it to
38 | # `:compatible` for wider support.
39 | #
40 | # `:keyfile` and `:certfile` expect an absolute path to the key
41 | # and cert in disk or a relative path inside priv, for example
42 | # "priv/ssl/server.key". For all supported SSL configuration
43 | # options, see https://hexdocs.pm/plug/Plug.SSL.html#configure/1
44 | #
45 | # We also recommend setting `force_ssl` in your endpoint, ensuring
46 | # no data is ever sent via http, always redirecting to https:
47 | #
48 | #     config :user_service, UserServiceWeb.Endpoint,
49 | #       force_ssl: [hsts: true]
50 | #
51 | # Check `Plug.SSL` for all available options in `force_ssl`.
52 | 
53 | # Finally import the config/prod.secret.exs which loads secrets
54 | # and configuration from environment variables.
55 | import_config "prod.secret.exs"
56 | 


--------------------------------------------------------------------------------
/user_consumer/lib/user_consumer_web/plug/sso_user_consumer.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserConsumerWeb.Plug.SsoUserConsumer do
 2 |   require Logger
 3 |   import Plug.Conn
 4 | 
 5 |   @sso_base "http://idp.localhost.development:4000"
 6 |   @sso_url "#{@sso_base}/sso_api/verify"
 7 | 
 8 |   def sso_logout_url(opts \\ []) do
 9 |     next_url = Keyword.get(opts, :next_url, nil)
10 | 
11 |     query = URI.encode_query(%{redirect_to: next_url})
12 |     "#{@sso_base}/logout?#{query}"
13 |   end
14 | 
15 |   def init(_) do
16 |     []
17 |   end
18 | 
19 |   def call(conn, _opts) do
20 |     with conn <- fetch_cookies(conn),
21 |          {:token, sso_token} when not is_nil(sso_token) <- {:token, Map.get(conn.cookies, "sso_session")},
22 |          {:request, {:ok, %{body: body}}} <- {:request, request_idp(sso_token)} |> IO.inspect,
23 |          {:deserialize, {:ok, user = %{"guid" => _}}} <- {:deserialize, Phoenix.json_library().decode(body)} do
24 |       IO.inspect(user)
25 |       put_private(conn, :sso_user, user)
26 |     else
27 |       {:token, nil} ->
28 |         sso_redirect(conn, new_cookie?: false)
29 | 
30 |       {:deserialize, {:ok, %{"error" => "invalid_token", "reason" => "invalid_session"}}} ->
31 |         sso_redirect(conn, new_cookie?: true)
32 | 
33 |       {:request, err} ->
34 |         Logger.error("#{__MODULE__} request error=#{inspect(err)}")
35 |         conn
36 | 
37 |       {:deserialize, err} ->
38 |         Logger.error("#{__MODULE__} deserialize error=#{inspect(err)}")
39 |         conn
40 |     end
41 |   end
42 | 
43 |   defp sso_redirect(conn, new_cookie?: new_cookie?) do
44 |     query = URI.encode_query(%{redirect_to: request_url(conn), new_session: new_cookie?})
45 |     url = "#{@sso_base}/login?#{query}"
46 |     redirect(conn, url)
47 |     |> halt()
48 |   end
49 | 
50 |   defp request_idp(sso_token) do
51 |     body = URI.encode_query(%{"sso_token" => sso_token})
52 |     Mojito.post(@sso_url, [{"content-type", "application/x-www-form-urlencoded"}], body)
53 |   end
54 | 
55 |   def redirect(conn, url) do
56 |     html = Plug.HTML.html_escape(url)
57 |     body = "<html><body>You are being <a href=\"#{html}\">redirected</a>.</body></html>"
58 | 
59 |     conn
60 |     |> put_resp_header("location", url)
61 |     |> send_resp(302, body)
62 |   end
63 | end
64 | 


--------------------------------------------------------------------------------
/user_consumer/config/prod.exs:
--------------------------------------------------------------------------------
 1 | use Mix.Config
 2 | 
 3 | # For production, don't forget to configure the url host
 4 | # to something meaningful, Phoenix uses this information
 5 | # when generating URLs.
 6 | #
 7 | # Note we also include the path to a cache manifest
 8 | # containing the digested version of static files. This
 9 | # manifest is generated by the `mix phx.digest` task,
10 | # which you should run after static files are built and
11 | # before starting your production server.
12 | config :user_consumer, UserConsumerWeb.Endpoint,
13 |   url: [host: "example.com", port: 80],
14 |   cache_static_manifest: "priv/static/cache_manifest.json"
15 | 
16 | # Do not print debug messages in production
17 | config :logger, level: :info
18 | 
19 | # ## SSL Support
20 | #
21 | # To get SSL working, you will need to add the `https` key
22 | # to the previous section and set your `:url` port to 443:
23 | #
24 | #     config :user_consumer, UserConsumerWeb.Endpoint,
25 | #       ...
26 | #       url: [host: "example.com", port: 443],
27 | #       https: [
28 | #         port: 443,
29 | #         cipher_suite: :strong,
30 | #         keyfile: System.get_env("SOME_APP_SSL_KEY_PATH"),
31 | #         certfile: System.get_env("SOME_APP_SSL_CERT_PATH"),
32 | #         transport_options: [socket_opts: [:inet6]]
33 | #       ]
34 | #
35 | # The `cipher_suite` is set to `:strong` to support only the
36 | # latest and more secure SSL ciphers. This means old browsers
37 | # and clients may not be supported. You can set it to
38 | # `:compatible` for wider support.
39 | #
40 | # `:keyfile` and `:certfile` expect an absolute path to the key
41 | # and cert in disk or a relative path inside priv, for example
42 | # "priv/ssl/server.key". For all supported SSL configuration
43 | # options, see https://hexdocs.pm/plug/Plug.SSL.html#configure/1
44 | #
45 | # We also recommend setting `force_ssl` in your endpoint, ensuring
46 | # no data is ever sent via http, always redirecting to https:
47 | #
48 | #     config :user_consumer, UserConsumerWeb.Endpoint,
49 | #       force_ssl: [hsts: true]
50 | #
51 | # Check `Plug.SSL` for all available options in `force_ssl`.
52 | 
53 | # Finally import the config/prod.secret.exs which loads secrets
54 | # and configuration from environment variables.
55 | import_config "prod.secret.exs"
56 | 


--------------------------------------------------------------------------------
/lib/user_service_web/templates/pow/registration/new.html.eex:
--------------------------------------------------------------------------------
 1 | <div class="card-group">
 2 |   <div class="card shadow border-0 bg-primary text-white card-padded">
 3 |     <h2>Sign up now</h2>
 4 |     <p>We'll confirm your email and then continue with setup.</p>
 5 |   </div>
 6 | 
 7 |   <div class="card card-padded shadow border-0">
 8 |     <%= form_for @changeset, @action, [as: :user], fn f -> %>
 9 |       <div class="form-group">
10 |         <%= label f, Pow.Ecto.Schema.user_id_field(@changeset), class: invalid_class(f, Pow.Ecto.Schema.user_id_field(@changeset)) %>
11 |         <%= text_input f, Pow.Ecto.Schema.user_id_field(@changeset), value: "new#{:rand.uniform(99999999999)}@new.com", class: "form-control #{invalid_class(f, Pow.Ecto.Schema.user_id_field(@changeset))}" %>
12 |         <%= error_tag f, Pow.Ecto.Schema.user_id_field(@changeset) %>
13 |       </div>
14 | 
15 |       <div class="form-row">
16 |         <div class="col-md form-group">
17 |           <%= label f, :first_name, class: invalid_class(f, :first_name) %>
18 |           <%= text_input f, :first_name, value: "Steve", class: "form-control #{invalid_class(f, :first_name)}" %>
19 |           <%= error_tag f, :first_name %>
20 |         </div>
21 | 
22 |         <div class="col-md form-group">
23 |           <%= label f, :last_name, class: invalid_class(f, :last_name) %>
24 |           <%= text_input f, :last_name, value: "Bussey", class: "form-control #{invalid_class(f, :last_name)}" %>
25 |           <%= error_tag f, :last_name %>
26 |         </div>
27 |       </div>
28 | 
29 |       <div class="form-group">
30 |         <%= label f, :password, class: invalid_class(f, :password) %>
31 |         <%= password_input f, :password, value: "password", class: "form-control #{invalid_class(f, :password)}" %>
32 |         <%= error_tag f, :password %>
33 |       </div>
34 | 
35 |       <div class="form-group">
36 |         <%= label f, :password_confirmation, class: invalid_class(f, :password_confirmation) %>
37 |         <%= password_input f, :password_confirmation, value: "password", class: "form-control #{invalid_class(f, :password_confirmation)}" %>
38 |         <%= error_tag f, :password_confirmation %>
39 |       </div>
40 | 
41 |       <div class="btn-group w-100">
42 |         <%= submit "Sign up", class: "btn btn-primary w-50" %>
43 |         <%= link "Cancel", to: Routes.pow_session_path(@conn, :new), class: "btn btn-light w-50" %>
44 |       </div>
45 |     <% end %>
46 |   </div>
47 | </div>
48 | 


--------------------------------------------------------------------------------
/priv/gettext/en/LC_MESSAGES/errors.po:
--------------------------------------------------------------------------------
 1 | ## `msgid`s in this file come from POT (.pot) files.
 2 | ##
 3 | ## Do not add, change, or remove `msgid`s manually here as
 4 | ## they're tied to the ones in the corresponding POT file
 5 | ## (with the same domain).
 6 | ##
 7 | ## Use `mix gettext.extract --merge` or `mix gettext.merge`
 8 | ## to merge POT files into PO files.
 9 | msgid ""
10 | msgstr ""
11 | "Language: en\n"
12 | 
13 | ## From Ecto.Changeset.cast/4
14 | msgid "can't be blank"
15 | msgstr ""
16 | 
17 | ## From Ecto.Changeset.unique_constraint/3
18 | msgid "has already been taken"
19 | msgstr ""
20 | 
21 | ## From Ecto.Changeset.put_change/3
22 | msgid "is invalid"
23 | msgstr ""
24 | 
25 | ## From Ecto.Changeset.validate_acceptance/3
26 | msgid "must be accepted"
27 | msgstr ""
28 | 
29 | ## From Ecto.Changeset.validate_format/3
30 | msgid "has invalid format"
31 | msgstr ""
32 | 
33 | ## From Ecto.Changeset.validate_subset/3
34 | msgid "has an invalid entry"
35 | msgstr ""
36 | 
37 | ## From Ecto.Changeset.validate_exclusion/3
38 | msgid "is reserved"
39 | msgstr ""
40 | 
41 | ## From Ecto.Changeset.validate_confirmation/3
42 | msgid "does not match confirmation"
43 | msgstr ""
44 | 
45 | ## From Ecto.Changeset.no_assoc_constraint/3
46 | msgid "is still associated with this entry"
47 | msgstr ""
48 | 
49 | msgid "are still associated with this entry"
50 | msgstr ""
51 | 
52 | ## From Ecto.Changeset.validate_length/3
53 | msgid "should be %{count} character(s)"
54 | msgid_plural "should be %{count} character(s)"
55 | msgstr[0] ""
56 | msgstr[1] ""
57 | 
58 | msgid "should have %{count} item(s)"
59 | msgid_plural "should have %{count} item(s)"
60 | msgstr[0] ""
61 | msgstr[1] ""
62 | 
63 | msgid "should be at least %{count} character(s)"
64 | msgid_plural "should be at least %{count} character(s)"
65 | msgstr[0] ""
66 | msgstr[1] ""
67 | 
68 | msgid "should have at least %{count} item(s)"
69 | msgid_plural "should have at least %{count} item(s)"
70 | msgstr[0] ""
71 | msgstr[1] ""
72 | 
73 | msgid "should be at most %{count} character(s)"
74 | msgid_plural "should be at most %{count} character(s)"
75 | msgstr[0] ""
76 | msgstr[1] ""
77 | 
78 | msgid "should have at most %{count} item(s)"
79 | msgid_plural "should have at most %{count} item(s)"
80 | msgstr[0] ""
81 | msgstr[1] ""
82 | 
83 | ## From Ecto.Changeset.validate_number/3
84 | msgid "must be less than %{number}"
85 | msgstr ""
86 | 
87 | msgid "must be greater than %{number}"
88 | msgstr ""
89 | 
90 | msgid "must be less than or equal to %{number}"
91 | msgstr ""
92 | 
93 | msgid "must be greater than or equal to %{number}"
94 | msgstr ""
95 | 
96 | msgid "must be equal to %{number}"
97 | msgstr ""
98 | 


--------------------------------------------------------------------------------
/priv/gettext/errors.pot:
--------------------------------------------------------------------------------
 1 | ## This is a PO Template file.
 2 | ##
 3 | ## `msgid`s here are often extracted from source code.
 4 | ## Add new translations manually only if they're dynamic
 5 | ## translations that can't be statically extracted.
 6 | ##
 7 | ## Run `mix gettext.extract` to bring this file up to
 8 | ## date. Leave `msgstr`s empty as changing them here has no
 9 | ## effect: edit them in PO (`.po`) files instead.
10 | 
11 | ## From Ecto.Changeset.cast/4
12 | msgid "can't be blank"
13 | msgstr ""
14 | 
15 | ## From Ecto.Changeset.unique_constraint/3
16 | msgid "has already been taken"
17 | msgstr ""
18 | 
19 | ## From Ecto.Changeset.put_change/3
20 | msgid "is invalid"
21 | msgstr ""
22 | 
23 | ## From Ecto.Changeset.validate_acceptance/3
24 | msgid "must be accepted"
25 | msgstr ""
26 | 
27 | ## From Ecto.Changeset.validate_format/3
28 | msgid "has invalid format"
29 | msgstr ""
30 | 
31 | ## From Ecto.Changeset.validate_subset/3
32 | msgid "has an invalid entry"
33 | msgstr ""
34 | 
35 | ## From Ecto.Changeset.validate_exclusion/3
36 | msgid "is reserved"
37 | msgstr ""
38 | 
39 | ## From Ecto.Changeset.validate_confirmation/3
40 | msgid "does not match confirmation"
41 | msgstr ""
42 | 
43 | ## From Ecto.Changeset.no_assoc_constraint/3
44 | msgid "is still associated with this entry"
45 | msgstr ""
46 | 
47 | msgid "are still associated with this entry"
48 | msgstr ""
49 | 
50 | ## From Ecto.Changeset.validate_length/3
51 | msgid "should be %{count} character(s)"
52 | msgid_plural "should be %{count} character(s)"
53 | msgstr[0] ""
54 | msgstr[1] ""
55 | 
56 | msgid "should have %{count} item(s)"
57 | msgid_plural "should have %{count} item(s)"
58 | msgstr[0] ""
59 | msgstr[1] ""
60 | 
61 | msgid "should be at least %{count} character(s)"
62 | msgid_plural "should be at least %{count} character(s)"
63 | msgstr[0] ""
64 | msgstr[1] ""
65 | 
66 | msgid "should have at least %{count} item(s)"
67 | msgid_plural "should have at least %{count} item(s)"
68 | msgstr[0] ""
69 | msgstr[1] ""
70 | 
71 | msgid "should be at most %{count} character(s)"
72 | msgid_plural "should be at most %{count} character(s)"
73 | msgstr[0] ""
74 | msgstr[1] ""
75 | 
76 | msgid "should have at most %{count} item(s)"
77 | msgid_plural "should have at most %{count} item(s)"
78 | msgstr[0] ""
79 | msgstr[1] ""
80 | 
81 | ## From Ecto.Changeset.validate_number/3
82 | msgid "must be less than %{number}"
83 | msgstr ""
84 | 
85 | msgid "must be greater than %{number}"
86 | msgstr ""
87 | 
88 | msgid "must be less than or equal to %{number}"
89 | msgstr ""
90 | 
91 | msgid "must be greater than or equal to %{number}"
92 | msgstr ""
93 | 
94 | msgid "must be equal to %{number}"
95 | msgstr ""
96 | 


--------------------------------------------------------------------------------
/lib/user_service/sso/plug.ex:
--------------------------------------------------------------------------------
 1 | defmodule UserService.Sso.Plug do
 2 |   @moduledoc """
 3 |   Manages the SSO cookie lifecycle.
 4 | 
 5 |   Clear out the SSO cookie if there is no current user. This removes the cookie in case of normal
 6 |   logout, but also in the case of selectively deleting certain cookies.
 7 | 
 8 |   Sets the cookie with a valid SSO session if the user is logged in.
 9 |   """
10 | 
11 |   require Logger
12 | 
13 |   alias UserService.Sso.Cookie
14 |   alias UserService.Sso.Store, as: SsoStore
15 | 
16 |   def init(_) do
17 |     []
18 |   end
19 | 
20 |   def call(conn, _opts) do
21 |     conn =
22 |       case conn.params["new_session"] do
23 |         "true" ->
24 |           clear_sso_session(conn)
25 | 
26 |         _ ->
27 |           conn
28 |       end
29 | 
30 |     case Pow.Plug.current_user(conn) do
31 |       nil ->
32 |         clear_sso_session(conn)
33 | 
34 |       user ->
35 |         ensure_sso_session(conn, user: user)
36 |     end
37 |   end
38 | 
39 |   defp clear_sso_session(conn) do
40 |     case Map.get(conn.cookies, Cookie.cookie_name()) do
41 |       nil ->
42 |         conn
43 | 
44 |       sso_token ->
45 |         case Cookie.verify_session(sso_token) do
46 |           {type, %{token: token}} when type in [:valid, :expired] ->
47 |             SsoStore.delete_sso_token(token: token)
48 | 
49 |           {:invalid, e} ->
50 |             Logger.error("#{__MODULE__}.clear_sso_session type=verify_session error=#{inspect(e)}")
51 |         end
52 | 
53 |         Plug.Conn.delete_resp_cookie(conn, Cookie.cookie_name(), domain: Cookie.cookie_domain())
54 |     end
55 |   end
56 | 
57 |   defp ensure_sso_session(conn, user: user) do
58 |     case Map.get(conn.cookies, Cookie.cookie_name()) do
59 |       nil ->
60 |         setup_sso_session(conn, user: user)
61 | 
62 |       token ->
63 |         verify_sso_session(conn, token, user: user)
64 |     end
65 |   end
66 | 
67 |   @one_month 60 * 60 * 24 * 30
68 | 
69 |   defp setup_sso_session(conn, user: user) do
70 |     sso_token = SsoStore.create_sso_token_for_user!(user)
71 |     token = Cookie.sign_token(sso_token)
72 |     Plug.Conn.put_resp_cookie(conn, Cookie.cookie_name(), token, domain: Cookie.cookie_domain(), max_age: @one_month)
73 |   end
74 | 
75 |   defp verify_sso_session(conn, token, user: user) do
76 |     case Cookie.verify_session(token) do
77 |       {:valid, _} ->
78 |         # Everything looks good, no changes needed
79 |         conn
80 | 
81 |       {:expired, %{token: token}} ->
82 |         SsoStore.delete_sso_token(token: token)
83 |         setup_sso_session(conn, user: user)
84 | 
85 |       {:invalid, e} ->
86 |         Logger.error("#{__MODULE__}.verify_sso_session type=verify_session error=#{inspect(e)}")
87 |         conn
88 |     end
89 |   end
90 | end
91 | 


--------------------------------------------------------------------------------
/lib/user_service_web/templates/pow/registration/edit.html.eex:
--------------------------------------------------------------------------------
 1 | <div class="card-group">
 2 |   <div class="card shadow border-0 bg-primary text-white card-padded">
 3 |     <h2>Edit Your Info</h2>
 4 |     <p>You can update your login and personal information here.</p>
 5 |   </div>
 6 | 
 7 |   <div class="card card-padded shadow border-0">
 8 |     <%= render UserServiceWeb.LayoutView, "_flash.html", assigns %>
 9 | 
10 |     <%= form_for @changeset, @action, [as: :user], fn f -> %>
11 | 
12 |       <div class="form-group">
13 |         <%= label f, :current_password, "Current password *", class: invalid_class(f, :current_password) %>
14 |         <%= password_input f, :current_password, class: "form-control #{invalid_class(f, :current_password)}", required: true %>
15 |         <%= error_tag f, :current_password %>
16 |       </div>
17 | 
18 |       <div class="form-group">
19 |         <%= label f, :email, "Email *", class: invalid_class(f, :email) %>
20 |         <%= text_input f, :email, class: "form-control #{invalid_class(f, :email)}" %>
21 |         <%= error_tag f, :email %>
22 |       </div>
23 | 
24 |       <%= if @changeset.data.unconfirmed_email do %>
25 |         <p class="alert alert-info">
26 |           Click the link in the confirmation email to change your email to <%= content_tag(:span, @changeset.data.unconfirmed_email) %>.
27 |         </p>
28 |       <% end %>
29 | 
30 |       <div class="form-row">
31 |         <div class="col-md form-group">
32 |           <%= label f, :first_name, class: invalid_class(f, :first_name) %>
33 |           <%= text_input f, :first_name, class: "form-control #{invalid_class(f, :first_name)}" %>
34 |           <%= error_tag f, :first_name %>
35 |         </div>
36 | 
37 |         <div class="col-md form-group">
38 |           <%= label f, :last_name, class: invalid_class(f, :last_name) %>
39 |           <%= text_input f, :last_name, class: "form-control #{invalid_class(f, :last_name)}" %>
40 |           <%= error_tag f, :last_name %>
41 |         </div>
42 |       </div>
43 | 
44 |       <div class="form-group">
45 |         <%= label f, :password, "Password (if you want to change it)", class: invalid_class(f, :password) %>
46 |         <%= password_input f, :password, class: "form-control #{invalid_class(f, :password)}" %>
47 |         <%= error_tag f, :password %>
48 |       </div>
49 | 
50 |       <div class="form-group">
51 |         <%= label f, :password_confirmation, "Password confirmation (if changing)", class: invalid_class(f, :password_confirmation) %>
52 |         <%= password_input f, :password_confirmation, class: "form-control #{invalid_class(f, :password_confirmation)}" %>
53 |         <%= error_tag f, :password_confirmation %>
54 |       </div>
55 | 
56 |       <div class="btn-group w-100">
57 |         <%= submit "Update", class: "btn btn-primary w-50" %>
58 |         <%= link "Cancel", to: Routes.pow_session_path(@conn, :new), class: "btn btn-light w-50" %>
59 |       </div>
60 |     <% end %>
61 |   </div>
62 | </div>
63 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Pow Exploration Project - User Service
 2 | 
 3 | I setup this project to explore how Pow works, and to configure an instance of how I might want to run Pow. This allows me to
 4 | freely judge the project, and determine if I'd ever use it.
 5 | 
 6 | I'm quite happy with Pow so far. I've been able to keep control over my user flow, and have even gone so far as to implement
 7 | SSO flows on top of Pow. The flexibility has been good, while still giving me everything I need to be successful.
 8 | 
 9 | This project is still a WIP, until the checklist at the bottom is fully completed.
10 | 
11 | # Running the Project
12 | 
13 | You can startup this project with the following commands:
14 | 
15 | ```bash
16 | mix deps.get && npm install --prefix assets && mix ecto.setup
17 | mix phx.server
18 | ```
19 | 
20 | This starts on port 4000, but expects to run via http://idp.localhost.development:4000. You can set this up in your `/etc/hosts` file
21 | as:
22 | 
23 | ```
24 | 127.0.0.1 idp.localhost.development test.localhost.development
25 | ```
26 | 
27 | You should also startup the user consumer if you want to see the SSO flow in action.
28 | 
29 | ## Sent Emails
30 | 
31 | You can view sent emails (in-memory only) at http://idp.localhost.development:4000/sent_emails. Use this to confirm any created users.
32 | 
33 | ## OAuth Login
34 | 
35 | You can create a GitHub app to test out OAuth connection. The SalesLoft one is just there to see how Assent works with custom OAuth providers.
36 | Update `config/dev.secret.exs` to include your sensitive environment variables. It's not version-controlled.
37 | 
38 | ## TOTP
39 | 
40 | I setup a basic TOTP implementation as a pow extension to see what writing a custom extension was like. I don't think I'm going to finish
41 | it at the moment, but it can be found on the branch `pow-totp`.
42 | 
43 | You can find the extension (not finished) at https://github.com/sb8244/pow_totp.
44 | 
45 | # User Consumer
46 | 
47 | There is an included sub-project that implements the consumer side of SSO. It has code for both server-server
48 | and client-server SSO. Start it via:
49 | 
50 | ```bash
51 | cd user_consumer
52 | mix deps.get
53 | mix phx.server
54 | ```
55 | 
56 | It starts on port 4001, but expects to run via http://test.localhost.development:4001 for local testing purposes. This
57 | allows it to be on a different domain than the IDP, which proves that it is working correctly. You can use the `/etc/hosts`
58 | setup in the previous section.
59 | 
60 | # TODO
61 | 
62 | - [x] Setup Redis cache store with namespace
63 | - [x] Make cookie live longer than session (possibly persistent extension)
64 | - [x] Sign in with redirection
65 | - [x] SSO API server
66 | - [x] Review all messages (Pow.Phoenix.Messages, [Pow Extension].Phoenix.Messages)
67 | - [x] Setup mailer (local)
68 | - [x] SSO API server auth (JWT token auth)
69 |   - [x] Add GUID to user for reference
70 |   - [x] CORS
71 | - [x] Do not store the full user in the session
72 | - [x] UI
73 |   - [x] Bulma to BS4?
74 | - [x] Capture user name on registration
75 | - [x] Social login
76 |   - [ ] Logging on all failure (like add-user-id triggering)
77 | - [x] 2FA
78 | - [o] invites
79 |   - [x] Basic setup
80 |   - [ ] Attach arbitrary attributes to the invite (is Pow okay for this?)
81 |   - [ ] View all pending invitations sent by the current user (user enumeration vector?)
82 | - [ ] Admin interface to manage users
83 |   - [ ] Manually confirm emails
84 |   - [ ] View user information
85 |   - [ ] Send reset password link
86 | - [ ] Team concept?
87 |   - I'm a bit unsure if I want to introduce this here or not. It should be where
88 |   invites are, or the 2 systems would need to cross talk about invites.
89 | 
90 | ## Tests
91 | - [ ] Redis Cache Tests
92 | - [ ] IDP tests
93 | 


--------------------------------------------------------------------------------
/user_consumer/lib/user_consumer_web/controllers/placeholder_controller.ex:
--------------------------------------------------------------------------------
  1 | defmodule UserConsumerWeb.PlaceholderController do
  2 |   use UserConsumerWeb, :controller
  3 | 
  4 |   def show(conn, _params) do
  5 |     user = conn.private[:sso_user]
  6 |     html(conn, EEx.eval_string(template(), user: user, logout_url: logout_url()))
  7 |   end
  8 | 
  9 |   defp template() do
 10 |     """
 11 |     <h2>Logged in as</h2>
 12 |     <pre><%= inspect user %></pre>
 13 | 
 14 |     <h2>Options</h2>
 15 | 
 16 |     <a href="<%= logout_url %>">Logout</a>
 17 | 
 18 |     <script type="text/javascript">
 19 |       const IDP_BASE = 'http://idp.localhost.development:4000'
 20 | 
 21 |       // Once the subject is established, we should never allow a different one in this memory space
 22 |       let establishedSubject = null
 23 | 
 24 |       // Internal for keeping track
 25 |       let currToken = null
 26 |       let getTokenPromise = null
 27 | 
 28 |       getToken()
 29 | 
 30 |       setInterval(() => {
 31 |         if (currToken && currToken.isTimeToRefresh()) {
 32 |           getTokenPromise = null
 33 |           currToken = null
 34 | 
 35 |           getToken()
 36 |         }
 37 |       }, 5000)
 38 | 
 39 |       // Public interface to get a token
 40 |       function getToken() {
 41 |         if (!getTokenPromise || currToken && currToken.isTimeToRefresh()) {
 42 |           console.debug('grabbing token')
 43 | 
 44 |           getTokenPromise = fetch(`${IDP_BASE}/api/tokens`, { credentials: "include", method: "POST" })
 45 |             .then(resp => {
 46 |               if (!resp.ok) {
 47 |                 // There are an error in the web request, don't cache it
 48 |                 getTokenPromise = null
 49 |                 throw resp
 50 |               } else {
 51 |                 return resp.json()
 52 |               }
 53 |             })
 54 |             .then(token => {
 55 |               // We can never allow the user to log out / log in to a different window with a different subject
 56 |               // Allowing this would allow for cross contamination
 57 |               if (establishedSubject && token.subject !== establishedSubject) {
 58 |                 throw new Error('Subject has changed! Consider user logged out')
 59 |               }
 60 | 
 61 |               currToken = token
 62 |               establishedSubject = token.subject
 63 | 
 64 |               token.expiration_local_seconds = calculateNextExpiration(token)
 65 |               token.isTimeToRefresh = () => isTimeToRefresh(token)
 66 | 
 67 |               return currToken
 68 |             })
 69 |         }
 70 | 
 71 |         return getTokenPromise
 72 |       }
 73 | 
 74 |       /*
 75 |        * We cannot use the token expiration time, because our local clock may be offset from that.
 76 |        * Let's assume that the network had a minimal overhead, and calculate the token expiration time
 77 |        * based on the duration of the token + the user's current time.
 78 |        */
 79 |       function calculateNextExpiration(token) {
 80 |         const localNow = Math.floor(new Date() / 1000)
 81 | 
 82 |         // Jitter from 15 seconds to 10% of the duration, to avoid thundering herd
 83 |         const maxJitter = Math.floor(token.duration_in_seconds * .1)
 84 |         const minJitter = 15
 85 | 
 86 |         const jitterRandTop = Math.max(maxJitter, maxJitter - minJitter)
 87 |         const jitter = Math.floor(Math.random() * jitterRandTop) + minJitter
 88 | 
 89 |         return localNow + token.duration_in_seconds - jitter
 90 |       }
 91 | 
 92 |       function isTimeToRefresh(token) {
 93 |         return new Date() >= (token.expiration_local_seconds * 1000)
 94 |       }
 95 |     </script>
 96 |     """
 97 |   end
 98 | 
 99 |   defp logout_url() do
100 |     UserConsumerWeb.Plug.SsoUserConsumer.sso_logout_url()
101 |   end
102 | end
103 | 


--------------------------------------------------------------------------------
/config/dev.exs:
--------------------------------------------------------------------------------
  1 | use Mix.Config
  2 | 
  3 | config :user_service,
  4 |   api_signer_secret:
  5 |     "ER7zXdcKLDXf2gSny9NkZ38GnOLq/pJVc4ywicY7fM8w5ZKhc8lOxAVXroXSaYv8FVUvhVChDNNlbWFnBYWaPA0+0hD2WX5WJS2DXAawnhEOakGYv+pxvcYoIgJ93R4lSOkkjBl0CSSHIjzFpmufYe",
  6 |   sso_secret: "5JLgxF6lCAtgxc42e/Cg3lloPfnGicP1M1V6ZwQmnSmc5NIwzGs5X0ddF2mgP5f0Xl1nvi59sW8DcKovWXm0z8O3Bln82OAIgUM4",
  7 |   sso_cookie_domain: ".localhost.development"
  8 | 
  9 | config :cors_plug,
 10 |   origin: ["http://test.localhost.development:4001"]
 11 | 
 12 | # Configure your database
 13 | config :user_service, UserService.Repo,
 14 |   username: "postgres",
 15 |   password: "postgres",
 16 |   database: "user_service_dev",
 17 |   hostname: "localhost",
 18 |   show_sensitive_data_on_connection_error: true,
 19 |   pool_size: 10
 20 | 
 21 | # For development, we disable any cache and enable
 22 | # debugging and code reloading.
 23 | #
 24 | # The watchers configuration can be used to run external
 25 | # watchers to your application. For example, we use it
 26 | # with webpack to recompile .js and .css sources.
 27 | config :user_service, UserServiceWeb.Endpoint,
 28 |   http: [port: 4000],
 29 |   # https: [
 30 |   #   port: 4000,
 31 |   #   cipher_suite: :strong,
 32 |   #   certfile: "priv/cert/selfsigned.pem",
 33 |   #   keyfile: "priv/cert/selfsigned_key.pem"
 34 |   # ],
 35 |   url: [host: "idp.localhost.development", port: 4000],
 36 |   debug_errors: true,
 37 |   code_reloader: true,
 38 |   check_origin: false,
 39 |   watchers: [
 40 |     node: [
 41 |       "node_modules/webpack/bin/webpack.js",
 42 |       "--mode",
 43 |       "development",
 44 |       "--watch-stdin",
 45 |       cd: Path.expand("../assets", __DIR__)
 46 |     ]
 47 |   ]
 48 | 
 49 | # ## SSL Support
 50 | #
 51 | # In order to use HTTPS in development, a self-signed
 52 | # certificate can be generated by running the following
 53 | # Mix task:
 54 | #
 55 | #     mix phx.gen.cert
 56 | #
 57 | # Note that this task requires Erlang/OTP 20 or later.
 58 | # Run `mix help phx.gen.cert` for more information.
 59 | #
 60 | # The `http:` config above can be replaced with:
 61 | #
 62 | #     https: [
 63 | #       port: 4001,
 64 | #       cipher_suite: :strong,
 65 | #       keyfile: "priv/cert/selfsigned_key.pem",
 66 | #       certfile: "priv/cert/selfsigned.pem"
 67 | #     ],
 68 | #
 69 | # If desired, both `http:` and `https:` keys can be
 70 | # configured to run both http and https servers on
 71 | # different ports.
 72 | 
 73 | # Watch static and templates for browser reloading.
 74 | config :user_service, UserServiceWeb.Endpoint,
 75 |   live_reload: [
 76 |     patterns: [
 77 |       ~r"priv/static/.*(js|css|png|jpeg|jpg|gif|svg)$",
 78 |       ~r"priv/gettext/.*(po)$",
 79 |       ~r"lib/user_service_web/(live|views)/.*(ex)$",
 80 |       ~r"lib/user_service_web/templates/.*(eex)$"
 81 |     ]
 82 |   ]
 83 | 
 84 | # Do not include metadata nor timestamps in development logs
 85 | config :logger, :console, format: "[$level] $message\n"
 86 | 
 87 | # Set a higher stacktrace during development. Avoid configuring such
 88 | # in production as building large stacktraces may be expensive.
 89 | config :phoenix, :stacktrace_depth, 20
 90 | 
 91 | # Initialize plugs at runtime for faster development compilation
 92 | config :phoenix, :plug_init_mode, :runtime
 93 | 
 94 | # Follow instructions on Bamboo when setting up production mailer
 95 | config :user_service, UserServiceWeb.Pow.Mailer,
 96 |   adapter: Bamboo.LocalAdapter,
 97 |   from_address: "steve@idp.localhost.development"
 98 | 
 99 | # You can configure yours in the dev.secret.exs file
100 | config :user_service, :pow_assent,
101 |   providers: [
102 |     github: [
103 |       client_id: "A",
104 |       client_secret: "B",
105 |       strategy: Assent.Strategy.Github
106 |     ],
107 |     # Requires SSL to be used
108 |     salesloft: [
109 |       client_id: "A",
110 |       client_secret: "B",
111 |       strategy: SalesLoft.Provider
112 |     ]
113 |   ]
114 | 
115 | # Wildcard makes it optional
116 | import_config "./*dev.secret.exs"
117 | 


--------------------------------------------------------------------------------
/user_consumer/mix.lock:
--------------------------------------------------------------------------------
 1 | %{
 2 |   "castore": {:hex, :castore, "0.1.5", "591c763a637af2cc468a72f006878584bc6c306f8d111ef8ba1d4c10e0684010", [:mix], [], "hexpm", "6db356b2bc6cc22561e051ff545c20ad064af57647e436650aa24d7d06cd941a"},
 3 |   "cowboy": {:hex, :cowboy, "2.7.0", "91ed100138a764355f43316b1d23d7ff6bdb0de4ea618cb5d8677c93a7a2f115", [:rebar3], [{:cowlib, "~> 2.8.0", [hex: :cowlib, repo: "hexpm", optional: false]}, {:ranch, "~> 1.7.1", [hex: :ranch, repo: "hexpm", optional: false]}], "hexpm", "04fd8c6a39edc6aaa9c26123009200fc61f92a3a94f3178c527b70b767c6e605"},
 4 |   "cowlib": {:hex, :cowlib, "2.8.0", "fd0ff1787db84ac415b8211573e9a30a3ebe71b5cbff7f720089972b2319c8a4", [:rebar3], [], "hexpm", "79f954a7021b302186a950a32869dbc185523d99d3e44ce430cd1f3289f41ed4"},
 5 |   "jason": {:hex, :jason, "1.1.2", "b03dedea67a99223a2eaf9f1264ce37154564de899fd3d8b9a21b1a6fd64afe7", [:mix], [{:decimal, "~> 1.0", [hex: :decimal, repo: "hexpm", optional: true]}], "hexpm", "fdf843bca858203ae1de16da2ee206f53416bbda5dc8c9e78f43243de4bc3afe"},
 6 |   "mime": {:hex, :mime, "1.3.1", "30ce04ab3175b6ad0bdce0035cba77bba68b813d523d1aac73d9781b4d193cf8", [:mix], [], "hexpm", "6cbe761d6a0ca5a31a0931bf4c63204bceb64538e664a8ecf784a9a6f3b875f1"},
 7 |   "mint": {:hex, :mint, "1.0.0", "ca5ab33497ba2bdcc42f6cdd3927420a6159116be87c8173658e93c8746703da", [:mix], [{:castore, "~> 0.1.0", [hex: :castore, repo: "hexpm", optional: true]}], "hexpm", "b8943ef1e630879538dd6620bfc189d4d75fab3ad39f3fe9c50539879f7efd84"},
 8 |   "mojito": {:hex, :mojito, "0.6.1", "ffb04d26e579819264e44eba4fc9c927c6bd39007eadff21ebdc2f3ff820d57b", [:mix], [{:castore, "~> 0.1", [hex: :castore, repo: "hexpm", optional: false]}, {:mint, "~> 1.0", [hex: :mint, repo: "hexpm", optional: false]}, {:poolboy, "~> 1.5", [hex: :poolboy, repo: "hexpm", optional: false]}], "hexpm", "7be883dd49d2b175752d27e9d9d928d866d34aeae51f3a9ac3f05cef5ba71f02"},
 9 |   "phoenix": {:hex, :phoenix, "1.4.13", "67271ad69b51f3719354604f4a3f968f83aa61c19199343656c9caee057ff3b8", [:mix], [{:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}, {:phoenix_pubsub, "~> 1.1", [hex: :phoenix_pubsub, repo: "hexpm", optional: false]}, {:plug, "~> 1.8.1 or ~> 1.9", [hex: :plug, repo: "hexpm", optional: false]}, {:plug_cowboy, "~> 1.0 or ~> 2.0", [hex: :plug_cowboy, repo: "hexpm", optional: true]}, {:telemetry, "~> 0.4", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "ab765a0feddb81fc62e2116c827b5f068df85159c162bee760745276ad7ddc1b"},
10 |   "phoenix_pubsub": {:hex, :phoenix_pubsub, "1.1.2", "496c303bdf1b2e98a9d26e89af5bba3ab487ba3a3735f74bf1f4064d2a845a3e", [:mix], [], "hexpm", "1f13f9f0f3e769a667a6b6828d29dec37497a082d195cc52dbef401a9b69bf38"},
11 |   "plug": {:hex, :plug, "1.9.0", "8d7c4e26962283ff9f8f3347bd73838e2413fbc38b7bb5467d5924f68f3a5a4a", [:mix], [{:mime, "~> 1.0", [hex: :mime, repo: "hexpm", optional: false]}, {:plug_crypto, "~> 1.0", [hex: :plug_crypto, repo: "hexpm", optional: false]}, {:telemetry, "~> 0.4", [hex: :telemetry, repo: "hexpm", optional: true]}], "hexpm", "9902eda2c52ada2a096434682e99a2493f5d06a94d6ac6bcfff9805f952350f1"},
12 |   "plug_cowboy": {:hex, :plug_cowboy, "2.1.2", "8b0addb5908c5238fac38e442e81b6fcd32788eaa03246b4d55d147c47c5805e", [:mix], [{:cowboy, "~> 2.5", [hex: :cowboy, repo: "hexpm", optional: false]}, {:plug, "~> 1.7", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm", "7d722581ce865a237e14da6d946f92704101740a256bd13ec91e63c0b122fc70"},
13 |   "plug_crypto": {:hex, :plug_crypto, "1.1.2", "bdd187572cc26dbd95b87136290425f2b580a116d3fb1f564216918c9730d227", [:mix], [], "hexpm", "6b8b608f895b6ffcfad49c37c7883e8df98ae19c6a28113b02aa1e9c5b22d6b5"},
14 |   "poolboy": {:hex, :poolboy, "1.5.2", "392b007a1693a64540cead79830443abf5762f5d30cf50bc95cb2c1aaafa006b", [:rebar3], [], "hexpm", "dad79704ce5440f3d5a3681c8590b9dc25d1a561e8f5a9c995281012860901e3"},
15 |   "ranch": {:hex, :ranch, "1.7.1", "6b1fab51b49196860b733a49c07604465a47bdb78aa10c1c16a3d199f7f8c881", [:rebar3], [], "hexpm", "451d8527787df716d99dc36162fca05934915db0b6141bbdac2ea8d3c7afc7d7"},
16 |   "telemetry": {:hex, :telemetry, "0.4.1", "ae2718484892448a24470e6aa341bc847c3277bfb8d4e9289f7474d752c09c7f", [:rebar3], [], "hexpm", "4738382e36a0a9a2b6e25d67c960e40e1a2c95560b9f936d8e29de8cd858480f"},
17 | }
18 | 


--------------------------------------------------------------------------------
/lib/user_service_web/pow/redis_cache.ex:
--------------------------------------------------------------------------------
  1 | defmodule UserServiceWeb.Pow.RedisCache do
  2 |   @behaviour Pow.Store.Backend.Base
  3 | 
  4 |   alias Pow.Config
  5 | 
  6 |   @impl true
  7 |   def put(config, record_or_records) do
  8 |     ttl = Config.get(config, :ttl) || raise_ttl_error()
  9 | 
 10 |     commands =
 11 |       record_or_records
 12 |       |> List.wrap()
 13 |       |> Enum.map(fn {key, value} ->
 14 |         config
 15 |         |> binary_redis_key(key)
 16 |         |> put_command(value, ttl)
 17 |       end)
 18 | 
 19 |     Redix.noreply_pipeline(UserService.Redix.instance_name(), commands)
 20 |   end
 21 | 
 22 |   defp put_command(key, value, ttl) do
 23 |     value = value |> clean_value() |> :erlang.term_to_binary()
 24 |     ["SET", key, value, "PX", ttl]
 25 |   end
 26 | 
 27 |   # Avoid writing the entire User struct into Redis
 28 |   # Must remain a User struct or errors occur from pow
 29 |   defp clean_value(%UserService.Users.User{id: id, guid: guid}) do
 30 |     %UserService.Users.User{id: id, guid: guid}
 31 |   end
 32 | 
 33 |   defp clean_value(val), do: val
 34 | 
 35 |   @impl true
 36 |   def delete(config, key) do
 37 |     key =
 38 |       config
 39 |       |> redis_key(key)
 40 |       |> to_binary_redis_key()
 41 | 
 42 |     Redix.noreply_command(UserService.Redix.instance_name(), ["DEL", key])
 43 |   end
 44 | 
 45 |   @impl true
 46 |   def get(config, key) do
 47 |     key =
 48 |       config
 49 |       |> redis_key(key)
 50 |       |> to_binary_redis_key()
 51 | 
 52 |     case Redix.command(UserService.Redix.instance_name(), ["GET", key]) do
 53 |       {:ok, nil} -> :not_found
 54 |       {:ok, value} -> :erlang.binary_to_term(value)
 55 |     end
 56 |   end
 57 | 
 58 |   @impl true
 59 |   @doc """
 60 |   Examples:
 61 | 
 62 |   iex(47)> UserServiceWeb.Pow.RedisCache.all([ttl: 1800000, namespace: "credentials"], :_)
 63 |     # all values
 64 | 
 65 |   iex(46)> UserServiceWeb.Pow.RedisCache.all([ttl: 1800000, namespace: "credentials"], ["credentials", :_, :_, "6"])
 66 |     [
 67 |       {["credentials", "Elixir.UserService.Users.User", "user", "6"],
 68 |       %{guid: "0c06d077-4fe0-48b1-b9eb-f9c6e2e6de62", id: 6}}
 69 |     ]
 70 |   """
 71 |   def all(config, match_spec) do
 72 |     compiled_match_spec = :ets.match_spec_compile([{{match_spec, :_}, [], [:"$_"]}])
 73 | 
 74 |     Stream.resource(
 75 |       fn -> do_scan(config, compiled_match_spec, "0") end,
 76 |       &stream_scan(config, compiled_match_spec, &1),
 77 |       fn _ -> :ok end
 78 |     )
 79 |     |> Enum.to_list()
 80 |   end
 81 | 
 82 |   defp stream_scan(_config, _compiled_match_spec, {[], "0"}), do: {:halt, nil}
 83 | 
 84 |   defp stream_scan(config, compiled_match_spec, {[], iterator}) do
 85 |     result = do_scan(config, compiled_match_spec, iterator)
 86 | 
 87 |     stream_scan(config, compiled_match_spec, result)
 88 |   end
 89 | 
 90 |   defp stream_scan(_config, _compiled_match_spec, {keys, iterator}), do: {keys, {[], iterator}}
 91 | 
 92 |   defp do_scan(config, compiled_match_spec, iterator) do
 93 |     prefix = to_binary_redis_key([namespace(config)]) <> ":*"
 94 | 
 95 |     case Redix.command(UserService.Redix.instance_name(), ["SCAN", iterator, "MATCH", prefix]) do
 96 |       {:ok, [iterator, res]} -> {filter_or_load_value(compiled_match_spec, res, config), iterator}
 97 |     end
 98 |   end
 99 | 
100 |   defp filter_or_load_value(compiled_match_spec, keys, config) do
101 |     keys
102 |     |> Enum.map(&convert_key/1)
103 |     |> Enum.sort()
104 |     |> :ets.match_spec_run(compiled_match_spec)
105 |     |> populate_values(config)
106 |   end
107 | 
108 |   defp convert_key(key) do
109 |     key =
110 |       key
111 |       |> from_binary_redis_key()
112 |       |> unwrap()
113 | 
114 |     {key, nil}
115 |   end
116 | 
117 |   defp unwrap([_app | [_namespace | key]]), do: key
118 | 
119 |   defp populate_values([], _config), do: []
120 | 
121 |   defp populate_values(records, config) do
122 |     binary_keys = Enum.map(records, fn {key, nil} -> binary_redis_key(config, key) end)
123 | 
124 |     case Redix.command(UserService.Redix.instance_name(), ["MGET"] ++ binary_keys) do
125 |       {:ok, values} ->
126 |         values = Enum.map(values, &:erlang.binary_to_term/1)
127 | 
128 |         records
129 |         |> zip_values(values)
130 |         |> Enum.reject(fn {_key, value} -> is_nil(value) end)
131 |     end
132 |   end
133 | 
134 |   defp zip_values([{key, nil} | next1], [value | next2]) do
135 |     [{key, value} | zip_values(next1, next2)]
136 |   end
137 | 
138 |   defp zip_values(_, []), do: []
139 |   defp zip_values([], _), do: []
140 | 
141 |   defp binary_redis_key(config, key) do
142 |     config
143 |     |> redis_key(key)
144 |     |> to_binary_redis_key()
145 |   end
146 | 
147 |   defp redis_key(config, key) do
148 |     [namespace(config) | List.wrap(key)]
149 |   end
150 | 
151 |   defp namespace(config) do
152 |     app_namespace = Application.get_env(:user_service, :redis_namespace)
153 |     pow_namespace = Config.get(config, :namespace, "cache")
154 | 
155 |     "#{app_namespace}:#{pow_namespace}"
156 |   end
157 | 
158 |   # This is a human readable string, rather than a binary conversion that comes stock
159 |   defp to_binary_redis_key(key) do
160 |     key
161 |     |> Enum.join(":")
162 |   end
163 | 
164 |   defp from_binary_redis_key(key) do
165 |     key
166 |     |> String.split(":")
167 |   end
168 | 
169 |   @spec raise_ttl_error :: no_return
170 |   defp raise_ttl_error,
171 |     do: Config.raise_error("`:ttl` configuration option is required for #{inspect(__MODULE__)}")
172 | end
173 | 


--------------------------------------------------------------------------------
/mix.lock:
--------------------------------------------------------------------------------
 1 | %{
 2 |   "assent": {:hex, :assent, "0.1.8", "fdead5f428ed86103b324b50864c6f2245fe90eabbbd88d9f132ef3284fb17e2", [:mix], [{:castore, "~> 0.1.0", [hex: :castore, repo: "hexpm", optional: true]}, {:certifi, ">= 0.0.0", [hex: :certifi, repo: "hexpm", optional: true]}, {:jose, "~> 1.8", [hex: :jose, repo: "hexpm", optional: true]}, {:mint, ">= 0.1.0 and < 1.1.0", [hex: :mint, repo: "hexpm", optional: true]}, {:oauther, "~> 1.1", [hex: :oauther, repo: "hexpm", optional: false]}, {:ssl_verify_fun, ">= 0.0.0", [hex: :ssl_verify_fun, repo: "hexpm", optional: true]}], "hexpm", "925a1424a759b618380a0526572e7df2511f955a4ad9dbe5de009647b817fd37"},
 3 |   "bamboo": {:hex, :bamboo, "1.4.0", "7b9201c49a843e4802061cf45692405b2c00efcf1cebf8b7b64f015ead072392", [:mix], [{:hackney, ">= 1.13.0", [hex: :hackney, repo: "hexpm", optional: false]}, {:jason, "~> 1.1.0", [hex: :jason, repo: "hexpm", optional: true]}, {:plug, "~> 1.0", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm", "b9cad03bf38c7f37b6308876039355665b6ce09fefb46dc529cef4def912cffa"},
 4 |   "certifi": {:hex, :certifi, "2.5.1", "867ce347f7c7d78563450a18a6a28a8090331e77fa02380b4a21962a65d36ee5", [:rebar3], [{:parse_trans, "~>3.3", [hex: :parse_trans, repo: "hexpm", optional: false]}], "hexpm", "805abd97539caf89ec6d4732c91e62ba9da0cda51ac462380bbd28ee697a8c42"},
 5 |   "connection": {:hex, :connection, "1.0.4", "a1cae72211f0eef17705aaededacac3eb30e6625b04a6117c1b2db6ace7d5976", [:mix], [], "hexpm", "4a0850c9be22a43af9920a71ab17c051f5f7d45c209e40269a1938832510e4d9"},
 6 |   "cors_plug": {:hex, :cors_plug, "2.0.2", "2b46083af45e4bc79632bd951550509395935d3e7973275b2b743bd63cc942ce", [:mix], [{:plug, "~> 1.8", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm", "f0d0e13f71c51fd4ef8b2c7e051388e4dfb267522a83a22392c856de7e46465f"},
 7 |   "cowboy": {:hex, :cowboy, "2.7.0", "91ed100138a764355f43316b1d23d7ff6bdb0de4ea618cb5d8677c93a7a2f115", [:rebar3], [{:cowlib, "~> 2.8.0", [hex: :cowlib, repo: "hexpm", optional: false]}, {:ranch, "~> 1.7.1", [hex: :ranch, repo: "hexpm", optional: false]}], "hexpm", "04fd8c6a39edc6aaa9c26123009200fc61f92a3a94f3178c527b70b767c6e605"},
 8 |   "cowlib": {:hex, :cowlib, "2.8.0", "fd0ff1787db84ac415b8211573e9a30a3ebe71b5cbff7f720089972b2319c8a4", [:rebar3], [], "hexpm", "79f954a7021b302186a950a32869dbc185523d99d3e44ce430cd1f3289f41ed4"},
 9 |   "csvlixir": {:hex, :csvlixir, "2.0.4", "e80d6a4f98e3f374151307c6cfda2fea22c33737092bc23d6d085d5ed19396fe", [:mix], [], "hexpm"},
10 |   "db_connection": {:hex, :db_connection, "2.2.1", "caee17725495f5129cb7faebde001dc4406796f12a62b8949f4ac69315080566", [:mix], [{:connection, "~> 1.0.2", [hex: :connection, repo: "hexpm", optional: false]}], "hexpm", "2b02ece62d9f983fcd40954e443b7d9e6589664380e5546b2b9b523cd0fb59e1"},
11 |   "decimal": {:hex, :decimal, "1.8.1", "a4ef3f5f3428bdbc0d35374029ffcf4ede8533536fa79896dd450168d9acdf3c", [:mix], [], "hexpm", "3cb154b00225ac687f6cbd4acc4b7960027c757a5152b369923ead9ddbca7aec"},
12 |   "ecto": {:hex, :ecto, "3.3.4", "95b05c82ae91361475e5491c9f3ac47632f940b3f92ae3988ac1aad04989c5bb", [:mix], [{:decimal, "~> 1.6 or ~> 2.0", [hex: :decimal, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}], "hexpm", "9b96cbb83a94713731461ea48521b178b0e3863d310a39a3948c807266eebd69"},
13 |   "ecto_sql": {:hex, :ecto_sql, "3.3.4", "aa18af12eb875fbcda2f75e608b3bd534ebf020fc4f6448e4672fcdcbb081244", [:mix], [{:db_connection, "~> 2.2", [hex: :db_connection, repo: "hexpm", optional: false]}, {:ecto, "~> 3.4 or ~> 3.3.3", [hex: :ecto, repo: "hexpm", optional: false]}, {:myxql, "~> 0.3.0", [hex: :myxql, repo: "hexpm", optional: true]}, {:postgrex, "~> 0.15.0", [hex: :postgrex, repo: "hexpm", optional: true]}, {:telemetry, "~> 0.4.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "5eccbdbf92e3c6f213007a82d5dbba4cd9bb659d1a21331f89f408e4c0efd7a8"},
14 |   "ex_maybe": {:hex, :ex_maybe, "1.1.1", "95c0188191b43bd278e876ae4f0a688922e3ca016a9efd97ee7a0b741a61b899", [:mix], [], "hexpm"},
15 |   "file_system": {:hex, :file_system, "0.2.8", "f632bd287927a1eed2b718f22af727c5aeaccc9a98d8c2bd7bff709e851dc986", [:mix], [], "hexpm", "97a3b6f8d63ef53bd0113070102db2ce05352ecf0d25390eb8d747c2bde98bca"},
16 |   "gettext": {:hex, :gettext, "0.17.4", "f13088e1ec10ce01665cf25f5ff779e7df3f2dc71b37084976cf89d1aa124d5c", [:mix], [], "hexpm", "3c75b5ea8288e2ee7ea503ff9e30dfe4d07ad3c054576a6e60040e79a801e14d"},
17 |   "hackney": {:hex, :hackney, "1.15.2", "07e33c794f8f8964ee86cebec1a8ed88db5070e52e904b8f12209773c1036085", [:rebar3], [{:certifi, "2.5.1", [hex: :certifi, repo: "hexpm", optional: false]}, {:idna, "6.0.0", [hex: :idna, repo: "hexpm", optional: false]}, {:metrics, "1.0.1", [hex: :metrics, repo: "hexpm", optional: false]}, {:mimerl, "~>1.1", [hex: :mimerl, repo: "hexpm", optional: false]}, {:ssl_verify_fun, "1.1.5", [hex: :ssl_verify_fun, repo: "hexpm", optional: false]}], "hexpm", "e0100f8ef7d1124222c11ad362c857d3df7cb5f4204054f9f0f4a728666591fc"},
18 |   "idna": {:hex, :idna, "6.0.0", "689c46cbcdf3524c44d5f3dde8001f364cd7608a99556d8fbd8239a5798d4c10", [:rebar3], [{:unicode_util_compat, "0.4.1", [hex: :unicode_util_compat, repo: "hexpm", optional: false]}], "hexpm", "4bdd305eb64e18b0273864920695cb18d7a2021f31a11b9c5fbcd9a253f936e2"},
19 |   "jason": {:hex, :jason, "1.1.2", "b03dedea67a99223a2eaf9f1264ce37154564de899fd3d8b9a21b1a6fd64afe7", [:mix], [{:decimal, "~> 1.0", [hex: :decimal, repo: "hexpm", optional: true]}], "hexpm", "fdf843bca858203ae1de16da2ee206f53416bbda5dc8c9e78f43243de4bc3afe"},
20 |   "joken": {:hex, :joken, "2.2.0", "2daa1b12be05184aff7b5ace1d43ca1f81345962285fff3f88db74927c954d3a", [:mix], [{:jose, "~> 1.9", [hex: :jose, repo: "hexpm", optional: false]}], "hexpm", "b4f92e30388206f869dd25d1af628a1d99d7586e5cf0672f64d4df84c4d2f5e9"},
21 |   "jose": {:hex, :jose, "1.10.1", "16d8e460dae7203c6d1efa3f277e25b5af8b659febfc2f2eb4bacf87f128b80a", [:mix, :rebar3], [], "hexpm", "3c7ddc8a9394b92891db7c2771da94bf819834a1a4c92e30857b7d582e2f8257"},
22 |   "matrix_reloaded": {:hex, :matrix_reloaded, "2.2.1", "9786e97c20535e902dbe586b704ede6c00a6854609715fb161645df9cd99ca55", [:mix], [{:ex_maybe, "~> 1.0", [hex: :ex_maybe, repo: "hexpm", optional: false]}, {:result, "~> 1.3.0", [hex: :result, repo: "hexpm", optional: false]}], "hexpm"},
23 |   "metrics": {:hex, :metrics, "1.0.1", "25f094dea2cda98213cecc3aeff09e940299d950904393b2a29d191c346a8486", [:rebar3], [], "hexpm", "69b09adddc4f74a40716ae54d140f93beb0fb8978d8636eaded0c31b6f099f16"},
24 |   "mime": {:hex, :mime, "1.3.1", "30ce04ab3175b6ad0bdce0035cba77bba68b813d523d1aac73d9781b4d193cf8", [:mix], [], "hexpm", "6cbe761d6a0ca5a31a0931bf4c63204bceb64538e664a8ecf784a9a6f3b875f1"},
25 |   "mimerl": {:hex, :mimerl, "1.2.0", "67e2d3f571088d5cfd3e550c383094b47159f3eee8ffa08e64106cdf5e981be3", [:rebar3], [], "hexpm", "f278585650aa581986264638ebf698f8bb19df297f66ad91b18910dfc6e19323"},
26 |   "oauther": {:hex, :oauther, "1.1.1", "7d8b16167bb587ecbcddd3f8792beb9ec3e7b65c1f8ebd86b8dd25318d535752", [:mix], [], "hexpm", "9374f4302045321874cccdc57eb975893643bd69c3b22bf1312dab5f06e5788e"},
27 |   "parse_trans": {:hex, :parse_trans, "3.3.0", "09765507a3c7590a784615cfd421d101aec25098d50b89d7aa1d66646bc571c1", [:rebar3], [], "hexpm", "17ef63abde837ad30680ea7f857dd9e7ced9476cdd7b0394432af4bfc241b960"},
28 |   "phoenix": {:hex, :phoenix, "1.4.16", "2cbbe0c81e6601567c44cc380c33aa42a1372ac1426e3de3d93ac448a7ec4308", [:mix], [{:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}, {:phoenix_pubsub, "~> 1.1", [hex: :phoenix_pubsub, repo: "hexpm", optional: false]}, {:plug, "~> 1.8.1 or ~> 1.9", [hex: :plug, repo: "hexpm", optional: false]}, {:plug_cowboy, "~> 1.0 or ~> 2.0", [hex: :plug_cowboy, repo: "hexpm", optional: true]}, {:telemetry, "~> 0.4", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "856cc1a032fa53822737413cf51aa60e750525d7ece7d1c0576d90d7c0f05c24"},
29 |   "phoenix_ecto": {:hex, :phoenix_ecto, "4.1.0", "a044d0756d0464c5a541b4a0bf4bcaf89bffcaf92468862408290682c73ae50d", [:mix], [{:ecto, "~> 3.0", [hex: :ecto, repo: "hexpm", optional: false]}, {:phoenix_html, "~> 2.9", [hex: :phoenix_html, repo: "hexpm", optional: true]}, {:plug, "~> 1.0", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm", "c5e666a341ff104d0399d8f0e4ff094559b2fde13a5985d4cb5023b2c2ac558b"},
30 |   "phoenix_html": {:hex, :phoenix_html, "2.14.1", "7dabafadedb552db142aacbd1f11de1c0bbaa247f90c449ca549d5e30bbc66b4", [:mix], [{:plug, "~> 1.5", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm", "536d5200ad37fecfe55b3241d90b7a8c3a2ca60cd012fc065f776324fa9ab0a9"},
31 |   "phoenix_live_reload": {:hex, :phoenix_live_reload, "1.2.1", "274a4b07c4adbdd7785d45a8b0bb57634d0b4f45b18d2c508b26c0344bd59b8f", [:mix], [{:file_system, "~> 0.2.1 or ~> 0.3", [hex: :file_system, repo: "hexpm", optional: false]}, {:phoenix, "~> 1.4", [hex: :phoenix, repo: "hexpm", optional: false]}], "hexpm", "41b4103a2fa282cfd747d377233baf213c648fdcc7928f432937676532490eee"},
32 |   "phoenix_pubsub": {:hex, :phoenix_pubsub, "1.1.2", "496c303bdf1b2e98a9d26e89af5bba3ab487ba3a3735f74bf1f4064d2a845a3e", [:mix], [], "hexpm", "1f13f9f0f3e769a667a6b6828d29dec37497a082d195cc52dbef401a9b69bf38"},
33 |   "plug": {:hex, :plug, "1.9.0", "8d7c4e26962283ff9f8f3347bd73838e2413fbc38b7bb5467d5924f68f3a5a4a", [:mix], [{:mime, "~> 1.0", [hex: :mime, repo: "hexpm", optional: false]}, {:plug_crypto, "~> 1.0", [hex: :plug_crypto, repo: "hexpm", optional: false]}, {:telemetry, "~> 0.4", [hex: :telemetry, repo: "hexpm", optional: true]}], "hexpm", "9902eda2c52ada2a096434682e99a2493f5d06a94d6ac6bcfff9805f952350f1"},
34 |   "plug_cowboy": {:hex, :plug_cowboy, "2.1.2", "8b0addb5908c5238fac38e442e81b6fcd32788eaa03246b4d55d147c47c5805e", [:mix], [{:cowboy, "~> 2.5", [hex: :cowboy, repo: "hexpm", optional: false]}, {:plug, "~> 1.7", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm", "7d722581ce865a237e14da6d946f92704101740a256bd13ec91e63c0b122fc70"},
35 |   "plug_crypto": {:hex, :plug_crypto, "1.1.2", "bdd187572cc26dbd95b87136290425f2b580a116d3fb1f564216918c9730d227", [:mix], [], "hexpm", "6b8b608f895b6ffcfad49c37c7883e8df98ae19c6a28113b02aa1e9c5b22d6b5"},
36 |   "postgrex": {:hex, :postgrex, "0.15.3", "5806baa8a19a68c4d07c7a624ccdb9b57e89cbc573f1b98099e3741214746ae4", [:mix], [{:connection, "~> 1.0", [hex: :connection, repo: "hexpm", optional: false]}, {:db_connection, "~> 2.1", [hex: :db_connection, repo: "hexpm", optional: false]}, {:decimal, "~> 1.5", [hex: :decimal, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}], "hexpm", "4737ce62a31747b4c63c12b20c62307e51bb4fcd730ca0c32c280991e0606c90"},
37 |   "pot": {:hex, :pot, "0.10.2", "9895c83bcff8cd22d9f5bc79dfc88a188176b261b618ad70d93faf5c5ca36e67", [:rebar3], [], "hexpm"},
38 |   "pow": {:hex, :pow, "1.0.19", "e6295de629338661afdc52b3420f1fa37c191d246aef5d844161843fed6fe88b", [:mix], [{:ecto, "~> 2.2 or ~> 3.0", [hex: :ecto, repo: "hexpm", optional: false]}, {:phoenix, "~> 1.3.0 or ~> 1.4.0", [hex: :phoenix, repo: "hexpm", optional: false]}, {:phoenix_html, ">= 2.0.0 and <= 3.0.0", [hex: :phoenix_html, repo: "hexpm", optional: false]}, {:plug, ">= 1.5.0 and < 2.0.0", [hex: :plug, repo: "hexpm", optional: true]}], "hexpm", "da77fab98e038b39c5360a77dc98e606cdd1446dabdd65a88991e8b23f67a356"},
39 |   "pow_assent": {:hex, :pow_assent, "0.4.6", "9b3eb9ae7ca810827fb83486726578d2a1f79a6e1f9cb80235bca74176d93889", [:mix], [{:assent, "~> 0.1.2", [hex: :assent, repo: "hexpm", optional: false]}, {:ecto, "~> 2.2 or ~> 3.0", [hex: :ecto, repo: "hexpm", optional: false]}, {:phoenix, "~> 1.3.0 or ~> 1.4.0", [hex: :phoenix, repo: "hexpm", optional: false]}, {:phoenix_html, ">= 2.0.0 and <= 3.0.0", [hex: :phoenix_html, repo: "hexpm", optional: false]}, {:plug, ">= 1.5.0 and < 2.0.0", [hex: :plug, repo: "hexpm", optional: true]}, {:pow, "~> 1.0.17", [hex: :pow, repo: "hexpm", optional: false]}], "hexpm", "5e0ee04b609670a778631af358fea314c598b71905fa372d757f0b84e5cbc5d7"},
40 |   "qr_code": {:hex, :qr_code, "2.1.0", "54c0c687ac505590602b3bf2e2f0cf014403a1d204abcd9dafc0d2398d435a15", [:mix], [{:csvlixir, "~> 2.0.4", [hex: :csvlixir, repo: "hexpm", optional: false]}, {:ex_maybe, "~> 1.1.1", [hex: :ex_maybe, repo: "hexpm", optional: false]}, {:matrix_reloaded, "~> 2.2.1", [hex: :matrix_reloaded, repo: "hexpm", optional: false]}, {:result, "~> 1.3.0", [hex: :result, repo: "hexpm", optional: false]}, {:xml_builder, "~> 2.1.1", [hex: :xml_builder, repo: "hexpm", optional: false]}], "hexpm"},
41 |   "ranch": {:hex, :ranch, "1.7.1", "6b1fab51b49196860b733a49c07604465a47bdb78aa10c1c16a3d199f7f8c881", [:rebar3], [], "hexpm", "451d8527787df716d99dc36162fca05934915db0b6141bbdac2ea8d3c7afc7d7"},
42 |   "redix": {:hex, :redix, "0.10.4", "b87c1728e02dd8bad0e8ed2a97c4855d9677dfcefb293800fdb1ca726278ea27", [:mix], [{:castore, "~> 0.1.0", [hex: :castore, repo: "hexpm", optional: true]}, {:telemetry, "~> 0.4.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "cdf44832b01286f594846d8858866b4ee006c056b027d15557e17b0df9203584"},
43 |   "result": {:hex, :result, "1.3.0", "fd598eb0e084048157fffca7ef5f53803c6031c99691a78271dade7b4c479661", [:mix], [], "hexpm"},
44 |   "ssl_verify_fun": {:hex, :ssl_verify_fun, "1.1.5", "6eaf7ad16cb568bb01753dbbd7a95ff8b91c7979482b95f38443fe2c8852a79b", [:make, :mix, :rebar3], [], "hexpm", "13104d7897e38ed7f044c4de953a6c28597d1c952075eb2e328bc6d6f2bfc496"},
45 |   "telemetry": {:hex, :telemetry, "0.4.1", "ae2718484892448a24470e6aa341bc847c3277bfb8d4e9289f7474d752c09c7f", [:rebar3], [], "hexpm", "4738382e36a0a9a2b6e25d67c960e40e1a2c95560b9f936d8e29de8cd858480f"},
46 |   "unicode_util_compat": {:hex, :unicode_util_compat, "0.4.1", "d869e4c68901dd9531385bb0c8c40444ebf624e60b6962d95952775cac5e90cd", [:rebar3], [], "hexpm", "1d1848c40487cdb0b30e8ed975e34e025860c02e419cb615d255849f3427439d"},
47 |   "xml_builder": {:hex, :xml_builder, "2.1.2", "90cb9ad382958934c78c6ddfbe6d385a8ce147d84b61cbfa83ec93a169d0feab", [:mix], [], "hexpm"},
48 | }
49 | 


--------------------------------------------------------------------------------