MF-1096 - Fix AuthN and Things Auth ENVARS

.env

@@ -28,6 +28,8 @@ MF_JAEGER_URL=jaeger:6831
 MF_AUTHN_LOG_LEVEL=debug
 MF_AUTHN_HTTP_PORT=8189
 MF_AUTHN_GRPC_PORT=8181
+MF_AUTHN_GRPC_URL=authn:8181
+MF_AUTHN_GRPC_TIMEOUT=1
 MF_AUTHN_DB_PORT=5432
 MF_AUTHN_DB_USER=mainflux
 MF_AUTHN_DB_PASS=mainflux
@@ -60,6 +62,8 @@ MF_THINGS_LOG_LEVEL=debug
 MF_THINGS_HTTP_PORT=8182
 MF_THINGS_AUTH_HTTP_PORT=8989
 MF_THINGS_AUTH_GRPC_PORT=8183
+MF_THINGS_AUTH_GRPC_URL=things:8183
+MF_THINGS_AUTH_GRPC_TIMEOUT=1
 MF_THINGS_DB_PORT=5432
 MF_THINGS_DB_USER=mainflux
 MF_THINGS_DB_PASS=mainflux
@@ -141,18 +145,18 @@ MF_INFLUX_WRITER_PORT=8900
 MF_INFLUX_WRITER_BATCH_SIZE=5000
 MF_INFLUX_WRITER_BATCH_TIMEOUT=5
 MF_INFLUX_WRITER_DB_PORT=8086
-MF_INFLUX_WRITER_DB_NAME=mainflux
 MF_INFLUX_WRITER_DB_USER=mainflux
 MF_INFLUX_WRITER_DB_PASS=mainflux
+MF_INFLUX_WRITER_DB_NAME=mainflux
 MF_INFLUX_WRITER_GRAFANA_PORT=3001
 
 ### InfluxDB Reader
 MF_INFLUX_READER_LOG_LEVEL=debug
 MF_INFLUX_READER_PORT=8905
-MF_INFLUX_READER_DB_NAME=mainflux
 MF_INFLUX_READER_DB_PORT=8086
 MF_INFLUX_READER_DB_USER=mainflux
 MF_INFLUX_READER_DB_PASS=mainflux
+MF_INFLUX_READER_DB_NAME=mainflux
 MF_INFLUX_READER_SERVER_CERT=
 MF_INFLUX_READER_SERVER_KEY=
 
@@ -201,7 +205,7 @@ MF_TWINS_LOG_LEVEL=debug
 MF_TWINS_HTTP_PORT=9021
 MF_TWINS_SERVER_CERT=""
 MF_TWINS_SERVER_KEY=""
-MF_TWINS_DB_NAME=mainflux-twins
+MF_TWINS_DB=mainflux-twins
 MF_TWINS_DB_HOST=twins-db
 MF_TWINS_DB_PORT=27018
 MF_TWINS_SINGLE_USER_EMAIL=""

bootstrap/README.md

@@ -55,7 +55,6 @@ The service is configured using the environment variables presented in the follo
 | MF_BOOTSTRAP_SERVER_KEY       | Path to server key in pem format                                        |                                  |
 | MF_SDK_BASE_URL               | Base url for Mainflux SDK                                               | http://localhost                 |
 | MF_SDK_THINGS_PREFIX          | SDK prefix for Things service                                           |                                  |
-| MF_USERS_URL                  | Users service URL                                                       | localhost:8181                   |
 | MF_THINGS_ES_URL              | Things service event source URL                                         | localhost:6379                   |
 | MF_THINGS_ES_PASS             | Things service event source password                                    |                                  |
 | MF_THINGS_ES_DB               | Things service event source database                                    | 0                                |
@@ -64,7 +63,8 @@ The service is configured using the environment variables presented in the follo
 | MF_BOOTSTRAP_ES_DB            | Bootstrap service event source database                                 | 0                                |
 | MF_BOOTSTRAP_EVENT_CONSUMER   | Bootstrap service event source consumer name                            | bootstrap                        |
 | MF_JAEGER_URL                 | Jaeger server URL                                                       | localhost:6831                   |
-| MF_BOOTSTRAP_THINGS_TIMEOUT   | Things gRPC request timeout in seconds                                  | 1                                |
+| MF_AUTHN_GRPC_URL             | AuthN service gRPC URL                                                  | localhost:8181                   |
+| MF_AUTHN_GRPC_TIMEOUT         | AuthN service gRPC request timeout in seconds                           | 1                                |
 
 ## Deployment
 
@@ -101,7 +101,6 @@ version: "2"
       MF_BOOTSTRAP_SERVER_KEY: [String path to server key in pem format]
       MF_SDK_BASE_URL: [Base SDK URL for the Mainflux services]
       MF_SDK_THINGS_PREFIX: [SDK prefix for Things service]
-      MF_USERS_URL: [Users service URL]
       MF_THINGS_ES_URL: [Things service event source URL]
       MF_THINGS_ES_PASS: [Things service event source password]
       MF_THINGS_ES_DB: [Things service event source database]
@@ -110,7 +109,8 @@ version: "2"
       MF_BOOTSTRAP_ES_DB: [Bootstrap service event source database]
       MF_BOOTSTRAP_EVENT_CONSUMER: [Bootstrap service event source consumer name]
       MF_JAEGER_URL: [Jaeger server URL]
-      MF_BOOTSTRAP_THINGS_TIMEOUT: [Things gRPC request timeout in seconds]
+      MF_AUTHN_GRPC_URL: [AuthN service gRPC URL]
+      MF_AUTHN_GRPC_TIMEOUT: [AuthN service gRPC request timeout in seconds]
 ```
 
 To start the service outside of the container, execute the following shell script:
@@ -128,7 +128,28 @@ make bootstrap
 make install
 
 # set the environment variables and run the service
-MF_BOOTSTRAP_LOG_LEVEL=[Bootstrap log level] MF_BOOTSTRAP_DB_HOST=[Database host address] MF_BOOTSTRAP_DB_PORT=[Database host port] MF_BOOTSTRAP_DB_USER=[Database user] MF_BOOTSTRAP_DB_PASS=[Database password] MF_BOOTSTRAP_DB=[Name of the database used by the service] MF_BOOTSTRAP_DB_SSL_MODE=[SSL mode to connect to the database with] MF_BOOTSTRAP_DB_SSL_CERT=[Path to the PEM encoded certificate file] MF_BOOTSTRAP_DB_SSL_KEY=[Path to the PEM encoded key file] MF_BOOTSTRAP_DB_SSL_ROOT_CERT=[Path to the PEM encoded root certificate file] MF_BOOTSTRAP_ENCRYPT_KEY=[Hex-encoded encryption key used for secure bootstrap] MF_BOOTSTRAP_CLIENT_TLS=[Boolean value to enable/disable client TLS] MF_BOOTSTRAP_CA_CERTS=[Path to trusted CAs in PEM format] MF_BOOTSTRAP_PORT=[Service HTTP port] MF_BOOTSTRAP_SERVER_CERT=[Path to server certificate] MF_BOOTSTRAP_SERVER_KEY=[Path to server key] MF_SDK_BASE_URL=[Base SDK URL for the Mainflux services] MF_SDK_THINGS_PREFIX=[SDK prefix for Things service] MF_USERS_URL=[Users service URL] MF_JAEGER_URL=[Jaeger server URL] MF_BOOTSTRAP_THINGS_TIMEOUT=[Things gRPC request timeout in seconds] $GOBIN/mainflux-bootstrap
+MF_BOOTSTRAP_LOG_LEVEL=[Bootstrap log level] \
+MF_BOOTSTRAP_DB_HOST=[Database host address] \
+MF_BOOTSTRAP_DB_PORT=[Database host port] \
+MF_BOOTSTRAP_DB_USER=[Database user] \
+MF_BOOTSTRAP_DB_PASS=[Database password] \
+MF_BOOTSTRAP_DB=[Name of the database used by the service] \
+MF_BOOTSTRAP_DB_SSL_MODE=[SSL mode to connect to the database with] \
+MF_BOOTSTRAP_DB_SSL_CERT=[Path to the PEM encoded certificate file] \
+MF_BOOTSTRAP_DB_SSL_KEY=[Path to the PEM encoded key file] \
+MF_BOOTSTRAP_DB_SSL_ROOT_CERT=[Path to the PEM encoded root certificate file] \
+MF_BOOTSTRAP_ENCRYPT_KEY=[Hex-encoded encryption key used for secure bootstrap] \
+MF_BOOTSTRAP_CLIENT_TLS=[Boolean value to enable/disable client TLS] \
+MF_BOOTSTRAP_CA_CERTS=[Path to trusted CAs in PEM format] \
+MF_BOOTSTRAP_PORT=[Service HTTP port] \
+MF_BOOTSTRAP_SERVER_CERT=[Path to server certificate] \
+MF_BOOTSTRAP_SERVER_KEY=[Path to server key] \
+MF_SDK_BASE_URL=[Base SDK URL for the Mainflux services] \
+MF_SDK_THINGS_PREFIX=[SDK prefix for Things service] \
+MF_JAEGER_URL=[Jaeger server URL] \
+MF_AUTHN_GRPC_URL=[AuthN service gRPC URL] \
+MF_AUTHN_GRPC_TIMEOUT=[AuthN service gRPC request timeout in seconds] \
+$GOBIN/mainflux-bootstrap
 ```
 
 Setting `MF_BOOTSTRAP_CA_CERTS` expects a file in PEM format of trusted CAs. This will enable TLS against the Users gRPC endpoint trusting only those CAs that are provided.

cmd/authn/main.go

@@ -36,7 +36,7 @@ const (
 	defDBPort        = "5432"
 	defDBUser        = "mainflux"
 	defDBPass        = "mainflux"
-	defDBName        = "authn"
+	defDB            = "authn"
 	defDBSSLMode     = "disable"
 	defDBSSLCert     = ""
 	defDBSSLKey      = ""
@@ -53,7 +53,7 @@ const (
 	envDBPort        = "MF_AUTHN_DB_PORT"
 	envDBUser        = "MF_AUTHN_DB_USER"
 	envDBPass        = "MF_AUTHN_DB_PASS"
-	envDBName        = "MF_AUTHN_DB"
+	envDB            = "MF_AUTHN_DB"
 	envDBSSLMode     = "MF_AUTHN_DB_SSL_MODE"
 	envDBSSLCert     = "MF_AUTHN_DB_SSL_CERT"
 	envDBSSLKey      = "MF_AUTHN_DB_SSL_KEY"
@@ -122,7 +122,7 @@ func loadConfig() config {
 		Port:        mainflux.Env(envDBPort, defDBPort),
 		User:        mainflux.Env(envDBUser, defDBUser),
 		Pass:        mainflux.Env(envDBPass, defDBPass),
-		Name:        mainflux.Env(envDBName, defDBName),
+		Name:        mainflux.Env(envDB, defDB),
 		SSLMode:     mainflux.Env(envDBSSLMode, defDBSSLMode),
 		SSLCert:     mainflux.Env(envDBSSLCert, defDBSSLCert),
 		SSLKey:      mainflux.Env(envDBSSLKey, defDBSSLKey),

cmd/bootstrap/main.go

@@ -43,7 +43,7 @@ const (
 	defDBPort         = "5432"
 	defDBUser         = "mainflux"
 	defDBPass         = "mainflux"
-	defDBName         = "bootstrap"
+	defDB             = "bootstrap"
 	defDBSSLMode      = "disable"
 	defDBSSLCert      = ""
 	defDBSSLKey       = ""
@@ -64,15 +64,15 @@ const (
 	defESDB           = "0"
 	defESConsumerName = "bootstrap"
 	defJaegerURL      = ""
-	defAuthURL        = "localhost:8181"
-	defAuthTimeout    = "1" // in seconds
+	defAuthnURL       = "localhost:8181"
+	defAuthnTimeout   = "1" // in seconds
 
 	envLogLevel       = "MF_BOOTSTRAP_LOG_LEVEL"
 	envDBHost         = "MF_BOOTSTRAP_DB_HOST"
 	envDBPort         = "MF_BOOTSTRAP_DB_PORT"
 	envDBUser         = "MF_BOOTSTRAP_DB_USER"
 	envDBPass         = "MF_BOOTSTRAP_DB_PASS"
-	envDBName         = "MF_BOOTSTRAP_DB"
+	envDB             = "MF_BOOTSTRAP_DB"
 	envDBSSLMode      = "MF_BOOTSTRAP_DB_SSL_MODE"
 	envDBSSLCert      = "MF_BOOTSTRAP_DB_SSL_CERT"
 	envDBSSLKey       = "MF_BOOTSTRAP_DB_SSL_KEY"
@@ -93,8 +93,8 @@ const (
 	envESDB           = "MF_BOOTSTRAP_ES_DB"
 	envESConsumerName = "MF_BOOTSTRAP_EVENT_CONSUMER"
 	envJaegerURL      = "MF_JAEGER_URL"
-	envAuthURL        = "MF_AUTH_URL"
-	envAuthTimeout    = "MF_AUTH_TIMEOUT"
+	envAuthnURL       = "MF_AUTHN_GRPC_URL"
+	envAuthnTimeout   = "MF_AUTHN_GRPC_TIMEOUT"
 )
 
 type config struct {
@@ -116,8 +116,8 @@ type config struct {
 	esDB           string
 	esConsumerName string
 	jaegerURL      string
-	authURL        string
-	authTimeout    time.Duration
+	authnURL       string
+	authnTimeout   time.Duration
 }
 
 func main() {
@@ -143,7 +143,7 @@ func main() {
 	authConn := connectToAuth(cfg, logger)
 	defer authConn.Close()
 
-	auth := authapi.NewClient(authTracer, authConn, cfg.authTimeout)
+	auth := authapi.NewClient(authTracer, authConn, cfg.authnTimeout)
 
 	svc := newService(auth, db, logger, esClient, cfg)
 	errs := make(chan error, 2)
@@ -171,16 +171,16 @@ func loadConfig() config {
 		Port:        mainflux.Env(envDBPort, defDBPort),
 		User:        mainflux.Env(envDBUser, defDBUser),
 		Pass:        mainflux.Env(envDBPass, defDBPass),
-		Name:        mainflux.Env(envDBName, defDBName),
+		Name:        mainflux.Env(envDB, defDB),
 		SSLMode:     mainflux.Env(envDBSSLMode, defDBSSLMode),
 		SSLCert:     mainflux.Env(envDBSSLCert, defDBSSLCert),
 		SSLKey:      mainflux.Env(envDBSSLKey, defDBSSLKey),
 		SSLRootCert: mainflux.Env(envDBSSLRootCert, defDBSSLRootCert),
 	}
 
-	timeout, err := strconv.ParseInt(mainflux.Env(envAuthTimeout, defAuthTimeout), 10, 64)
+	timeout, err := strconv.ParseInt(mainflux.Env(envAuthnTimeout, defAuthnTimeout), 10, 64)
 	if err != nil {
-		log.Fatalf("Invalid %s value: %s", envAuthTimeout, err.Error())
+		log.Fatalf("Invalid %s value: %s", envAuthnTimeout, err.Error())
 	}
 	encKey, err := hex.DecodeString(mainflux.Env(envEncryptKey, defEncryptKey))
 	if err != nil {
@@ -212,8 +212,8 @@ func loadConfig() config {
 		esDB:           mainflux.Env(envESDB, defESDB),
 		esConsumerName: mainflux.Env(envESConsumerName, defESConsumerName),
 		jaegerURL:      mainflux.Env(envJaegerURL, defJaegerURL),
-		authURL:        mainflux.Env(envAuthURL, defAuthURL),
-		authTimeout:    time.Duration(timeout) * time.Second,
+		authnURL:       mainflux.Env(envAuthnURL, defAuthnURL),
+		authnTimeout:   time.Duration(timeout) * time.Second,
 	}
 }
 
@@ -311,9 +311,9 @@ func connectToAuth(cfg config, logger logger.Logger) *grpc.ClientConn {
 		logger.Info("gRPC communication is not encrypted")
 	}
 
-	conn, err := grpc.Dial(cfg.authURL, opts...)
+	conn, err := grpc.Dial(cfg.authnURL, opts...)
 	if err != nil {
-		logger.Error(fmt.Sprintf("Failed to connect to users service: %s", err))
+		logger.Error(fmt.Sprintf("Failed to connect to authn service: %s", err))
 		os.Exit(1)
 	}
 

cmd/cassandra-reader/main.go

@@ -34,48 +34,48 @@ import (
 const (
 	sep = ","
 
-	defLogLevel      = "error"
-	defPort          = "8180"
-	defCluster       = "127.0.0.1"
-	defKeyspace      = "mainflux"
-	defDBUsername    = ""
-	defDBPassword    = ""
-	defDBPort        = "9042"
-	defThingsURL     = "localhost:8181"
-	defClientTLS     = "false"
-	defCACerts       = ""
-	defServerCert    = ""
-	defServerKey     = ""
-	defJaegerURL     = ""
-	defThingsTimeout = "1" // in seconds
-
-	envLogLevel      = "MF_CASSANDRA_READER_LOG_LEVEL"
-	envPort          = "MF_CASSANDRA_READER_PORT"
-	envCluster       = "MF_CASSANDRA_READER_DB_CLUSTER"
-	envKeyspace      = "MF_CASSANDRA_READER_DB_KEYSPACE"
-	envDBUsername    = "MF_CASSANDRA_READER_DB_USERNAME"
-	envDBPassword    = "MF_CASSANDRA_READER_DB_PASSWORD"
-	envDBPort        = "MF_CASSANDRA_READER_DB_PORT"
-	envThingsURL     = "MF_THINGS_URL"
-	envClientTLS     = "MF_CASSANDRA_READER_CLIENT_TLS"
-	envCACerts       = "MF_CASSANDRA_READER_CA_CERTS"
-	envServerCert    = "MF_CASSANDRA_READER_SERVER_CERT"
-	envServerKey     = "MF_CASSANDRA_READER_SERVER_KEY"
-	envJaegerURL     = "MF_JAEGER_URL"
-	envThingsTimeout = "MF_CASSANDRA_READER_THINGS_TIMEOUT"
+	defLogLevel          = "error"
+	defPort              = "8180"
+	defCluster           = "127.0.0.1"
+	defKeyspace          = "messages"
+	defDBUser            = "mainflux"
+	defDBPass            = "mainflux"
+	defDBPort            = "9042"
+	defClientTLS         = "false"
+	defCACerts           = ""
+	defServerCert        = ""
+	defServerKey         = ""
+	defJaegerURL         = ""
+	defThingsAuthURL     = "localhost:8181"
+	defThingsAuthTimeout = "1" // in seconds
+
+	envLogLevel          = "MF_CASSANDRA_READER_LOG_LEVEL"
+	envPort              = "MF_CASSANDRA_READER_PORT"
+	envCluster           = "MF_CASSANDRA_READER_DB_CLUSTER"
+	envKeyspace          = "MF_CASSANDRA_READER_DB_KEYSPACE"
+	envDBUser            = "MF_CASSANDRA_READER_DB_USERNAME"
+	envDBPass            = "MF_CASSANDRA_READER_DB_PASSWORD"
+	envDBPort            = "MF_CASSANDRA_READER_DB_PORT"
+	envClientTLS         = "MF_CASSANDRA_READER_CLIENT_TLS"
+	envCACerts           = "MF_CASSANDRA_READER_CA_CERTS"
+	envServerCert        = "MF_CASSANDRA_READER_SERVER_CERT"
+	envServerKey         = "MF_CASSANDRA_READER_SERVER_KEY"
+	envJaegerURL         = "MF_JAEGER_URL"
+	envThingsAuthURL     = "MF_THINGS_AUTH_GRPC_URL"
+	envThingsAuthTimeout = "MF_THINGS_AUTH_GRPC_TIMEOUT"
 )
 
 type config struct {
-	logLevel      string
-	port          string
-	dbCfg         cassandra.DBConfig
-	thingsURL     string
-	clientTLS     bool
-	caCerts       string
-	serverCert    string
-	serverKey     string
-	jaegerURL     string
-	thingsTimeout time.Duration
+	logLevel          string
+	port              string
+	dbCfg             cassandra.DBConfig
+	clientTLS         bool
+	caCerts           string
+	serverCert        string
+	serverKey         string
+	jaegerURL         string
+	thingsAuthURL     string
+	thingsAuthTimeout time.Duration
 }
 
 func main() {
@@ -95,7 +95,7 @@ func main() {
 	thingsTracer, thingsCloser := initJaeger("things", cfg.jaegerURL, logger)
 	defer thingsCloser.Close()
 
-	tc := thingsapi.NewClient(conn, thingsTracer, cfg.thingsTimeout)
+	tc := thingsapi.NewClient(conn, thingsTracer, cfg.thingsAuthTimeout)
 	repo := newService(session, logger)
 
 	errs := make(chan error, 2)
@@ -121,8 +121,8 @@ func loadConfig() config {
 	dbCfg := cassandra.DBConfig{
 		Hosts:    strings.Split(mainflux.Env(envCluster, defCluster), sep),
 		Keyspace: mainflux.Env(envKeyspace, defKeyspace),
-		Username: mainflux.Env(envDBUsername, defDBUsername),
-		Password: mainflux.Env(envDBPassword, defDBPassword),
+		Username: mainflux.Env(envDBUser, defDBUser),
+		Password: mainflux.Env(envDBPass, defDBPass),
 		Port:     dbPort,
 	}
 
@@ -131,22 +131,22 @@ func loadConfig() config {
 		log.Fatalf("Invalid value passed for %s\n", envClientTLS)
 	}
 
-	timeout, err := strconv.ParseInt(mainflux.Env(envThingsTimeout, defThingsTimeout), 10, 64)
+	timeout, err := strconv.ParseInt(mainflux.Env(envThingsAuthTimeout, defThingsAuthTimeout), 10, 64)
 	if err != nil {
-		log.Fatalf("Invalid %s value: %s", envThingsTimeout, err.Error())
+		log.Fatalf("Invalid %s value: %s", envThingsAuthTimeout, err.Error())
 	}
 
 	return config{
-		logLevel:      mainflux.Env(envLogLevel, defLogLevel),
-		port:          mainflux.Env(envPort, defPort),
-		dbCfg:         dbCfg,
-		thingsURL:     mainflux.Env(envThingsURL, defThingsURL),
-		clientTLS:     tls,
-		caCerts:       mainflux.Env(envCACerts, defCACerts),
-		serverCert:    mainflux.Env(envServerCert, defServerCert),
-		serverKey:     mainflux.Env(envServerKey, defServerKey),
-		jaegerURL:     mainflux.Env(envJaegerURL, defJaegerURL),
-		thingsTimeout: time.Duration(timeout) * time.Second,
+		logLevel:          mainflux.Env(envLogLevel, defLogLevel),
+		port:              mainflux.Env(envPort, defPort),
+		dbCfg:             dbCfg,
+		clientTLS:         tls,
+		caCerts:           mainflux.Env(envCACerts, defCACerts),
+		serverCert:        mainflux.Env(envServerCert, defServerCert),
+		serverKey:         mainflux.Env(envServerKey, defServerKey),
+		jaegerURL:         mainflux.Env(envJaegerURL, defJaegerURL),
+		thingsAuthURL:     mainflux.Env(envThingsAuthURL, defThingsAuthURL),
+		thingsAuthTimeout: time.Duration(timeout) * time.Second,
 	}
 }
 
@@ -176,7 +176,7 @@ func connectToThings(cfg config, logger logger.Logger) *grpc.ClientConn {
 		opts = append(opts, grpc.WithInsecure())
 	}
 
-	conn, err := grpc.Dial(cfg.thingsURL, opts...)
+	conn, err := grpc.Dial(cfg.thingsAuthURL, opts...)
 	if err != nil {
 		logger.Error(fmt.Sprintf("Failed to connect to things service: %s", err))
 		os.Exit(1)