feat: add handler with openapi def for admin revoke session (#2867)

Author: Ajay Kelkar

internal/httpclient/.openapi-generator/FILES

@@ -3,6 +3,7 @@
 .travis.yml
 README.md
 api/openapi.yaml
+api_identity.go
 api_metadata.go
 api_v0alpha2.go
 client.go
@@ -25,6 +26,7 @@ docs/GenericError.md
 docs/HealthNotReadyStatus.md
 docs/HealthStatus.md
 docs/Identity.md
+docs/IdentityApi.md
 docs/IdentityCredentials.md
 docs/IdentityCredentialsOidc.md
 docs/IdentityCredentialsOidcProvider.md

internal/httpclient/README.md

@@ -83,6 +83,7 @@ All URIs are relative to *http://localhost*
 
 Class | Method | HTTP request | Description
 ------------ | ------------- | ------------- | -------------
+*IdentityApi* | [**DisableSession**](docs/IdentityApi.md#disablesession) | **Delete** /admin/sessions/{id} | Deactivate a Session
 *MetadataApi* | [**GetVersion**](docs/MetadataApi.md#getversion) | **Get** /version | Return Running Software Version.
 *MetadataApi* | [**IsAlive**](docs/MetadataApi.md#isalive) | **Get** /health/alive | Check HTTP Server Status
 *MetadataApi* | [**IsReady**](docs/MetadataApi.md#isready) | **Get** /health/ready | Check HTTP Server and Database Status

internal/httpclient/api/openapi.yaml

@@ -743,6 +743,44 @@ paths:
       tags:
       - v0alpha2
   /admin/sessions/{id}:
+    delete:
+      description: Calling this endpoint deactivates the specified session. Session
+        data is not deleted.
+      operationId: disableSession
+      parameters:
+      - description: ID is the session's ID.
+        explode: false
+        in: path
+        name: id
+        required: true
+        schema:
+          type: string
+        style: simple
+      responses:
+        "204":
+          description: Empty responses are sent when, for example, resources are deleted.
+            The HTTP status code for empty responses is typically 201.
+        "400":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/jsonError'
+          description: jsonError
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/jsonError'
+          description: jsonError
+        default:
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/jsonError'
+          description: jsonError
+      summary: Deactivate a Session
+      tags:
+      - identity
     get:
       description: |-
         This endpoint is useful for:

internal/httpclient/api_identity.go

@@ -0,0 +1,77 @@
+# \IdentityApi
+
+All URIs are relative to *http://localhost*
+
+Method | HTTP request | Description
+------------- | ------------- | -------------
+[**DisableSession**](IdentityApi.md#DisableSession) | **Delete** /admin/sessions/{id} | Deactivate a Session
+
+
+
+## DisableSession
+
+> DisableSession(ctx, id).Execute()
+
+Deactivate a Session
+
+
+
+### Example
+
+```go
+package main
+
+import (
+    "context"
+    "fmt"
+    "os"
+    openapiclient "./openapi"
+)
+
+func main() {
+    id := "id_example" // string | ID is the session's ID.
+
+    configuration := openapiclient.NewConfiguration()
+    apiClient := openapiclient.NewAPIClient(configuration)
+    resp, r, err := apiClient.IdentityApi.DisableSession(context.Background(), id).Execute()
+    if err != nil {
+        fmt.Fprintf(os.Stderr, "Error when calling `IdentityApi.DisableSession``: %v\n", err)
+        fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
+    }
+}
+```
+
+### Path Parameters
+
+
+Name | Type | Description  | Notes
+------------- | ------------- | ------------- | -------------
+**ctx** | **context.Context** | context for authentication, logging, cancellation, deadlines, tracing, etc.
+**id** | **string** | ID is the session's ID. | 
+
+### Other Parameters
+
+Other parameters are passed through a pointer to a apiDisableSessionRequest struct via the builder pattern
+
+
+Name | Type | Description  | Notes
+------------- | ------------- | ------------- | -------------
+
+
+### Return type
+
+ (empty response body)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: application/json
+
+[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints)
+[[Back to Model list]](../README.md#documentation-for-models)
+[[Back to README]](../README.md)
+

internal/httpclient/client.go

@@ -312,6 +312,28 @@ func (p *Persister) RevokeSessionByToken(ctx context.Context, token string) erro
 	return nil
 }
 
+// RevokeSessionById revokes a given session
+func (p *Persister) RevokeSessionById(ctx context.Context, sID uuid.UUID) error {
+	ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.RevokeSessionById")
+	defer span.End()
+
+	// #nosec G201
+	count, err := p.GetConnection(ctx).RawQuery(fmt.Sprintf(
+		"UPDATE %s SET active = false WHERE id = ? AND nid = ?",
+		"sessions",
+	),
+		sID,
+		p.NetworkID(ctx),
+	).ExecWithCount()
+	if err != nil {
+		return sqlcon.HandleError(err)
+	}
+	if count == 0 {
+		return errors.WithStack(sqlcon.ErrNoRows)
+	}
+	return nil
+}
+
 // RevokeSession revokes a given session. If the session does not exist or was not modified,
 // it effectively has been revoked already, and therefore that case does not return an error.
 func (p *Persister) RevokeSession(ctx context.Context, iID, sID uuid.UUID) error {