Commit Graph

23338 Commits

Author SHA1 Message Date
Pascal Bleser
e75216e898 test(groupware): add testcontainers based jmap test
* adds pkg/jmap/jmap_integration_test.go

 * uses ghcr.io/stalwartlabs/stalwart:v0.13.2-alpine

 * can be disabled by setting one of the following environment
   variables, in the same fashion as ca0493b28
   - CI=woodpecker
   - CI_SYSTEM_NAME=woodpecker
   - USE_TESTCONTAINERS=false

 * dependencies:
   - bump github.com/go-test/deep from 1.1.0 to 1.1.1
   - add github.com/cention-sany/utf7
   - add github.com/dustinkirkland/golang-petname
   - add github.com/emersion/go-imap/v2
   - add github.com/emersion/go-message
   - add github.com/emersion/go-sasl
   - add github.com/go-crypt/crypt
   - add github.com/go-crypt/x
   - add github.com/gogs/chardet
   - add github.com/inbucket/html2text
   - add github.com/jhilleryerd/enmime/v2
   - add github.com/ssor/bom
   - add gopkg.in/loremipsum.v1
2026-07-01 14:57:26 +02:00
Pascal Bleser
f0ba3ee4f8 refactor(groupware): session cache and DNS autodiscovery
* move the logging of the username and session state away from pkg/jmap
   and into services/groupware

 * introduce more decoupling for the session cache, as well as moving
   the implementation into groupware_session.go
2026-07-01 14:56:56 +02:00
Pascal Bleser
fca16908da groupware: add DNS auto-discovery (currently disabled, needs testing) 2026-07-01 14:56:56 +02:00
Pascal Bleser
8f527924b9 add a .gitignore entry for debug binaries built by VSCode when running OpenCloud 2026-07-01 14:56:56 +02:00
Pascal Bleser
7773108d3d groupware: session handling improvements
* remove the baseurl from the JMAP client configuration, and pass it to
   the session retrieval functions instead, as that is really the only
   place where it is relevant, and we gain flexibility to discover that
   session URL differently in the future without having to touch the
   JMAP client

 * move the default account identifier handling from the JMAP package to
   the Groupware one, as it really has nothing to do with JMAP itself,
   and is an opinionated feature of the Groupware REST API instead

 * add an event listener interface for JMAP events to be more flexible
   and universal, typically for metrics that are defined on the API
   level that uses the JMAP client

 * add errors for when default accounts cannot be determined

 * split groupware_framework.go into groupware_framework.go,
   groupware_request.go and groupware_response.go

 * move the accountId logging into the Groupware level instead of JMAP
   since it can also be relevant to other operations that might be
   worthy of logging before the JMAP client is even invoked
2026-07-01 14:56:56 +02:00
Pascal Bleser
c1e09fcdaf groupware: fix debug server, was missing a lot of configuration options and was binding to :80 2026-07-01 14:56:56 +02:00
Pascal Bleser
32f06dbc40 docs(groupware): add Groupware related ADRs 2026-07-01 14:56:56 +02:00
Pascal Bleser
c8999aea8c refactor(groupware): logging and metrics improvements
* some minor code refactorings to improve logging and metrics

 * more code documentation
2026-07-01 14:56:56 +02:00
Pascal Bleser
c28d90804e jmap: minor logging improvements 2026-07-01 14:56:56 +02:00
Pascal Bleser
b72d53d180 groupware: improve metrics
* implement more metrics, in a more streamlined fashion

 * use concurrent-map to store SSE streams instead of a regular map with
   one big lock that will not scale when it grows, causing too much
   contention on that one lock

 * while testing error metrics, noticed a few bugs with error handling
   when Stalwart is down: fixed
2026-07-01 14:56:56 +02:00
Pascal Bleser
6659f31493 groupware: jmap: add metrics 2026-07-01 14:56:56 +02:00
Pascal Bleser
5658293ebb groupware: implement metrics
* implement a framework for metrics, with a few exemplary ones
2026-07-01 14:56:56 +02:00
Pascal Bleser
a007bf37de groupware: Etag handling
* implement correct Etag and If-None-Match handling, responding with
   304 Not Modified if they match

 * introduce SessionState and State string type aliases to ensure we are
   using the correct fields for those, respectively

 * extract the SessionState from the JMAP response bodies in the
   groupware framework instead of having to do that in every single
   groupware API

 * use uint instead of int in some places to clarify that the values are
   >= 0

 * trace-log how long a Session was held in cache before being evicted

 * add Trace-Id header handling: add to response when specified in
   request, and implement a custom request logger to include it as a
   field

 * implement a more compact trace-logging of all the methods and URIs
   that are served, to put them into a single log entry instead of
   creating one log entry for every URI
2026-07-01 14:56:56 +02:00
Pascal Bleser
11ad0d9510 groupware: initial related emails implementation with SSE 2026-07-01 14:56:56 +02:00
Pascal Bleser
d41cd055e4 groupware: add /bootstrap
* add a GET /accounts/{a}/boostrap URI that delivers the same as GET /
   but also mailboxes for a given account, in case the UI remembers the
   last used account identifier, to avoid an additional roundtrip

 * streamline the use of simpleError()

 * add logging of errors at the calling site

 * add logging of evictions of Sessions from the cache

 * change default Session cache TTL to 5min instead of 30sec
2026-07-01 14:56:56 +02:00
Pascal Bleser
9c93c824fc groupware: swagger API documentation improvements
* add more documentation for properties

 * fixes after a bit of trial-and-error with go-swagger

 * fix email filter marshalling when there are no search criteria

 * introduce an apidoc.yml that contains Swagger data and is merged when
   generating the swagger.yml from sources
2026-07-01 14:56:56 +02:00
Pascal Bleser
350b9e8b76 Groupware improvements
* ensure that all the jmap responses contain the SessionState

 * implement missing errors that were marked as TODO

 * moved common functions from pkg/jmap and pkg/services/groupware to
   pkg/log and pkg/structs to commonalize them across both source trees

 * implement error handling for SetError occurences

 * Email: replace anonymous map[string]bool for mailbox rights with a
   MailboxRights struct, as the keys are well-defined, which allows for
   properly documenting them

 * introduce ObjectType as an "enum"

 * fix JSON marshalling and unmarshalling of EmailBodyStructure

 * move the swagger documentation structs from groupware_api.go to
   groupware_docs.go

 * fix: change verb for /groupware/accounts/*/vacation from POST to PUT
2026-07-01 14:56:56 +02:00
Pascal Bleser
e44ef77fe1 groupware: minor email searching response improvements + started implementing vacation response setting API 2026-07-01 14:56:56 +02:00
Pascal Bleser
2e4bc60f87 groupware: add identities of all accounts to the index resource 2026-07-01 14:56:55 +02:00
Pascal Bleser
e2e8bcd4c1 groupware: fix email search, add variant that includes the full emails 2026-07-01 14:56:55 +02:00
Pascal Bleser
f01fdcadd7 groupware: fix email search, add variant that includes the full emails 2026-07-01 14:56:55 +02:00
Pascal Bleser
3f432deb79 Groupware: refactor jmap package, implement Email/set, EmailSubmission
* refactor the jmap package to split it into several files as the
   jmap.api.go file was becoming too unwieldy

 * refactor the Groupware handler function response to be a Response
   object, to be more future-proof and avoid adding more and more
   return parameters while handling "no content" response as well

 * more godoc for the JMAP model

 * add Email creation, updating, deleting (Email/set,
   EmailSubmission/set)

 * add endpoints
   - POST /accounts/{accountid}/messages
   - PATCH|PUT /accounts/{accountid}/messages/{messageid}
   - DELETE /accounts/{accountid}/messages/{messageid}
2026-07-01 14:56:55 +02:00
Pascal Bleser
c1337a9c04 groupware: implement message search with snippets 2026-07-01 14:56:55 +02:00
Pascal Bleser
29fa354b81 groupware: blob streaming (upload and download) 2026-07-01 14:56:55 +02:00
Pascal Bleser
6720b09349 groupware: more JMAP operations implementation 2026-07-01 14:56:55 +02:00
Pascal Bleser
10f89892b0 groupware: further implementation and improvements 2026-07-01 14:56:55 +02:00
Pascal Bleser
9e6e824d17 upgrade Stalwart to 0.13.2 2026-07-01 14:56:55 +02:00
Pascal Bleser
bf6baf57ab refactored the Session object, refactored the services/groupware directory, and started Swagger documentation implementation 2026-07-01 14:56:55 +02:00
Pascal Bleser
51f3827751 groupware: refactoring the API mechanisms 2026-07-01 14:56:55 +02:00
Pascal Bleser
91bf6a36db groupware: implement JSON:API's error response format, with a revamped error handling in jmap and services/groupware 2026-07-01 14:56:55 +02:00
Pascal Bleser
9d3fd1cd27 Refactor groupware service after ADR decision on the Groupware API
* after having decided that the Groupware API should be a standalone
   independent custom REST API that is using JMAP data models as much as
   possible,
 * removed Groupware APIs from the Graph service
 * moved Groupware implementation to the Groupware service, and
   refactored a few things accordingly
2026-07-01 14:56:55 +02:00
Pascal Bleser
f6d6c08ceb Groupware and jmap: cleanup and API documentation 2026-07-01 14:56:55 +02:00
Pascal Bleser
adc839f0ec groupware: remove unneeded messages.go that was a remainder from an earlier implementation attempt, which also fixes compilation issues due to changes in main 2026-07-01 14:56:55 +02:00
Pascal Bleser
5b147e9978 opencloud_full: upgrade Stalwart to 0.12.5, and use the ghcr.io container repository to avoid Hub limits 2026-07-01 14:56:55 +02:00
Pascal Bleser
8e9981ff42 Groupware improvements: refactoring, k6 tests
* refactored the models to be strongly typed with structs and mapstruct
   to decompose the dynamic parts of the JMAP payloads

 * externalized large JSON strings for tests into .json files under
   testdata/

 * added a couple of fantasy Graph groupware APIs to explore further
   options

 * added k6 scripts to test those graph/me/messages APIs, with a setup
   program to set up users in LDAP, fill their IMAP inbox, activate them
   in Stalwart, cleaning things up, etc...
2026-07-01 14:56:55 +02:00
Pascal Bleser
99a3454924 fix Stalwart LDAP configuration 2026-07-01 14:56:55 +02:00
Pascal Bleser
5feb97d3be Use password policy overlay in LDAP and configure Stalwart to use it 2026-07-01 14:56:55 +02:00
Pascal Bleser
17749afd57 upgrade Stalwart to 0.12.4 2026-07-01 14:56:55 +02:00
Pascal Bleser
22ce836074 groupware: removed debugging logs 2026-07-01 14:56:55 +02:00
Pascal Bleser
d8d955417e jwkset: remove debugging printlns 2026-07-01 14:56:55 +02:00
Pascal Bleser
5688543f25 auth-api: fix: was missing newly introduced metrics 2026-07-01 14:56:55 +02:00
Pascal Bleser
e0b8090f94 groupware and jmap improvements and refactoring 2026-07-01 14:56:55 +02:00
Pascal Bleser
10cabc8175 upgrade Stalwart to 0.12 2026-07-01 14:56:55 +02:00
Pascal Bleser
0c802c1e7a minor corrections to the Stalwart configuration 2026-07-01 14:56:55 +02:00
Pascal Bleser
3f92844dcd Introduce a the auth-api service
* primitive implementation to demonstrate how it could work, still to
   be considered WIP at best

 * add new dependency: MicahParks/jwkset and MicahParks/keyfunc to
   retrieve the JWK set from KeyCloak to verify the signature of the
   JWTs sent as part of Bearer authentication in the /auth API

 * (minor) opencloud/.../service.go: clean up a logging statement that
   was introduced earlier to hunt down why the auth-api service was not
   being started
2026-07-01 14:56:55 +02:00
Pascal Bleser
aacc8dafd0 add an auth-api service to make an exemplary implementation of an external authentication API for third party services such as Stalwart 2026-07-01 14:56:55 +02:00
Pascal Bleser
2a169ac647 move services/groupware/pkg/jmap to pkg/jmap 2026-07-01 14:56:55 +02:00
Pascal Bleser
eeffbdc9fc WIP: restructure the Jmap client, and implement the /me/messages Graph API endpoint with it 2026-07-01 14:56:55 +02:00
Pascal Bleser
064dfbb630 add an OIDC Directory to Stalwart, requires exposing Keycloak port 8080 directly to access the userinfo endpoint using HTTP since the certificates in traefik are self-signed and end up being rejected by Stalwart with no option to bypass the certificate check 2026-07-01 14:56:55 +02:00
Pascal Bleser
3285c30266 rename Stalwart fallback admin username from 'admin' to 'mailadmin' since 'admin' exists as a regular user in LDAP and thus won't have access to the administration 2026-07-01 14:56:55 +02:00