mirror of
https://github.com/go-micro/go-micro.git
synced 2025-10-30 23:27:41 +02:00
remove auth cruft
This commit is contained in:
Asim Aslam
@@ -22,7 +22,6 @@ import (
|
||||
"github.com/micro/go-micro/v2/server"
|
||||
"github.com/micro/go-micro/v2/store"
|
||||
"github.com/micro/go-micro/v2/transport"
|
||||
authutil "github.com/micro/go-micro/v2/util/auth"
|
||||
|
||||
// clients
|
||||
cgrpc "github.com/micro/go-micro/v2/client/grpc"
|
||||
@@ -501,12 +500,6 @@ func (c *cmd) Before(ctx *cli.Context) error {
|
||||
}
|
||||
}
|
||||
|
||||
// generate the services auth account
|
||||
serverID := (*c.opts.Server).Options().Id
|
||||
if err := authutil.Generate(serverID, c.App().Name, (*c.opts.Auth)); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// Set the profile
|
||||
if name := ctx.String("profile"); len(name) > 0 {
|
||||
p, ok := c.opts.Profiles[name]
|
||||
|
||||
@@ -1,81 +0,0 @@
|
||||
package auth
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
"github.com/micro/go-micro/v2/auth"
|
||||
"github.com/micro/go-micro/v2/logger"
|
||||
)
|
||||
|
||||
// Generate generates a service account for and continually
|
||||
// refreshes the access token.
|
||||
func Generate(id string, name string, a auth.Auth) error {
|
||||
// extract the account creds from options, these can be set by flags
|
||||
accID := a.Options().ID
|
||||
accSecret := a.Options().Secret
|
||||
|
||||
// if no credentials were provided, generate an account
|
||||
if len(accID) == 0 || len(accSecret) == 0 {
|
||||
name := fmt.Sprintf("%v-%v", name, id)
|
||||
|
||||
opts := []auth.GenerateOption{
|
||||
auth.WithType("service"),
|
||||
auth.WithScopes("service"),
|
||||
}
|
||||
|
||||
acc, err := a.Generate(name, opts...)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
logger.Debugf("Auth [%v] Authenticated as %v issued by %v", a, name, acc.Issuer)
|
||||
|
||||
accID = acc.ID
|
||||
accSecret = acc.Secret
|
||||
}
|
||||
|
||||
// generate the first token
|
||||
token, err := a.Token(
|
||||
auth.WithCredentials(accID, accSecret),
|
||||
auth.WithExpiry(time.Minute*10),
|
||||
)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// set the credentials and token in auth options
|
||||
a.Init(
|
||||
auth.ClientToken(token),
|
||||
auth.Credentials(accID, accSecret),
|
||||
)
|
||||
|
||||
// periodically check to see if the token needs refreshing
|
||||
go func() {
|
||||
timer := time.NewTicker(time.Second * 15)
|
||||
|
||||
for {
|
||||
<-timer.C
|
||||
|
||||
// don't refresh the token if it's not close to expiring
|
||||
tok := a.Options().Token
|
||||
if tok.Expiry.Unix() > time.Now().Add(time.Minute).Unix() {
|
||||
continue
|
||||
}
|
||||
|
||||
// generate the first token
|
||||
tok, err := a.Token(
|
||||
auth.WithToken(tok.RefreshToken),
|
||||
auth.WithExpiry(time.Minute*10),
|
||||
)
|
||||
if err != nil {
|
||||
logger.Warnf("[Auth] Error refreshing token: %v", err)
|
||||
continue
|
||||
}
|
||||
|
||||
// set the token
|
||||
a.Init(auth.ClientToken(tok))
|
||||
}
|
||||
}()
|
||||
|
||||
return nil
|
||||
}
|
||||
Reference in New Issue
Block a user