From 8dbb5153f4851c72d6e9f695daff8520241564f1 Mon Sep 17 00:00:00 2001 From: Ben Toogood Date: Tue, 31 Mar 2020 17:01:51 +0100 Subject: [PATCH 01/14] Tweak Auth Interface --- auth/auth.go | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/auth/auth.go b/auth/auth.go index 4c175110..6bb9e479 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -33,7 +33,9 @@ type Auth interface { // Options set for auth Options() Options // Generate a new account - Generate(id string, opts ...GenerateOption) (*Account, error) + Generate(id, secret string, opts ...GenerateOption) (*Account, error) + // Login to an existing account + Login(id, secret string) (*Account, error) // Grant access to a resource Grant(role string, res *Resource) error // Revoke access to a resource @@ -42,8 +44,8 @@ type Auth interface { Verify(acc *Account, res *Resource) error // Inspect a token Inspect(token string) (*Account, error) - // Token generated using an account ID and secret - Token(id, secret string, opts ...TokenOption) (*Token, error) + // Token generated using refresh token + Token(id, refreshToken string, opts ...TokenOption) (*Token, error) // String returns the name of the implementation String() string } @@ -60,10 +62,12 @@ type Resource struct { // Account provided by an auth provider type Account struct { - // ID of the account (UUIDV4, email or username) + // Type of the account, e.g. service + Type string `json:"type"` + // ID of the account e.g. email ID string `json:"id"` - // Secret used to renew the account - Secret string `json:"secret"` + // RefreshToken used to renew the account + RefreshToken string `json:"refresh_token"` // Roles associated with the Account Roles []string `json:"roles"` // Any other associated metadata From 134bc1c68aa18a77a5661921c131343001563b1c Mon Sep 17 00:00:00 2001 From: Ben Toogood Date: Tue, 31 Mar 2020 18:17:01 +0100 Subject: [PATCH 02/14] Implement new interface --- auth/auth.go | 2 + auth/default.go | 17 +- auth/options.go | 8 +- auth/service/proto/auth.pb.go | 286 ++++++++++++++++++++-------- auth/service/proto/auth.pb.micro.go | 17 ++ auth/service/proto/auth.proto | 17 +- auth/service/service.go | 38 ++-- 7 files changed, 275 insertions(+), 110 deletions(-) diff --git a/auth/auth.go b/auth/auth.go index 6bb9e479..739c6e91 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -74,6 +74,8 @@ type Account struct { Metadata map[string]string `json:"metadata"` // Namespace the account belongs to, default blank Namespace string `json:"namespace"` + // Secret for the account, e.g. the password + Secret string `json:"secret"` } // Token can be short or long lived diff --git a/auth/default.go b/auth/default.go index c637f7c6..6f618682 100644 --- a/auth/default.go +++ b/auth/default.go @@ -34,17 +34,22 @@ func (n *noop) Options() Options { } // Generate a new account -func (n *noop) Generate(id string, opts ...GenerateOption) (*Account, error) { +func (n *noop) Generate(id, secret string, opts ...GenerateOption) (*Account, error) { options := NewGenerateOptions(opts...) return &Account{ - ID: id, - Roles: options.Roles, - Metadata: options.Metadata, - Secret: uuid.New().String(), + ID: id, + Roles: options.Roles, + Metadata: options.Metadata, + RefreshToken: uuid.New().String(), }, nil } +// Login to an existing account +func (n *noop) Login(id, secret string) (*Account, error) { + return &Account{ID: id}, nil +} + // Grant access to a resource func (n *noop) Grant(role string, res *Resource) error { return nil @@ -68,6 +73,6 @@ func (n *noop) Inspect(token string) (*Account, error) { } // Token generation using an account id and secret -func (n *noop) Token(id, secret string, opts ...TokenOption) (*Token, error) { +func (n *noop) Token(id, tok string, opts ...TokenOption) (*Token, error) { return &Token{}, nil } diff --git a/auth/options.go b/auth/options.go index 90bbc1df..f95710c8 100644 --- a/auth/options.go +++ b/auth/options.go @@ -10,8 +10,8 @@ import ( type Options struct { // ID is the services auth ID ID string - // Secret is used to generate new tokens - Secret string + // RefreshToken is used to generate new tokens + RefreshToken string // Token is the services token used to authenticate itself Token *Token // Public key base64 encoded @@ -50,10 +50,10 @@ func PrivateKey(key string) Option { } // Credentials sets the auth credentials -func Credentials(id, secret string) Option { +func Credentials(id, refresh string) Option { return func(o *Options) { o.ID = id - o.Secret = secret + o.RefreshToken = refresh } } diff --git a/auth/service/proto/auth.pb.go b/auth/service/proto/auth.pb.go index 0b941edc..95c39aa1 100644 --- a/auth/service/proto/auth.pb.go +++ b/auth/service/proto/auth.pb.go @@ -214,11 +214,13 @@ func (m *Token) GetNamespace() string { } type Account struct { - Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` - Secret string `protobuf:"bytes,2,opt,name=secret,proto3" json:"secret,omitempty"` + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + // string secret = 2; Roles []string `protobuf:"bytes,3,rep,name=roles,proto3" json:"roles,omitempty"` Metadata map[string]string `protobuf:"bytes,4,rep,name=metadata,proto3" json:"metadata,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` Namespace string `protobuf:"bytes,5,opt,name=namespace,proto3" json:"namespace,omitempty"` + Type string `protobuf:"bytes,6,opt,name=type,proto3" json:"type,omitempty"` + RefreshToken string `protobuf:"bytes,7,opt,name=refresh_token,json=refreshToken,proto3" json:"refresh_token,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -256,13 +258,6 @@ func (m *Account) GetId() string { return "" } -func (m *Account) GetSecret() string { - if m != nil { - return m.Secret - } - return "" -} - func (m *Account) GetRoles() []string { if m != nil { return m.Roles @@ -284,6 +279,20 @@ func (m *Account) GetNamespace() string { return "" } +func (m *Account) GetType() string { + if m != nil { + return m.Type + } + return "" +} + +func (m *Account) GetRefreshToken() string { + if m != nil { + return m.RefreshToken + } + return "" +} + type Resource struct { Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` Type string `protobuf:"bytes,2,opt,name=type,proto3" json:"type,omitempty"` @@ -339,11 +348,99 @@ func (m *Resource) GetEndpoint() string { return "" } +type LoginRequest struct { + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + Secret string `protobuf:"bytes,2,opt,name=secret,proto3" json:"secret,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *LoginRequest) Reset() { *m = LoginRequest{} } +func (m *LoginRequest) String() string { return proto.CompactTextString(m) } +func (*LoginRequest) ProtoMessage() {} +func (*LoginRequest) Descriptor() ([]byte, []int) { + return fileDescriptor_11312eec02fd5712, []int{5} +} + +func (m *LoginRequest) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_LoginRequest.Unmarshal(m, b) +} +func (m *LoginRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_LoginRequest.Marshal(b, m, deterministic) +} +func (m *LoginRequest) XXX_Merge(src proto.Message) { + xxx_messageInfo_LoginRequest.Merge(m, src) +} +func (m *LoginRequest) XXX_Size() int { + return xxx_messageInfo_LoginRequest.Size(m) +} +func (m *LoginRequest) XXX_DiscardUnknown() { + xxx_messageInfo_LoginRequest.DiscardUnknown(m) +} + +var xxx_messageInfo_LoginRequest proto.InternalMessageInfo + +func (m *LoginRequest) GetId() string { + if m != nil { + return m.Id + } + return "" +} + +func (m *LoginRequest) GetSecret() string { + if m != nil { + return m.Secret + } + return "" +} + +type LoginResponse struct { + Account *Account `protobuf:"bytes,1,opt,name=account,proto3" json:"account,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *LoginResponse) Reset() { *m = LoginResponse{} } +func (m *LoginResponse) String() string { return proto.CompactTextString(m) } +func (*LoginResponse) ProtoMessage() {} +func (*LoginResponse) Descriptor() ([]byte, []int) { + return fileDescriptor_11312eec02fd5712, []int{6} +} + +func (m *LoginResponse) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_LoginResponse.Unmarshal(m, b) +} +func (m *LoginResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_LoginResponse.Marshal(b, m, deterministic) +} +func (m *LoginResponse) XXX_Merge(src proto.Message) { + xxx_messageInfo_LoginResponse.Merge(m, src) +} +func (m *LoginResponse) XXX_Size() int { + return xxx_messageInfo_LoginResponse.Size(m) +} +func (m *LoginResponse) XXX_DiscardUnknown() { + xxx_messageInfo_LoginResponse.DiscardUnknown(m) +} + +var xxx_messageInfo_LoginResponse proto.InternalMessageInfo + +func (m *LoginResponse) GetAccount() *Account { + if m != nil { + return m.Account + } + return nil +} + type GenerateRequest struct { Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` Roles []string `protobuf:"bytes,2,rep,name=roles,proto3" json:"roles,omitempty"` Metadata map[string]string `protobuf:"bytes,3,rep,name=metadata,proto3" json:"metadata,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` Namespace string `protobuf:"bytes,4,opt,name=namespace,proto3" json:"namespace,omitempty"` + Secret string `protobuf:"bytes,5,opt,name=secret,proto3" json:"secret,omitempty"` + Type string `protobuf:"bytes,6,opt,name=type,proto3" json:"type,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -353,7 +450,7 @@ func (m *GenerateRequest) Reset() { *m = GenerateRequest{} } func (m *GenerateRequest) String() string { return proto.CompactTextString(m) } func (*GenerateRequest) ProtoMessage() {} func (*GenerateRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{5} + return fileDescriptor_11312eec02fd5712, []int{7} } func (m *GenerateRequest) XXX_Unmarshal(b []byte) error { @@ -402,6 +499,20 @@ func (m *GenerateRequest) GetNamespace() string { return "" } +func (m *GenerateRequest) GetSecret() string { + if m != nil { + return m.Secret + } + return "" +} + +func (m *GenerateRequest) GetType() string { + if m != nil { + return m.Type + } + return "" +} + type GenerateResponse struct { Account *Account `protobuf:"bytes,1,opt,name=account,proto3" json:"account,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` @@ -413,7 +524,7 @@ func (m *GenerateResponse) Reset() { *m = GenerateResponse{} } func (m *GenerateResponse) String() string { return proto.CompactTextString(m) } func (*GenerateResponse) ProtoMessage() {} func (*GenerateResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{6} + return fileDescriptor_11312eec02fd5712, []int{8} } func (m *GenerateResponse) XXX_Unmarshal(b []byte) error { @@ -453,7 +564,7 @@ func (m *GrantRequest) Reset() { *m = GrantRequest{} } func (m *GrantRequest) String() string { return proto.CompactTextString(m) } func (*GrantRequest) ProtoMessage() {} func (*GrantRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{7} + return fileDescriptor_11312eec02fd5712, []int{9} } func (m *GrantRequest) XXX_Unmarshal(b []byte) error { @@ -498,7 +609,7 @@ func (m *GrantResponse) Reset() { *m = GrantResponse{} } func (m *GrantResponse) String() string { return proto.CompactTextString(m) } func (*GrantResponse) ProtoMessage() {} func (*GrantResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{8} + return fileDescriptor_11312eec02fd5712, []int{10} } func (m *GrantResponse) XXX_Unmarshal(b []byte) error { @@ -531,7 +642,7 @@ func (m *RevokeRequest) Reset() { *m = RevokeRequest{} } func (m *RevokeRequest) String() string { return proto.CompactTextString(m) } func (*RevokeRequest) ProtoMessage() {} func (*RevokeRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{9} + return fileDescriptor_11312eec02fd5712, []int{11} } func (m *RevokeRequest) XXX_Unmarshal(b []byte) error { @@ -576,7 +687,7 @@ func (m *RevokeResponse) Reset() { *m = RevokeResponse{} } func (m *RevokeResponse) String() string { return proto.CompactTextString(m) } func (*RevokeResponse) ProtoMessage() {} func (*RevokeResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{10} + return fileDescriptor_11312eec02fd5712, []int{12} } func (m *RevokeResponse) XXX_Unmarshal(b []byte) error { @@ -608,7 +719,7 @@ func (m *InspectRequest) Reset() { *m = InspectRequest{} } func (m *InspectRequest) String() string { return proto.CompactTextString(m) } func (*InspectRequest) ProtoMessage() {} func (*InspectRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{11} + return fileDescriptor_11312eec02fd5712, []int{13} } func (m *InspectRequest) XXX_Unmarshal(b []byte) error { @@ -647,7 +758,7 @@ func (m *InspectResponse) Reset() { *m = InspectResponse{} } func (m *InspectResponse) String() string { return proto.CompactTextString(m) } func (*InspectResponse) ProtoMessage() {} func (*InspectResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{12} + return fileDescriptor_11312eec02fd5712, []int{14} } func (m *InspectResponse) XXX_Unmarshal(b []byte) error { @@ -677,7 +788,7 @@ func (m *InspectResponse) GetAccount() *Account { type TokenRequest struct { Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` - Secret string `protobuf:"bytes,2,opt,name=secret,proto3" json:"secret,omitempty"` + RefreshToken string `protobuf:"bytes,2,opt,name=refresh_token,json=refreshToken,proto3" json:"refresh_token,omitempty"` TokenExpiry int64 `protobuf:"varint,3,opt,name=token_expiry,json=tokenExpiry,proto3" json:"token_expiry,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -688,7 +799,7 @@ func (m *TokenRequest) Reset() { *m = TokenRequest{} } func (m *TokenRequest) String() string { return proto.CompactTextString(m) } func (*TokenRequest) ProtoMessage() {} func (*TokenRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{13} + return fileDescriptor_11312eec02fd5712, []int{15} } func (m *TokenRequest) XXX_Unmarshal(b []byte) error { @@ -716,9 +827,9 @@ func (m *TokenRequest) GetId() string { return "" } -func (m *TokenRequest) GetSecret() string { +func (m *TokenRequest) GetRefreshToken() string { if m != nil { - return m.Secret + return m.RefreshToken } return "" } @@ -741,7 +852,7 @@ func (m *TokenResponse) Reset() { *m = TokenResponse{} } func (m *TokenResponse) String() string { return proto.CompactTextString(m) } func (*TokenResponse) ProtoMessage() {} func (*TokenResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{14} + return fileDescriptor_11312eec02fd5712, []int{16} } func (m *TokenResponse) XXX_Unmarshal(b []byte) error { @@ -783,7 +894,7 @@ func (m *Rule) Reset() { *m = Rule{} } func (m *Rule) String() string { return proto.CompactTextString(m) } func (*Rule) ProtoMessage() {} func (*Rule) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{15} + return fileDescriptor_11312eec02fd5712, []int{17} } func (m *Rule) XXX_Unmarshal(b []byte) error { @@ -845,7 +956,7 @@ func (m *CreateRequest) Reset() { *m = CreateRequest{} } func (m *CreateRequest) String() string { return proto.CompactTextString(m) } func (*CreateRequest) ProtoMessage() {} func (*CreateRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{16} + return fileDescriptor_11312eec02fd5712, []int{18} } func (m *CreateRequest) XXX_Unmarshal(b []byte) error { @@ -897,7 +1008,7 @@ func (m *CreateResponse) Reset() { *m = CreateResponse{} } func (m *CreateResponse) String() string { return proto.CompactTextString(m) } func (*CreateResponse) ProtoMessage() {} func (*CreateResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{17} + return fileDescriptor_11312eec02fd5712, []int{19} } func (m *CreateResponse) XXX_Unmarshal(b []byte) error { @@ -931,7 +1042,7 @@ func (m *DeleteRequest) Reset() { *m = DeleteRequest{} } func (m *DeleteRequest) String() string { return proto.CompactTextString(m) } func (*DeleteRequest) ProtoMessage() {} func (*DeleteRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{18} + return fileDescriptor_11312eec02fd5712, []int{20} } func (m *DeleteRequest) XXX_Unmarshal(b []byte) error { @@ -983,7 +1094,7 @@ func (m *DeleteResponse) Reset() { *m = DeleteResponse{} } func (m *DeleteResponse) String() string { return proto.CompactTextString(m) } func (*DeleteResponse) ProtoMessage() {} func (*DeleteResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{19} + return fileDescriptor_11312eec02fd5712, []int{21} } func (m *DeleteResponse) XXX_Unmarshal(b []byte) error { @@ -1014,7 +1125,7 @@ func (m *ListRequest) Reset() { *m = ListRequest{} } func (m *ListRequest) String() string { return proto.CompactTextString(m) } func (*ListRequest) ProtoMessage() {} func (*ListRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{20} + return fileDescriptor_11312eec02fd5712, []int{22} } func (m *ListRequest) XXX_Unmarshal(b []byte) error { @@ -1046,7 +1157,7 @@ func (m *ListResponse) Reset() { *m = ListResponse{} } func (m *ListResponse) String() string { return proto.CompactTextString(m) } func (*ListResponse) ProtoMessage() {} func (*ListResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{21} + return fileDescriptor_11312eec02fd5712, []int{23} } func (m *ListResponse) XXX_Unmarshal(b []byte) error { @@ -1083,6 +1194,8 @@ func init() { proto.RegisterType((*Account)(nil), "go.micro.auth.Account") proto.RegisterMapType((map[string]string)(nil), "go.micro.auth.Account.MetadataEntry") proto.RegisterType((*Resource)(nil), "go.micro.auth.Resource") + proto.RegisterType((*LoginRequest)(nil), "go.micro.auth.LoginRequest") + proto.RegisterType((*LoginResponse)(nil), "go.micro.auth.LoginResponse") proto.RegisterType((*GenerateRequest)(nil), "go.micro.auth.GenerateRequest") proto.RegisterMapType((map[string]string)(nil), "go.micro.auth.GenerateRequest.MetadataEntry") proto.RegisterType((*GenerateResponse)(nil), "go.micro.auth.GenerateResponse") @@ -1108,59 +1221,64 @@ func init() { } var fileDescriptor_11312eec02fd5712 = []byte{ - // 860 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x56, 0xdd, 0x8e, 0xdb, 0x44, - 0x14, 0x5e, 0xff, 0xc4, 0xf1, 0x9e, 0xfc, 0x6c, 0x34, 0xdd, 0x16, 0x2b, 0xfd, 0x21, 0x18, 0x84, - 0x96, 0x8a, 0x3a, 0x28, 0xbd, 0xe0, 0xa7, 0x12, 0x22, 0x6a, 0xa2, 0xd0, 0x42, 0x83, 0xb0, 0x8a, - 0x0a, 0x17, 0x08, 0x79, 0x9d, 0xa3, 0x5d, 0xb3, 0x89, 0x1d, 0x3c, 0xe3, 0x15, 0x79, 0x02, 0xee, - 0x78, 0x14, 0x9e, 0xa8, 0x97, 0x48, 0xbc, 0x06, 0x9a, 0xf1, 0x8c, 0x37, 0x71, 0x9c, 0x55, 0x84, - 0x72, 0xc1, 0xdd, 0x9c, 0x99, 0x33, 0xdf, 0x7c, 0xdf, 0xe7, 0x33, 0xc7, 0x03, 0x9f, 0x5e, 0x44, - 0xec, 0x32, 0x3b, 0xf7, 0xc2, 0x64, 0xd1, 0x5f, 0x44, 0x61, 0x9a, 0xf4, 0x2f, 0x92, 0x27, 0xf9, - 0x20, 0xc8, 0xd8, 0x65, 0x9f, 0x62, 0x7a, 0x1d, 0x85, 0xd8, 0x5f, 0xa6, 0x09, 0xcb, 0xa7, 0x3c, - 0x31, 0x24, 0xad, 0x8b, 0xc4, 0x13, 0x79, 0x1e, 0x9f, 0x74, 0xef, 0xc2, 0x9d, 0x6f, 0x23, 0xca, - 0x86, 0x61, 0x98, 0x64, 0x31, 0xa3, 0x3e, 0xfe, 0x96, 0x21, 0x65, 0xee, 0x4b, 0x38, 0xdd, 0x9c, - 0xa6, 0xcb, 0x24, 0xa6, 0x48, 0x06, 0x60, 0x07, 0x72, 0xce, 0xd1, 0x7a, 0xc6, 0x59, 0x63, 0x70, - 0xcf, 0xdb, 0x00, 0xf4, 0xe4, 0x16, 0xbf, 0xc8, 0x73, 0xff, 0xd2, 0xa1, 0xf6, 0x3a, 0xb9, 0xc2, - 0x98, 0x9c, 0x42, 0x8d, 0xf1, 0x81, 0xa3, 0xf5, 0xb4, 0xb3, 0x63, 0x3f, 0x0f, 0x08, 0x01, 0x93, - 0xad, 0x96, 0xe8, 0xe8, 0x62, 0x52, 0x8c, 0x89, 0x03, 0xf5, 0x30, 0xc5, 0x80, 0xe1, 0xcc, 0x31, - 0x7a, 0xda, 0x99, 0xe1, 0xab, 0x90, 0xdc, 0x03, 0x0b, 0x7f, 0x5f, 0x46, 0xe9, 0xca, 0x31, 0xc5, - 0x82, 0x8c, 0xf8, 0x0e, 0x9a, 0x9d, 0xff, 0x8a, 0x21, 0x73, 0x6a, 0x02, 0x48, 0x85, 0xfc, 0xd4, - 0x34, 0x99, 0x23, 0x75, 0xac, 0x9e, 0xc1, 0x4f, 0x15, 0x01, 0xf9, 0x12, 0xec, 0x05, 0xb2, 0x60, - 0x16, 0xb0, 0xc0, 0xa9, 0x0b, 0x25, 0x6e, 0x49, 0x89, 0xe0, 0xec, 0xbd, 0x92, 0x49, 0xe3, 0x98, - 0xa5, 0x2b, 0xbf, 0xd8, 0x43, 0x1e, 0xc0, 0x71, 0x1c, 0x2c, 0x90, 0x2e, 0x83, 0x10, 0x1d, 0x5b, - 0x9c, 0x78, 0x33, 0xd1, 0x7d, 0x06, 0xad, 0x8d, 0x8d, 0xa4, 0x03, 0xc6, 0x15, 0xae, 0xa4, 0x70, - 0x3e, 0xe4, 0xb4, 0xae, 0x83, 0x79, 0xa6, 0x74, 0xe7, 0xc1, 0x17, 0xfa, 0x67, 0x9a, 0xfb, 0xb7, - 0x06, 0x75, 0x69, 0x23, 0x69, 0x83, 0x1e, 0xcd, 0xe4, 0x36, 0x3d, 0x12, 0xf2, 0x29, 0x86, 0x29, - 0x32, 0xb9, 0x4d, 0x46, 0x37, 0x22, 0x8d, 0x75, 0x91, 0x5f, 0xad, 0x89, 0x34, 0x85, 0xc8, 0x0f, - 0xaa, 0x3f, 0xd7, 0x7e, 0x32, 0x6b, 0x07, 0x95, 0x39, 0x05, 0xdb, 0x47, 0x9a, 0x64, 0x69, 0x88, - 0xbc, 0x06, 0x38, 0xaa, 0xdc, 0x28, 0xc6, 0x95, 0x75, 0xd1, 0x05, 0x1b, 0xe3, 0xd9, 0x32, 0x89, - 0x62, 0x26, 0x0a, 0xe3, 0xd8, 0x2f, 0x62, 0xf7, 0xad, 0x06, 0x27, 0x13, 0x8c, 0x31, 0x0d, 0x18, - 0xca, 0x3a, 0xde, 0xb2, 0xaf, 0xb0, 0x49, 0x5f, 0xb7, 0xe9, 0xeb, 0x35, 0x9b, 0x0c, 0x61, 0xd3, - 0xc7, 0x25, 0x9b, 0x4a, 0xb8, 0xfb, 0xd9, 0x65, 0x1e, 0xd4, 0xae, 0x11, 0x74, 0x6e, 0x58, 0xc8, - 0xeb, 0xf8, 0x09, 0xd4, 0xe5, 0x35, 0x13, 0x18, 0xbb, 0x6f, 0xa3, 0x4a, 0x73, 0xdf, 0x40, 0x73, - 0x92, 0x06, 0x31, 0x53, 0x06, 0x11, 0x30, 0xb9, 0x07, 0xca, 0x78, 0x3e, 0x26, 0x4f, 0xc1, 0x4e, - 0xe5, 0x87, 0x11, 0x34, 0x1a, 0x83, 0x77, 0x4a, 0xb0, 0xea, 0xbb, 0xf9, 0x45, 0xa2, 0x7b, 0x02, - 0x2d, 0x09, 0x9c, 0x73, 0x73, 0x7f, 0x84, 0x96, 0x8f, 0xd7, 0xc9, 0x15, 0x1e, 0xfc, 0xa8, 0x0e, - 0xb4, 0x15, 0xb2, 0x3c, 0xeb, 0x43, 0x68, 0xbf, 0x88, 0xe9, 0x12, 0xc3, 0x42, 0x57, 0x65, 0xab, - 0x71, 0x9f, 0xc3, 0x49, 0x91, 0xf7, 0x9f, 0x2d, 0xfc, 0x09, 0x9a, 0xa2, 0x35, 0xec, 0xaa, 0xb1, - 0x5d, 0x57, 0xf4, 0x3d, 0x68, 0x0a, 0x16, 0xbf, 0xc8, 0xfe, 0x95, 0x37, 0xb6, 0x86, 0x98, 0x1b, - 0x8b, 0x29, 0xf7, 0x19, 0xb4, 0x24, 0xb4, 0x64, 0xf7, 0x78, 0x5d, 0x46, 0x63, 0x70, 0x5a, 0xd5, - 0xa2, 0x94, 0xb8, 0x3f, 0x35, 0x30, 0xfd, 0x6c, 0x8e, 0x5b, 0x84, 0x94, 0xf1, 0xfa, 0x0e, 0xe3, - 0x8d, 0x3d, 0x8d, 0x27, 0x4f, 0xc0, 0x0a, 0xc2, 0x10, 0x29, 0x15, 0xa5, 0xdd, 0x1e, 0xdc, 0xdd, - 0xb6, 0x0a, 0x29, 0xf5, 0x65, 0x92, 0xfb, 0x87, 0x06, 0xad, 0xe7, 0xa2, 0x6d, 0x1f, 0xba, 0x04, - 0xd6, 0x98, 0x18, 0xfb, 0x30, 0xe9, 0x40, 0x5b, 0x11, 0x91, 0x15, 0xc3, 0xb9, 0x8d, 0x70, 0x8e, - 0xff, 0x0b, 0x6e, 0x8a, 0x88, 0xe4, 0xd6, 0x82, 0x06, 0xff, 0xf9, 0xaa, 0x7f, 0xf1, 0xe7, 0xd0, - 0xcc, 0x43, 0x59, 0x13, 0x1f, 0x41, 0x2d, 0xcd, 0x78, 0x0f, 0xcb, 0x7f, 0xc0, 0x77, 0xca, 0x8c, - 0xb2, 0x39, 0xfa, 0x79, 0xc6, 0x63, 0x0f, 0xac, 0xfc, 0x34, 0xd2, 0x80, 0xfa, 0x0f, 0xd3, 0x6f, - 0xa6, 0xdf, 0xbd, 0x99, 0x76, 0x8e, 0x78, 0x30, 0xf1, 0x87, 0xd3, 0xd7, 0xe3, 0x51, 0x47, 0x23, - 0x00, 0xd6, 0x68, 0x3c, 0x7d, 0x31, 0x1e, 0x75, 0xf4, 0xc1, 0x3f, 0x1a, 0x98, 0xc3, 0x8c, 0x5d, - 0x92, 0x57, 0x60, 0xab, 0x66, 0x43, 0x1e, 0xdd, 0xde, 0x0b, 0xbb, 0xef, 0xee, 0x5c, 0x97, 0x7a, - 0x8e, 0xc8, 0x4b, 0xa8, 0xcb, 0x7b, 0x47, 0x1e, 0x96, 0xb2, 0x37, 0xef, 0x6d, 0xf7, 0xd1, 0xae, - 0xe5, 0x02, 0x6b, 0xa4, 0x5e, 0x13, 0xf7, 0x2b, 0x2f, 0x83, 0xc4, 0x79, 0x50, 0xbd, 0xa8, 0x50, - 0x06, 0x3f, 0x83, 0xad, 0x1e, 0x37, 0xe4, 0x7b, 0x30, 0xb9, 0xc1, 0xa4, 0xfc, 0x00, 0xa8, 0x78, - 0x18, 0x75, 0xdf, 0xbf, 0x35, 0xa7, 0x80, 0x7f, 0xab, 0x41, 0x8d, 0x7f, 0x08, 0x4a, 0x26, 0x60, - 0xe5, 0xa5, 0x47, 0xca, 0x94, 0x36, 0xae, 0x46, 0xf7, 0xe1, 0x8e, 0xd5, 0x42, 0xf7, 0x04, 0xac, - 0xbc, 0x4e, 0xb6, 0x80, 0x36, 0xea, 0x78, 0x0b, 0xa8, 0x54, 0x5c, 0x47, 0x64, 0x28, 0xe5, 0x76, - 0x2b, 0xa4, 0x28, 0x90, 0xfb, 0x95, 0x6b, 0x0a, 0xe2, 0xdc, 0x12, 0x6f, 0xc9, 0xa7, 0xff, 0x06, - 0x00, 0x00, 0xff, 0xff, 0x24, 0x1b, 0xf8, 0x32, 0x86, 0x0a, 0x00, 0x00, + // 931 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x56, 0x6d, 0x6f, 0xdb, 0x36, + 0x10, 0x8e, 0x24, 0x5b, 0x56, 0xce, 0x96, 0x63, 0xb0, 0x69, 0x26, 0xb8, 0x2f, 0xcb, 0xd4, 0x61, + 0xc8, 0x8a, 0x55, 0x19, 0x5c, 0x60, 0x6f, 0x05, 0x86, 0x19, 0xb5, 0xe1, 0xb5, 0x6b, 0x3d, 0x4c, + 0xe8, 0xd0, 0x7d, 0x19, 0x0a, 0x45, 0xbe, 0x26, 0x5a, 0x1c, 0xc9, 0x13, 0xa9, 0x60, 0xf9, 0x01, + 0xc3, 0xf6, 0x69, 0xff, 0x64, 0xfb, 0x45, 0xfb, 0x31, 0x03, 0x29, 0x52, 0x91, 0x25, 0xb9, 0x08, + 0xda, 0x7c, 0xd8, 0x37, 0xde, 0xf1, 0x78, 0xf7, 0x3c, 0xf7, 0x42, 0x12, 0x3e, 0x3f, 0x8e, 0xd8, + 0x49, 0x76, 0xe4, 0x85, 0xc9, 0xd9, 0xe1, 0x59, 0x14, 0xa6, 0xc9, 0xe1, 0x71, 0xf2, 0x20, 0x5f, + 0x04, 0x19, 0x3b, 0x39, 0xa4, 0x98, 0x9e, 0x47, 0x21, 0x1e, 0xae, 0xd2, 0x84, 0xe5, 0x2a, 0x4f, + 0x2c, 0x89, 0x7d, 0x9c, 0x78, 0xc2, 0xce, 0xe3, 0x4a, 0xf7, 0x26, 0xdc, 0x78, 0x16, 0x51, 0x36, + 0x0e, 0xc3, 0x24, 0x8b, 0x19, 0xf5, 0xf1, 0xd7, 0x0c, 0x29, 0x73, 0x9f, 0xc2, 0xee, 0xba, 0x9a, + 0xae, 0x92, 0x98, 0x22, 0x19, 0x81, 0x15, 0x48, 0x9d, 0xa3, 0xed, 0x1b, 0x07, 0xdd, 0xd1, 0x9e, + 0xb7, 0xe6, 0xd0, 0x93, 0x47, 0xfc, 0xc2, 0xce, 0xfd, 0x47, 0x87, 0xf6, 0x8b, 0xe4, 0x14, 0x63, + 0xb2, 0x0b, 0x6d, 0xc6, 0x17, 0x8e, 0xb6, 0xaf, 0x1d, 0x6c, 0xfb, 0xb9, 0x40, 0x08, 0xb4, 0xd8, + 0xc5, 0x0a, 0x1d, 0x5d, 0x28, 0xc5, 0x9a, 0x38, 0xd0, 0x09, 0x53, 0x0c, 0x18, 0x2e, 0x1c, 0x63, + 0x5f, 0x3b, 0x30, 0x7c, 0x25, 0x92, 0x3d, 0x30, 0xf1, 0xb7, 0x55, 0x94, 0x5e, 0x38, 0x2d, 0xb1, + 0x21, 0x25, 0x7e, 0x82, 0x66, 0x47, 0xbf, 0x60, 0xc8, 0x9c, 0xb6, 0x70, 0xa4, 0x44, 0x1e, 0x35, + 0x4d, 0x96, 0x48, 0x1d, 0x73, 0xdf, 0xe0, 0x51, 0x85, 0x40, 0xbe, 0x06, 0xeb, 0x0c, 0x59, 0xb0, + 0x08, 0x58, 0xe0, 0x74, 0x04, 0x13, 0xb7, 0xc2, 0x44, 0x60, 0xf6, 0x9e, 0x4b, 0xa3, 0x69, 0xcc, + 0xd2, 0x0b, 0xbf, 0x38, 0x43, 0x6e, 0xc3, 0x76, 0x1c, 0x9c, 0x21, 0x5d, 0x05, 0x21, 0x3a, 0x96, + 0x88, 0x78, 0xa9, 0x18, 0x3e, 0x02, 0x7b, 0xed, 0x20, 0x19, 0x80, 0x71, 0x8a, 0x17, 0x92, 0x38, + 0x5f, 0x72, 0x58, 0xe7, 0xc1, 0x32, 0x53, 0xbc, 0x73, 0xe1, 0x2b, 0xfd, 0x0b, 0xcd, 0xfd, 0x5d, + 0x87, 0x8e, 0x4c, 0x23, 0xe9, 0x83, 0x1e, 0x2d, 0xe4, 0x31, 0x3d, 0x5a, 0x5c, 0x92, 0x31, 0xca, + 0x64, 0xbe, 0x29, 0x91, 0x69, 0x09, 0x32, 0x1f, 0x36, 0x97, 0xe5, 0x6a, 0x74, 0xda, 0x15, 0x3a, + 0x45, 0x89, 0xcc, 0x52, 0x89, 0xee, 0x81, 0x9d, 0xe2, 0xeb, 0x14, 0xe9, 0xc9, 0xab, 0xbc, 0xa8, + 0x1d, 0xb1, 0xd9, 0x93, 0x4a, 0x91, 0xbd, 0x77, 0xcb, 0xc3, 0x1c, 0x2c, 0x1f, 0x69, 0x92, 0xa5, + 0x39, 0x02, 0x0e, 0x47, 0x1e, 0x14, 0xeb, 0xc6, 0xc6, 0x19, 0x82, 0x85, 0xf1, 0x62, 0x95, 0x44, + 0x31, 0x13, 0x9d, 0xb3, 0xed, 0x17, 0xb2, 0xfb, 0x19, 0xf4, 0x9e, 0x25, 0xc7, 0x51, 0x2c, 0x9b, + 0xbc, 0x96, 0xdb, 0x3d, 0x30, 0x29, 0x86, 0x29, 0x32, 0xe9, 0x51, 0x4a, 0xee, 0x18, 0x6c, 0x79, + 0x4e, 0x4e, 0xc1, 0xa7, 0xd0, 0x91, 0xdd, 0x2d, 0x4e, 0x6f, 0x1e, 0x02, 0x65, 0xe6, 0xfe, 0xa9, + 0xc3, 0xce, 0x0c, 0x63, 0x4c, 0x03, 0x86, 0x9b, 0xc2, 0x17, 0xa5, 0xd5, 0xcb, 0xa5, 0xfd, 0xb6, + 0x54, 0x5a, 0x43, 0x94, 0xf6, 0x93, 0x4a, 0xb0, 0x8a, 0xdf, 0xab, 0x95, 0xb8, 0x55, 0x2d, 0xf1, + 0x25, 0xf9, 0x76, 0x99, 0x7c, 0x53, 0xe9, 0xdf, 0xad, 0xaa, 0x13, 0x18, 0x5c, 0x22, 0x7e, 0xeb, + 0x84, 0xbe, 0x84, 0xde, 0x2c, 0x0d, 0x62, 0xa6, 0x92, 0x49, 0xa0, 0xc5, 0xf3, 0xa5, 0xfa, 0x83, + 0xaf, 0xc9, 0x43, 0xb0, 0x52, 0xd9, 0x3f, 0x02, 0x46, 0x77, 0xf4, 0x5e, 0xc5, 0xad, 0x6a, 0x2f, + 0xbf, 0x30, 0x74, 0x77, 0xc0, 0x96, 0x8e, 0x73, 0x6c, 0xee, 0x4f, 0x60, 0xfb, 0x78, 0x9e, 0x9c, + 0xe2, 0xb5, 0x87, 0x1a, 0x40, 0x5f, 0x79, 0x96, 0xb1, 0x3e, 0x82, 0xfe, 0x93, 0x98, 0xae, 0x30, + 0x2c, 0x78, 0x35, 0x5e, 0x99, 0xee, 0x63, 0xd8, 0x29, 0xec, 0xde, 0x3a, 0x85, 0xaf, 0xa1, 0x27, + 0x86, 0x74, 0x53, 0x3f, 0xd6, 0x06, 0x5c, 0xaf, 0x0f, 0x38, 0xf9, 0x00, 0x7a, 0x62, 0xf3, 0x95, + 0xbc, 0x94, 0xf3, 0xdb, 0xba, 0x2b, 0x74, 0x53, 0xa1, 0x72, 0x1f, 0x81, 0x2d, 0xe3, 0x48, 0xa8, + 0xf7, 0xcb, 0x9c, 0xba, 0xa3, 0xdd, 0xa6, 0x7b, 0x57, 0x31, 0xfd, 0x4b, 0x83, 0x96, 0x9f, 0x2d, + 0xb1, 0x86, 0x4e, 0x55, 0x41, 0xdf, 0x50, 0x05, 0xe3, 0x8a, 0x55, 0x20, 0x0f, 0xc0, 0x0c, 0xc2, + 0x10, 0x29, 0x15, 0x33, 0xd1, 0x1f, 0xdd, 0xac, 0xe7, 0x0d, 0x29, 0xf5, 0xa5, 0x91, 0xfb, 0x87, + 0x06, 0xf6, 0x63, 0xf1, 0x16, 0x5d, 0x77, 0x3f, 0x94, 0x90, 0x18, 0x57, 0x41, 0x32, 0x80, 0xbe, + 0x02, 0x22, 0xdb, 0x87, 0x63, 0x9b, 0xe0, 0x12, 0xff, 0x17, 0xd8, 0x14, 0x10, 0x89, 0xcd, 0x86, + 0x2e, 0xff, 0x51, 0xa8, 0x0f, 0xc6, 0x97, 0xd0, 0xcb, 0x45, 0xd9, 0x13, 0x1f, 0x43, 0x3b, 0xcd, + 0xf8, 0xe5, 0x97, 0xff, 0x2a, 0x6e, 0x54, 0x11, 0x65, 0x4b, 0xf4, 0x73, 0x8b, 0xfb, 0x1e, 0x98, + 0x79, 0x34, 0xd2, 0x85, 0xce, 0x8f, 0xf3, 0xef, 0xe6, 0xdf, 0xbf, 0x9c, 0x0f, 0xb6, 0xb8, 0x30, + 0xf3, 0xc7, 0xf3, 0x17, 0xd3, 0xc9, 0x40, 0x23, 0x00, 0xe6, 0x64, 0x3a, 0x7f, 0x32, 0x9d, 0x0c, + 0xf4, 0xd1, 0xdf, 0x3a, 0xb4, 0xc6, 0x19, 0x3b, 0x21, 0xcf, 0xc1, 0x52, 0x37, 0x0f, 0xb9, 0xfb, + 0xe6, 0x4b, 0x74, 0xf8, 0xfe, 0xc6, 0x7d, 0xc9, 0x67, 0x8b, 0x3c, 0x85, 0x8e, 0x1c, 0x42, 0x72, + 0xa7, 0x62, 0xbd, 0x3e, 0xc4, 0xc3, 0xbb, 0x9b, 0xb6, 0x0b, 0x5f, 0x13, 0xf5, 0x45, 0xba, 0xd5, + 0x38, 0x0c, 0xd2, 0xcf, 0xed, 0xe6, 0xcd, 0xb2, 0x17, 0xf1, 0x50, 0xd5, 0xbc, 0x94, 0x9f, 0xbd, + 0x9a, 0x97, 0xb5, 0xb7, 0xcd, 0xdd, 0x1a, 0xfd, 0x0c, 0x96, 0xfa, 0xf7, 0x91, 0x1f, 0xa0, 0xc5, + 0xcb, 0x44, 0xaa, 0x7f, 0xa3, 0x86, 0x3f, 0xe3, 0xf0, 0xde, 0x1b, 0x6d, 0x0a, 0xf7, 0xff, 0x6a, + 0xd0, 0xe6, 0xe5, 0xa4, 0x64, 0x06, 0x66, 0xde, 0xc0, 0xa4, 0x0a, 0x69, 0x6d, 0xc0, 0x86, 0x77, + 0x36, 0xec, 0x16, 0xbc, 0x67, 0x60, 0xe6, 0xdd, 0x56, 0x73, 0xb4, 0x36, 0x0d, 0x35, 0x47, 0x95, + 0x16, 0xdd, 0x22, 0x63, 0x49, 0x77, 0xd8, 0x40, 0x45, 0x39, 0xb9, 0xd5, 0xb8, 0xa7, 0x5c, 0x1c, + 0x99, 0xe2, 0x9b, 0xfd, 0xf0, 0xbf, 0x00, 0x00, 0x00, 0xff, 0xff, 0xd9, 0x7a, 0xd4, 0x05, 0xa1, + 0x0b, 0x00, 0x00, } diff --git a/auth/service/proto/auth.pb.micro.go b/auth/service/proto/auth.pb.micro.go index 334f2369..9937569d 100644 --- a/auth/service/proto/auth.pb.micro.go +++ b/auth/service/proto/auth.pb.micro.go @@ -37,6 +37,7 @@ type AuthService interface { Generate(ctx context.Context, in *GenerateRequest, opts ...client.CallOption) (*GenerateResponse, error) Inspect(ctx context.Context, in *InspectRequest, opts ...client.CallOption) (*InspectResponse, error) Token(ctx context.Context, in *TokenRequest, opts ...client.CallOption) (*TokenResponse, error) + Login(ctx context.Context, in *LoginRequest, opts ...client.CallOption) (*LoginResponse, error) } type authService struct { @@ -81,12 +82,23 @@ func (c *authService) Token(ctx context.Context, in *TokenRequest, opts ...clien return out, nil } +func (c *authService) Login(ctx context.Context, in *LoginRequest, opts ...client.CallOption) (*LoginResponse, error) { + req := c.c.NewRequest(c.name, "Auth.Login", in) + out := new(LoginResponse) + err := c.c.Call(ctx, req, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + // Server API for Auth service type AuthHandler interface { Generate(context.Context, *GenerateRequest, *GenerateResponse) error Inspect(context.Context, *InspectRequest, *InspectResponse) error Token(context.Context, *TokenRequest, *TokenResponse) error + Login(context.Context, *LoginRequest, *LoginResponse) error } func RegisterAuthHandler(s server.Server, hdlr AuthHandler, opts ...server.HandlerOption) error { @@ -94,6 +106,7 @@ func RegisterAuthHandler(s server.Server, hdlr AuthHandler, opts ...server.Handl Generate(ctx context.Context, in *GenerateRequest, out *GenerateResponse) error Inspect(ctx context.Context, in *InspectRequest, out *InspectResponse) error Token(ctx context.Context, in *TokenRequest, out *TokenResponse) error + Login(ctx context.Context, in *LoginRequest, out *LoginResponse) error } type Auth struct { auth @@ -118,6 +131,10 @@ func (h *authHandler) Token(ctx context.Context, in *TokenRequest, out *TokenRes return h.AuthHandler.Token(ctx, in, out) } +func (h *authHandler) Login(ctx context.Context, in *LoginRequest, out *LoginResponse) error { + return h.AuthHandler.Login(ctx, in, out) +} + // Client API for Accounts service type AccountsService interface { diff --git a/auth/service/proto/auth.proto b/auth/service/proto/auth.proto index ba53076b..2edd1390 100644 --- a/auth/service/proto/auth.proto +++ b/auth/service/proto/auth.proto @@ -6,6 +6,7 @@ service Auth { rpc Generate(GenerateRequest) returns (GenerateResponse) {}; rpc Inspect(InspectRequest) returns (InspectResponse) {}; rpc Token(TokenRequest) returns (TokenResponse) {}; + rpc Login(LoginRequest) returns (LoginResponse) {}; } service Accounts { @@ -38,10 +39,11 @@ message Token { message Account { string id = 1; - string secret = 2; repeated string roles = 3; map metadata = 4; string namespace = 5; + string type = 6; + string refresh_token = 7; } message Resource{ @@ -50,11 +52,22 @@ message Resource{ string endpoint = 3; } +message LoginRequest { + string id = 1; + string secret = 2; +} + +message LoginResponse { + Account account = 1; +} + message GenerateRequest { string id = 1; repeated string roles = 2; map metadata = 3; string namespace = 4; + string secret = 5; + string type = 6; } message GenerateResponse { @@ -85,7 +98,7 @@ message InspectResponse { message TokenRequest { string id = 1; - string secret = 2; + string refresh_token = 2; int64 token_expiry = 3; } diff --git a/auth/service/service.go b/auth/service/service.go index 0cc11d98..c83fefbf 100644 --- a/auth/service/service.go +++ b/auth/service/service.go @@ -73,7 +73,7 @@ func (s *svc) Init(opts ...auth.Option) { // we have client credentials and must load a new token // periodically - if len(s.options.ID) > 0 || len(s.options.Secret) > 0 { + if len(s.options.ID) > 0 || len(s.options.RefreshToken) > 0 { tokenTimer := time.NewTicker(time.Minute) go func() { @@ -107,11 +107,12 @@ func (s *svc) Options() auth.Options { } // Generate a new account -func (s *svc) Generate(id string, opts ...auth.GenerateOption) (*auth.Account, error) { +func (s *svc) Generate(id, secret string, opts ...auth.GenerateOption) (*auth.Account, error) { options := auth.NewGenerateOptions(opts...) rsp, err := s.auth.Generate(context.TODO(), &pb.GenerateRequest{ Id: id, + Secret: secret, Roles: options.Roles, Metadata: options.Metadata, Namespace: options.Namespace, @@ -123,6 +124,15 @@ func (s *svc) Generate(id string, opts ...auth.GenerateOption) (*auth.Account, e return serializeAccount(rsp.Account), nil } +// Login to an account +func (s *svc) Login(id, secret string) (*auth.Account, error) { + rsp, err := s.auth.Login(context.TODO(), &pb.LoginRequest{Id: id, Secret: secret}) + if err != nil { + return nil, err + } + return serializeAccount(rsp.Account), nil +} + // Grant access to a resource func (s *svc) Grant(role string, res *auth.Resource) error { _, err := s.rule.Create(context.TODO(), &pb.CreateRequest{ @@ -216,13 +226,13 @@ func (s *svc) Inspect(token string) (*auth.Account, error) { } // Token generation using an account ID and secret -func (s *svc) Token(id, secret string, opts ...auth.TokenOption) (*auth.Token, error) { +func (s *svc) Token(id, refresh string, opts ...auth.TokenOption) (*auth.Token, error) { options := auth.NewTokenOptions(opts...) rsp, err := s.auth.Token(context.Background(), &pb.TokenRequest{ - Id: id, - Secret: secret, - TokenExpiry: int64(options.TokenExpiry.Seconds()), + Id: id, + RefreshToken: refresh, + TokenExpiry: int64(options.TokenExpiry.Seconds()), }) if err != nil { return nil, err @@ -289,9 +299,9 @@ func (s *svc) loadRules() { // loadToken generates a new token for the service to use when making calls func (s *svc) loadToken() { rsp, err := s.auth.Token(context.TODO(), &pb.TokenRequest{ - Id: s.Options().ID, - Secret: s.Options().Secret, - TokenExpiry: int64((time.Minute * 15).Seconds()), + Id: s.Options().ID, + RefreshToken: s.Options().RefreshToken, + TokenExpiry: int64((time.Minute * 15).Seconds()), }) s.Lock() defer s.Unlock() @@ -318,10 +328,10 @@ func serializeToken(t *pb.Token) *auth.Token { func serializeAccount(a *pb.Account) *auth.Account { return &auth.Account{ - ID: a.Id, - Roles: a.Roles, - Metadata: a.Metadata, - Namespace: a.Namespace, - Secret: a.Secret, + ID: a.Id, + Roles: a.Roles, + Metadata: a.Metadata, + Namespace: a.Namespace, + RefreshToken: a.RefreshToken, } } From cffb0a1eaec987609b488f8dc0aa837827886133 Mon Sep 17 00:00:00 2001 From: Ben Toogood Date: Tue, 31 Mar 2020 18:34:31 +0100 Subject: [PATCH 03/14] Remove ContextWithToken --- auth/auth.go | 6 ------ 1 file changed, 6 deletions(-) diff --git a/auth/auth.go b/auth/auth.go index 739c6e91..fefff162 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -5,7 +5,6 @@ import ( "context" "encoding/json" "errors" - "fmt" "time" "github.com/micro/go-micro/v2/metadata" @@ -138,8 +137,3 @@ func ContextWithAccount(ctx context.Context, account *Account) (context.Context, // generate a new context with the MetadataKey set return metadata.Set(ctx, MetadataKey, string(bytes)), nil } - -// ContextWithToken sets the auth token in the context -func ContextWithToken(ctx context.Context, token string) context.Context { - return metadata.Set(ctx, "Authorization", fmt.Sprintf("%v%v", BearerScheme, token)) -} From 82bc3cbf8d4ee91e8ce8e581599621148e6fbdfa Mon Sep 17 00:00:00 2001 From: Ben Toogood Date: Tue, 31 Mar 2020 19:01:43 +0100 Subject: [PATCH 04/14] Update interface to add provider and make secret optional --- auth/auth.go | 10 ++- auth/default.go | 4 +- auth/options.go | 50 ++++++++++++ auth/service/proto/auth.pb.go | 150 +++++++++++++++++++--------------- auth/service/proto/auth.proto | 6 +- auth/service/service.go | 12 ++- 6 files changed, 153 insertions(+), 79 deletions(-) diff --git a/auth/auth.go b/auth/auth.go index fefff162..ccd877f1 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -32,9 +32,9 @@ type Auth interface { // Options set for auth Options() Options // Generate a new account - Generate(id, secret string, opts ...GenerateOption) (*Account, error) + Generate(id string, opts ...GenerateOption) (*Account, error) // Login to an existing account - Login(id, secret string) (*Account, error) + Login(id string, opts ...LoginOption) (*Account, error) // Grant access to a resource Grant(role string, res *Resource) error // Revoke access to a resource @@ -61,10 +61,12 @@ type Resource struct { // Account provided by an auth provider type Account struct { - // Type of the account, e.g. service - Type string `json:"type"` // ID of the account e.g. email ID string `json:"id"` + // Type of the account, e.g. service + Type string `json:"type"` + // Provider who issued the account + Provider string `json:"provider"` // RefreshToken used to renew the account RefreshToken string `json:"refresh_token"` // Roles associated with the Account diff --git a/auth/default.go b/auth/default.go index 6f618682..88a8b4a6 100644 --- a/auth/default.go +++ b/auth/default.go @@ -34,7 +34,7 @@ func (n *noop) Options() Options { } // Generate a new account -func (n *noop) Generate(id, secret string, opts ...GenerateOption) (*Account, error) { +func (n *noop) Generate(id string, opts ...GenerateOption) (*Account, error) { options := NewGenerateOptions(opts...) return &Account{ @@ -46,7 +46,7 @@ func (n *noop) Generate(id, secret string, opts ...GenerateOption) (*Account, er } // Login to an existing account -func (n *noop) Login(id, secret string) (*Account, error) { +func (n *noop) Login(id string, opts ...LoginOption) (*Account, error) { return &Account{ID: id}, nil } diff --git a/auth/options.go b/auth/options.go index f95710c8..99fba52d 100644 --- a/auth/options.go +++ b/auth/options.go @@ -78,10 +78,23 @@ type GenerateOptions struct { Roles []string // Namespace the account belongs too Namespace string + // Secret to use with the account + Secret string + // Provider of the account, e.g. oauth + Provider string + // Type of the account, e.g. user + Type string } type GenerateOption func(o *GenerateOptions) +// WithType for the generated account +func WithType(t string) GenerateOption { + return func(o *GenerateOptions) { + o.Type = t + } +} + // WithMetadata for the generated account func WithMetadata(md map[string]string) GenerateOption { return func(o *GenerateOptions) { @@ -103,6 +116,20 @@ func WithNamespace(n string) GenerateOption { } } +// WithSecret for the generated account +func WithSecret(s string) GenerateOption { + return func(o *GenerateOptions) { + o.Secret = s + } +} + +// WithProvider for the generated account +func WithProvider(p string) GenerateOption { + return func(o *GenerateOptions) { + o.Provider = p + } +} + // NewGenerateOptions from a slice of options func NewGenerateOptions(opts ...GenerateOption) GenerateOptions { var options GenerateOptions @@ -112,6 +139,29 @@ func NewGenerateOptions(opts ...GenerateOption) GenerateOptions { return options } +type LoginOptions struct { + // Secret to use for rlogin + Secret string +} + +type LoginOption func(o *LoginOptions) + +// WithLoginSecret for the generated account +func WithLoginSecret(s string) LoginOption { + return func(o *LoginOptions) { + o.Secret = s + } +} + +// NewLoginOptions from a slice of options +func NewLoginOptions(opts ...LoginOption) LoginOptions { + var options LoginOptions + for _, o := range opts { + o(&options) + } + return options +} + type TokenOptions struct { // TokenExpiry is the time the token should live for TokenExpiry time.Duration diff --git a/auth/service/proto/auth.pb.go b/auth/service/proto/auth.pb.go index 95c39aa1..604ea538 100644 --- a/auth/service/proto/auth.pb.go +++ b/auth/service/proto/auth.pb.go @@ -214,13 +214,13 @@ func (m *Token) GetNamespace() string { } type Account struct { - Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` - // string secret = 2; + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + Type string `protobuf:"bytes,2,opt,name=type,proto3" json:"type,omitempty"` Roles []string `protobuf:"bytes,3,rep,name=roles,proto3" json:"roles,omitempty"` Metadata map[string]string `protobuf:"bytes,4,rep,name=metadata,proto3" json:"metadata,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` Namespace string `protobuf:"bytes,5,opt,name=namespace,proto3" json:"namespace,omitempty"` - Type string `protobuf:"bytes,6,opt,name=type,proto3" json:"type,omitempty"` - RefreshToken string `protobuf:"bytes,7,opt,name=refresh_token,json=refreshToken,proto3" json:"refresh_token,omitempty"` + RefreshToken string `protobuf:"bytes,6,opt,name=refresh_token,json=refreshToken,proto3" json:"refresh_token,omitempty"` + Provider string `protobuf:"bytes,7,opt,name=provider,proto3" json:"provider,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -258,6 +258,13 @@ func (m *Account) GetId() string { return "" } +func (m *Account) GetType() string { + if m != nil { + return m.Type + } + return "" +} + func (m *Account) GetRoles() []string { if m != nil { return m.Roles @@ -279,16 +286,16 @@ func (m *Account) GetNamespace() string { return "" } -func (m *Account) GetType() string { +func (m *Account) GetRefreshToken() string { if m != nil { - return m.Type + return m.RefreshToken } return "" } -func (m *Account) GetRefreshToken() string { +func (m *Account) GetProvider() string { if m != nil { - return m.RefreshToken + return m.Provider } return "" } @@ -441,6 +448,7 @@ type GenerateRequest struct { Namespace string `protobuf:"bytes,4,opt,name=namespace,proto3" json:"namespace,omitempty"` Secret string `protobuf:"bytes,5,opt,name=secret,proto3" json:"secret,omitempty"` Type string `protobuf:"bytes,6,opt,name=type,proto3" json:"type,omitempty"` + Provider string `protobuf:"bytes,7,opt,name=provider,proto3" json:"provider,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -513,6 +521,13 @@ func (m *GenerateRequest) GetType() string { return "" } +func (m *GenerateRequest) GetProvider() string { + if m != nil { + return m.Provider + } + return "" +} + type GenerateResponse struct { Account *Account `protobuf:"bytes,1,opt,name=account,proto3" json:"account,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` @@ -1221,64 +1236,65 @@ func init() { } var fileDescriptor_11312eec02fd5712 = []byte{ - // 931 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x56, 0x6d, 0x6f, 0xdb, 0x36, - 0x10, 0x8e, 0x24, 0x5b, 0x56, 0xce, 0x96, 0x63, 0xb0, 0x69, 0x26, 0xb8, 0x2f, 0xcb, 0xd4, 0x61, - 0xc8, 0x8a, 0x55, 0x19, 0x5c, 0x60, 0x6f, 0x05, 0x86, 0x19, 0xb5, 0xe1, 0xb5, 0x6b, 0x3d, 0x4c, - 0xe8, 0xd0, 0x7d, 0x19, 0x0a, 0x45, 0xbe, 0x26, 0x5a, 0x1c, 0xc9, 0x13, 0xa9, 0x60, 0xf9, 0x01, - 0xc3, 0xf6, 0x69, 0xff, 0x64, 0xfb, 0x45, 0xfb, 0x31, 0x03, 0x29, 0x52, 0x91, 0x25, 0xb9, 0x08, - 0xda, 0x7c, 0xd8, 0x37, 0xde, 0xf1, 0x78, 0xf7, 0x3c, 0xf7, 0x42, 0x12, 0x3e, 0x3f, 0x8e, 0xd8, - 0x49, 0x76, 0xe4, 0x85, 0xc9, 0xd9, 0xe1, 0x59, 0x14, 0xa6, 0xc9, 0xe1, 0x71, 0xf2, 0x20, 0x5f, - 0x04, 0x19, 0x3b, 0x39, 0xa4, 0x98, 0x9e, 0x47, 0x21, 0x1e, 0xae, 0xd2, 0x84, 0xe5, 0x2a, 0x4f, - 0x2c, 0x89, 0x7d, 0x9c, 0x78, 0xc2, 0xce, 0xe3, 0x4a, 0xf7, 0x26, 0xdc, 0x78, 0x16, 0x51, 0x36, - 0x0e, 0xc3, 0x24, 0x8b, 0x19, 0xf5, 0xf1, 0xd7, 0x0c, 0x29, 0x73, 0x9f, 0xc2, 0xee, 0xba, 0x9a, - 0xae, 0x92, 0x98, 0x22, 0x19, 0x81, 0x15, 0x48, 0x9d, 0xa3, 0xed, 0x1b, 0x07, 0xdd, 0xd1, 0x9e, - 0xb7, 0xe6, 0xd0, 0x93, 0x47, 0xfc, 0xc2, 0xce, 0xfd, 0x47, 0x87, 0xf6, 0x8b, 0xe4, 0x14, 0x63, - 0xb2, 0x0b, 0x6d, 0xc6, 0x17, 0x8e, 0xb6, 0xaf, 0x1d, 0x6c, 0xfb, 0xb9, 0x40, 0x08, 0xb4, 0xd8, - 0xc5, 0x0a, 0x1d, 0x5d, 0x28, 0xc5, 0x9a, 0x38, 0xd0, 0x09, 0x53, 0x0c, 0x18, 0x2e, 0x1c, 0x63, - 0x5f, 0x3b, 0x30, 0x7c, 0x25, 0x92, 0x3d, 0x30, 0xf1, 0xb7, 0x55, 0x94, 0x5e, 0x38, 0x2d, 0xb1, - 0x21, 0x25, 0x7e, 0x82, 0x66, 0x47, 0xbf, 0x60, 0xc8, 0x9c, 0xb6, 0x70, 0xa4, 0x44, 0x1e, 0x35, - 0x4d, 0x96, 0x48, 0x1d, 0x73, 0xdf, 0xe0, 0x51, 0x85, 0x40, 0xbe, 0x06, 0xeb, 0x0c, 0x59, 0xb0, - 0x08, 0x58, 0xe0, 0x74, 0x04, 0x13, 0xb7, 0xc2, 0x44, 0x60, 0xf6, 0x9e, 0x4b, 0xa3, 0x69, 0xcc, - 0xd2, 0x0b, 0xbf, 0x38, 0x43, 0x6e, 0xc3, 0x76, 0x1c, 0x9c, 0x21, 0x5d, 0x05, 0x21, 0x3a, 0x96, - 0x88, 0x78, 0xa9, 0x18, 0x3e, 0x02, 0x7b, 0xed, 0x20, 0x19, 0x80, 0x71, 0x8a, 0x17, 0x92, 0x38, - 0x5f, 0x72, 0x58, 0xe7, 0xc1, 0x32, 0x53, 0xbc, 0x73, 0xe1, 0x2b, 0xfd, 0x0b, 0xcd, 0xfd, 0x5d, - 0x87, 0x8e, 0x4c, 0x23, 0xe9, 0x83, 0x1e, 0x2d, 0xe4, 0x31, 0x3d, 0x5a, 0x5c, 0x92, 0x31, 0xca, - 0x64, 0xbe, 0x29, 0x91, 0x69, 0x09, 0x32, 0x1f, 0x36, 0x97, 0xe5, 0x6a, 0x74, 0xda, 0x15, 0x3a, - 0x45, 0x89, 0xcc, 0x52, 0x89, 0xee, 0x81, 0x9d, 0xe2, 0xeb, 0x14, 0xe9, 0xc9, 0xab, 0xbc, 0xa8, - 0x1d, 0xb1, 0xd9, 0x93, 0x4a, 0x91, 0xbd, 0x77, 0xcb, 0xc3, 0x1c, 0x2c, 0x1f, 0x69, 0x92, 0xa5, - 0x39, 0x02, 0x0e, 0x47, 0x1e, 0x14, 0xeb, 0xc6, 0xc6, 0x19, 0x82, 0x85, 0xf1, 0x62, 0x95, 0x44, - 0x31, 0x13, 0x9d, 0xb3, 0xed, 0x17, 0xb2, 0xfb, 0x19, 0xf4, 0x9e, 0x25, 0xc7, 0x51, 0x2c, 0x9b, - 0xbc, 0x96, 0xdb, 0x3d, 0x30, 0x29, 0x86, 0x29, 0x32, 0xe9, 0x51, 0x4a, 0xee, 0x18, 0x6c, 0x79, - 0x4e, 0x4e, 0xc1, 0xa7, 0xd0, 0x91, 0xdd, 0x2d, 0x4e, 0x6f, 0x1e, 0x02, 0x65, 0xe6, 0xfe, 0xa9, - 0xc3, 0xce, 0x0c, 0x63, 0x4c, 0x03, 0x86, 0x9b, 0xc2, 0x17, 0xa5, 0xd5, 0xcb, 0xa5, 0xfd, 0xb6, - 0x54, 0x5a, 0x43, 0x94, 0xf6, 0x93, 0x4a, 0xb0, 0x8a, 0xdf, 0xab, 0x95, 0xb8, 0x55, 0x2d, 0xf1, - 0x25, 0xf9, 0x76, 0x99, 0x7c, 0x53, 0xe9, 0xdf, 0xad, 0xaa, 0x13, 0x18, 0x5c, 0x22, 0x7e, 0xeb, - 0x84, 0xbe, 0x84, 0xde, 0x2c, 0x0d, 0x62, 0xa6, 0x92, 0x49, 0xa0, 0xc5, 0xf3, 0xa5, 0xfa, 0x83, - 0xaf, 0xc9, 0x43, 0xb0, 0x52, 0xd9, 0x3f, 0x02, 0x46, 0x77, 0xf4, 0x5e, 0xc5, 0xad, 0x6a, 0x2f, - 0xbf, 0x30, 0x74, 0x77, 0xc0, 0x96, 0x8e, 0x73, 0x6c, 0xee, 0x4f, 0x60, 0xfb, 0x78, 0x9e, 0x9c, - 0xe2, 0xb5, 0x87, 0x1a, 0x40, 0x5f, 0x79, 0x96, 0xb1, 0x3e, 0x82, 0xfe, 0x93, 0x98, 0xae, 0x30, - 0x2c, 0x78, 0x35, 0x5e, 0x99, 0xee, 0x63, 0xd8, 0x29, 0xec, 0xde, 0x3a, 0x85, 0xaf, 0xa1, 0x27, - 0x86, 0x74, 0x53, 0x3f, 0xd6, 0x06, 0x5c, 0xaf, 0x0f, 0x38, 0xf9, 0x00, 0x7a, 0x62, 0xf3, 0x95, - 0xbc, 0x94, 0xf3, 0xdb, 0xba, 0x2b, 0x74, 0x53, 0xa1, 0x72, 0x1f, 0x81, 0x2d, 0xe3, 0x48, 0xa8, - 0xf7, 0xcb, 0x9c, 0xba, 0xa3, 0xdd, 0xa6, 0x7b, 0x57, 0x31, 0xfd, 0x4b, 0x83, 0x96, 0x9f, 0x2d, - 0xb1, 0x86, 0x4e, 0x55, 0x41, 0xdf, 0x50, 0x05, 0xe3, 0x8a, 0x55, 0x20, 0x0f, 0xc0, 0x0c, 0xc2, - 0x10, 0x29, 0x15, 0x33, 0xd1, 0x1f, 0xdd, 0xac, 0xe7, 0x0d, 0x29, 0xf5, 0xa5, 0x91, 0xfb, 0x87, - 0x06, 0xf6, 0x63, 0xf1, 0x16, 0x5d, 0x77, 0x3f, 0x94, 0x90, 0x18, 0x57, 0x41, 0x32, 0x80, 0xbe, - 0x02, 0x22, 0xdb, 0x87, 0x63, 0x9b, 0xe0, 0x12, 0xff, 0x17, 0xd8, 0x14, 0x10, 0x89, 0xcd, 0x86, - 0x2e, 0xff, 0x51, 0xa8, 0x0f, 0xc6, 0x97, 0xd0, 0xcb, 0x45, 0xd9, 0x13, 0x1f, 0x43, 0x3b, 0xcd, - 0xf8, 0xe5, 0x97, 0xff, 0x2a, 0x6e, 0x54, 0x11, 0x65, 0x4b, 0xf4, 0x73, 0x8b, 0xfb, 0x1e, 0x98, - 0x79, 0x34, 0xd2, 0x85, 0xce, 0x8f, 0xf3, 0xef, 0xe6, 0xdf, 0xbf, 0x9c, 0x0f, 0xb6, 0xb8, 0x30, - 0xf3, 0xc7, 0xf3, 0x17, 0xd3, 0xc9, 0x40, 0x23, 0x00, 0xe6, 0x64, 0x3a, 0x7f, 0x32, 0x9d, 0x0c, - 0xf4, 0xd1, 0xdf, 0x3a, 0xb4, 0xc6, 0x19, 0x3b, 0x21, 0xcf, 0xc1, 0x52, 0x37, 0x0f, 0xb9, 0xfb, - 0xe6, 0x4b, 0x74, 0xf8, 0xfe, 0xc6, 0x7d, 0xc9, 0x67, 0x8b, 0x3c, 0x85, 0x8e, 0x1c, 0x42, 0x72, - 0xa7, 0x62, 0xbd, 0x3e, 0xc4, 0xc3, 0xbb, 0x9b, 0xb6, 0x0b, 0x5f, 0x13, 0xf5, 0x45, 0xba, 0xd5, - 0x38, 0x0c, 0xd2, 0xcf, 0xed, 0xe6, 0xcd, 0xb2, 0x17, 0xf1, 0x50, 0xd5, 0xbc, 0x94, 0x9f, 0xbd, - 0x9a, 0x97, 0xb5, 0xb7, 0xcd, 0xdd, 0x1a, 0xfd, 0x0c, 0x96, 0xfa, 0xf7, 0x91, 0x1f, 0xa0, 0xc5, - 0xcb, 0x44, 0xaa, 0x7f, 0xa3, 0x86, 0x3f, 0xe3, 0xf0, 0xde, 0x1b, 0x6d, 0x0a, 0xf7, 0xff, 0x6a, - 0xd0, 0xe6, 0xe5, 0xa4, 0x64, 0x06, 0x66, 0xde, 0xc0, 0xa4, 0x0a, 0x69, 0x6d, 0xc0, 0x86, 0x77, - 0x36, 0xec, 0x16, 0xbc, 0x67, 0x60, 0xe6, 0xdd, 0x56, 0x73, 0xb4, 0x36, 0x0d, 0x35, 0x47, 0x95, - 0x16, 0xdd, 0x22, 0x63, 0x49, 0x77, 0xd8, 0x40, 0x45, 0x39, 0xb9, 0xd5, 0xb8, 0xa7, 0x5c, 0x1c, - 0x99, 0xe2, 0x9b, 0xfd, 0xf0, 0xbf, 0x00, 0x00, 0x00, 0xff, 0xff, 0xd9, 0x7a, 0xd4, 0x05, 0xa1, + // 947 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x56, 0xdd, 0x8e, 0xdb, 0x44, + 0x14, 0x5e, 0xdb, 0x89, 0xe3, 0x3d, 0x89, 0xb3, 0xd1, 0x74, 0xbb, 0x58, 0xe9, 0x0f, 0x8b, 0x8b, + 0xd0, 0x52, 0xd1, 0x2c, 0x4a, 0x25, 0xfe, 0x2a, 0x21, 0xa2, 0x26, 0x0a, 0x2d, 0x6d, 0x10, 0x56, + 0x51, 0xb9, 0x41, 0x95, 0xd7, 0x39, 0xdd, 0x35, 0x9b, 0xb5, 0xc3, 0xcc, 0x78, 0xc5, 0x3e, 0x01, + 0x77, 0xbc, 0x03, 0x12, 0xb7, 0xf0, 0x44, 0x3c, 0x0c, 0x9a, 0xf1, 0x8c, 0xd7, 0x71, 0x9c, 0x6a, + 0x55, 0x16, 0x89, 0xbb, 0x39, 0x33, 0x67, 0xbe, 0x73, 0xbe, 0xf3, 0x37, 0x03, 0x9f, 0x1e, 0xc7, + 0xfc, 0x24, 0x3b, 0x1a, 0x44, 0xe9, 0xd9, 0xe1, 0x59, 0x1c, 0xd1, 0xf4, 0xf0, 0x38, 0x7d, 0x90, + 0x2f, 0xc2, 0x8c, 0x9f, 0x1c, 0x32, 0xa4, 0xe7, 0x71, 0x84, 0x87, 0x4b, 0x9a, 0xf2, 0x7c, 0x6b, + 0x20, 0x97, 0xc4, 0x3d, 0x4e, 0x07, 0x52, 0x6f, 0x20, 0x36, 0xfd, 0x9b, 0x70, 0xe3, 0x59, 0xcc, + 0xf8, 0x28, 0x8a, 0xd2, 0x2c, 0xe1, 0x2c, 0xc0, 0x9f, 0x33, 0x64, 0xdc, 0x7f, 0x0a, 0xbb, 0xab, + 0xdb, 0x6c, 0x99, 0x26, 0x0c, 0xc9, 0x10, 0x9c, 0x50, 0xed, 0x79, 0xc6, 0xbe, 0x75, 0xd0, 0x1e, + 0xee, 0x0d, 0x56, 0x00, 0x07, 0xea, 0x4a, 0x50, 0xe8, 0xf9, 0x7f, 0x99, 0xd0, 0x7c, 0x91, 0x9e, + 0x62, 0x42, 0x76, 0xa1, 0xc9, 0xc5, 0xc2, 0x33, 0xf6, 0x8d, 0x83, 0xed, 0x20, 0x17, 0x08, 0x81, + 0x06, 0xbf, 0x58, 0xa2, 0x67, 0xca, 0x4d, 0xb9, 0x26, 0x1e, 0xb4, 0x22, 0x8a, 0x21, 0xc7, 0xb9, + 0x67, 0xed, 0x1b, 0x07, 0x56, 0xa0, 0x45, 0xb2, 0x07, 0x36, 0xfe, 0xb2, 0x8c, 0xe9, 0x85, 0xd7, + 0x90, 0x07, 0x4a, 0x12, 0x37, 0x58, 0x76, 0xf4, 0x13, 0x46, 0xdc, 0x6b, 0x4a, 0x20, 0x2d, 0x0a, + 0xab, 0x34, 0x5d, 0x20, 0xf3, 0xec, 0x7d, 0x4b, 0x58, 0x95, 0x02, 0xf9, 0x12, 0x9c, 0x33, 0xe4, + 0xe1, 0x3c, 0xe4, 0xa1, 0xd7, 0x92, 0x4c, 0xfc, 0x0a, 0x13, 0xe9, 0xf3, 0xe0, 0xb9, 0x52, 0x9a, + 0x24, 0x9c, 0x5e, 0x04, 0xc5, 0x1d, 0x72, 0x1b, 0xb6, 0x93, 0xf0, 0x0c, 0xd9, 0x32, 0x8c, 0xd0, + 0x73, 0xa4, 0xc5, 0xcb, 0x8d, 0xfe, 0x23, 0x70, 0x57, 0x2e, 0x92, 0x1e, 0x58, 0xa7, 0x78, 0xa1, + 0x88, 0x8b, 0xa5, 0x70, 0xeb, 0x3c, 0x5c, 0x64, 0x9a, 0x77, 0x2e, 0x7c, 0x61, 0x7e, 0x66, 0xf8, + 0xbf, 0x9b, 0xd0, 0x52, 0x61, 0x24, 0x5d, 0x30, 0xe3, 0xb9, 0xba, 0x66, 0xc6, 0xf3, 0xda, 0x60, + 0x15, 0x04, 0xad, 0x32, 0xc1, 0xaf, 0x4a, 0x04, 0x1b, 0x92, 0xe0, 0xfb, 0xf5, 0xa9, 0xba, 0x1a, + 0xc5, 0x66, 0x85, 0x22, 0xb9, 0x07, 0x2e, 0xc5, 0xd7, 0x14, 0xd9, 0xc9, 0xab, 0x3c, 0xa9, 0xb6, + 0xd4, 0xe8, 0xa8, 0xcd, 0x3c, 0xe3, 0x7d, 0x70, 0x96, 0x34, 0x3d, 0x8f, 0xe7, 0x48, 0xbd, 0x96, + 0x3c, 0x2f, 0xe4, 0x7f, 0x17, 0xa3, 0x19, 0x38, 0x01, 0xb2, 0x34, 0xa3, 0x11, 0x8a, 0x98, 0x08, + 0xb7, 0xd4, 0x45, 0xb9, 0xae, 0x8d, 0x53, 0x1f, 0x1c, 0x4c, 0xe6, 0xcb, 0x34, 0x4e, 0xb8, 0xac, + 0xaa, 0xed, 0xa0, 0x90, 0xfd, 0x4f, 0xa0, 0xf3, 0x2c, 0x3d, 0x8e, 0x13, 0xd5, 0x00, 0x6b, 0x71, + 0xdf, 0x03, 0x9b, 0x61, 0x44, 0x91, 0x2b, 0x44, 0x25, 0xf9, 0x23, 0x70, 0xd5, 0x3d, 0xd5, 0x21, + 0x1f, 0x43, 0x4b, 0x55, 0xbe, 0xbc, 0xbd, 0xb9, 0x41, 0xb4, 0x9a, 0xff, 0x87, 0x09, 0x3b, 0x53, + 0x4c, 0x90, 0x86, 0x1c, 0x37, 0x99, 0x2f, 0x52, 0x6c, 0x96, 0x53, 0xfc, 0x75, 0x29, 0xc5, 0x96, + 0x4c, 0xf1, 0x47, 0x15, 0x63, 0x15, 0xdc, 0xab, 0xa5, 0xba, 0x51, 0x4d, 0xf5, 0x25, 0xf9, 0x66, + 0x99, 0x7c, 0x11, 0x64, 0x7b, 0x35, 0xc8, 0xff, 0x4d, 0xc6, 0xc7, 0xd0, 0xbb, 0x64, 0xf3, 0xd6, + 0xc1, 0x7e, 0x09, 0x9d, 0x29, 0x0d, 0x13, 0xae, 0x03, 0x4d, 0xa0, 0x21, 0x62, 0xa9, 0x6b, 0x47, + 0xac, 0xc9, 0x43, 0x70, 0xa8, 0xaa, 0x2d, 0xe9, 0x46, 0x7b, 0xf8, 0x4e, 0x05, 0x56, 0x97, 0x5e, + 0x50, 0x28, 0xfa, 0x3b, 0xe0, 0x2a, 0xe0, 0xdc, 0x37, 0xff, 0x07, 0x70, 0x03, 0x3c, 0x4f, 0x4f, + 0xf1, 0xda, 0x4d, 0xf5, 0xa0, 0xab, 0x91, 0x95, 0xad, 0x0f, 0xa0, 0xfb, 0x24, 0x61, 0x4b, 0x8c, + 0x0a, 0x5e, 0xb5, 0xa3, 0xd6, 0x7f, 0x0c, 0x3b, 0x85, 0xde, 0x5b, 0x87, 0xf0, 0x35, 0x74, 0x64, + 0x73, 0x6f, 0xaa, 0xd5, 0xb5, 0xc1, 0x60, 0xd6, 0x0c, 0x86, 0xf7, 0xa0, 0x23, 0x0f, 0x5f, 0xa9, + 0x61, 0x9e, 0x4f, 0xf9, 0xb6, 0xdc, 0x9b, 0xc8, 0x2d, 0xff, 0x11, 0xb8, 0xca, 0x8e, 0x72, 0xf5, + 0x7e, 0x99, 0x53, 0x7b, 0xb8, 0x5b, 0x37, 0xaf, 0x35, 0xd3, 0xdf, 0x0c, 0x68, 0x04, 0xd9, 0x02, + 0xeb, 0x06, 0xa8, 0xcc, 0x82, 0xb9, 0x21, 0x0b, 0xd6, 0x15, 0xb3, 0x40, 0x1e, 0x80, 0x1d, 0x46, + 0x11, 0x32, 0x26, 0xfb, 0xa5, 0x3b, 0xbc, 0xb9, 0x1e, 0x37, 0x64, 0x2c, 0x50, 0x4a, 0xfe, 0xaf, + 0x06, 0xb8, 0x8f, 0xe5, 0x1b, 0x76, 0xdd, 0xf5, 0x50, 0xf2, 0xc4, 0xba, 0x8a, 0x27, 0x3d, 0xe8, + 0x6a, 0x47, 0x54, 0xf9, 0x08, 0xdf, 0xc6, 0xb8, 0xc0, 0xff, 0x85, 0x6f, 0xda, 0x11, 0xe5, 0x9b, + 0x0b, 0x6d, 0xf1, 0x13, 0xd1, 0x1f, 0x93, 0xcf, 0xa1, 0x93, 0x8b, 0xaa, 0x26, 0x3e, 0x84, 0x26, + 0xcd, 0xc4, 0x60, 0xcc, 0x7f, 0x23, 0x37, 0xaa, 0x1e, 0x65, 0x0b, 0x0c, 0x72, 0x8d, 0xfb, 0x03, + 0xb0, 0x73, 0x6b, 0xa4, 0x0d, 0xad, 0xef, 0x67, 0xdf, 0xcc, 0xbe, 0x7d, 0x39, 0xeb, 0x6d, 0x09, + 0x61, 0x1a, 0x8c, 0x66, 0x2f, 0x26, 0xe3, 0x9e, 0x41, 0x00, 0xec, 0xf1, 0x64, 0xf6, 0x64, 0x32, + 0xee, 0x99, 0xc3, 0x3f, 0x4d, 0x68, 0x8c, 0x32, 0x7e, 0x42, 0x9e, 0x83, 0xa3, 0x27, 0x0f, 0xb9, + 0xfb, 0xe6, 0x01, 0xdb, 0x7f, 0x77, 0xe3, 0xb9, 0xe2, 0xb3, 0x45, 0x9e, 0x42, 0x4b, 0x35, 0x21, + 0xb9, 0x53, 0xd1, 0x5e, 0x6d, 0xe2, 0xfe, 0xdd, 0x4d, 0xc7, 0x05, 0xd6, 0x58, 0x7f, 0xad, 0x6e, + 0xd5, 0x36, 0x83, 0xc2, 0xb9, 0x5d, 0x7f, 0x58, 0x46, 0x91, 0x8f, 0xd8, 0x1a, 0x4a, 0xf9, 0x49, + 0x5c, 0x43, 0x59, 0x79, 0xf7, 0xfc, 0xad, 0xe1, 0x8f, 0xe0, 0xe8, 0xff, 0x22, 0xf9, 0x0e, 0x1a, + 0x22, 0x4d, 0xa4, 0xfa, 0xa7, 0xaa, 0xf9, 0x6b, 0xf6, 0xef, 0xbd, 0x51, 0xa7, 0x80, 0xff, 0xdb, + 0x80, 0xa6, 0x48, 0x27, 0x23, 0x53, 0xb0, 0xf3, 0x02, 0x26, 0x55, 0x97, 0x56, 0x1a, 0xac, 0x7f, + 0x67, 0xc3, 0x69, 0xc1, 0x7b, 0x0a, 0x76, 0x5e, 0x6d, 0x6b, 0x40, 0x2b, 0xdd, 0xb0, 0x06, 0x54, + 0x29, 0xd1, 0x2d, 0x32, 0x52, 0x74, 0xfb, 0x35, 0x54, 0x34, 0xc8, 0xad, 0xda, 0x33, 0x0d, 0x71, + 0x64, 0xcb, 0xef, 0xf9, 0xc3, 0x7f, 0x02, 0x00, 0x00, 0xff, 0xff, 0x8f, 0xd3, 0xdd, 0x57, 0xd9, 0x0b, 0x00, 0x00, } diff --git a/auth/service/proto/auth.proto b/auth/service/proto/auth.proto index 2edd1390..9c27ecb7 100644 --- a/auth/service/proto/auth.proto +++ b/auth/service/proto/auth.proto @@ -39,11 +39,12 @@ message Token { message Account { string id = 1; + string type = 2; repeated string roles = 3; map metadata = 4; string namespace = 5; - string type = 6; - string refresh_token = 7; + string refresh_token = 6; + string provider = 7; } message Resource{ @@ -68,6 +69,7 @@ message GenerateRequest { string namespace = 4; string secret = 5; string type = 6; + string provider = 7; } message GenerateResponse { diff --git a/auth/service/service.go b/auth/service/service.go index c83fefbf..90c5122c 100644 --- a/auth/service/service.go +++ b/auth/service/service.go @@ -107,14 +107,16 @@ func (s *svc) Options() auth.Options { } // Generate a new account -func (s *svc) Generate(id, secret string, opts ...auth.GenerateOption) (*auth.Account, error) { +func (s *svc) Generate(id string, opts ...auth.GenerateOption) (*auth.Account, error) { options := auth.NewGenerateOptions(opts...) rsp, err := s.auth.Generate(context.TODO(), &pb.GenerateRequest{ Id: id, - Secret: secret, + Type: options.Type, Roles: options.Roles, + Secret: options.Secret, Metadata: options.Metadata, + Provider: options.Provider, Namespace: options.Namespace, }) if err != nil { @@ -125,8 +127,9 @@ func (s *svc) Generate(id, secret string, opts ...auth.GenerateOption) (*auth.Ac } // Login to an account -func (s *svc) Login(id, secret string) (*auth.Account, error) { - rsp, err := s.auth.Login(context.TODO(), &pb.LoginRequest{Id: id, Secret: secret}) +func (s *svc) Login(id string, opts ...auth.LoginOption) (*auth.Account, error) { + options := auth.NewLoginOptions(opts...) + rsp, err := s.auth.Login(context.TODO(), &pb.LoginRequest{Id: id, Secret: options.Secret}) if err != nil { return nil, err } @@ -331,6 +334,7 @@ func serializeAccount(a *pb.Account) *auth.Account { ID: a.Id, Roles: a.Roles, Metadata: a.Metadata, + Provider: a.Provider, Namespace: a.Namespace, RefreshToken: a.RefreshToken, } From 8e4d9e17024a9525e37ca4e39a431bc18d8939d5 Mon Sep 17 00:00:00 2001 From: Ben Toogood Date: Wed, 1 Apr 2020 14:25:00 +0100 Subject: [PATCH 05/14] Further Refactoring --- auth/auth.go | 24 +-- auth/default.go | 15 +- auth/options.go | 61 +++--- auth/service/proto/auth.pb.go | 276 ++++++++++------------------ auth/service/proto/auth.pb.micro.go | 17 -- auth/service/proto/auth.proto | 22 +-- auth/service/service.go | 91 ++++----- auth/token/basic/basic.go | 39 ++-- auth/token/jwt/jwt.go | 32 ++-- auth/token/options.go | 27 --- auth/token/token.go | 14 +- client/grpc/grpc.go | 2 +- config/cmd/cmd.go | 4 - 13 files changed, 223 insertions(+), 401 deletions(-) diff --git a/auth/auth.go b/auth/auth.go index ccd877f1..b82f0af7 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -32,9 +32,7 @@ type Auth interface { // Options set for auth Options() Options // Generate a new account - Generate(id string, opts ...GenerateOption) (*Account, error) - // Login to an existing account - Login(id string, opts ...LoginOption) (*Account, error) + Generate(id, secret string, opts ...GenerateOption) (*Account, error) // Grant access to a resource Grant(role string, res *Resource) error // Revoke access to a resource @@ -44,7 +42,7 @@ type Auth interface { // Inspect a token Inspect(token string) (*Account, error) // Token generated using refresh token - Token(id, refreshToken string, opts ...TokenOption) (*Token, error) + Token(opts ...TokenOption) (*Token, error) // String returns the name of the implementation String() string } @@ -67,8 +65,6 @@ type Account struct { Type string `json:"type"` // Provider who issued the account Provider string `json:"provider"` - // RefreshToken used to renew the account - RefreshToken string `json:"refresh_token"` // Roles associated with the Account Roles []string `json:"roles"` // Any other associated metadata @@ -81,22 +77,14 @@ type Account struct { // Token can be short or long lived type Token struct { - // The token itself - Token string `json:"token"` - // Type of token, e.g. JWT - Type string `json:"type"` + // The token to be used for accessing resources + AccessToken string `json:"access_token"` + // RefreshToken to be used to generate a new token + RefreshToken string `json:"refresh_token"` // Time of token creation Created time.Time `json:"created"` // Time of token expiry Expiry time.Time `json:"expiry"` - // Subject of the token, e.g. the account ID - Subject string `json:"subject"` - // Roles granted to the token - Roles []string `json:"roles"` - // Metadata embedded in the token - Metadata map[string]string `json:"metadata"` - // Namespace the token belongs to - Namespace string `json:"namespace"` } const ( diff --git a/auth/default.go b/auth/default.go index 88a8b4a6..e04305cf 100644 --- a/auth/default.go +++ b/auth/default.go @@ -34,20 +34,19 @@ func (n *noop) Options() Options { } // Generate a new account -func (n *noop) Generate(id string, opts ...GenerateOption) (*Account, error) { +func (n *noop) Generate(id, secret string, opts ...GenerateOption) (*Account, error) { options := NewGenerateOptions(opts...) return &Account{ - ID: id, - Roles: options.Roles, - Metadata: options.Metadata, - RefreshToken: uuid.New().String(), + ID: id, + Roles: options.Roles, + Metadata: options.Metadata, }, nil } // Login to an existing account -func (n *noop) Login(id string, opts ...LoginOption) (*Account, error) { - return &Account{ID: id}, nil +func (n *noop) Login(opts ...LoginOption) (*Account, error) { + return &Account{}, nil } // Grant access to a resource @@ -73,6 +72,6 @@ func (n *noop) Inspect(token string) (*Account, error) { } // Token generation using an account id and secret -func (n *noop) Token(id, tok string, opts ...TokenOption) (*Token, error) { +func (n *noop) Token(opts ...TokenOption) (*Token, error) { return &Token{}, nil } diff --git a/auth/options.go b/auth/options.go index 99fba52d..cd06e676 100644 --- a/auth/options.go +++ b/auth/options.go @@ -10,14 +10,12 @@ import ( type Options struct { // ID is the services auth ID ID string - // RefreshToken is used to generate new tokens - RefreshToken string + // Secret is used to authenticate the service + Secret string // Token is the services token used to authenticate itself Token *Token - // Public key base64 encoded + // PublicKey for decoding JWTs PublicKey string - // Private key base64 encoded - PrivateKey string // Provider is an auth provider Provider provider.Provider // LoginURL is the relative url path where a user can login @@ -42,18 +40,11 @@ func PublicKey(key string) Option { } } -// PrivateKey is the JWT private key -func PrivateKey(key string) Option { - return func(o *Options) { - o.PrivateKey = key - } -} - // Credentials sets the auth credentials -func Credentials(id, refresh string) Option { +func Credentials(id, secret string) Option { return func(o *Options) { o.ID = id - o.RefreshToken = refresh + o.Secret = secret } } @@ -78,8 +69,6 @@ type GenerateOptions struct { Roles []string // Namespace the account belongs too Namespace string - // Secret to use with the account - Secret string // Provider of the account, e.g. oauth Provider string // Type of the account, e.g. user @@ -116,13 +105,6 @@ func WithNamespace(n string) GenerateOption { } } -// WithSecret for the generated account -func WithSecret(s string) GenerateOption { - return func(o *GenerateOptions) { - o.Secret = s - } -} - // WithProvider for the generated account func WithProvider(p string) GenerateOption { return func(o *GenerateOptions) { @@ -163,16 +145,35 @@ func NewLoginOptions(opts ...LoginOption) LoginOptions { } type TokenOptions struct { - // TokenExpiry is the time the token should live for - TokenExpiry time.Duration + // ID for the account + ID string + // Secret for the account + Secret string + // RefreshToken is used to refesh a token + RefreshToken string + // Expiry is the time the token should live for + Expiry time.Duration } type TokenOption func(o *TokenOptions) -// WithTokenExpiry for the token -func WithTokenExpiry(ex time.Duration) TokenOption { +// WithExpiry for the token +func WithExpiry(ex time.Duration) TokenOption { return func(o *TokenOptions) { - o.TokenExpiry = ex + o.Expiry = ex + } +} + +func WithCredentials(id, secret string) TokenOption { + return func(o *TokenOptions) { + o.ID = id + o.Secret = secret + } +} + +func WithToken(rt string) TokenOption { + return func(o *TokenOptions) { + o.RefreshToken = rt } } @@ -184,8 +185,8 @@ func NewTokenOptions(opts ...TokenOption) TokenOptions { } // set defualt expiry of token - if options.TokenExpiry == 0 { - options.TokenExpiry = time.Minute + if options.Expiry == 0 { + options.Expiry = time.Minute } return options diff --git a/auth/service/proto/auth.pb.go b/auth/service/proto/auth.pb.go index 604ea538..fc1527f4 100644 --- a/auth/service/proto/auth.pb.go +++ b/auth/service/proto/auth.pb.go @@ -119,8 +119,8 @@ func (m *ListAccountsResponse) GetAccounts() []*Account { } type Token struct { - Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"` - Type string `protobuf:"bytes,2,opt,name=type,proto3" json:"type,omitempty"` + AccessToken string `protobuf:"bytes,1,opt,name=access_token,json=accessToken,proto3" json:"access_token,omitempty"` + RefreshToken string `protobuf:"bytes,2,opt,name=refresh_token,json=refreshToken,proto3" json:"refresh_token,omitempty"` Created int64 `protobuf:"varint,3,opt,name=created,proto3" json:"created,omitempty"` Expiry int64 `protobuf:"varint,4,opt,name=expiry,proto3" json:"expiry,omitempty"` Subject string `protobuf:"bytes,5,opt,name=subject,proto3" json:"subject,omitempty"` @@ -157,16 +157,16 @@ func (m *Token) XXX_DiscardUnknown() { var xxx_messageInfo_Token proto.InternalMessageInfo -func (m *Token) GetToken() string { +func (m *Token) GetAccessToken() string { if m != nil { - return m.Token + return m.AccessToken } return "" } -func (m *Token) GetType() string { +func (m *Token) GetRefreshToken() string { if m != nil { - return m.Type + return m.RefreshToken } return "" } @@ -219,8 +219,7 @@ type Account struct { Roles []string `protobuf:"bytes,3,rep,name=roles,proto3" json:"roles,omitempty"` Metadata map[string]string `protobuf:"bytes,4,rep,name=metadata,proto3" json:"metadata,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` Namespace string `protobuf:"bytes,5,opt,name=namespace,proto3" json:"namespace,omitempty"` - RefreshToken string `protobuf:"bytes,6,opt,name=refresh_token,json=refreshToken,proto3" json:"refresh_token,omitempty"` - Provider string `protobuf:"bytes,7,opt,name=provider,proto3" json:"provider,omitempty"` + Provider string `protobuf:"bytes,6,opt,name=provider,proto3" json:"provider,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -286,13 +285,6 @@ func (m *Account) GetNamespace() string { return "" } -func (m *Account) GetRefreshToken() string { - if m != nil { - return m.RefreshToken - } - return "" -} - func (m *Account) GetProvider() string { if m != nil { return m.Provider @@ -355,92 +347,6 @@ func (m *Resource) GetEndpoint() string { return "" } -type LoginRequest struct { - Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` - Secret string `protobuf:"bytes,2,opt,name=secret,proto3" json:"secret,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *LoginRequest) Reset() { *m = LoginRequest{} } -func (m *LoginRequest) String() string { return proto.CompactTextString(m) } -func (*LoginRequest) ProtoMessage() {} -func (*LoginRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{5} -} - -func (m *LoginRequest) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_LoginRequest.Unmarshal(m, b) -} -func (m *LoginRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_LoginRequest.Marshal(b, m, deterministic) -} -func (m *LoginRequest) XXX_Merge(src proto.Message) { - xxx_messageInfo_LoginRequest.Merge(m, src) -} -func (m *LoginRequest) XXX_Size() int { - return xxx_messageInfo_LoginRequest.Size(m) -} -func (m *LoginRequest) XXX_DiscardUnknown() { - xxx_messageInfo_LoginRequest.DiscardUnknown(m) -} - -var xxx_messageInfo_LoginRequest proto.InternalMessageInfo - -func (m *LoginRequest) GetId() string { - if m != nil { - return m.Id - } - return "" -} - -func (m *LoginRequest) GetSecret() string { - if m != nil { - return m.Secret - } - return "" -} - -type LoginResponse struct { - Account *Account `protobuf:"bytes,1,opt,name=account,proto3" json:"account,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *LoginResponse) Reset() { *m = LoginResponse{} } -func (m *LoginResponse) String() string { return proto.CompactTextString(m) } -func (*LoginResponse) ProtoMessage() {} -func (*LoginResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{6} -} - -func (m *LoginResponse) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_LoginResponse.Unmarshal(m, b) -} -func (m *LoginResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_LoginResponse.Marshal(b, m, deterministic) -} -func (m *LoginResponse) XXX_Merge(src proto.Message) { - xxx_messageInfo_LoginResponse.Merge(m, src) -} -func (m *LoginResponse) XXX_Size() int { - return xxx_messageInfo_LoginResponse.Size(m) -} -func (m *LoginResponse) XXX_DiscardUnknown() { - xxx_messageInfo_LoginResponse.DiscardUnknown(m) -} - -var xxx_messageInfo_LoginResponse proto.InternalMessageInfo - -func (m *LoginResponse) GetAccount() *Account { - if m != nil { - return m.Account - } - return nil -} - type GenerateRequest struct { Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` Roles []string `protobuf:"bytes,2,rep,name=roles,proto3" json:"roles,omitempty"` @@ -458,7 +364,7 @@ func (m *GenerateRequest) Reset() { *m = GenerateRequest{} } func (m *GenerateRequest) String() string { return proto.CompactTextString(m) } func (*GenerateRequest) ProtoMessage() {} func (*GenerateRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{7} + return fileDescriptor_11312eec02fd5712, []int{5} } func (m *GenerateRequest) XXX_Unmarshal(b []byte) error { @@ -539,7 +445,7 @@ func (m *GenerateResponse) Reset() { *m = GenerateResponse{} } func (m *GenerateResponse) String() string { return proto.CompactTextString(m) } func (*GenerateResponse) ProtoMessage() {} func (*GenerateResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{8} + return fileDescriptor_11312eec02fd5712, []int{6} } func (m *GenerateResponse) XXX_Unmarshal(b []byte) error { @@ -579,7 +485,7 @@ func (m *GrantRequest) Reset() { *m = GrantRequest{} } func (m *GrantRequest) String() string { return proto.CompactTextString(m) } func (*GrantRequest) ProtoMessage() {} func (*GrantRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{9} + return fileDescriptor_11312eec02fd5712, []int{7} } func (m *GrantRequest) XXX_Unmarshal(b []byte) error { @@ -624,7 +530,7 @@ func (m *GrantResponse) Reset() { *m = GrantResponse{} } func (m *GrantResponse) String() string { return proto.CompactTextString(m) } func (*GrantResponse) ProtoMessage() {} func (*GrantResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{10} + return fileDescriptor_11312eec02fd5712, []int{8} } func (m *GrantResponse) XXX_Unmarshal(b []byte) error { @@ -657,7 +563,7 @@ func (m *RevokeRequest) Reset() { *m = RevokeRequest{} } func (m *RevokeRequest) String() string { return proto.CompactTextString(m) } func (*RevokeRequest) ProtoMessage() {} func (*RevokeRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{11} + return fileDescriptor_11312eec02fd5712, []int{9} } func (m *RevokeRequest) XXX_Unmarshal(b []byte) error { @@ -702,7 +608,7 @@ func (m *RevokeResponse) Reset() { *m = RevokeResponse{} } func (m *RevokeResponse) String() string { return proto.CompactTextString(m) } func (*RevokeResponse) ProtoMessage() {} func (*RevokeResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{12} + return fileDescriptor_11312eec02fd5712, []int{10} } func (m *RevokeResponse) XXX_Unmarshal(b []byte) error { @@ -734,7 +640,7 @@ func (m *InspectRequest) Reset() { *m = InspectRequest{} } func (m *InspectRequest) String() string { return proto.CompactTextString(m) } func (*InspectRequest) ProtoMessage() {} func (*InspectRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{13} + return fileDescriptor_11312eec02fd5712, []int{11} } func (m *InspectRequest) XXX_Unmarshal(b []byte) error { @@ -773,7 +679,7 @@ func (m *InspectResponse) Reset() { *m = InspectResponse{} } func (m *InspectResponse) String() string { return proto.CompactTextString(m) } func (*InspectResponse) ProtoMessage() {} func (*InspectResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{14} + return fileDescriptor_11312eec02fd5712, []int{12} } func (m *InspectResponse) XXX_Unmarshal(b []byte) error { @@ -803,8 +709,9 @@ func (m *InspectResponse) GetAccount() *Account { type TokenRequest struct { Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` - RefreshToken string `protobuf:"bytes,2,opt,name=refresh_token,json=refreshToken,proto3" json:"refresh_token,omitempty"` - TokenExpiry int64 `protobuf:"varint,3,opt,name=token_expiry,json=tokenExpiry,proto3" json:"token_expiry,omitempty"` + Secret string `protobuf:"bytes,2,opt,name=secret,proto3" json:"secret,omitempty"` + RefreshToken string `protobuf:"bytes,3,opt,name=refresh_token,json=refreshToken,proto3" json:"refresh_token,omitempty"` + TokenExpiry int64 `protobuf:"varint,4,opt,name=token_expiry,json=tokenExpiry,proto3" json:"token_expiry,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -814,7 +721,7 @@ func (m *TokenRequest) Reset() { *m = TokenRequest{} } func (m *TokenRequest) String() string { return proto.CompactTextString(m) } func (*TokenRequest) ProtoMessage() {} func (*TokenRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{15} + return fileDescriptor_11312eec02fd5712, []int{13} } func (m *TokenRequest) XXX_Unmarshal(b []byte) error { @@ -842,6 +749,13 @@ func (m *TokenRequest) GetId() string { return "" } +func (m *TokenRequest) GetSecret() string { + if m != nil { + return m.Secret + } + return "" +} + func (m *TokenRequest) GetRefreshToken() string { if m != nil { return m.RefreshToken @@ -867,7 +781,7 @@ func (m *TokenResponse) Reset() { *m = TokenResponse{} } func (m *TokenResponse) String() string { return proto.CompactTextString(m) } func (*TokenResponse) ProtoMessage() {} func (*TokenResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{16} + return fileDescriptor_11312eec02fd5712, []int{14} } func (m *TokenResponse) XXX_Unmarshal(b []byte) error { @@ -909,7 +823,7 @@ func (m *Rule) Reset() { *m = Rule{} } func (m *Rule) String() string { return proto.CompactTextString(m) } func (*Rule) ProtoMessage() {} func (*Rule) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{17} + return fileDescriptor_11312eec02fd5712, []int{15} } func (m *Rule) XXX_Unmarshal(b []byte) error { @@ -971,7 +885,7 @@ func (m *CreateRequest) Reset() { *m = CreateRequest{} } func (m *CreateRequest) String() string { return proto.CompactTextString(m) } func (*CreateRequest) ProtoMessage() {} func (*CreateRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{18} + return fileDescriptor_11312eec02fd5712, []int{16} } func (m *CreateRequest) XXX_Unmarshal(b []byte) error { @@ -1023,7 +937,7 @@ func (m *CreateResponse) Reset() { *m = CreateResponse{} } func (m *CreateResponse) String() string { return proto.CompactTextString(m) } func (*CreateResponse) ProtoMessage() {} func (*CreateResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{19} + return fileDescriptor_11312eec02fd5712, []int{17} } func (m *CreateResponse) XXX_Unmarshal(b []byte) error { @@ -1057,7 +971,7 @@ func (m *DeleteRequest) Reset() { *m = DeleteRequest{} } func (m *DeleteRequest) String() string { return proto.CompactTextString(m) } func (*DeleteRequest) ProtoMessage() {} func (*DeleteRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{20} + return fileDescriptor_11312eec02fd5712, []int{18} } func (m *DeleteRequest) XXX_Unmarshal(b []byte) error { @@ -1109,7 +1023,7 @@ func (m *DeleteResponse) Reset() { *m = DeleteResponse{} } func (m *DeleteResponse) String() string { return proto.CompactTextString(m) } func (*DeleteResponse) ProtoMessage() {} func (*DeleteResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{21} + return fileDescriptor_11312eec02fd5712, []int{19} } func (m *DeleteResponse) XXX_Unmarshal(b []byte) error { @@ -1140,7 +1054,7 @@ func (m *ListRequest) Reset() { *m = ListRequest{} } func (m *ListRequest) String() string { return proto.CompactTextString(m) } func (*ListRequest) ProtoMessage() {} func (*ListRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{22} + return fileDescriptor_11312eec02fd5712, []int{20} } func (m *ListRequest) XXX_Unmarshal(b []byte) error { @@ -1172,7 +1086,7 @@ func (m *ListResponse) Reset() { *m = ListResponse{} } func (m *ListResponse) String() string { return proto.CompactTextString(m) } func (*ListResponse) ProtoMessage() {} func (*ListResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_11312eec02fd5712, []int{23} + return fileDescriptor_11312eec02fd5712, []int{21} } func (m *ListResponse) XXX_Unmarshal(b []byte) error { @@ -1209,8 +1123,6 @@ func init() { proto.RegisterType((*Account)(nil), "go.micro.auth.Account") proto.RegisterMapType((map[string]string)(nil), "go.micro.auth.Account.MetadataEntry") proto.RegisterType((*Resource)(nil), "go.micro.auth.Resource") - proto.RegisterType((*LoginRequest)(nil), "go.micro.auth.LoginRequest") - proto.RegisterType((*LoginResponse)(nil), "go.micro.auth.LoginResponse") proto.RegisterType((*GenerateRequest)(nil), "go.micro.auth.GenerateRequest") proto.RegisterMapType((map[string]string)(nil), "go.micro.auth.GenerateRequest.MetadataEntry") proto.RegisterType((*GenerateResponse)(nil), "go.micro.auth.GenerateResponse") @@ -1236,65 +1148,63 @@ func init() { } var fileDescriptor_11312eec02fd5712 = []byte{ - // 947 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x56, 0xdd, 0x8e, 0xdb, 0x44, - 0x14, 0x5e, 0xdb, 0x89, 0xe3, 0x3d, 0x89, 0xb3, 0xd1, 0x74, 0xbb, 0x58, 0xe9, 0x0f, 0x8b, 0x8b, - 0xd0, 0x52, 0xd1, 0x2c, 0x4a, 0x25, 0xfe, 0x2a, 0x21, 0xa2, 0x26, 0x0a, 0x2d, 0x6d, 0x10, 0x56, - 0x51, 0xb9, 0x41, 0x95, 0xd7, 0x39, 0xdd, 0x35, 0x9b, 0xb5, 0xc3, 0xcc, 0x78, 0xc5, 0x3e, 0x01, - 0x77, 0xbc, 0x03, 0x12, 0xb7, 0xf0, 0x44, 0x3c, 0x0c, 0x9a, 0xf1, 0x8c, 0xd7, 0x71, 0x9c, 0x6a, - 0x55, 0x16, 0x89, 0xbb, 0x39, 0x33, 0x67, 0xbe, 0x73, 0xbe, 0xf3, 0x37, 0x03, 0x9f, 0x1e, 0xc7, - 0xfc, 0x24, 0x3b, 0x1a, 0x44, 0xe9, 0xd9, 0xe1, 0x59, 0x1c, 0xd1, 0xf4, 0xf0, 0x38, 0x7d, 0x90, - 0x2f, 0xc2, 0x8c, 0x9f, 0x1c, 0x32, 0xa4, 0xe7, 0x71, 0x84, 0x87, 0x4b, 0x9a, 0xf2, 0x7c, 0x6b, - 0x20, 0x97, 0xc4, 0x3d, 0x4e, 0x07, 0x52, 0x6f, 0x20, 0x36, 0xfd, 0x9b, 0x70, 0xe3, 0x59, 0xcc, - 0xf8, 0x28, 0x8a, 0xd2, 0x2c, 0xe1, 0x2c, 0xc0, 0x9f, 0x33, 0x64, 0xdc, 0x7f, 0x0a, 0xbb, 0xab, - 0xdb, 0x6c, 0x99, 0x26, 0x0c, 0xc9, 0x10, 0x9c, 0x50, 0xed, 0x79, 0xc6, 0xbe, 0x75, 0xd0, 0x1e, - 0xee, 0x0d, 0x56, 0x00, 0x07, 0xea, 0x4a, 0x50, 0xe8, 0xf9, 0x7f, 0x99, 0xd0, 0x7c, 0x91, 0x9e, - 0x62, 0x42, 0x76, 0xa1, 0xc9, 0xc5, 0xc2, 0x33, 0xf6, 0x8d, 0x83, 0xed, 0x20, 0x17, 0x08, 0x81, - 0x06, 0xbf, 0x58, 0xa2, 0x67, 0xca, 0x4d, 0xb9, 0x26, 0x1e, 0xb4, 0x22, 0x8a, 0x21, 0xc7, 0xb9, - 0x67, 0xed, 0x1b, 0x07, 0x56, 0xa0, 0x45, 0xb2, 0x07, 0x36, 0xfe, 0xb2, 0x8c, 0xe9, 0x85, 0xd7, - 0x90, 0x07, 0x4a, 0x12, 0x37, 0x58, 0x76, 0xf4, 0x13, 0x46, 0xdc, 0x6b, 0x4a, 0x20, 0x2d, 0x0a, - 0xab, 0x34, 0x5d, 0x20, 0xf3, 0xec, 0x7d, 0x4b, 0x58, 0x95, 0x02, 0xf9, 0x12, 0x9c, 0x33, 0xe4, - 0xe1, 0x3c, 0xe4, 0xa1, 0xd7, 0x92, 0x4c, 0xfc, 0x0a, 0x13, 0xe9, 0xf3, 0xe0, 0xb9, 0x52, 0x9a, - 0x24, 0x9c, 0x5e, 0x04, 0xc5, 0x1d, 0x72, 0x1b, 0xb6, 0x93, 0xf0, 0x0c, 0xd9, 0x32, 0x8c, 0xd0, - 0x73, 0xa4, 0xc5, 0xcb, 0x8d, 0xfe, 0x23, 0x70, 0x57, 0x2e, 0x92, 0x1e, 0x58, 0xa7, 0x78, 0xa1, - 0x88, 0x8b, 0xa5, 0x70, 0xeb, 0x3c, 0x5c, 0x64, 0x9a, 0x77, 0x2e, 0x7c, 0x61, 0x7e, 0x66, 0xf8, - 0xbf, 0x9b, 0xd0, 0x52, 0x61, 0x24, 0x5d, 0x30, 0xe3, 0xb9, 0xba, 0x66, 0xc6, 0xf3, 0xda, 0x60, - 0x15, 0x04, 0xad, 0x32, 0xc1, 0xaf, 0x4a, 0x04, 0x1b, 0x92, 0xe0, 0xfb, 0xf5, 0xa9, 0xba, 0x1a, - 0xc5, 0x66, 0x85, 0x22, 0xb9, 0x07, 0x2e, 0xc5, 0xd7, 0x14, 0xd9, 0xc9, 0xab, 0x3c, 0xa9, 0xb6, - 0xd4, 0xe8, 0xa8, 0xcd, 0x3c, 0xe3, 0x7d, 0x70, 0x96, 0x34, 0x3d, 0x8f, 0xe7, 0x48, 0xbd, 0x96, - 0x3c, 0x2f, 0xe4, 0x7f, 0x17, 0xa3, 0x19, 0x38, 0x01, 0xb2, 0x34, 0xa3, 0x11, 0x8a, 0x98, 0x08, - 0xb7, 0xd4, 0x45, 0xb9, 0xae, 0x8d, 0x53, 0x1f, 0x1c, 0x4c, 0xe6, 0xcb, 0x34, 0x4e, 0xb8, 0xac, - 0xaa, 0xed, 0xa0, 0x90, 0xfd, 0x4f, 0xa0, 0xf3, 0x2c, 0x3d, 0x8e, 0x13, 0xd5, 0x00, 0x6b, 0x71, - 0xdf, 0x03, 0x9b, 0x61, 0x44, 0x91, 0x2b, 0x44, 0x25, 0xf9, 0x23, 0x70, 0xd5, 0x3d, 0xd5, 0x21, - 0x1f, 0x43, 0x4b, 0x55, 0xbe, 0xbc, 0xbd, 0xb9, 0x41, 0xb4, 0x9a, 0xff, 0x87, 0x09, 0x3b, 0x53, - 0x4c, 0x90, 0x86, 0x1c, 0x37, 0x99, 0x2f, 0x52, 0x6c, 0x96, 0x53, 0xfc, 0x75, 0x29, 0xc5, 0x96, - 0x4c, 0xf1, 0x47, 0x15, 0x63, 0x15, 0xdc, 0xab, 0xa5, 0xba, 0x51, 0x4d, 0xf5, 0x25, 0xf9, 0x66, - 0x99, 0x7c, 0x11, 0x64, 0x7b, 0x35, 0xc8, 0xff, 0x4d, 0xc6, 0xc7, 0xd0, 0xbb, 0x64, 0xf3, 0xd6, - 0xc1, 0x7e, 0x09, 0x9d, 0x29, 0x0d, 0x13, 0xae, 0x03, 0x4d, 0xa0, 0x21, 0x62, 0xa9, 0x6b, 0x47, - 0xac, 0xc9, 0x43, 0x70, 0xa8, 0xaa, 0x2d, 0xe9, 0x46, 0x7b, 0xf8, 0x4e, 0x05, 0x56, 0x97, 0x5e, - 0x50, 0x28, 0xfa, 0x3b, 0xe0, 0x2a, 0xe0, 0xdc, 0x37, 0xff, 0x07, 0x70, 0x03, 0x3c, 0x4f, 0x4f, - 0xf1, 0xda, 0x4d, 0xf5, 0xa0, 0xab, 0x91, 0x95, 0xad, 0x0f, 0xa0, 0xfb, 0x24, 0x61, 0x4b, 0x8c, - 0x0a, 0x5e, 0xb5, 0xa3, 0xd6, 0x7f, 0x0c, 0x3b, 0x85, 0xde, 0x5b, 0x87, 0xf0, 0x35, 0x74, 0x64, - 0x73, 0x6f, 0xaa, 0xd5, 0xb5, 0xc1, 0x60, 0xd6, 0x0c, 0x86, 0xf7, 0xa0, 0x23, 0x0f, 0x5f, 0xa9, - 0x61, 0x9e, 0x4f, 0xf9, 0xb6, 0xdc, 0x9b, 0xc8, 0x2d, 0xff, 0x11, 0xb8, 0xca, 0x8e, 0x72, 0xf5, - 0x7e, 0x99, 0x53, 0x7b, 0xb8, 0x5b, 0x37, 0xaf, 0x35, 0xd3, 0xdf, 0x0c, 0x68, 0x04, 0xd9, 0x02, - 0xeb, 0x06, 0xa8, 0xcc, 0x82, 0xb9, 0x21, 0x0b, 0xd6, 0x15, 0xb3, 0x40, 0x1e, 0x80, 0x1d, 0x46, - 0x11, 0x32, 0x26, 0xfb, 0xa5, 0x3b, 0xbc, 0xb9, 0x1e, 0x37, 0x64, 0x2c, 0x50, 0x4a, 0xfe, 0xaf, - 0x06, 0xb8, 0x8f, 0xe5, 0x1b, 0x76, 0xdd, 0xf5, 0x50, 0xf2, 0xc4, 0xba, 0x8a, 0x27, 0x3d, 0xe8, - 0x6a, 0x47, 0x54, 0xf9, 0x08, 0xdf, 0xc6, 0xb8, 0xc0, 0xff, 0x85, 0x6f, 0xda, 0x11, 0xe5, 0x9b, - 0x0b, 0x6d, 0xf1, 0x13, 0xd1, 0x1f, 0x93, 0xcf, 0xa1, 0x93, 0x8b, 0xaa, 0x26, 0x3e, 0x84, 0x26, - 0xcd, 0xc4, 0x60, 0xcc, 0x7f, 0x23, 0x37, 0xaa, 0x1e, 0x65, 0x0b, 0x0c, 0x72, 0x8d, 0xfb, 0x03, - 0xb0, 0x73, 0x6b, 0xa4, 0x0d, 0xad, 0xef, 0x67, 0xdf, 0xcc, 0xbe, 0x7d, 0x39, 0xeb, 0x6d, 0x09, - 0x61, 0x1a, 0x8c, 0x66, 0x2f, 0x26, 0xe3, 0x9e, 0x41, 0x00, 0xec, 0xf1, 0x64, 0xf6, 0x64, 0x32, - 0xee, 0x99, 0xc3, 0x3f, 0x4d, 0x68, 0x8c, 0x32, 0x7e, 0x42, 0x9e, 0x83, 0xa3, 0x27, 0x0f, 0xb9, - 0xfb, 0xe6, 0x01, 0xdb, 0x7f, 0x77, 0xe3, 0xb9, 0xe2, 0xb3, 0x45, 0x9e, 0x42, 0x4b, 0x35, 0x21, - 0xb9, 0x53, 0xd1, 0x5e, 0x6d, 0xe2, 0xfe, 0xdd, 0x4d, 0xc7, 0x05, 0xd6, 0x58, 0x7f, 0xad, 0x6e, - 0xd5, 0x36, 0x83, 0xc2, 0xb9, 0x5d, 0x7f, 0x58, 0x46, 0x91, 0x8f, 0xd8, 0x1a, 0x4a, 0xf9, 0x49, - 0x5c, 0x43, 0x59, 0x79, 0xf7, 0xfc, 0xad, 0xe1, 0x8f, 0xe0, 0xe8, 0xff, 0x22, 0xf9, 0x0e, 0x1a, - 0x22, 0x4d, 0xa4, 0xfa, 0xa7, 0xaa, 0xf9, 0x6b, 0xf6, 0xef, 0xbd, 0x51, 0xa7, 0x80, 0xff, 0xdb, - 0x80, 0xa6, 0x48, 0x27, 0x23, 0x53, 0xb0, 0xf3, 0x02, 0x26, 0x55, 0x97, 0x56, 0x1a, 0xac, 0x7f, - 0x67, 0xc3, 0x69, 0xc1, 0x7b, 0x0a, 0x76, 0x5e, 0x6d, 0x6b, 0x40, 0x2b, 0xdd, 0xb0, 0x06, 0x54, - 0x29, 0xd1, 0x2d, 0x32, 0x52, 0x74, 0xfb, 0x35, 0x54, 0x34, 0xc8, 0xad, 0xda, 0x33, 0x0d, 0x71, - 0x64, 0xcb, 0xef, 0xf9, 0xc3, 0x7f, 0x02, 0x00, 0x00, 0xff, 0xff, 0x8f, 0xd3, 0xdd, 0x57, 0xd9, - 0x0b, 0x00, 0x00, + // 924 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x56, 0x4b, 0x6f, 0xdb, 0x46, + 0x10, 0x36, 0x49, 0x89, 0xa2, 0x47, 0x0f, 0x0b, 0x1b, 0xc7, 0x25, 0x94, 0x47, 0x1d, 0xa6, 0x28, + 0xdc, 0xa0, 0x91, 0x0b, 0xe5, 0xd0, 0x47, 0x80, 0xa2, 0x46, 0x24, 0xa8, 0x49, 0x1b, 0x15, 0x25, + 0x52, 0xa4, 0x97, 0x22, 0xa0, 0xa9, 0xa9, 0xcd, 0x5a, 0x26, 0xd9, 0xdd, 0xa5, 0x51, 0x5f, 0x7a, + 0xed, 0xad, 0xbf, 0xa2, 0x3f, 0xa7, 0x3f, 0xa1, 0xf7, 0xfe, 0x89, 0x1e, 0x0a, 0xee, 0x83, 0x16, + 0x29, 0xca, 0x10, 0x5a, 0x1f, 0x72, 0xdb, 0x79, 0xec, 0xec, 0x7c, 0xdf, 0x0c, 0x87, 0x03, 0x1f, + 0x9f, 0x44, 0xfc, 0x34, 0x3b, 0x1e, 0x86, 0xc9, 0xf9, 0xe1, 0x79, 0x14, 0xd2, 0xe4, 0xf0, 0x24, + 0x79, 0x2c, 0x0f, 0x41, 0xc6, 0x4f, 0x0f, 0x19, 0xd2, 0x8b, 0x28, 0xc4, 0xc3, 0x94, 0x26, 0x5c, + 0xaa, 0x86, 0xe2, 0x48, 0xba, 0x27, 0xc9, 0x50, 0xf8, 0x0d, 0x73, 0xa5, 0x77, 0x1b, 0x6e, 0x7d, + 0x1d, 0x31, 0x7e, 0x14, 0x86, 0x49, 0x16, 0x73, 0xe6, 0xe3, 0xcf, 0x19, 0x32, 0xee, 0xbd, 0x80, + 0xdd, 0xb2, 0x9a, 0xa5, 0x49, 0xcc, 0x90, 0x8c, 0xc0, 0x09, 0x94, 0xce, 0x35, 0xf6, 0xad, 0x83, + 0xf6, 0x68, 0x6f, 0x58, 0x0a, 0x38, 0x54, 0x57, 0xfc, 0xc2, 0xcf, 0xfb, 0xd3, 0x84, 0xe6, 0xab, + 0xe4, 0x0c, 0x63, 0xf2, 0x00, 0x3a, 0x41, 0x18, 0x22, 0x63, 0x6f, 0x78, 0x2e, 0xbb, 0xc6, 0xbe, + 0x71, 0xb0, 0xed, 0xb7, 0xa5, 0x4e, 0xba, 0x3c, 0x84, 0x2e, 0xc5, 0x1f, 0x29, 0xb2, 0x53, 0xe5, + 0x63, 0x0a, 0x9f, 0x8e, 0x52, 0x4a, 0x27, 0x17, 0x5a, 0x21, 0xc5, 0x80, 0xe3, 0xdc, 0xb5, 0xf6, + 0x8d, 0x03, 0xcb, 0xd7, 0x22, 0xd9, 0x03, 0x1b, 0x7f, 0x49, 0x23, 0x7a, 0xe9, 0x36, 0x84, 0x41, + 0x49, 0xf9, 0x0d, 0x96, 0x1d, 0xff, 0x84, 0x21, 0x77, 0x9b, 0x22, 0xa0, 0x16, 0xc9, 0x2e, 0x34, + 0x69, 0xb2, 0x40, 0xe6, 0xda, 0xfb, 0xd6, 0xc1, 0xb6, 0x2f, 0x05, 0xf2, 0x39, 0x38, 0xe7, 0xc8, + 0x83, 0x79, 0xc0, 0x03, 0xb7, 0x25, 0x70, 0x7a, 0x15, 0x9c, 0x22, 0x93, 0xe1, 0x4b, 0xe5, 0x34, + 0x89, 0x39, 0xbd, 0xf4, 0x8b, 0x3b, 0xe4, 0x2e, 0x6c, 0xc7, 0xc1, 0x39, 0xb2, 0x34, 0x08, 0xd1, + 0x75, 0xc4, 0x8b, 0x57, 0x8a, 0xc1, 0x53, 0xe8, 0x96, 0x2e, 0x92, 0x3e, 0x58, 0x67, 0x78, 0xa9, + 0xf8, 0xc8, 0x8f, 0x79, 0x5a, 0x17, 0xc1, 0x22, 0x43, 0x85, 0x5f, 0x0a, 0x9f, 0x99, 0x9f, 0x18, + 0xde, 0x3f, 0x06, 0xb4, 0x14, 0xc9, 0xa4, 0x07, 0x66, 0x34, 0x57, 0xd7, 0xcc, 0x68, 0x4e, 0x08, + 0x34, 0xf8, 0x65, 0xaa, 0x2f, 0x89, 0xf3, 0x15, 0x40, 0x6b, 0x19, 0xe0, 0x17, 0x4b, 0x00, 0x1b, + 0x02, 0xe0, 0x7b, 0xf5, 0x85, 0xdc, 0x0c, 0x62, 0xb3, 0x02, 0x91, 0x0c, 0xc0, 0x49, 0x69, 0x72, + 0x11, 0xcd, 0x91, 0xba, 0xb6, 0x30, 0x16, 0xf2, 0xff, 0x83, 0x3f, 0x03, 0xc7, 0x47, 0x96, 0x64, + 0x34, 0xc4, 0x1c, 0x6e, 0xfe, 0xa2, 0xba, 0x28, 0xce, 0xb5, 0x14, 0x0c, 0xc0, 0xc1, 0x78, 0x9e, + 0x26, 0x51, 0xcc, 0x45, 0xc3, 0x6c, 0xfb, 0x85, 0xec, 0xfd, 0x61, 0xc2, 0xce, 0x14, 0x63, 0xa4, + 0x01, 0x47, 0xd5, 0xfd, 0x2b, 0xb4, 0x16, 0x14, 0x9a, 0xcb, 0x14, 0x7e, 0xb9, 0x44, 0xa1, 0x25, + 0x28, 0xfc, 0xb0, 0x42, 0x61, 0x25, 0xee, 0x66, 0x54, 0x36, 0xaa, 0x54, 0xee, 0x81, 0xcd, 0x30, + 0xa4, 0xa8, 0x5b, 0x57, 0x49, 0x05, 0x52, 0xbb, 0x8c, 0xb4, 0xa0, 0xbd, 0x75, 0x93, 0xb4, 0x8f, + 0xa1, 0x7f, 0x85, 0x46, 0x0d, 0x83, 0x8f, 0xa0, 0xa5, 0x3e, 0x72, 0x11, 0x63, 0xfd, 0x2c, 0xd0, + 0x6e, 0xde, 0x6b, 0xe8, 0x4c, 0x69, 0x10, 0x73, 0x4d, 0x34, 0x81, 0x46, 0xce, 0xa5, 0x2e, 0x60, + 0x7e, 0x26, 0x4f, 0xc0, 0xa1, 0xaa, 0xc0, 0x22, 0x8d, 0xf6, 0xe8, 0x9d, 0x4a, 0x58, 0x5d, 0x7f, + 0xbf, 0x70, 0xf4, 0x76, 0xa0, 0xab, 0x02, 0xcb, 0xdc, 0xbc, 0xef, 0xa1, 0xeb, 0xe3, 0x45, 0x72, + 0x86, 0x37, 0xfe, 0x54, 0x1f, 0x7a, 0x3a, 0xb2, 0x7a, 0xeb, 0x7d, 0xe8, 0x3d, 0x8f, 0x59, 0x8a, + 0x61, 0x81, 0x6b, 0x17, 0x9a, 0xcb, 0x13, 0x4e, 0x0a, 0xde, 0x33, 0xd8, 0x29, 0xfc, 0xfe, 0x33, + 0x85, 0xbf, 0x42, 0x47, 0x8c, 0x9e, 0x75, 0xbd, 0x7a, 0xd5, 0x2d, 0x66, 0xa9, 0x5b, 0x56, 0x06, + 0xab, 0x55, 0x33, 0x58, 0x1f, 0x40, 0x47, 0x18, 0xdf, 0x94, 0x86, 0x68, 0x5b, 0xe8, 0x26, 0x42, + 0xe5, 0x3d, 0x85, 0xae, 0x7a, 0x5f, 0x41, 0x78, 0xb4, 0x8c, 0xb5, 0x3d, 0xda, 0xad, 0x9b, 0x93, + 0x9a, 0x81, 0xdf, 0x0d, 0x68, 0xf8, 0xd9, 0x02, 0xeb, 0x06, 0x97, 0xa8, 0x8e, 0xb9, 0xa6, 0x3a, + 0xd6, 0x86, 0xd5, 0x21, 0x8f, 0xc1, 0x96, 0xbf, 0x13, 0x91, 0x7b, 0x6f, 0x74, 0x7b, 0x95, 0x4f, + 0x64, 0xcc, 0x57, 0x4e, 0xde, 0x6f, 0x06, 0x74, 0x9f, 0x89, 0x7f, 0xc7, 0x4d, 0xf7, 0xc9, 0x52, + 0x26, 0xd6, 0x26, 0x99, 0xf4, 0xa1, 0xa7, 0x13, 0x51, 0x6d, 0x95, 0xe7, 0x36, 0xc6, 0x05, 0xbe, + 0x15, 0xb9, 0xe9, 0x44, 0x54, 0x6e, 0x5d, 0x68, 0xe7, 0xfb, 0x81, 0x5e, 0x17, 0x3e, 0x85, 0x8e, + 0x14, 0x55, 0x4f, 0x7c, 0x00, 0x4d, 0x9a, 0xe5, 0x03, 0x53, 0xee, 0x08, 0xb7, 0xaa, 0x19, 0x65, + 0x0b, 0xf4, 0xa5, 0xc7, 0xa3, 0x21, 0xd8, 0xf2, 0x35, 0xd2, 0x86, 0xd6, 0x77, 0xb3, 0xaf, 0x66, + 0xdf, 0xbc, 0x9e, 0xf5, 0xb7, 0x72, 0x61, 0xea, 0x1f, 0xcd, 0x5e, 0x4d, 0xc6, 0x7d, 0x83, 0x00, + 0xd8, 0xe3, 0xc9, 0xec, 0xf9, 0x64, 0xdc, 0x37, 0x47, 0x7f, 0x1b, 0xd0, 0x38, 0xca, 0xf8, 0x29, + 0x79, 0x09, 0x8e, 0x9e, 0x48, 0xe4, 0xfe, 0xf5, 0x83, 0x77, 0xf0, 0xee, 0x5a, 0xbb, 0xc2, 0xb3, + 0x45, 0x5e, 0x40, 0x4b, 0x7d, 0x9c, 0xe4, 0x5e, 0xc5, 0xbb, 0xfc, 0x71, 0x0f, 0xee, 0xaf, 0x33, + 0x17, 0xb1, 0xc6, 0x7a, 0xe1, 0xb9, 0x53, 0xfb, 0x31, 0xa8, 0x38, 0x77, 0xeb, 0x8d, 0x3a, 0xca, + 0xe8, 0x07, 0x70, 0xf4, 0xfe, 0x45, 0xbe, 0x85, 0x46, 0x4e, 0x30, 0xa9, 0x6e, 0x21, 0x35, 0xbb, + 0xdb, 0xe0, 0xe1, 0xb5, 0x3e, 0x45, 0xf8, 0xbf, 0x0c, 0x68, 0xe6, 0x85, 0x60, 0x64, 0x0a, 0xb6, + 0x6c, 0x3d, 0x52, 0x4d, 0xa9, 0xf4, 0x69, 0x0c, 0xee, 0xad, 0xb1, 0x16, 0xb8, 0xa7, 0x60, 0xcb, + 0x3e, 0x59, 0x09, 0x54, 0xea, 0xe3, 0x95, 0x40, 0x95, 0xe6, 0xda, 0x22, 0x47, 0x0a, 0xee, 0xa0, + 0x06, 0x8a, 0x0e, 0x72, 0xa7, 0xd6, 0xa6, 0x43, 0x1c, 0xdb, 0x62, 0xdd, 0x7d, 0xf2, 0x6f, 0x00, + 0x00, 0x00, 0xff, 0xff, 0xd8, 0x6c, 0xbf, 0xd6, 0x29, 0x0b, 0x00, 0x00, } diff --git a/auth/service/proto/auth.pb.micro.go b/auth/service/proto/auth.pb.micro.go index 9937569d..334f2369 100644 --- a/auth/service/proto/auth.pb.micro.go +++ b/auth/service/proto/auth.pb.micro.go @@ -37,7 +37,6 @@ type AuthService interface { Generate(ctx context.Context, in *GenerateRequest, opts ...client.CallOption) (*GenerateResponse, error) Inspect(ctx context.Context, in *InspectRequest, opts ...client.CallOption) (*InspectResponse, error) Token(ctx context.Context, in *TokenRequest, opts ...client.CallOption) (*TokenResponse, error) - Login(ctx context.Context, in *LoginRequest, opts ...client.CallOption) (*LoginResponse, error) } type authService struct { @@ -82,23 +81,12 @@ func (c *authService) Token(ctx context.Context, in *TokenRequest, opts ...clien return out, nil } -func (c *authService) Login(ctx context.Context, in *LoginRequest, opts ...client.CallOption) (*LoginResponse, error) { - req := c.c.NewRequest(c.name, "Auth.Login", in) - out := new(LoginResponse) - err := c.c.Call(ctx, req, out, opts...) - if err != nil { - return nil, err - } - return out, nil -} - // Server API for Auth service type AuthHandler interface { Generate(context.Context, *GenerateRequest, *GenerateResponse) error Inspect(context.Context, *InspectRequest, *InspectResponse) error Token(context.Context, *TokenRequest, *TokenResponse) error - Login(context.Context, *LoginRequest, *LoginResponse) error } func RegisterAuthHandler(s server.Server, hdlr AuthHandler, opts ...server.HandlerOption) error { @@ -106,7 +94,6 @@ func RegisterAuthHandler(s server.Server, hdlr AuthHandler, opts ...server.Handl Generate(ctx context.Context, in *GenerateRequest, out *GenerateResponse) error Inspect(ctx context.Context, in *InspectRequest, out *InspectResponse) error Token(ctx context.Context, in *TokenRequest, out *TokenResponse) error - Login(ctx context.Context, in *LoginRequest, out *LoginResponse) error } type Auth struct { auth @@ -131,10 +118,6 @@ func (h *authHandler) Token(ctx context.Context, in *TokenRequest, out *TokenRes return h.AuthHandler.Token(ctx, in, out) } -func (h *authHandler) Login(ctx context.Context, in *LoginRequest, out *LoginResponse) error { - return h.AuthHandler.Login(ctx, in, out) -} - // Client API for Accounts service type AccountsService interface { diff --git a/auth/service/proto/auth.proto b/auth/service/proto/auth.proto index 9c27ecb7..ecc17f08 100644 --- a/auth/service/proto/auth.proto +++ b/auth/service/proto/auth.proto @@ -6,7 +6,6 @@ service Auth { rpc Generate(GenerateRequest) returns (GenerateResponse) {}; rpc Inspect(InspectRequest) returns (InspectResponse) {}; rpc Token(TokenRequest) returns (TokenResponse) {}; - rpc Login(LoginRequest) returns (LoginResponse) {}; } service Accounts { @@ -27,8 +26,8 @@ message ListAccountsResponse { } message Token { - string token = 1; - string type = 2; + string access_token = 1; + string refresh_token = 2; int64 created = 3; int64 expiry = 4; string subject = 5; @@ -43,8 +42,7 @@ message Account { repeated string roles = 3; map metadata = 4; string namespace = 5; - string refresh_token = 6; - string provider = 7; + string provider = 6; } message Resource{ @@ -53,15 +51,6 @@ message Resource{ string endpoint = 3; } -message LoginRequest { - string id = 1; - string secret = 2; -} - -message LoginResponse { - Account account = 1; -} - message GenerateRequest { string id = 1; repeated string roles = 2; @@ -100,8 +89,9 @@ message InspectResponse { message TokenRequest { string id = 1; - string refresh_token = 2; - int64 token_expiry = 3; + string secret = 2; + string refresh_token = 3; + int64 token_expiry = 4; } message TokenResponse { diff --git a/auth/service/service.go b/auth/service/service.go index 90c5122c..9c4a6573 100644 --- a/auth/service/service.go +++ b/auth/service/service.go @@ -73,11 +73,11 @@ func (s *svc) Init(opts ...auth.Option) { // we have client credentials and must load a new token // periodically - if len(s.options.ID) > 0 || len(s.options.RefreshToken) > 0 { + if len(s.options.ID) > 0 || len(s.options.Secret) > 0 { tokenTimer := time.NewTicker(time.Minute) go func() { - s.loadToken() + s.refreshToken() for { <-tokenTimer.C @@ -94,7 +94,7 @@ func (s *svc) Init(opts ...auth.Option) { // all the services calling the auth service // at the exact same time time.Sleep(jitter.Do(time.Second * 5)) - s.loadToken() + s.refreshToken() } }() } @@ -107,14 +107,14 @@ func (s *svc) Options() auth.Options { } // Generate a new account -func (s *svc) Generate(id string, opts ...auth.GenerateOption) (*auth.Account, error) { +func (s *svc) Generate(id, secret string, opts ...auth.GenerateOption) (*auth.Account, error) { options := auth.NewGenerateOptions(opts...) rsp, err := s.auth.Generate(context.TODO(), &pb.GenerateRequest{ Id: id, + Secret: secret, Type: options.Type, Roles: options.Roles, - Secret: options.Secret, Metadata: options.Metadata, Provider: options.Provider, Namespace: options.Namespace, @@ -126,16 +126,6 @@ func (s *svc) Generate(id string, opts ...auth.GenerateOption) (*auth.Account, e return serializeAccount(rsp.Account), nil } -// Login to an account -func (s *svc) Login(id string, opts ...auth.LoginOption) (*auth.Account, error) { - options := auth.NewLoginOptions(opts...) - rsp, err := s.auth.Login(context.TODO(), &pb.LoginRequest{Id: id, Secret: options.Secret}) - if err != nil { - return nil, err - } - return serializeAccount(rsp.Account), nil -} - // Grant access to a resource func (s *svc) Grant(role string, res *auth.Resource) error { _, err := s.rule.Create(context.TODO(), &pb.CreateRequest{ @@ -204,23 +194,14 @@ func (s *svc) Verify(acc *auth.Account, res *auth.Resource) error { // Inspect a token func (s *svc) Inspect(token string) (*auth.Account, error) { - // try to decode JWT locally and fall back to srv if an error - // occurs, TODO: find a better way of determining if the token - // is a JWT, possibly update the interface to take an auth.Token - // and not just the string + // try to decode JWT locally and fall back to srv if an error occurs if len(strings.Split(token, ".")) == 3 && s.jwt != nil { - if tok, err := s.jwt.Inspect(token); err == nil { - return &auth.Account{ - ID: tok.Subject, - Roles: tok.Roles, - Metadata: tok.Metadata, - }, nil + if acc, err := s.jwt.Inspect(token); err == nil { + return acc, nil } } - rsp, err := s.auth.Inspect(context.TODO(), &pb.InspectRequest{ - Token: token, - }) + rsp, err := s.auth.Inspect(context.TODO(), &pb.InspectRequest{Token: token}) if err != nil { return nil, err } @@ -229,13 +210,14 @@ func (s *svc) Inspect(token string) (*auth.Account, error) { } // Token generation using an account ID and secret -func (s *svc) Token(id, refresh string, opts ...auth.TokenOption) (*auth.Token, error) { +func (s *svc) Token(opts ...auth.TokenOption) (*auth.Token, error) { options := auth.NewTokenOptions(opts...) rsp, err := s.auth.Token(context.Background(), &pb.TokenRequest{ - Id: id, - RefreshToken: refresh, - TokenExpiry: int64(options.TokenExpiry.Seconds()), + Id: options.ID, + Secret: options.Secret, + RefreshToken: options.RefreshToken, + TokenExpiry: int64(options.Expiry.Seconds()), }) if err != nil { return nil, err @@ -299,13 +281,22 @@ func (s *svc) loadRules() { s.rules = rsp.Rules } -// loadToken generates a new token for the service to use when making calls -func (s *svc) loadToken() { - rsp, err := s.auth.Token(context.TODO(), &pb.TokenRequest{ - Id: s.Options().ID, - RefreshToken: s.Options().RefreshToken, - TokenExpiry: int64((time.Minute * 15).Seconds()), - }) +// refreshToken generates a new token for the service to use when making calls +func (s *svc) refreshToken() { + req := &pb.TokenRequest{ + TokenExpiry: int64((time.Minute * 15).Seconds()), + } + + if s.Options().Token == nil { + // we do not have a token, use the credentials to get one + req.Id = s.Options().ID + req.Secret = s.Options().Secret + } else { + // we have a token, refresh it + req.RefreshToken = s.Options().Token.RefreshToken + } + + rsp, err := s.auth.Token(context.TODO(), req) s.Lock() defer s.Unlock() @@ -319,23 +310,19 @@ func (s *svc) loadToken() { func serializeToken(t *pb.Token) *auth.Token { return &auth.Token{ - Token: t.Token, - Type: t.Type, - Created: time.Unix(t.Created, 0), - Expiry: time.Unix(t.Expiry, 0), - Subject: t.Subject, - Roles: t.Roles, - Metadata: t.Metadata, + AccessToken: t.AccessToken, + RefreshToken: t.RefreshToken, + Created: time.Unix(t.Created, 0), + Expiry: time.Unix(t.Expiry, 0), } } func serializeAccount(a *pb.Account) *auth.Account { return &auth.Account{ - ID: a.Id, - Roles: a.Roles, - Metadata: a.Metadata, - Provider: a.Provider, - Namespace: a.Namespace, - RefreshToken: a.RefreshToken, + ID: a.Id, + Roles: a.Roles, + Metadata: a.Metadata, + Provider: a.Provider, + Namespace: a.Namespace, } } diff --git a/auth/token/basic/basic.go b/auth/token/basic/basic.go index 34b79f92..364e2f3a 100644 --- a/auth/token/basic/basic.go +++ b/auth/token/basic/basic.go @@ -35,30 +35,19 @@ func NewTokenProvider(opts ...token.Option) token.Provider { } // Generate a token for an account -func (b *Basic) Generate(subject string, opts ...token.GenerateOption) (*auth.Token, error) { +func (b *Basic) Generate(acc *auth.Account, opts ...token.GenerateOption) (*token.Token, error) { options := token.NewGenerateOptions(opts...) - // construct the token - token := auth.Token{ - Subject: subject, - Type: b.String(), - Token: uuid.New().String(), - Created: time.Now(), - Expiry: time.Now().Add(options.Expiry), - Metadata: options.Metadata, - Roles: options.Roles, - Namespace: options.Namespace, - } - // marshal the account to bytes - bytes, err := json.Marshal(token) + bytes, err := json.Marshal(acc) if err != nil { return nil, err } // write to the store + key := uuid.New().String() err = b.store.Write(&store.Record{ - Key: fmt.Sprintf("%v%v", StorePrefix, token.Token), + Key: fmt.Sprintf("%v%v", StorePrefix, key), Value: bytes, Expiry: options.Expiry, }) @@ -67,11 +56,15 @@ func (b *Basic) Generate(subject string, opts ...token.GenerateOption) (*auth.To } // return the token - return &token, nil + return &token.Token{ + Token: key, + Created: time.Now(), + Expiry: time.Now().Add(options.Expiry), + }, nil } // Inspect a token -func (b *Basic) Inspect(t string) (*auth.Token, error) { +func (b *Basic) Inspect(t string) (*auth.Account, error) { // lookup the token in the store recs, err := b.store.Read(StorePrefix + t) if err == store.ErrNotFound { @@ -82,18 +75,12 @@ func (b *Basic) Inspect(t string) (*auth.Token, error) { bytes := recs[0].Value // unmarshal the bytes - var tok *auth.Token - if err := json.Unmarshal(bytes, &tok); err != nil { + var acc *auth.Account + if err := json.Unmarshal(bytes, &acc); err != nil { return nil, err } - // ensure the token hasn't expired, the store should - // expire the token but we're checking again - if tok.Expiry.Unix() < time.Now().Unix() { - return nil, token.ErrInvalidToken - } - - return tok, err + return acc, nil } // String returns basic diff --git a/auth/token/jwt/jwt.go b/auth/token/jwt/jwt.go index e35ac5e7..a633736d 100644 --- a/auth/token/jwt/jwt.go +++ b/auth/token/jwt/jwt.go @@ -11,7 +11,9 @@ import ( // authClaims to be encoded in the JWT type authClaims struct { + Type string `json:"type"` Roles []string `json:"roles"` + Provider string `json:"provider"` Metadata map[string]string `json:"metadata"` Namespace string `json:"namespace"` @@ -31,7 +33,7 @@ func NewTokenProvider(opts ...token.Option) token.Provider { } // Generate a new JWT -func (j *JWT) Generate(subject string, opts ...token.GenerateOption) (*auth.Token, error) { +func (j *JWT) Generate(acc *auth.Account, opts ...token.GenerateOption) (*token.Token, error) { // decode the private key priv, err := base64.StdEncoding.DecodeString(j.opts.PrivateKey) if err != nil { @@ -50,8 +52,8 @@ func (j *JWT) Generate(subject string, opts ...token.GenerateOption) (*auth.Toke // generate the JWT expiry := time.Now().Add(options.Expiry) t := jwt.NewWithClaims(jwt.SigningMethodRS256, authClaims{ - options.Roles, options.Metadata, options.Namespace, jwt.StandardClaims{ - Subject: subject, + acc.Type, acc.Roles, acc.Provider, acc.Metadata, acc.Namespace, jwt.StandardClaims{ + Subject: acc.ID, ExpiresAt: expiry.Unix(), }, }) @@ -61,20 +63,15 @@ func (j *JWT) Generate(subject string, opts ...token.GenerateOption) (*auth.Toke } // return the token - return &auth.Token{ - Subject: subject, - Token: tok, - Type: j.String(), - Created: time.Now(), - Expiry: expiry, - Roles: options.Roles, - Metadata: options.Metadata, - Namespace: options.Namespace, + return &token.Token{ + Token: tok, + Expiry: expiry, + Created: time.Now(), }, nil } // Inspect a JWT -func (j *JWT) Inspect(t string) (*auth.Token, error) { +func (j *JWT) Inspect(t string) (*auth.Account, error) { // decode the public key pub, err := base64.StdEncoding.DecodeString(j.opts.PublicKey) if err != nil { @@ -99,11 +96,12 @@ func (j *JWT) Inspect(t string) (*auth.Token, error) { } // return the token - return &auth.Token{ - Token: t, - Subject: claims.Subject, - Metadata: claims.Metadata, + return &auth.Account{ + ID: claims.Subject, + Type: claims.Type, Roles: claims.Roles, + Provider: claims.Provider, + Metadata: claims.Metadata, Namespace: claims.Namespace, }, nil } diff --git a/auth/token/options.go b/auth/token/options.go index 2e8d3bbd..8afe174d 100644 --- a/auth/token/options.go +++ b/auth/token/options.go @@ -53,12 +53,6 @@ func NewOptions(opts ...Option) Options { type GenerateOptions struct { // Expiry for the token Expiry time.Duration - // Metadata associated with the account - Metadata map[string]string - // Roles/scopes associated with the account - Roles []string - // Namespace the account belongs too - Namespace string } type GenerateOption func(o *GenerateOptions) @@ -70,27 +64,6 @@ func WithExpiry(d time.Duration) GenerateOption { } } -// WithMetadata for the token -func WithMetadata(md map[string]string) func(o *GenerateOptions) { - return func(o *GenerateOptions) { - o.Metadata = md - } -} - -// WithRoles for the token -func WithRoles(rs ...string) func(o *GenerateOptions) { - return func(o *GenerateOptions) { - o.Roles = rs - } -} - -// WithNamespace for the token -func WithNamespace(n string) func(o *GenerateOptions) { - return func(o *GenerateOptions) { - o.Namespace = n - } -} - // NewGenerateOptions from a slice of options func NewGenerateOptions(opts ...GenerateOption) GenerateOptions { var options GenerateOptions diff --git a/auth/token/token.go b/auth/token/token.go index da8409f1..61b1b6f5 100644 --- a/auth/token/token.go +++ b/auth/token/token.go @@ -2,6 +2,7 @@ package token import ( "errors" + "time" "github.com/micro/go-micro/v2/auth" ) @@ -17,7 +18,16 @@ var ( // Provider generates and inspects tokens type Provider interface { - Generate(subject string, opts ...GenerateOption) (*auth.Token, error) - Inspect(token string) (*auth.Token, error) + Generate(account *auth.Account, opts ...GenerateOption) (*Token, error) + Inspect(token string) (*auth.Account, error) String() string } + +type Token struct { + // The actual token + Token string `json:"token"` + // Time of token creation + Created time.Time `json:"created"` + // Time of token expiry + Expiry time.Time `json:"expiry"` +} diff --git a/client/grpc/grpc.go b/client/grpc/grpc.go index 5f14c25d..0fa955bf 100644 --- a/client/grpc/grpc.go +++ b/client/grpc/grpc.go @@ -135,7 +135,7 @@ func (g *grpcClient) call(ctx context.Context, node *registry.Node, req client.R // was passed with the request, set the service token var srvToken string if g.opts.Auth != nil && g.opts.Auth.Options().Token != nil { - srvToken = g.opts.Auth.Options().Token.Token + srvToken = g.opts.Auth.Options().Token.AccessToken } if (opts.ServiceToken || len(header["authorization"]) == 0) && len(srvToken) > 0 { header["authorization"] = auth.BearerScheme + srvToken diff --git a/config/cmd/cmd.go b/config/cmd/cmd.go index 0af37fdd..c984391b 100644 --- a/config/cmd/cmd.go +++ b/config/cmd/cmd.go @@ -671,10 +671,6 @@ func (c *cmd) Before(ctx *cli.Context) error { authOpts = append(authOpts, auth.PublicKey(ctx.String("auth_public_key"))) } - if len(ctx.String("auth_private_key")) > 0 { - authOpts = append(authOpts, auth.PrivateKey(ctx.String("auth_private_key"))) - } - if name := ctx.String("auth_provider"); len(name) > 0 { p, ok := DefaultAuthProviders[name] if !ok { From 9cbbd71855ec06d5822d878a0338baa6b07c3710 Mon Sep 17 00:00:00 2001 From: Ben Toogood Date: Wed, 1 Apr 2020 14:26:24 +0100 Subject: [PATCH 06/14] Remove default login --- auth/default.go | 5 ----- 1 file changed, 5 deletions(-) diff --git a/auth/default.go b/auth/default.go index e04305cf..d9f973e9 100644 --- a/auth/default.go +++ b/auth/default.go @@ -44,11 +44,6 @@ func (n *noop) Generate(id, secret string, opts ...GenerateOption) (*Account, er }, nil } -// Login to an existing account -func (n *noop) Login(opts ...LoginOption) (*Account, error) { - return &Account{}, nil -} - // Grant access to a resource func (n *noop) Grant(role string, res *Resource) error { return nil From 26cb6bf5b9f4b2a31e08269f8ec089ead8caefef Mon Sep 17 00:00:00 2001 From: Ben Toogood Date: Wed, 1 Apr 2020 14:27:56 +0100 Subject: [PATCH 07/14] Remove Legacy JWT fields --- auth/service/proto/auth.pb.go | 161 +++++++++++++--------------------- auth/service/proto/auth.proto | 4 - 2 files changed, 63 insertions(+), 102 deletions(-) diff --git a/auth/service/proto/auth.pb.go b/auth/service/proto/auth.pb.go index fc1527f4..78064eb4 100644 --- a/auth/service/proto/auth.pb.go +++ b/auth/service/proto/auth.pb.go @@ -119,17 +119,13 @@ func (m *ListAccountsResponse) GetAccounts() []*Account { } type Token struct { - AccessToken string `protobuf:"bytes,1,opt,name=access_token,json=accessToken,proto3" json:"access_token,omitempty"` - RefreshToken string `protobuf:"bytes,2,opt,name=refresh_token,json=refreshToken,proto3" json:"refresh_token,omitempty"` - Created int64 `protobuf:"varint,3,opt,name=created,proto3" json:"created,omitempty"` - Expiry int64 `protobuf:"varint,4,opt,name=expiry,proto3" json:"expiry,omitempty"` - Subject string `protobuf:"bytes,5,opt,name=subject,proto3" json:"subject,omitempty"` - Roles []string `protobuf:"bytes,6,rep,name=roles,proto3" json:"roles,omitempty"` - Metadata map[string]string `protobuf:"bytes,7,rep,name=metadata,proto3" json:"metadata,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` - Namespace string `protobuf:"bytes,8,opt,name=namespace,proto3" json:"namespace,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + AccessToken string `protobuf:"bytes,1,opt,name=access_token,json=accessToken,proto3" json:"access_token,omitempty"` + RefreshToken string `protobuf:"bytes,2,opt,name=refresh_token,json=refreshToken,proto3" json:"refresh_token,omitempty"` + Created int64 `protobuf:"varint,3,opt,name=created,proto3" json:"created,omitempty"` + Expiry int64 `protobuf:"varint,4,opt,name=expiry,proto3" json:"expiry,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } func (m *Token) Reset() { *m = Token{} } @@ -185,34 +181,6 @@ func (m *Token) GetExpiry() int64 { return 0 } -func (m *Token) GetSubject() string { - if m != nil { - return m.Subject - } - return "" -} - -func (m *Token) GetRoles() []string { - if m != nil { - return m.Roles - } - return nil -} - -func (m *Token) GetMetadata() map[string]string { - if m != nil { - return m.Metadata - } - return nil -} - -func (m *Token) GetNamespace() string { - if m != nil { - return m.Namespace - } - return "" -} - type Account struct { Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` Type string `protobuf:"bytes,2,opt,name=type,proto3" json:"type,omitempty"` @@ -1119,7 +1087,6 @@ func init() { proto.RegisterType((*ListAccountsRequest)(nil), "go.micro.auth.ListAccountsRequest") proto.RegisterType((*ListAccountsResponse)(nil), "go.micro.auth.ListAccountsResponse") proto.RegisterType((*Token)(nil), "go.micro.auth.Token") - proto.RegisterMapType((map[string]string)(nil), "go.micro.auth.Token.MetadataEntry") proto.RegisterType((*Account)(nil), "go.micro.auth.Account") proto.RegisterMapType((map[string]string)(nil), "go.micro.auth.Account.MetadataEntry") proto.RegisterType((*Resource)(nil), "go.micro.auth.Resource") @@ -1148,63 +1115,61 @@ func init() { } var fileDescriptor_11312eec02fd5712 = []byte{ - // 924 bytes of a gzipped FileDescriptorProto + // 888 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x56, 0x4b, 0x6f, 0xdb, 0x46, - 0x10, 0x36, 0x49, 0x89, 0xa2, 0x47, 0x0f, 0x0b, 0x1b, 0xc7, 0x25, 0x94, 0x47, 0x1d, 0xa6, 0x28, - 0xdc, 0xa0, 0x91, 0x0b, 0xe5, 0xd0, 0x47, 0x80, 0xa2, 0x46, 0x24, 0xa8, 0x49, 0x1b, 0x15, 0x25, - 0x52, 0xa4, 0x97, 0x22, 0xa0, 0xa9, 0xa9, 0xcd, 0x5a, 0x26, 0xd9, 0xdd, 0xa5, 0x51, 0x5f, 0x7a, - 0xed, 0xad, 0xbf, 0xa2, 0x3f, 0xa7, 0x3f, 0xa1, 0xf7, 0xfe, 0x89, 0x1e, 0x0a, 0xee, 0x83, 0x16, - 0x29, 0xca, 0x10, 0x5a, 0x1f, 0x72, 0xdb, 0x79, 0xec, 0xec, 0x7c, 0xdf, 0x0c, 0x87, 0x03, 0x1f, - 0x9f, 0x44, 0xfc, 0x34, 0x3b, 0x1e, 0x86, 0xc9, 0xf9, 0xe1, 0x79, 0x14, 0xd2, 0xe4, 0xf0, 0x24, - 0x79, 0x2c, 0x0f, 0x41, 0xc6, 0x4f, 0x0f, 0x19, 0xd2, 0x8b, 0x28, 0xc4, 0xc3, 0x94, 0x26, 0x5c, - 0xaa, 0x86, 0xe2, 0x48, 0xba, 0x27, 0xc9, 0x50, 0xf8, 0x0d, 0x73, 0xa5, 0x77, 0x1b, 0x6e, 0x7d, - 0x1d, 0x31, 0x7e, 0x14, 0x86, 0x49, 0x16, 0x73, 0xe6, 0xe3, 0xcf, 0x19, 0x32, 0xee, 0xbd, 0x80, - 0xdd, 0xb2, 0x9a, 0xa5, 0x49, 0xcc, 0x90, 0x8c, 0xc0, 0x09, 0x94, 0xce, 0x35, 0xf6, 0xad, 0x83, - 0xf6, 0x68, 0x6f, 0x58, 0x0a, 0x38, 0x54, 0x57, 0xfc, 0xc2, 0xcf, 0xfb, 0xd3, 0x84, 0xe6, 0xab, - 0xe4, 0x0c, 0x63, 0xf2, 0x00, 0x3a, 0x41, 0x18, 0x22, 0x63, 0x6f, 0x78, 0x2e, 0xbb, 0xc6, 0xbe, - 0x71, 0xb0, 0xed, 0xb7, 0xa5, 0x4e, 0xba, 0x3c, 0x84, 0x2e, 0xc5, 0x1f, 0x29, 0xb2, 0x53, 0xe5, - 0x63, 0x0a, 0x9f, 0x8e, 0x52, 0x4a, 0x27, 0x17, 0x5a, 0x21, 0xc5, 0x80, 0xe3, 0xdc, 0xb5, 0xf6, - 0x8d, 0x03, 0xcb, 0xd7, 0x22, 0xd9, 0x03, 0x1b, 0x7f, 0x49, 0x23, 0x7a, 0xe9, 0x36, 0x84, 0x41, - 0x49, 0xf9, 0x0d, 0x96, 0x1d, 0xff, 0x84, 0x21, 0x77, 0x9b, 0x22, 0xa0, 0x16, 0xc9, 0x2e, 0x34, - 0x69, 0xb2, 0x40, 0xe6, 0xda, 0xfb, 0xd6, 0xc1, 0xb6, 0x2f, 0x05, 0xf2, 0x39, 0x38, 0xe7, 0xc8, - 0x83, 0x79, 0xc0, 0x03, 0xb7, 0x25, 0x70, 0x7a, 0x15, 0x9c, 0x22, 0x93, 0xe1, 0x4b, 0xe5, 0x34, - 0x89, 0x39, 0xbd, 0xf4, 0x8b, 0x3b, 0xe4, 0x2e, 0x6c, 0xc7, 0xc1, 0x39, 0xb2, 0x34, 0x08, 0xd1, - 0x75, 0xc4, 0x8b, 0x57, 0x8a, 0xc1, 0x53, 0xe8, 0x96, 0x2e, 0x92, 0x3e, 0x58, 0x67, 0x78, 0xa9, - 0xf8, 0xc8, 0x8f, 0x79, 0x5a, 0x17, 0xc1, 0x22, 0x43, 0x85, 0x5f, 0x0a, 0x9f, 0x99, 0x9f, 0x18, - 0xde, 0x3f, 0x06, 0xb4, 0x14, 0xc9, 0xa4, 0x07, 0x66, 0x34, 0x57, 0xd7, 0xcc, 0x68, 0x4e, 0x08, - 0x34, 0xf8, 0x65, 0xaa, 0x2f, 0x89, 0xf3, 0x15, 0x40, 0x6b, 0x19, 0xe0, 0x17, 0x4b, 0x00, 0x1b, - 0x02, 0xe0, 0x7b, 0xf5, 0x85, 0xdc, 0x0c, 0x62, 0xb3, 0x02, 0x91, 0x0c, 0xc0, 0x49, 0x69, 0x72, - 0x11, 0xcd, 0x91, 0xba, 0xb6, 0x30, 0x16, 0xf2, 0xff, 0x83, 0x3f, 0x03, 0xc7, 0x47, 0x96, 0x64, - 0x34, 0xc4, 0x1c, 0x6e, 0xfe, 0xa2, 0xba, 0x28, 0xce, 0xb5, 0x14, 0x0c, 0xc0, 0xc1, 0x78, 0x9e, - 0x26, 0x51, 0xcc, 0x45, 0xc3, 0x6c, 0xfb, 0x85, 0xec, 0xfd, 0x61, 0xc2, 0xce, 0x14, 0x63, 0xa4, - 0x01, 0x47, 0xd5, 0xfd, 0x2b, 0xb4, 0x16, 0x14, 0x9a, 0xcb, 0x14, 0x7e, 0xb9, 0x44, 0xa1, 0x25, - 0x28, 0xfc, 0xb0, 0x42, 0x61, 0x25, 0xee, 0x66, 0x54, 0x36, 0xaa, 0x54, 0xee, 0x81, 0xcd, 0x30, - 0xa4, 0xa8, 0x5b, 0x57, 0x49, 0x05, 0x52, 0xbb, 0x8c, 0xb4, 0xa0, 0xbd, 0x75, 0x93, 0xb4, 0x8f, - 0xa1, 0x7f, 0x85, 0x46, 0x0d, 0x83, 0x8f, 0xa0, 0xa5, 0x3e, 0x72, 0x11, 0x63, 0xfd, 0x2c, 0xd0, - 0x6e, 0xde, 0x6b, 0xe8, 0x4c, 0x69, 0x10, 0x73, 0x4d, 0x34, 0x81, 0x46, 0xce, 0xa5, 0x2e, 0x60, - 0x7e, 0x26, 0x4f, 0xc0, 0xa1, 0xaa, 0xc0, 0x22, 0x8d, 0xf6, 0xe8, 0x9d, 0x4a, 0x58, 0x5d, 0x7f, - 0xbf, 0x70, 0xf4, 0x76, 0xa0, 0xab, 0x02, 0xcb, 0xdc, 0xbc, 0xef, 0xa1, 0xeb, 0xe3, 0x45, 0x72, - 0x86, 0x37, 0xfe, 0x54, 0x1f, 0x7a, 0x3a, 0xb2, 0x7a, 0xeb, 0x7d, 0xe8, 0x3d, 0x8f, 0x59, 0x8a, - 0x61, 0x81, 0x6b, 0x17, 0x9a, 0xcb, 0x13, 0x4e, 0x0a, 0xde, 0x33, 0xd8, 0x29, 0xfc, 0xfe, 0x33, - 0x85, 0xbf, 0x42, 0x47, 0x8c, 0x9e, 0x75, 0xbd, 0x7a, 0xd5, 0x2d, 0x66, 0xa9, 0x5b, 0x56, 0x06, - 0xab, 0x55, 0x33, 0x58, 0x1f, 0x40, 0x47, 0x18, 0xdf, 0x94, 0x86, 0x68, 0x5b, 0xe8, 0x26, 0x42, - 0xe5, 0x3d, 0x85, 0xae, 0x7a, 0x5f, 0x41, 0x78, 0xb4, 0x8c, 0xb5, 0x3d, 0xda, 0xad, 0x9b, 0x93, - 0x9a, 0x81, 0xdf, 0x0d, 0x68, 0xf8, 0xd9, 0x02, 0xeb, 0x06, 0x97, 0xa8, 0x8e, 0xb9, 0xa6, 0x3a, - 0xd6, 0x86, 0xd5, 0x21, 0x8f, 0xc1, 0x96, 0xbf, 0x13, 0x91, 0x7b, 0x6f, 0x74, 0x7b, 0x95, 0x4f, - 0x64, 0xcc, 0x57, 0x4e, 0xde, 0x6f, 0x06, 0x74, 0x9f, 0x89, 0x7f, 0xc7, 0x4d, 0xf7, 0xc9, 0x52, - 0x26, 0xd6, 0x26, 0x99, 0xf4, 0xa1, 0xa7, 0x13, 0x51, 0x6d, 0x95, 0xe7, 0x36, 0xc6, 0x05, 0xbe, - 0x15, 0xb9, 0xe9, 0x44, 0x54, 0x6e, 0x5d, 0x68, 0xe7, 0xfb, 0x81, 0x5e, 0x17, 0x3e, 0x85, 0x8e, - 0x14, 0x55, 0x4f, 0x7c, 0x00, 0x4d, 0x9a, 0xe5, 0x03, 0x53, 0xee, 0x08, 0xb7, 0xaa, 0x19, 0x65, - 0x0b, 0xf4, 0xa5, 0xc7, 0xa3, 0x21, 0xd8, 0xf2, 0x35, 0xd2, 0x86, 0xd6, 0x77, 0xb3, 0xaf, 0x66, - 0xdf, 0xbc, 0x9e, 0xf5, 0xb7, 0x72, 0x61, 0xea, 0x1f, 0xcd, 0x5e, 0x4d, 0xc6, 0x7d, 0x83, 0x00, - 0xd8, 0xe3, 0xc9, 0xec, 0xf9, 0x64, 0xdc, 0x37, 0x47, 0x7f, 0x1b, 0xd0, 0x38, 0xca, 0xf8, 0x29, - 0x79, 0x09, 0x8e, 0x9e, 0x48, 0xe4, 0xfe, 0xf5, 0x83, 0x77, 0xf0, 0xee, 0x5a, 0xbb, 0xc2, 0xb3, - 0x45, 0x5e, 0x40, 0x4b, 0x7d, 0x9c, 0xe4, 0x5e, 0xc5, 0xbb, 0xfc, 0x71, 0x0f, 0xee, 0xaf, 0x33, - 0x17, 0xb1, 0xc6, 0x7a, 0xe1, 0xb9, 0x53, 0xfb, 0x31, 0xa8, 0x38, 0x77, 0xeb, 0x8d, 0x3a, 0xca, - 0xe8, 0x07, 0x70, 0xf4, 0xfe, 0x45, 0xbe, 0x85, 0x46, 0x4e, 0x30, 0xa9, 0x6e, 0x21, 0x35, 0xbb, - 0xdb, 0xe0, 0xe1, 0xb5, 0x3e, 0x45, 0xf8, 0xbf, 0x0c, 0x68, 0xe6, 0x85, 0x60, 0x64, 0x0a, 0xb6, - 0x6c, 0x3d, 0x52, 0x4d, 0xa9, 0xf4, 0x69, 0x0c, 0xee, 0xad, 0xb1, 0x16, 0xb8, 0xa7, 0x60, 0xcb, - 0x3e, 0x59, 0x09, 0x54, 0xea, 0xe3, 0x95, 0x40, 0x95, 0xe6, 0xda, 0x22, 0x47, 0x0a, 0xee, 0xa0, - 0x06, 0x8a, 0x0e, 0x72, 0xa7, 0xd6, 0xa6, 0x43, 0x1c, 0xdb, 0x62, 0xdd, 0x7d, 0xf2, 0x6f, 0x00, - 0x00, 0x00, 0xff, 0xff, 0xd8, 0x6c, 0xbf, 0xd6, 0x29, 0x0b, 0x00, 0x00, + 0x10, 0x36, 0x49, 0x89, 0x92, 0x47, 0x0f, 0x0b, 0x1b, 0xc7, 0x25, 0x98, 0x47, 0x1d, 0xa6, 0x28, + 0xdc, 0xa0, 0xa1, 0x0b, 0xe5, 0xd0, 0x47, 0x2e, 0x35, 0x22, 0x41, 0x4d, 0xda, 0xa8, 0x28, 0x91, + 0x22, 0xbd, 0x14, 0x01, 0x43, 0x4d, 0x6d, 0xc2, 0x32, 0xc9, 0xee, 0x2e, 0x8d, 0xea, 0x52, 0xa0, + 0xa7, 0xde, 0xfa, 0x2b, 0xfa, 0xb3, 0x7a, 0xef, 0x9f, 0xe8, 0xa1, 0xe0, 0x3e, 0x68, 0x91, 0xa2, + 0x02, 0xa3, 0xf0, 0xa1, 0xb7, 0x9d, 0x9d, 0xe1, 0x37, 0xf3, 0x7d, 0x3b, 0x3b, 0x5c, 0xf8, 0xf4, + 0x34, 0xe6, 0x67, 0xf9, 0x5b, 0x3f, 0x4a, 0x2f, 0x8e, 0x2f, 0xe2, 0x88, 0xa6, 0xc7, 0xa7, 0xe9, + 0x63, 0xb9, 0x08, 0x73, 0x7e, 0x76, 0xcc, 0x90, 0x5e, 0xc6, 0x11, 0x1e, 0x67, 0x34, 0xe5, 0x72, + 0xcb, 0x17, 0x4b, 0x32, 0x38, 0x4d, 0x7d, 0x11, 0xe7, 0x17, 0x9b, 0xde, 0x6d, 0xb8, 0xf5, 0x4d, + 0xcc, 0xf8, 0x49, 0x14, 0xa5, 0x79, 0xc2, 0x59, 0x80, 0x3f, 0xe7, 0xc8, 0xb8, 0xf7, 0x02, 0xf6, + 0xab, 0xdb, 0x2c, 0x4b, 0x13, 0x86, 0x64, 0x0c, 0xdd, 0x50, 0xed, 0x39, 0xc6, 0xa1, 0x75, 0xd4, + 0x1b, 0x1f, 0xf8, 0x15, 0x40, 0x5f, 0x7d, 0x12, 0x94, 0x71, 0xde, 0x6f, 0x06, 0xb4, 0x5f, 0xa5, + 0xe7, 0x98, 0x90, 0x07, 0xd0, 0x0f, 0xa3, 0x08, 0x19, 0x7b, 0xc3, 0x0b, 0xdb, 0x31, 0x0e, 0x8d, + 0xa3, 0xdd, 0xa0, 0x27, 0xf7, 0x64, 0xc8, 0x43, 0x18, 0x50, 0xfc, 0x89, 0x22, 0x3b, 0x53, 0x31, + 0xa6, 0x88, 0xe9, 0xab, 0x4d, 0x19, 0xe4, 0x40, 0x27, 0xa2, 0x18, 0x72, 0x5c, 0x38, 0xd6, 0xa1, + 0x71, 0x64, 0x05, 0xda, 0x24, 0x07, 0x60, 0xe3, 0x2f, 0x59, 0x4c, 0x57, 0x4e, 0x4b, 0x38, 0x94, + 0xe5, 0xfd, 0x63, 0x40, 0x47, 0x55, 0x46, 0x86, 0x60, 0xc6, 0x0b, 0x95, 0xdb, 0x8c, 0x17, 0x84, + 0x40, 0x8b, 0xaf, 0x32, 0x54, 0x99, 0xc4, 0x9a, 0xec, 0x43, 0x9b, 0xa6, 0x4b, 0x64, 0x8e, 0x75, + 0x68, 0x1d, 0xed, 0x06, 0xd2, 0x20, 0x5f, 0x42, 0xf7, 0x02, 0x79, 0xb8, 0x08, 0x79, 0xe8, 0xb4, + 0x04, 0xfb, 0x0f, 0x9a, 0xd9, 0xfb, 0x2f, 0x55, 0xd8, 0x34, 0xe1, 0x74, 0x15, 0x94, 0x5f, 0x91, + 0xbb, 0xb0, 0x9b, 0x84, 0x17, 0xc8, 0xb2, 0x30, 0x42, 0xa7, 0x2d, 0x12, 0x5e, 0x6d, 0x10, 0x17, + 0xba, 0x19, 0x4d, 0x2f, 0xe3, 0x05, 0x52, 0xc7, 0x16, 0xce, 0xd2, 0x76, 0x9f, 0xc2, 0xa0, 0x02, + 0x4a, 0x46, 0x60, 0x9d, 0xe3, 0x4a, 0xf1, 0x28, 0x96, 0x45, 0xd1, 0x97, 0xe1, 0x32, 0xd7, 0x4c, + 0xa4, 0xf1, 0x85, 0xf9, 0x99, 0xe1, 0xcd, 0xa1, 0x1b, 0x20, 0x4b, 0x73, 0x1a, 0x61, 0x41, 0xb7, + 0xc8, 0xa8, 0x3e, 0x14, 0xeb, 0x46, 0x09, 0x5c, 0xe8, 0x62, 0xb2, 0xc8, 0xd2, 0x38, 0xe1, 0x42, + 0xe5, 0xdd, 0xa0, 0xb4, 0xbd, 0x3f, 0x4d, 0xd8, 0x9b, 0x61, 0x82, 0x34, 0xe4, 0xa8, 0x5a, 0x66, + 0x43, 0xd6, 0x52, 0x42, 0x73, 0x5d, 0xc2, 0xaf, 0xd6, 0x24, 0xb4, 0x84, 0x84, 0x1f, 0xd7, 0x24, + 0xac, 0xe1, 0x5e, 0x4f, 0xca, 0x56, 0x5d, 0xca, 0x03, 0xb0, 0x19, 0x46, 0x14, 0xb9, 0x52, 0x59, + 0x59, 0x25, 0x53, 0xbb, 0xca, 0xb4, 0x94, 0xbd, 0x73, 0x93, 0xb2, 0x4f, 0x60, 0x74, 0xc5, 0x46, + 0xdd, 0xa0, 0x4f, 0xa0, 0xa3, 0x6e, 0x86, 0xc0, 0xd8, 0x7e, 0x81, 0x74, 0x98, 0xf7, 0x1a, 0xfa, + 0x33, 0x1a, 0x26, 0x5c, 0x0b, 0x4d, 0xa0, 0x55, 0x68, 0xa9, 0x0f, 0xb0, 0x58, 0x93, 0x27, 0xd0, + 0xa5, 0xea, 0x80, 0x45, 0x19, 0xbd, 0xf1, 0x7b, 0x35, 0x58, 0x7d, 0xfe, 0x41, 0x19, 0xe8, 0xed, + 0xc1, 0x40, 0x01, 0xcb, 0xda, 0xbc, 0x1f, 0x60, 0x10, 0xe0, 0x65, 0x7a, 0x8e, 0x37, 0x9e, 0x6a, + 0x04, 0x43, 0x8d, 0xac, 0x72, 0x7d, 0x08, 0xc3, 0xe7, 0x09, 0xcb, 0x30, 0x2a, 0x79, 0xed, 0x43, + 0x7b, 0x7d, 0x2c, 0x48, 0xc3, 0x7b, 0x06, 0x7b, 0x65, 0xdc, 0x7f, 0x96, 0xf0, 0x57, 0xe8, 0x8b, + 0xc9, 0xb1, 0xad, 0x57, 0xaf, 0xba, 0xc5, 0xac, 0x74, 0xcb, 0xc6, 0x34, 0xb2, 0x1a, 0xa6, 0xd1, + 0x03, 0xe8, 0x0b, 0xe7, 0x9b, 0xca, 0xe4, 0xe9, 0x89, 0xbd, 0xa9, 0x1c, 0x3f, 0x4f, 0x61, 0xa0, + 0xf2, 0x2b, 0x0a, 0x8f, 0xd6, 0xb9, 0xf6, 0xc6, 0xfb, 0x35, 0x02, 0x32, 0x58, 0x29, 0xf0, 0x87, + 0x01, 0xad, 0x20, 0x5f, 0x62, 0xd3, 0xe0, 0x12, 0xa7, 0x63, 0x6e, 0x39, 0x1d, 0xeb, 0x9a, 0xa7, + 0x43, 0x1e, 0x83, 0x2d, 0x67, 0xb0, 0xa8, 0x7d, 0x38, 0xbe, 0xbd, 0xa9, 0x27, 0x32, 0x16, 0xa8, + 0x20, 0xef, 0x77, 0x03, 0x06, 0xcf, 0xc4, 0xc0, 0xbd, 0xe9, 0x3e, 0x59, 0xab, 0xc4, 0xba, 0x4e, + 0x25, 0x23, 0x18, 0xea, 0x42, 0x54, 0x5b, 0x15, 0xb5, 0x4d, 0x70, 0x89, 0xff, 0x8b, 0xda, 0x74, + 0x21, 0xaa, 0xb6, 0x01, 0xf4, 0x8a, 0x9f, 0xaa, 0xfe, 0xc7, 0x7e, 0x0e, 0x7d, 0x69, 0xaa, 0x9e, + 0xf8, 0x08, 0xda, 0x34, 0x2f, 0x06, 0xa6, 0xfc, 0xb1, 0xde, 0xaa, 0x57, 0x94, 0x2f, 0x31, 0x90, + 0x11, 0x8f, 0x7c, 0xb0, 0x65, 0x36, 0xd2, 0x83, 0xce, 0xf7, 0xf3, 0xaf, 0xe7, 0xdf, 0xbe, 0x9e, + 0x8f, 0x76, 0x0a, 0x63, 0x16, 0x9c, 0xcc, 0x5f, 0x4d, 0x27, 0x23, 0x83, 0x00, 0xd8, 0x93, 0xe9, + 0xfc, 0xf9, 0x74, 0x32, 0x32, 0xc7, 0x7f, 0x1b, 0xd0, 0x3a, 0xc9, 0xf9, 0x19, 0x79, 0x09, 0x5d, + 0x3d, 0x91, 0xc8, 0xfd, 0x77, 0x0f, 0x5e, 0xf7, 0xfd, 0xad, 0x7e, 0xc5, 0x67, 0x87, 0xbc, 0x80, + 0x8e, 0xba, 0x9c, 0xe4, 0x5e, 0x2d, 0xba, 0x7a, 0xb9, 0xdd, 0xfb, 0xdb, 0xdc, 0x25, 0xd6, 0x44, + 0xbf, 0x12, 0xee, 0x34, 0x5e, 0x06, 0x85, 0x73, 0xb7, 0xd9, 0xa9, 0x51, 0xc6, 0x3f, 0x42, 0x57, + 0x3f, 0x5a, 0xc8, 0x77, 0xd0, 0x2a, 0x04, 0x26, 0x5e, 0xed, 0x9b, 0x86, 0x07, 0x8f, 0xfb, 0xf0, + 0x9d, 0x31, 0x25, 0xfc, 0x5f, 0x06, 0xb4, 0x8b, 0x83, 0x60, 0x64, 0x06, 0xb6, 0x6c, 0x3d, 0x52, + 0x2f, 0xa9, 0x72, 0x35, 0xdc, 0x7b, 0x5b, 0xbc, 0x25, 0xef, 0x19, 0xd8, 0xb2, 0x4f, 0x36, 0x80, + 0x2a, 0x7d, 0xbc, 0x01, 0x54, 0x6b, 0xae, 0x1d, 0x72, 0xa2, 0xe8, 0xba, 0x0d, 0x54, 0x34, 0xc8, + 0x9d, 0x46, 0x9f, 0x86, 0x78, 0x6b, 0x8b, 0x37, 0xe2, 0x93, 0x7f, 0x03, 0x00, 0x00, 0xff, 0xff, + 0xf3, 0xe0, 0x21, 0x51, 0x5e, 0x0a, 0x00, 0x00, } diff --git a/auth/service/proto/auth.proto b/auth/service/proto/auth.proto index ecc17f08..c42d1631 100644 --- a/auth/service/proto/auth.proto +++ b/auth/service/proto/auth.proto @@ -30,10 +30,6 @@ message Token { string refresh_token = 2; int64 created = 3; int64 expiry = 4; - string subject = 5; - repeated string roles = 6; - map metadata = 7; - string namespace = 8; } message Account { From 525ab094c850262eed90c6807bb57a46240cad98 Mon Sep 17 00:00:00 2001 From: Ben Toogood Date: Wed, 1 Apr 2020 14:42:11 +0100 Subject: [PATCH 08/14] Remove LoginOptions --- auth/options.go | 23 ----------------------- 1 file changed, 23 deletions(-) diff --git a/auth/options.go b/auth/options.go index cd06e676..11010361 100644 --- a/auth/options.go +++ b/auth/options.go @@ -121,29 +121,6 @@ func NewGenerateOptions(opts ...GenerateOption) GenerateOptions { return options } -type LoginOptions struct { - // Secret to use for rlogin - Secret string -} - -type LoginOption func(o *LoginOptions) - -// WithLoginSecret for the generated account -func WithLoginSecret(s string) LoginOption { - return func(o *LoginOptions) { - o.Secret = s - } -} - -// NewLoginOptions from a slice of options -func NewLoginOptions(opts ...LoginOption) LoginOptions { - var options LoginOptions - for _, o := range opts { - o(&options) - } - return options -} - type TokenOptions struct { // ID for the account ID string From ae15793fc38ad2ca43953688fcf582a7b7dd851f Mon Sep 17 00:00:00 2001 From: Ben Toogood Date: Wed, 1 Apr 2020 15:36:22 +0100 Subject: [PATCH 09/14] Support oauth codes --- auth/provider/basic/basic.go | 2 +- auth/provider/oauth/oauth.go | 15 +++++++++++---- auth/provider/provider.go | 14 +++++++++++++- 3 files changed, 25 insertions(+), 6 deletions(-) diff --git a/auth/provider/basic/basic.go b/auth/provider/basic/basic.go index 413053ef..ed19190a 100644 --- a/auth/provider/basic/basic.go +++ b/auth/provider/basic/basic.go @@ -25,7 +25,7 @@ func (b *basic) Options() provider.Options { return b.opts } -func (b *basic) Endpoint() string { +func (b *basic) Endpoint(...provider.EndpointOption) string { return "" } diff --git a/auth/provider/oauth/oauth.go b/auth/provider/oauth/oauth.go index 52ae08a6..e279784e 100644 --- a/auth/provider/oauth/oauth.go +++ b/auth/provider/oauth/oauth.go @@ -3,7 +3,6 @@ package oauth import ( "fmt" "net/url" - "strings" "github.com/micro/go-micro/v2/auth/provider" ) @@ -29,17 +28,25 @@ func (o *oauth) Options() provider.Options { return o.opts } -func (o *oauth) Endpoint() string { +func (o *oauth) Endpoint(opts ...provider.EndpointOption) string { + var options provider.EndpointOptions + for _, o := range opts { + o(&options) + } + params := make(url.Values) params.Add("response_type", "code") + if len(options.Code) > 0 { + params.Add("code", options.Code) + } + if clientID := o.opts.ClientID; len(clientID) > 0 { params.Add("client_id", clientID) } if scope := o.opts.Scope; len(scope) > 0 { - // spaces are url encoded since this cannot be passed in env vars - params.Add("scope", strings.ReplaceAll(scope, "%20", " ")) + params.Add("scope", scope) } if redir := o.Redirect(); len(redir) > 0 { diff --git a/auth/provider/provider.go b/auth/provider/provider.go index 86a4504d..ff269e25 100644 --- a/auth/provider/provider.go +++ b/auth/provider/provider.go @@ -12,7 +12,7 @@ type Provider interface { // Options returns the options of a provider Options() Options // Endpoint for the provider - Endpoint() string + Endpoint(...EndpointOption) string // Redirect url incase of UI Redirect() string } @@ -26,3 +26,15 @@ type Grant struct { // Scopes associated with grant Scopes []string } + +type EndpointOptions struct { + Code string +} + +type EndpointOption func(*EndpointOptions) + +func WithCode(c string) EndpointOption { + return func(o *EndpointOptions) { + o.Code = c + } +} From 365dfe9df591659c06f1a55272bf74f4fd1e4ad1 Mon Sep 17 00:00:00 2001 From: Ben Toogood Date: Wed, 1 Apr 2020 17:11:46 +0100 Subject: [PATCH 10/14] Code => State --- auth/provider/oauth/oauth.go | 4 ++-- auth/provider/provider.go | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/auth/provider/oauth/oauth.go b/auth/provider/oauth/oauth.go index e279784e..45b79c8e 100644 --- a/auth/provider/oauth/oauth.go +++ b/auth/provider/oauth/oauth.go @@ -37,8 +37,8 @@ func (o *oauth) Endpoint(opts ...provider.EndpointOption) string { params := make(url.Values) params.Add("response_type", "code") - if len(options.Code) > 0 { - params.Add("code", options.Code) + if len(options.State) > 0 { + params.Add("state", options.State) } if clientID := o.opts.ClientID; len(clientID) > 0 { diff --git a/auth/provider/provider.go b/auth/provider/provider.go index ff269e25..26f80034 100644 --- a/auth/provider/provider.go +++ b/auth/provider/provider.go @@ -28,13 +28,13 @@ type Grant struct { } type EndpointOptions struct { - Code string + State string } type EndpointOption func(*EndpointOptions) -func WithCode(c string) EndpointOption { +func WithState(c string) EndpointOption { return func(o *EndpointOptions) { - o.Code = c + o.State = c } } From d577c32563d025a6b9b9572c1d4150c3090c7c18 Mon Sep 17 00:00:00 2001 From: Ben Toogood Date: Wed, 1 Apr 2020 17:17:40 +0100 Subject: [PATCH 11/14] Add back auth.PrivateKey --- auth/options.go | 9 +++++++++ config/cmd/cmd.go | 3 +++ 2 files changed, 12 insertions(+) diff --git a/auth/options.go b/auth/options.go index 11010361..5ba08fe5 100644 --- a/auth/options.go +++ b/auth/options.go @@ -16,6 +16,8 @@ type Options struct { Token *Token // PublicKey for decoding JWTs PublicKey string + // PrivateKey for encoding JWTs + PrivateKey string // Provider is an auth provider Provider provider.Provider // LoginURL is the relative url path where a user can login @@ -40,6 +42,13 @@ func PublicKey(key string) Option { } } +// PrivateKey is the JWT private key +func PrivateKey(key string) Option { + return func(o *Options) { + o.PrivateKey = key + } +} + // Credentials sets the auth credentials func Credentials(id, secret string) Option { return func(o *Options) { diff --git a/config/cmd/cmd.go b/config/cmd/cmd.go index c984391b..7b90b29a 100644 --- a/config/cmd/cmd.go +++ b/config/cmd/cmd.go @@ -670,6 +670,9 @@ func (c *cmd) Before(ctx *cli.Context) error { if len(ctx.String("auth_public_key")) > 0 { authOpts = append(authOpts, auth.PublicKey(ctx.String("auth_public_key"))) } + if len(ctx.String("auth_private_key")) > 0 { + authOpts = append(authOpts, auth.PrivateKey(ctx.String("auth_private_key"))) + } if name := ctx.String("auth_provider"); len(name) > 0 { p, ok := DefaultAuthProviders[name] From df8c0bb5e12b7dc426e9f8397d81e8dc1454cdef Mon Sep 17 00:00:00 2001 From: Ben Toogood Date: Wed, 1 Apr 2020 17:20:02 +0100 Subject: [PATCH 12/14] Auth Generate, make secret optional --- auth/auth.go | 2 +- auth/default.go | 3 +- auth/options.go | 9 +++ auth/service/proto/auth.pb.go | 118 ++++++++++++++++++---------------- auth/service/proto/auth.proto | 1 + auth/service/service.go | 5 +- 6 files changed, 79 insertions(+), 59 deletions(-) diff --git a/auth/auth.go b/auth/auth.go index b82f0af7..206d2d76 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -32,7 +32,7 @@ type Auth interface { // Options set for auth Options() Options // Generate a new account - Generate(id, secret string, opts ...GenerateOption) (*Account, error) + Generate(id string, opts ...GenerateOption) (*Account, error) // Grant access to a resource Grant(role string, res *Resource) error // Revoke access to a resource diff --git a/auth/default.go b/auth/default.go index d9f973e9..d319f793 100644 --- a/auth/default.go +++ b/auth/default.go @@ -34,12 +34,13 @@ func (n *noop) Options() Options { } // Generate a new account -func (n *noop) Generate(id, secret string, opts ...GenerateOption) (*Account, error) { +func (n *noop) Generate(id string, opts ...GenerateOption) (*Account, error) { options := NewGenerateOptions(opts...) return &Account{ ID: id, Roles: options.Roles, + Secret: options.Secret,s Metadata: options.Metadata, }, nil } diff --git a/auth/options.go b/auth/options.go index 5ba08fe5..929cf674 100644 --- a/auth/options.go +++ b/auth/options.go @@ -82,10 +82,19 @@ type GenerateOptions struct { Provider string // Type of the account, e.g. user Type string + // Secret used to authenticate the account + Secret string } type GenerateOption func(o *GenerateOptions) +// WithSecret for the generated account +func WithSecret(s string) GenerateOption { + return func(o *GenerateOptions) { + o.Secret = s + } +} + // WithType for the generated account func WithType(t string) GenerateOption { return func(o *GenerateOptions) { diff --git a/auth/service/proto/auth.pb.go b/auth/service/proto/auth.pb.go index 78064eb4..3cffecb4 100644 --- a/auth/service/proto/auth.pb.go +++ b/auth/service/proto/auth.pb.go @@ -188,6 +188,7 @@ type Account struct { Metadata map[string]string `protobuf:"bytes,4,rep,name=metadata,proto3" json:"metadata,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` Namespace string `protobuf:"bytes,5,opt,name=namespace,proto3" json:"namespace,omitempty"` Provider string `protobuf:"bytes,6,opt,name=provider,proto3" json:"provider,omitempty"` + Secret string `protobuf:"bytes,7,opt,name=secret,proto3" json:"secret,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -260,6 +261,13 @@ func (m *Account) GetProvider() string { return "" } +func (m *Account) GetSecret() string { + if m != nil { + return m.Secret + } + return "" +} + type Resource struct { Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` Type string `protobuf:"bytes,2,opt,name=type,proto3" json:"type,omitempty"` @@ -1115,61 +1123,61 @@ func init() { } var fileDescriptor_11312eec02fd5712 = []byte{ - // 888 bytes of a gzipped FileDescriptorProto + // 896 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x56, 0x4b, 0x6f, 0xdb, 0x46, - 0x10, 0x36, 0x49, 0x89, 0x92, 0x47, 0x0f, 0x0b, 0x1b, 0xc7, 0x25, 0x98, 0x47, 0x1d, 0xa6, 0x28, + 0x10, 0x36, 0x49, 0x89, 0x92, 0x47, 0x0f, 0x0b, 0x1b, 0x27, 0x25, 0x98, 0x47, 0x1d, 0xa6, 0x28, 0xdc, 0xa0, 0xa1, 0x0b, 0xe5, 0xd0, 0x47, 0x2e, 0x35, 0x22, 0x41, 0x4d, 0xda, 0xa8, 0x28, 0x91, - 0x22, 0xbd, 0x14, 0x01, 0x43, 0x4d, 0x6d, 0xc2, 0x32, 0xc9, 0xee, 0x2e, 0x8d, 0xea, 0x52, 0xa0, - 0xa7, 0xde, 0xfa, 0x2b, 0xfa, 0xb3, 0x7a, 0xef, 0x9f, 0xe8, 0xa1, 0xe0, 0x3e, 0x68, 0x91, 0xa2, - 0x02, 0xa3, 0xf0, 0xa1, 0xb7, 0x9d, 0x9d, 0xe1, 0x37, 0xf3, 0x7d, 0x3b, 0x3b, 0x5c, 0xf8, 0xf4, - 0x34, 0xe6, 0x67, 0xf9, 0x5b, 0x3f, 0x4a, 0x2f, 0x8e, 0x2f, 0xe2, 0x88, 0xa6, 0xc7, 0xa7, 0xe9, - 0x63, 0xb9, 0x08, 0x73, 0x7e, 0x76, 0xcc, 0x90, 0x5e, 0xc6, 0x11, 0x1e, 0x67, 0x34, 0xe5, 0x72, - 0xcb, 0x17, 0x4b, 0x32, 0x38, 0x4d, 0x7d, 0x11, 0xe7, 0x17, 0x9b, 0xde, 0x6d, 0xb8, 0xf5, 0x4d, - 0xcc, 0xf8, 0x49, 0x14, 0xa5, 0x79, 0xc2, 0x59, 0x80, 0x3f, 0xe7, 0xc8, 0xb8, 0xf7, 0x02, 0xf6, - 0xab, 0xdb, 0x2c, 0x4b, 0x13, 0x86, 0x64, 0x0c, 0xdd, 0x50, 0xed, 0x39, 0xc6, 0xa1, 0x75, 0xd4, - 0x1b, 0x1f, 0xf8, 0x15, 0x40, 0x5f, 0x7d, 0x12, 0x94, 0x71, 0xde, 0x6f, 0x06, 0xb4, 0x5f, 0xa5, - 0xe7, 0x98, 0x90, 0x07, 0xd0, 0x0f, 0xa3, 0x08, 0x19, 0x7b, 0xc3, 0x0b, 0xdb, 0x31, 0x0e, 0x8d, - 0xa3, 0xdd, 0xa0, 0x27, 0xf7, 0x64, 0xc8, 0x43, 0x18, 0x50, 0xfc, 0x89, 0x22, 0x3b, 0x53, 0x31, - 0xa6, 0x88, 0xe9, 0xab, 0x4d, 0x19, 0xe4, 0x40, 0x27, 0xa2, 0x18, 0x72, 0x5c, 0x38, 0xd6, 0xa1, - 0x71, 0x64, 0x05, 0xda, 0x24, 0x07, 0x60, 0xe3, 0x2f, 0x59, 0x4c, 0x57, 0x4e, 0x4b, 0x38, 0x94, - 0xe5, 0xfd, 0x63, 0x40, 0x47, 0x55, 0x46, 0x86, 0x60, 0xc6, 0x0b, 0x95, 0xdb, 0x8c, 0x17, 0x84, - 0x40, 0x8b, 0xaf, 0x32, 0x54, 0x99, 0xc4, 0x9a, 0xec, 0x43, 0x9b, 0xa6, 0x4b, 0x64, 0x8e, 0x75, - 0x68, 0x1d, 0xed, 0x06, 0xd2, 0x20, 0x5f, 0x42, 0xf7, 0x02, 0x79, 0xb8, 0x08, 0x79, 0xe8, 0xb4, - 0x04, 0xfb, 0x0f, 0x9a, 0xd9, 0xfb, 0x2f, 0x55, 0xd8, 0x34, 0xe1, 0x74, 0x15, 0x94, 0x5f, 0x91, - 0xbb, 0xb0, 0x9b, 0x84, 0x17, 0xc8, 0xb2, 0x30, 0x42, 0xa7, 0x2d, 0x12, 0x5e, 0x6d, 0x10, 0x17, - 0xba, 0x19, 0x4d, 0x2f, 0xe3, 0x05, 0x52, 0xc7, 0x16, 0xce, 0xd2, 0x76, 0x9f, 0xc2, 0xa0, 0x02, - 0x4a, 0x46, 0x60, 0x9d, 0xe3, 0x4a, 0xf1, 0x28, 0x96, 0x45, 0xd1, 0x97, 0xe1, 0x32, 0xd7, 0x4c, - 0xa4, 0xf1, 0x85, 0xf9, 0x99, 0xe1, 0xcd, 0xa1, 0x1b, 0x20, 0x4b, 0x73, 0x1a, 0x61, 0x41, 0xb7, - 0xc8, 0xa8, 0x3e, 0x14, 0xeb, 0x46, 0x09, 0x5c, 0xe8, 0x62, 0xb2, 0xc8, 0xd2, 0x38, 0xe1, 0x42, - 0xe5, 0xdd, 0xa0, 0xb4, 0xbd, 0x3f, 0x4d, 0xd8, 0x9b, 0x61, 0x82, 0x34, 0xe4, 0xa8, 0x5a, 0x66, - 0x43, 0xd6, 0x52, 0x42, 0x73, 0x5d, 0xc2, 0xaf, 0xd6, 0x24, 0xb4, 0x84, 0x84, 0x1f, 0xd7, 0x24, - 0xac, 0xe1, 0x5e, 0x4f, 0xca, 0x56, 0x5d, 0xca, 0x03, 0xb0, 0x19, 0x46, 0x14, 0xb9, 0x52, 0x59, - 0x59, 0x25, 0x53, 0xbb, 0xca, 0xb4, 0x94, 0xbd, 0x73, 0x93, 0xb2, 0x4f, 0x60, 0x74, 0xc5, 0x46, - 0xdd, 0xa0, 0x4f, 0xa0, 0xa3, 0x6e, 0x86, 0xc0, 0xd8, 0x7e, 0x81, 0x74, 0x98, 0xf7, 0x1a, 0xfa, - 0x33, 0x1a, 0x26, 0x5c, 0x0b, 0x4d, 0xa0, 0x55, 0x68, 0xa9, 0x0f, 0xb0, 0x58, 0x93, 0x27, 0xd0, - 0xa5, 0xea, 0x80, 0x45, 0x19, 0xbd, 0xf1, 0x7b, 0x35, 0x58, 0x7d, 0xfe, 0x41, 0x19, 0xe8, 0xed, - 0xc1, 0x40, 0x01, 0xcb, 0xda, 0xbc, 0x1f, 0x60, 0x10, 0xe0, 0x65, 0x7a, 0x8e, 0x37, 0x9e, 0x6a, - 0x04, 0x43, 0x8d, 0xac, 0x72, 0x7d, 0x08, 0xc3, 0xe7, 0x09, 0xcb, 0x30, 0x2a, 0x79, 0xed, 0x43, - 0x7b, 0x7d, 0x2c, 0x48, 0xc3, 0x7b, 0x06, 0x7b, 0x65, 0xdc, 0x7f, 0x96, 0xf0, 0x57, 0xe8, 0x8b, - 0xc9, 0xb1, 0xad, 0x57, 0xaf, 0xba, 0xc5, 0xac, 0x74, 0xcb, 0xc6, 0x34, 0xb2, 0x1a, 0xa6, 0xd1, - 0x03, 0xe8, 0x0b, 0xe7, 0x9b, 0xca, 0xe4, 0xe9, 0x89, 0xbd, 0xa9, 0x1c, 0x3f, 0x4f, 0x61, 0xa0, - 0xf2, 0x2b, 0x0a, 0x8f, 0xd6, 0xb9, 0xf6, 0xc6, 0xfb, 0x35, 0x02, 0x32, 0x58, 0x29, 0xf0, 0x87, - 0x01, 0xad, 0x20, 0x5f, 0x62, 0xd3, 0xe0, 0x12, 0xa7, 0x63, 0x6e, 0x39, 0x1d, 0xeb, 0x9a, 0xa7, - 0x43, 0x1e, 0x83, 0x2d, 0x67, 0xb0, 0xa8, 0x7d, 0x38, 0xbe, 0xbd, 0xa9, 0x27, 0x32, 0x16, 0xa8, - 0x20, 0xef, 0x77, 0x03, 0x06, 0xcf, 0xc4, 0xc0, 0xbd, 0xe9, 0x3e, 0x59, 0xab, 0xc4, 0xba, 0x4e, - 0x25, 0x23, 0x18, 0xea, 0x42, 0x54, 0x5b, 0x15, 0xb5, 0x4d, 0x70, 0x89, 0xff, 0x8b, 0xda, 0x74, - 0x21, 0xaa, 0xb6, 0x01, 0xf4, 0x8a, 0x9f, 0xaa, 0xfe, 0xc7, 0x7e, 0x0e, 0x7d, 0x69, 0xaa, 0x9e, - 0xf8, 0x08, 0xda, 0x34, 0x2f, 0x06, 0xa6, 0xfc, 0xb1, 0xde, 0xaa, 0x57, 0x94, 0x2f, 0x31, 0x90, - 0x11, 0x8f, 0x7c, 0xb0, 0x65, 0x36, 0xd2, 0x83, 0xce, 0xf7, 0xf3, 0xaf, 0xe7, 0xdf, 0xbe, 0x9e, - 0x8f, 0x76, 0x0a, 0x63, 0x16, 0x9c, 0xcc, 0x5f, 0x4d, 0x27, 0x23, 0x83, 0x00, 0xd8, 0x93, 0xe9, - 0xfc, 0xf9, 0x74, 0x32, 0x32, 0xc7, 0x7f, 0x1b, 0xd0, 0x3a, 0xc9, 0xf9, 0x19, 0x79, 0x09, 0x5d, - 0x3d, 0x91, 0xc8, 0xfd, 0x77, 0x0f, 0x5e, 0xf7, 0xfd, 0xad, 0x7e, 0xc5, 0x67, 0x87, 0xbc, 0x80, - 0x8e, 0xba, 0x9c, 0xe4, 0x5e, 0x2d, 0xba, 0x7a, 0xb9, 0xdd, 0xfb, 0xdb, 0xdc, 0x25, 0xd6, 0x44, - 0xbf, 0x12, 0xee, 0x34, 0x5e, 0x06, 0x85, 0x73, 0xb7, 0xd9, 0xa9, 0x51, 0xc6, 0x3f, 0x42, 0x57, - 0x3f, 0x5a, 0xc8, 0x77, 0xd0, 0x2a, 0x04, 0x26, 0x5e, 0xed, 0x9b, 0x86, 0x07, 0x8f, 0xfb, 0xf0, - 0x9d, 0x31, 0x25, 0xfc, 0x5f, 0x06, 0xb4, 0x8b, 0x83, 0x60, 0x64, 0x06, 0xb6, 0x6c, 0x3d, 0x52, - 0x2f, 0xa9, 0x72, 0x35, 0xdc, 0x7b, 0x5b, 0xbc, 0x25, 0xef, 0x19, 0xd8, 0xb2, 0x4f, 0x36, 0x80, - 0x2a, 0x7d, 0xbc, 0x01, 0x54, 0x6b, 0xae, 0x1d, 0x72, 0xa2, 0xe8, 0xba, 0x0d, 0x54, 0x34, 0xc8, - 0x9d, 0x46, 0x9f, 0x86, 0x78, 0x6b, 0x8b, 0x37, 0xe2, 0x93, 0x7f, 0x03, 0x00, 0x00, 0xff, 0xff, - 0xf3, 0xe0, 0x21, 0x51, 0x5e, 0x0a, 0x00, 0x00, + 0x22, 0xbd, 0x14, 0x01, 0x43, 0x4d, 0x6d, 0xc2, 0x32, 0xc9, 0xee, 0x2e, 0x8d, 0xfa, 0x52, 0xa0, + 0xa7, 0xde, 0x7a, 0xea, 0x4f, 0xe8, 0xcf, 0xea, 0xbd, 0x7f, 0xa3, 0xe0, 0x3e, 0x28, 0x91, 0xa2, + 0x02, 0xa3, 0xf5, 0x21, 0xb7, 0x9d, 0x07, 0x67, 0xe6, 0xfb, 0x66, 0x76, 0xb8, 0xf0, 0xe9, 0x49, + 0xcc, 0x4f, 0xf3, 0x37, 0x7e, 0x94, 0x9e, 0x1f, 0x9d, 0xc7, 0x11, 0x4d, 0x8f, 0x4e, 0xd2, 0x47, + 0xf2, 0x10, 0xe6, 0xfc, 0xf4, 0x88, 0x21, 0xbd, 0x88, 0x23, 0x3c, 0xca, 0x68, 0xca, 0xa5, 0xca, + 0x17, 0x47, 0x32, 0x38, 0x49, 0x7d, 0xe1, 0xe7, 0x17, 0x4a, 0xef, 0x26, 0xdc, 0xf8, 0x26, 0x66, + 0xfc, 0x38, 0x8a, 0xd2, 0x3c, 0xe1, 0x2c, 0xc0, 0x9f, 0x73, 0x64, 0xdc, 0x7b, 0x0e, 0xfb, 0x55, + 0x35, 0xcb, 0xd2, 0x84, 0x21, 0x19, 0x43, 0x37, 0x54, 0x3a, 0xc7, 0x38, 0xb0, 0x0e, 0x7b, 0xe3, + 0x5b, 0x7e, 0x25, 0xa0, 0xaf, 0x3e, 0x09, 0x4a, 0x3f, 0xef, 0x37, 0x03, 0xda, 0x2f, 0xd3, 0x33, + 0x4c, 0xc8, 0x7d, 0xe8, 0x87, 0x51, 0x84, 0x8c, 0xbd, 0xe6, 0x85, 0xec, 0x18, 0x07, 0xc6, 0xe1, + 0x6e, 0xd0, 0x93, 0x3a, 0xe9, 0xf2, 0x00, 0x06, 0x14, 0x7f, 0xa2, 0xc8, 0x4e, 0x95, 0x8f, 0x29, + 0x7c, 0xfa, 0x4a, 0x29, 0x9d, 0x1c, 0xe8, 0x44, 0x14, 0x43, 0x8e, 0x0b, 0xc7, 0x3a, 0x30, 0x0e, + 0xad, 0x40, 0x8b, 0xe4, 0x16, 0xd8, 0xf8, 0x4b, 0x16, 0xd3, 0x4b, 0xa7, 0x25, 0x0c, 0x4a, 0xf2, + 0xfe, 0x34, 0xa1, 0xa3, 0x2a, 0x23, 0x43, 0x30, 0xe3, 0x85, 0xca, 0x6d, 0xc6, 0x0b, 0x42, 0xa0, + 0xc5, 0x2f, 0x33, 0x54, 0x99, 0xc4, 0x99, 0xec, 0x43, 0x9b, 0xa6, 0x4b, 0x64, 0x8e, 0x75, 0x60, + 0x1d, 0xee, 0x06, 0x52, 0x20, 0x5f, 0x42, 0xf7, 0x1c, 0x79, 0xb8, 0x08, 0x79, 0xe8, 0xb4, 0x04, + 0xfa, 0x0f, 0x9a, 0xd1, 0xfb, 0x2f, 0x94, 0xdb, 0x34, 0xe1, 0xf4, 0x32, 0x28, 0xbf, 0x22, 0x77, + 0x60, 0x37, 0x09, 0xcf, 0x91, 0x65, 0x61, 0x84, 0x4e, 0x5b, 0x24, 0x5c, 0x29, 0x88, 0x0b, 0xdd, + 0x8c, 0xa6, 0x17, 0xf1, 0x02, 0xa9, 0x63, 0x0b, 0x63, 0x29, 0x17, 0xc8, 0x18, 0x46, 0x14, 0xb9, + 0xd3, 0x11, 0x16, 0x25, 0xb9, 0x4f, 0x60, 0x50, 0x49, 0x46, 0x46, 0x60, 0x9d, 0xe1, 0xa5, 0xc2, + 0x57, 0x1c, 0x0b, 0x30, 0x17, 0xe1, 0x32, 0xd7, 0x08, 0xa5, 0xf0, 0x85, 0xf9, 0x99, 0xe1, 0xcd, + 0xa1, 0x1b, 0x20, 0x4b, 0x73, 0x1a, 0x61, 0x41, 0x43, 0x51, 0x89, 0xfa, 0x50, 0x9c, 0x1b, 0xa9, + 0x71, 0xa1, 0x8b, 0xc9, 0x22, 0x4b, 0xe3, 0x84, 0x0b, 0xf6, 0x77, 0x83, 0x52, 0xf6, 0xfe, 0x32, + 0x61, 0x6f, 0x86, 0x09, 0xd2, 0x90, 0xa3, 0x1a, 0xa5, 0x0d, 0xba, 0x4b, 0x6a, 0xcd, 0x75, 0x6a, + 0xbf, 0x5a, 0xa3, 0xd6, 0x12, 0xd4, 0x7e, 0x5c, 0xa3, 0xb6, 0x16, 0xf7, 0x6a, 0x14, 0xb7, 0xea, + 0x14, 0xaf, 0x68, 0x6c, 0xaf, 0xd3, 0x58, 0x22, 0xb5, 0xab, 0x48, 0xcb, 0x76, 0x74, 0xaa, 0xed, + 0xf8, 0x7f, 0xb4, 0x4f, 0x60, 0xb4, 0x42, 0xa3, 0x6e, 0xd6, 0x27, 0xd0, 0x51, 0x37, 0x46, 0xc4, + 0xd8, 0x7e, 0xb1, 0xb4, 0x9b, 0xf7, 0x0a, 0xfa, 0x33, 0x1a, 0x26, 0x5c, 0x13, 0x4d, 0xa0, 0x55, + 0x70, 0xa9, 0x1b, 0x58, 0x9c, 0xc9, 0x63, 0xe8, 0x52, 0xd5, 0x60, 0x51, 0x46, 0x6f, 0xfc, 0x5e, + 0x2d, 0xac, 0xee, 0x7f, 0x50, 0x3a, 0x7a, 0x7b, 0x30, 0x50, 0x81, 0x65, 0x6d, 0xde, 0x0f, 0x30, + 0x08, 0xf0, 0x22, 0x3d, 0xc3, 0x6b, 0x4f, 0x35, 0x82, 0xa1, 0x8e, 0xac, 0x72, 0x7d, 0x08, 0xc3, + 0x67, 0x09, 0xcb, 0x30, 0x2a, 0x71, 0xed, 0x43, 0x7b, 0x7d, 0x5d, 0x48, 0xc1, 0x7b, 0x0a, 0x7b, + 0xa5, 0xdf, 0x7f, 0xa6, 0xf0, 0x57, 0xe8, 0x8b, 0x8d, 0xb2, 0x6d, 0x56, 0x57, 0xd3, 0x62, 0x56, + 0xa6, 0x65, 0x63, 0x4b, 0x59, 0x0d, 0x5b, 0xea, 0x3e, 0xf4, 0x85, 0xf1, 0x75, 0x65, 0x23, 0xf5, + 0x84, 0x6e, 0x2a, 0xd7, 0xd2, 0x13, 0x18, 0xa8, 0xfc, 0x0a, 0xc2, 0xc3, 0x75, 0xac, 0xbd, 0xf1, + 0x7e, 0x0d, 0x80, 0x74, 0x56, 0x0c, 0xfc, 0x61, 0x40, 0x2b, 0xc8, 0x97, 0xd8, 0xb4, 0xd0, 0x44, + 0x77, 0xcc, 0x2d, 0xdd, 0xb1, 0xae, 0xd8, 0x1d, 0xf2, 0x08, 0x6c, 0xb9, 0x9b, 0x45, 0xed, 0xc3, + 0xf1, 0xcd, 0x4d, 0x3e, 0x91, 0xb1, 0x40, 0x39, 0x79, 0xbf, 0x1b, 0x30, 0x78, 0x2a, 0x16, 0xf1, + 0x75, 0xcf, 0xc9, 0x5a, 0x25, 0xd6, 0x55, 0x2a, 0x19, 0xc1, 0x50, 0x17, 0xa2, 0xc6, 0xaa, 0xa8, + 0x6d, 0x82, 0x4b, 0x7c, 0x27, 0x6a, 0xd3, 0x85, 0xa8, 0xda, 0x06, 0xd0, 0x2b, 0x7e, 0xb6, 0xfa, + 0xdf, 0xfb, 0x39, 0xf4, 0xa5, 0xa8, 0x66, 0xe2, 0x23, 0x68, 0xd3, 0xbc, 0x58, 0x98, 0xf2, 0x87, + 0x7b, 0xa3, 0x5e, 0x51, 0xbe, 0xc4, 0x40, 0x7a, 0x3c, 0xf4, 0xc1, 0x96, 0xd9, 0x48, 0x0f, 0x3a, + 0xdf, 0xcf, 0xbf, 0x9e, 0x7f, 0xfb, 0x6a, 0x3e, 0xda, 0x29, 0x84, 0x59, 0x70, 0x3c, 0x7f, 0x39, + 0x9d, 0x8c, 0x0c, 0x02, 0x60, 0x4f, 0xa6, 0xf3, 0x67, 0xd3, 0xc9, 0xc8, 0x1c, 0xff, 0x63, 0x40, + 0xeb, 0x38, 0xe7, 0xa7, 0xe4, 0x05, 0x74, 0xf5, 0x46, 0x22, 0xf7, 0xde, 0xbe, 0x78, 0xdd, 0xf7, + 0xb7, 0xda, 0x15, 0x9e, 0x1d, 0xf2, 0x1c, 0x3a, 0xea, 0x72, 0x92, 0xbb, 0x35, 0xef, 0xea, 0xe5, + 0x76, 0xef, 0x6d, 0x33, 0x97, 0xb1, 0x26, 0xfa, 0xf5, 0x70, 0xbb, 0xf1, 0x32, 0xa8, 0x38, 0x77, + 0x9a, 0x8d, 0x3a, 0xca, 0xf8, 0x47, 0xe8, 0xea, 0xc7, 0x0c, 0xf9, 0x0e, 0x5a, 0x05, 0xc1, 0xc4, + 0xab, 0x7d, 0xd3, 0xf0, 0x10, 0x72, 0x1f, 0xbc, 0xd5, 0xa7, 0x0c, 0xff, 0xb7, 0x01, 0xed, 0xa2, + 0x11, 0x8c, 0xcc, 0xc0, 0x96, 0xa3, 0x47, 0xea, 0x25, 0x55, 0xae, 0x86, 0x7b, 0x77, 0x8b, 0xb5, + 0xc4, 0x3d, 0x03, 0x5b, 0xce, 0xc9, 0x46, 0xa0, 0xca, 0x1c, 0x6f, 0x04, 0xaa, 0x0d, 0xd7, 0x0e, + 0x39, 0x56, 0x70, 0xdd, 0x06, 0x28, 0x3a, 0xc8, 0xed, 0x46, 0x9b, 0x0e, 0xf1, 0xc6, 0x16, 0x6f, + 0xc7, 0xc7, 0xff, 0x06, 0x00, 0x00, 0xff, 0xff, 0x4b, 0x8f, 0xf4, 0x22, 0x76, 0x0a, 0x00, 0x00, } diff --git a/auth/service/proto/auth.proto b/auth/service/proto/auth.proto index c42d1631..d7d09418 100644 --- a/auth/service/proto/auth.proto +++ b/auth/service/proto/auth.proto @@ -39,6 +39,7 @@ message Account { map metadata = 4; string namespace = 5; string provider = 6; + string secret = 7; } message Resource{ diff --git a/auth/service/service.go b/auth/service/service.go index 9c4a6573..a0ce48b7 100644 --- a/auth/service/service.go +++ b/auth/service/service.go @@ -107,13 +107,13 @@ func (s *svc) Options() auth.Options { } // Generate a new account -func (s *svc) Generate(id, secret string, opts ...auth.GenerateOption) (*auth.Account, error) { +func (s *svc) Generate(id string, opts ...auth.GenerateOption) (*auth.Account, error) { options := auth.NewGenerateOptions(opts...) rsp, err := s.auth.Generate(context.TODO(), &pb.GenerateRequest{ Id: id, - Secret: secret, Type: options.Type, + Secret: options.Secret, Roles: options.Roles, Metadata: options.Metadata, Provider: options.Provider, @@ -321,6 +321,7 @@ func serializeAccount(a *pb.Account) *auth.Account { return &auth.Account{ ID: a.Id, Roles: a.Roles, + Secret: a.Secret, Metadata: a.Metadata, Provider: a.Provider, Namespace: a.Namespace, From c76667968705ffff8d39e07f3746d3ad89dc22e9 Mon Sep 17 00:00:00 2001 From: Ben Toogood Date: Wed, 1 Apr 2020 17:22:01 +0100 Subject: [PATCH 13/14] Fix typo --- auth/default.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/auth/default.go b/auth/default.go index d319f793..20f16a4f 100644 --- a/auth/default.go +++ b/auth/default.go @@ -40,7 +40,7 @@ func (n *noop) Generate(id string, opts ...GenerateOption) (*Account, error) { return &Account{ ID: id, Roles: options.Roles, - Secret: options.Secret,s + Secret: options.Secret, Metadata: options.Metadata, }, nil } From 9de69529cee6aecac1e42a7fe54e81ce81365824 Mon Sep 17 00:00:00 2001 From: Ben Toogood Date: Wed, 1 Apr 2020 17:29:17 +0100 Subject: [PATCH 14/14] Fix token tests --- auth/token/basic/basic_test.go | 26 +++++--------------------- auth/token/jwt/jwt_test.go | 17 +++++++---------- 2 files changed, 12 insertions(+), 31 deletions(-) diff --git a/auth/token/basic/basic_test.go b/auth/token/basic/basic_test.go index 4498db3c..127e201d 100644 --- a/auth/token/basic/basic_test.go +++ b/auth/token/basic/basic_test.go @@ -2,8 +2,8 @@ package basic import ( "testing" - "time" + "github.com/micro/go-micro/v2/auth" "github.com/micro/go-micro/v2/auth/token" "github.com/micro/go-micro/v2/store/memory" ) @@ -12,7 +12,7 @@ func TestGenerate(t *testing.T) { store := memory.NewStore() b := NewTokenProvider(token.WithStore(store)) - _, err := b.Generate("test") + _, err := b.Generate(&auth.Account{ID: "test"}) if err != nil { t.Fatalf("Generate returned %v error, expected nil", err) } @@ -35,12 +35,7 @@ func TestInspect(t *testing.T) { roles := []string{"admin"} subject := "test" - opts := []token.GenerateOption{ - token.WithMetadata(md), - token.WithRoles(roles...), - } - - tok, err := b.Generate(subject, opts...) + tok, err := b.Generate(&auth.Account{ID: subject, Roles: roles, Metadata: md}) if err != nil { t.Fatalf("Generate returned %v error, expected nil", err) } @@ -49,8 +44,8 @@ func TestInspect(t *testing.T) { if err != nil { t.Fatalf("Inspect returned %v error, expected nil", err) } - if tok2.Subject != subject { - t.Errorf("Inspect returned %v as the token subject, expected %v", tok2.Subject, subject) + if tok2.ID != subject { + t.Errorf("Inspect returned %v as the token subject, expected %v", tok2.ID, subject) } if len(tok2.Roles) != len(roles) { t.Errorf("Inspect returned %v roles, expected %v", len(tok2.Roles), len(roles)) @@ -60,17 +55,6 @@ func TestInspect(t *testing.T) { } }) - t.Run("Expired token", func(t *testing.T) { - tok, err := b.Generate("foo", token.WithExpiry(-10*time.Second)) - if err != nil { - t.Fatalf("Generate returned %v error, expected nil", err) - } - - if _, err = b.Inspect(tok.Token); err != token.ErrInvalidToken { - t.Fatalf("Inspect returned %v error, expected %v", err, token.ErrInvalidToken) - } - }) - t.Run("Invalid token", func(t *testing.T) { _, err := b.Inspect("Invalid token") if err != token.ErrInvalidToken { diff --git a/auth/token/jwt/jwt_test.go b/auth/token/jwt/jwt_test.go index 576a1e2e..5d4b5591 100644 --- a/auth/token/jwt/jwt_test.go +++ b/auth/token/jwt/jwt_test.go @@ -5,6 +5,7 @@ import ( "testing" "time" + "github.com/micro/go-micro/v2/auth" "github.com/micro/go-micro/v2/auth/token" ) @@ -18,7 +19,7 @@ func TestGenerate(t *testing.T) { token.WithPrivateKey(string(privKey)), ) - _, err = j.Generate("test") + _, err = j.Generate(&auth.Account{ID: "test"}) if err != nil { t.Fatalf("Generate returned %v error, expected nil", err) } @@ -44,12 +45,8 @@ func TestInspect(t *testing.T) { roles := []string{"admin"} subject := "test" - opts := []token.GenerateOption{ - token.WithMetadata(md), - token.WithRoles(roles...), - } - - tok, err := j.Generate(subject, opts...) + acc := &auth.Account{ID: subject, Roles: roles, Metadata: md} + tok, err := j.Generate(acc) if err != nil { t.Fatalf("Generate returned %v error, expected nil", err) } @@ -58,8 +55,8 @@ func TestInspect(t *testing.T) { if err != nil { t.Fatalf("Inspect returned %v error, expected nil", err) } - if tok2.Subject != subject { - t.Errorf("Inspect returned %v as the token subject, expected %v", tok2.Subject, subject) + if acc.ID != subject { + t.Errorf("Inspect returned %v as the token subject, expected %v", acc.ID, subject) } if len(tok2.Roles) != len(roles) { t.Errorf("Inspect returned %v roles, expected %v", len(tok2.Roles), len(roles)) @@ -70,7 +67,7 @@ func TestInspect(t *testing.T) { }) t.Run("Expired token", func(t *testing.T) { - tok, err := j.Generate("foo", token.WithExpiry(-10*time.Second)) + tok, err := j.Generate(&auth.Account{}, token.WithExpiry(-10*time.Second)) if err != nil { t.Fatalf("Generate returned %v error, expected nil", err) }