mirror of
https://github.com/go-micro/go-micro.git
synced 2025-06-24 22:26:54 +02:00
Updated auth interface (#1384)
* Updated auth interface * Add Rule * Remove Rule * Return token from Renew * Renew => Refresh * Implement Tokens & Default Auth Implementation * Change default auth to noop * Change default auth to noop * Move token.Token to auth.Token * Remove Token from Account * Auth service implementation * Decode JWT locally * Cookie for secret * Move string to bottom of interface definition * Depricate auth_exclude * Update auth wrappers * Update go.sum Co-authored-by: Ben Toogood <ben@micro.mu>
This commit is contained in:
ben-toogood
GitHub
95
auth/token/basic/basic.go
Normal file
95
auth/token/basic/basic.go
Normal file
@ -0,0 +1,95 @@
|
||||
package basic
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"time"
|
||||
|
||||
"github.com/google/uuid"
|
||||
"github.com/micro/go-micro/v2/auth"
|
||||
"github.com/micro/go-micro/v2/auth/token"
|
||||
"github.com/micro/go-micro/v2/store"
|
||||
)
|
||||
|
||||
// Basic implementation of token provider, backed by the store
|
||||
type Basic struct {
|
||||
store store.Store
|
||||
}
|
||||
|
||||
// NewTokenProvider returns an initialized basic provider
|
||||
func NewTokenProvider(opts ...token.Option) token.Provider {
|
||||
options := token.NewOptions(opts...)
|
||||
|
||||
if options.Store == nil {
|
||||
options.Store = store.DefaultStore
|
||||
}
|
||||
|
||||
return &Basic{
|
||||
store: options.Store,
|
||||
}
|
||||
}
|
||||
|
||||
// Generate a token for an account
|
||||
func (b *Basic) Generate(subject string, opts ...token.GenerateOption) (*auth.Token, error) {
|
||||
options := token.NewGenerateOptions(opts...)
|
||||
|
||||
// construct the token
|
||||
token := auth.Token{
|
||||
Subject: subject,
|
||||
Type: b.String(),
|
||||
Token: uuid.New().String(),
|
||||
Created: time.Now(),
|
||||
Expiry: time.Now().Add(options.Expiry),
|
||||
Metadata: options.Metadata,
|
||||
Roles: options.Roles,
|
||||
}
|
||||
|
||||
// marshal the account to bytes
|
||||
bytes, err := json.Marshal(token)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
// write to the store
|
||||
err = b.store.Write(&store.Record{
|
||||
Key: token.Token,
|
||||
Value: bytes,
|
||||
Expiry: options.Expiry,
|
||||
})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
// return the token
|
||||
return &token, nil
|
||||
}
|
||||
|
||||
// Inspect a token
|
||||
func (b *Basic) Inspect(t string) (*auth.Token, error) {
|
||||
// lookup the token in the store
|
||||
recs, err := b.store.Read(t)
|
||||
if err == store.ErrNotFound {
|
||||
return nil, token.ErrInvalidToken
|
||||
} else if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
bytes := recs[0].Value
|
||||
|
||||
// unmarshal the bytes
|
||||
var tok *auth.Token
|
||||
if err := json.Unmarshal(bytes, &tok); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
// ensure the token hasn't expired, the store should
|
||||
// expire the token but we're checking again
|
||||
if tok.Expiry.Unix() < time.Now().Unix() {
|
||||
return nil, token.ErrInvalidToken
|
||||
}
|
||||
|
||||
return tok, err
|
||||
}
|
||||
|
||||
// String returns basic
|
||||
func (b *Basic) String() string {
|
||||
return "basic"
|
||||
}
|
||||
Reference in New Issue
Block a user