2020-02-03 11:16:02 +03:00
|
|
|
package auth
|
|
|
|
|
|
2020-03-09 20:16:31 +03:00
|
|
|
import (
|
2020-05-26 17:52:21 +03:00
|
|
|
"context"
|
2020-03-09 20:16:31 +03:00
|
|
|
"time"
|
|
|
|
|
|
|
|
|
|
"github.com/micro/go-micro/v2/auth/provider"
|
2020-05-11 19:57:39 +03:00
|
|
|
"github.com/micro/go-micro/v2/client"
|
2020-03-23 19:19:30 +03:00
|
|
|
"github.com/micro/go-micro/v2/store"
|
2020-03-09 20:16:31 +03:00
|
|
|
)
|
2020-03-07 14:06:57 +03:00
|
|
|
|
2020-04-14 11:14:07 +03:00
|
|
|
func NewOptions(opts ...Option) Options {
|
|
|
|
|
var options Options
|
|
|
|
|
for _, o := range opts {
|
|
|
|
|
o(&options)
|
|
|
|
|
}
|
2020-05-11 19:57:39 +03:00
|
|
|
if options.Client == nil {
|
|
|
|
|
options.Client = client.DefaultClient
|
|
|
|
|
}
|
2020-04-14 11:14:07 +03:00
|
|
|
|
|
|
|
|
return options
|
|
|
|
|
}
|
|
|
|
|
|
2020-02-03 11:16:02 +03:00
|
|
|
type Options struct {
|
2020-06-17 14:26:27 +03:00
|
|
|
// Issuer of the service's account
|
|
|
|
|
Issuer string
|
2020-03-31 14:44:34 +03:00
|
|
|
// ID is the services auth ID
|
|
|
|
|
ID string
|
2020-04-01 16:25:00 +03:00
|
|
|
// Secret is used to authenticate the service
|
|
|
|
|
Secret string
|
2020-03-31 14:44:34 +03:00
|
|
|
// Token is the services token used to authenticate itself
|
|
|
|
|
Token *Token
|
2020-04-01 16:25:00 +03:00
|
|
|
// PublicKey for decoding JWTs
|
2020-02-26 01:15:44 +03:00
|
|
|
PublicKey string
|
2020-04-01 19:17:40 +03:00
|
|
|
// PrivateKey for encoding JWTs
|
|
|
|
|
PrivateKey string
|
2020-03-07 14:06:57 +03:00
|
|
|
// Provider is an auth provider
|
|
|
|
|
Provider provider.Provider
|
|
|
|
|
// LoginURL is the relative url path where a user can login
|
|
|
|
|
LoginURL string
|
2020-03-23 19:19:30 +03:00
|
|
|
// Store to back auth
|
|
|
|
|
Store store.Store
|
2020-05-11 19:57:39 +03:00
|
|
|
// Client to use for RPC
|
|
|
|
|
Client client.Client
|
2020-05-13 19:54:47 +03:00
|
|
|
// Addrs sets the addresses of auth
|
|
|
|
|
Addrs []string
|
2020-02-03 11:16:02 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type Option func(o *Options)
|
|
|
|
|
|
2020-05-13 19:54:47 +03:00
|
|
|
// Addrs is the auth addresses to use
|
|
|
|
|
func Addrs(addrs ...string) Option {
|
|
|
|
|
return func(o *Options) {
|
|
|
|
|
o.Addrs = addrs
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-06-17 14:26:27 +03:00
|
|
|
// Issuer of the services account
|
|
|
|
|
func Issuer(i string) Option {
|
2020-04-07 14:46:44 +03:00
|
|
|
return func(o *Options) {
|
2020-06-17 14:26:27 +03:00
|
|
|
o.Issuer = i
|
2020-04-07 14:46:44 +03:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-23 19:19:30 +03:00
|
|
|
// Store to back auth
|
|
|
|
|
func Store(s store.Store) Option {
|
2020-02-10 11:26:28 +03:00
|
|
|
return func(o *Options) {
|
2020-03-23 19:19:30 +03:00
|
|
|
o.Store = s
|
2020-02-10 11:26:28 +03:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-02-03 11:16:02 +03:00
|
|
|
// PublicKey is the JWT public key
|
|
|
|
|
func PublicKey(key string) Option {
|
|
|
|
|
return func(o *Options) {
|
2020-02-26 01:15:44 +03:00
|
|
|
o.PublicKey = key
|
2020-02-03 11:16:02 +03:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-04-01 19:17:40 +03:00
|
|
|
// PrivateKey is the JWT private key
|
|
|
|
|
func PrivateKey(key string) Option {
|
|
|
|
|
return func(o *Options) {
|
|
|
|
|
o.PrivateKey = key
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-31 14:44:34 +03:00
|
|
|
// Credentials sets the auth credentials
|
2020-04-01 16:25:00 +03:00
|
|
|
func Credentials(id, secret string) Option {
|
2020-02-26 01:15:44 +03:00
|
|
|
return func(o *Options) {
|
2020-03-31 14:44:34 +03:00
|
|
|
o.ID = id
|
2020-04-01 16:25:00 +03:00
|
|
|
o.Secret = secret
|
2020-02-03 11:16:02 +03:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-04-29 17:11:06 +03:00
|
|
|
// ClientToken sets the auth token to use when making requests
|
|
|
|
|
func ClientToken(token *Token) Option {
|
|
|
|
|
return func(o *Options) {
|
|
|
|
|
o.Token = token
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-07 14:06:57 +03:00
|
|
|
// Provider set the auth provider
|
|
|
|
|
func Provider(p provider.Provider) Option {
|
|
|
|
|
return func(o *Options) {
|
|
|
|
|
o.Provider = p
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// LoginURL sets the auth LoginURL
|
|
|
|
|
func LoginURL(url string) Option {
|
|
|
|
|
return func(o *Options) {
|
|
|
|
|
o.LoginURL = url
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-11 19:57:39 +03:00
|
|
|
// WithClient sets the client to use when making requests
|
|
|
|
|
func WithClient(c client.Client) Option {
|
|
|
|
|
return func(o *Options) {
|
|
|
|
|
o.Client = c
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-02-03 11:16:02 +03:00
|
|
|
type GenerateOptions struct {
|
2020-02-26 01:15:44 +03:00
|
|
|
// Metadata associated with the account
|
2020-02-03 11:16:02 +03:00
|
|
|
Metadata map[string]string
|
2020-05-20 18:49:52 +03:00
|
|
|
// Scopes the account has access too
|
2020-05-19 20:17:17 +03:00
|
|
|
Scopes []string
|
2020-03-31 21:01:43 +03:00
|
|
|
// Provider of the account, e.g. oauth
|
|
|
|
|
Provider string
|
|
|
|
|
// Type of the account, e.g. user
|
|
|
|
|
Type string
|
2020-04-01 19:20:02 +03:00
|
|
|
// Secret used to authenticate the account
|
|
|
|
|
Secret string
|
2020-02-03 11:16:02 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type GenerateOption func(o *GenerateOptions)
|
|
|
|
|
|
2020-04-01 19:20:02 +03:00
|
|
|
// WithSecret for the generated account
|
|
|
|
|
func WithSecret(s string) GenerateOption {
|
|
|
|
|
return func(o *GenerateOptions) {
|
|
|
|
|
o.Secret = s
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-31 21:01:43 +03:00
|
|
|
// WithType for the generated account
|
|
|
|
|
func WithType(t string) GenerateOption {
|
|
|
|
|
return func(o *GenerateOptions) {
|
|
|
|
|
o.Type = t
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-23 19:19:30 +03:00
|
|
|
// WithMetadata for the generated account
|
|
|
|
|
func WithMetadata(md map[string]string) GenerateOption {
|
2020-02-03 11:16:02 +03:00
|
|
|
return func(o *GenerateOptions) {
|
|
|
|
|
o.Metadata = md
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-21 18:41:55 +03:00
|
|
|
// WithProvider for the generated account
|
|
|
|
|
func WithProvider(p string) GenerateOption {
|
2020-03-30 11:51:37 +03:00
|
|
|
return func(o *GenerateOptions) {
|
2020-05-21 18:41:55 +03:00
|
|
|
o.Provider = p
|
2020-03-30 11:51:37 +03:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-21 18:41:55 +03:00
|
|
|
// WithScopes for the generated account
|
|
|
|
|
func WithScopes(s ...string) GenerateOption {
|
2020-03-31 21:01:43 +03:00
|
|
|
return func(o *GenerateOptions) {
|
2020-05-21 18:41:55 +03:00
|
|
|
o.Scopes = s
|
2020-03-31 21:01:43 +03:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-02-03 11:16:02 +03:00
|
|
|
// NewGenerateOptions from a slice of options
|
|
|
|
|
func NewGenerateOptions(opts ...GenerateOption) GenerateOptions {
|
|
|
|
|
var options GenerateOptions
|
|
|
|
|
for _, o := range opts {
|
|
|
|
|
o(&options)
|
|
|
|
|
}
|
2020-03-23 19:19:30 +03:00
|
|
|
return options
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-31 12:06:13 +03:00
|
|
|
type TokenOptions struct {
|
2020-04-01 16:25:00 +03:00
|
|
|
// ID for the account
|
|
|
|
|
ID string
|
|
|
|
|
// Secret for the account
|
|
|
|
|
Secret string
|
|
|
|
|
// RefreshToken is used to refesh a token
|
|
|
|
|
RefreshToken string
|
|
|
|
|
// Expiry is the time the token should live for
|
|
|
|
|
Expiry time.Duration
|
2020-03-23 19:19:30 +03:00
|
|
|
}
|
|
|
|
|
|
2020-03-31 12:06:13 +03:00
|
|
|
type TokenOption func(o *TokenOptions)
|
2020-03-23 19:19:30 +03:00
|
|
|
|
2020-04-01 16:25:00 +03:00
|
|
|
// WithExpiry for the token
|
|
|
|
|
func WithExpiry(ex time.Duration) TokenOption {
|
|
|
|
|
return func(o *TokenOptions) {
|
|
|
|
|
o.Expiry = ex
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func WithCredentials(id, secret string) TokenOption {
|
|
|
|
|
return func(o *TokenOptions) {
|
|
|
|
|
o.ID = id
|
|
|
|
|
o.Secret = secret
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func WithToken(rt string) TokenOption {
|
2020-03-31 12:06:13 +03:00
|
|
|
return func(o *TokenOptions) {
|
2020-04-01 16:25:00 +03:00
|
|
|
o.RefreshToken = rt
|
2020-03-09 20:16:31 +03:00
|
|
|
}
|
2020-03-23 19:19:30 +03:00
|
|
|
}
|
|
|
|
|
|
2020-03-31 12:06:13 +03:00
|
|
|
// NewTokenOptions from a slice of options
|
|
|
|
|
func NewTokenOptions(opts ...TokenOption) TokenOptions {
|
|
|
|
|
var options TokenOptions
|
2020-03-23 19:19:30 +03:00
|
|
|
for _, o := range opts {
|
|
|
|
|
o(&options)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// set defualt expiry of token
|
2020-04-01 16:25:00 +03:00
|
|
|
if options.Expiry == 0 {
|
|
|
|
|
options.Expiry = time.Minute
|
2020-03-23 19:19:30 +03:00
|
|
|
}
|
|
|
|
|
|
2020-02-03 11:16:02 +03:00
|
|
|
return options
|
|
|
|
|
}
|
2020-05-20 18:49:52 +03:00
|
|
|
|
2020-05-21 20:11:35 +03:00
|
|
|
type VerifyOptions struct {
|
2020-07-07 10:30:25 +03:00
|
|
|
Context context.Context
|
|
|
|
|
Namespace string
|
2020-05-21 20:11:35 +03:00
|
|
|
}
|
2020-05-20 18:49:52 +03:00
|
|
|
|
|
|
|
|
type VerifyOption func(o *VerifyOptions)
|
2020-05-21 20:11:35 +03:00
|
|
|
|
2020-05-26 17:52:21 +03:00
|
|
|
func VerifyContext(ctx context.Context) VerifyOption {
|
2020-05-21 20:11:35 +03:00
|
|
|
return func(o *VerifyOptions) {
|
2020-05-26 17:52:21 +03:00
|
|
|
o.Context = ctx
|
|
|
|
|
}
|
|
|
|
|
}
|
2020-07-07 10:30:25 +03:00
|
|
|
func VerifyNamespace(ns string) VerifyOption {
|
|
|
|
|
return func(o *VerifyOptions) {
|
|
|
|
|
o.Namespace = ns
|
|
|
|
|
}
|
|
|
|
|
}
|
2020-05-26 17:52:21 +03:00
|
|
|
|
|
|
|
|
type RulesOptions struct {
|
2020-07-07 10:30:25 +03:00
|
|
|
Context context.Context
|
|
|
|
|
Namespace string
|
2020-05-26 17:52:21 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type RulesOption func(o *RulesOptions)
|
|
|
|
|
|
|
|
|
|
func RulesContext(ctx context.Context) RulesOption {
|
|
|
|
|
return func(o *RulesOptions) {
|
|
|
|
|
o.Context = ctx
|
2020-05-21 20:11:35 +03:00
|
|
|
}
|
|
|
|
|
}
|
2020-07-07 10:30:25 +03:00
|
|
|
|
|
|
|
|
func RulesNamespace(ns string) RulesOption {
|
|
|
|
|
return func(o *RulesOptions) {
|
|
|
|
|
o.Namespace = ns
|
|
|
|
|
}
|
|
|
|
|
}
|
