micro/util/wrapper/wrapper.go

package wrapper

import (
	"context"
	"strings"

	"github.com/micro/go-micro/v2/auth"
	"github.com/micro/go-micro/v2/client"
	"github.com/micro/go-micro/v2/debug/stats"
	"github.com/micro/go-micro/v2/debug/trace"
	"github.com/micro/go-micro/v2/errors"
	"github.com/micro/go-micro/v2/metadata"
	"github.com/micro/go-micro/v2/server"
)

type clientWrapper struct {
	client.Client

	// Auth interface
	auth func() auth.Auth
	// headers to inject
	headers metadata.Metadata
}

type traceWrapper struct {
	client.Client

	name  string
	trace trace.Tracer
}

var (
	HeaderPrefix = "Micro-"
)

func (c *clientWrapper) setHeaders(ctx context.Context) context.Context {
	// copy metadata
	mda, _ := metadata.FromContext(ctx)
	md := metadata.Copy(mda)

	// set headers
	for k, v := range c.headers {
		if _, ok := md[k]; !ok {
			md[k] = v
		}
	}

	return metadata.NewContext(ctx, md)
}

func (c *clientWrapper) Call(ctx context.Context, req client.Request, rsp interface{}, opts ...client.CallOption) error {
	ctx = c.setHeaders(ctx)
	return c.Client.Call(ctx, req, rsp, opts...)
}

func (c *clientWrapper) Stream(ctx context.Context, req client.Request, opts ...client.CallOption) (client.Stream, error) {
	ctx = c.setHeaders(ctx)
	return c.Client.Stream(ctx, req, opts...)
}

func (c *clientWrapper) Publish(ctx context.Context, p client.Message, opts ...client.PublishOption) error {
	ctx = c.setHeaders(ctx)
	return c.Client.Publish(ctx, p, opts...)
}

func (c *traceWrapper) Call(ctx context.Context, req client.Request, rsp interface{}, opts ...client.CallOption) error {
	newCtx, s := c.trace.Start(ctx, req.Service()+"."+req.Endpoint())

	s.Type = trace.SpanTypeRequestOutbound
	err := c.Client.Call(newCtx, req, rsp, opts...)
	if err != nil {
		s.Metadata["error"] = err.Error()
	}

	// finish the trace
	c.trace.Finish(s)

	return err
}

// FromService wraps a client to inject service and auth metadata
func FromService(name string, c client.Client, fn func() auth.Auth) client.Client {
	return &clientWrapper{
		c,
		fn,
		metadata.Metadata{
			HeaderPrefix + "From-Service": name,
		},
	}
}

// HandlerStats wraps a server handler to generate request/error stats
func HandlerStats(stats stats.Stats) server.HandlerWrapper {
	// return a handler wrapper
	return func(h server.HandlerFunc) server.HandlerFunc {
		// return a function that returns a function
		return func(ctx context.Context, req server.Request, rsp interface{}) error {
			// execute the handler
			err := h(ctx, req, rsp)
			// record the stats
			stats.Record(err)
			// return the error
			return err
		}
	}
}

// TraceCall is a call tracing wrapper
func TraceCall(name string, t trace.Tracer, c client.Client) client.Client {
	return &traceWrapper{
		name:   name,
		trace:  t,
		Client: c,
	}
}

// TraceHandler wraps a server handler to perform tracing
func TraceHandler(t trace.Tracer) server.HandlerWrapper {
	// return a handler wrapper
	return func(h server.HandlerFunc) server.HandlerFunc {
		// return a function that returns a function
		return func(ctx context.Context, req server.Request, rsp interface{}) error {
			// don't store traces for debug
			if strings.HasPrefix(req.Endpoint(), "Debug.") {
				return h(ctx, req, rsp)
			}

			// get the span
			newCtx, s := t.Start(ctx, req.Service()+"."+req.Endpoint())
			s.Type = trace.SpanTypeRequestInbound

			err := h(newCtx, req, rsp)
			if err != nil {
				s.Metadata["error"] = err.Error()
			}

			// finish
			t.Finish(s)

			return err
		}
	}
}

// AuthHandler wraps a server handler to perform auth
func AuthHandler(fn func() auth.Auth) server.HandlerWrapper {
	return func(h server.HandlerFunc) server.HandlerFunc {
		return func(ctx context.Context, req server.Request, rsp interface{}) error {
			// get the auth.Auth interface
			a := fn()

			// Check for debug endpoints which should be excluded from auth
			if strings.HasPrefix(req.Endpoint(), "Debug.") {
				return h(ctx, req, rsp)
			}

			// Check for auth service endpoints which should be excluded from auth
			if strings.HasPrefix(req.Endpoint(), "Auth.") {
				return h(ctx, req, rsp)
			}

			// Extract the token if present. Note: if noop is being used
			// then the token can be blank without erroring
			var token string
			if header, ok := metadata.Get(ctx, "Authorization"); ok {
				// Ensure the correct scheme is being used
				if !strings.HasPrefix(header, auth.BearerScheme) {
					return errors.Unauthorized("go.micro.auth", "invalid authorization header. expected Bearer schema")
				}

				token = header[len(auth.BearerScheme):]
			}

			// Inspect the token and get the account
			account, err := a.Inspect(token)
			if err != nil {
				account = &auth.Account{}
			}

			// Verify the caller has access to the resource
			err = a.Verify(account, &auth.Resource{Type: "service", Name: req.Service(), Endpoint: req.Endpoint()})
			if err != nil && len(account.ID) > 0 {
				return errors.Forbidden("go.micro.auth", "Forbidden call made to %v:%v by %v", req.Service(), req.Endpoint(), account.ID)
			} else if err != nil {
				return errors.Unauthorized("go.micro.auth", "Unauthorised call made to %v:%v", req.Service(), req.Endpoint())
			}

			// There is an account, set it in the context
			ctx, err = auth.ContextWithAccount(ctx, account)
			if err != nil {
				return err
			}

			// The user is authorised, allow the call
			return h(ctx, req, rsp)
		}
	}
}
Move wrapper internally since its not top level relevant 2019-11-16 21:48:24 +03:00			`package wrapper`
Experimental top level init 2015-12-21 02:50:16 +03:00
			`import (`
switch to stdlib context 2018-03-03 14:53:52 +03:00			`"context"`
Don't store traces for Debug endpoints 2020-02-07 23:58:03 +03:00			`"strings"`
switch to stdlib context 2018-03-03 14:53:52 +03:00
Auth Wrapper (#1174) * Auth Wrapper * Tweak cmd flag * auth_excludes => auth_exclude * Make Auth.Excludes variadic * Use metadata.Get (passes through http and http2 it will go through various case formats) * fix auth wrapper auth.Auth interface initialisation Co-authored-by: Asim Aslam <asim@aslam.me> 2020-02-10 11:26:28 +03:00			`"github.com/micro/go-micro/v2/auth"`
fix import paths for v2 release Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org> 2020-01-30 14:39:00 +03:00			`"github.com/micro/go-micro/v2/client"`
			`"github.com/micro/go-micro/v2/debug/stats"`
			`"github.com/micro/go-micro/v2/debug/trace"`
Auth Wrapper (#1174) * Auth Wrapper * Tweak cmd flag * auth_excludes => auth_exclude * Make Auth.Excludes variadic * Use metadata.Get (passes through http and http2 it will go through various case formats) * fix auth wrapper auth.Auth interface initialisation Co-authored-by: Asim Aslam <asim@aslam.me> 2020-02-10 11:26:28 +03:00			`"github.com/micro/go-micro/v2/errors"`
fix import paths for v2 release Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org> 2020-01-30 14:39:00 +03:00			`"github.com/micro/go-micro/v2/metadata"`
			`"github.com/micro/go-micro/v2/server"`
Experimental top level init 2015-12-21 02:50:16 +03:00			`)`

rename wrap 2015-12-23 03:02:42 +03:00			`type clientWrapper struct {`
Experimental top level init 2015-12-21 02:50:16 +03:00			`client.Client`
add MICRO_AUTH_TOKEN, parse token in wrapper, preload config and othe… (#1261) * add MICRO_AUTH_TOKEN, parse token in wrapper, preload config and other things * fix wrapper panic 2020-02-26 01:15:44 +03:00
			`// Auth interface`
			`auth func() auth.Auth`
			`// headers to inject`
Move context to metadata 2016-01-28 20:55:28 +03:00			`headers metadata.Metadata`
Experimental top level init 2015-12-21 02:50:16 +03:00			`}`

trace wrapper 2020-01-25 00:58:29 +03:00			`type traceWrapper struct {`
			`client.Client`

			`name string`
Refactor debug/trace ready for Jaeger 2020-01-29 18:45:11 +03:00			`trace trace.Tracer`
trace wrapper 2020-01-25 00:58:29 +03:00			`}`

Move wrapper internally since its not top level relevant 2019-11-16 21:48:24 +03:00			`var (`
			`HeaderPrefix = "Micro-"`
			`)`

Appending to metadata is a side effect. Let's not do that anymore. 2016-04-15 18:45:59 +03:00			`func (c *clientWrapper) setHeaders(ctx context.Context) context.Context {`
Copy metadata 2019-01-17 12:40:49 +03:00			`// copy metadata`
			`mda, _ := metadata.FromContext(ctx)`
			`md := metadata.Copy(mda)`
Make copy of metadata in setHeaders 2016-11-02 20:21:53 +03:00
Copy metadata 2019-01-17 12:40:49 +03:00			`// set headers`
Appending to metadata is a side effect. Let's not do that anymore. 2016-04-15 18:45:59 +03:00			`for k, v := range c.headers {`
			`if _, ok := md[k]; !ok {`
			`md[k] = v`
			`}`
			`}`
Make copy of metadata in setHeaders 2016-11-02 20:21:53 +03:00
Appending to metadata is a side effect. Let's not do that anymore. 2016-04-15 18:45:59 +03:00			`return metadata.NewContext(ctx, md)`
			`}`

rename wrap 2015-12-23 03:02:42 +03:00			`func (c *clientWrapper) Call(ctx context.Context, req client.Request, rsp interface{}, opts ...client.CallOption) error {`
Appending to metadata is a side effect. Let's not do that anymore. 2016-04-15 18:45:59 +03:00			`ctx = c.setHeaders(ctx)`
Experimental top level init 2015-12-21 02:50:16 +03:00			`return c.Client.Call(ctx, req, rsp, opts...)`
			`}`

rename Streamer to Stream 2018-04-14 20:15:09 +03:00			`func (c *clientWrapper) Stream(ctx context.Context, req client.Request, opts ...client.CallOption) (client.Stream, error) {`
Appending to metadata is a side effect. Let's not do that anymore. 2016-04-15 18:45:59 +03:00			`ctx = c.setHeaders(ctx)`
Experimental top level init 2015-12-21 02:50:16 +03:00			`return c.Client.Stream(ctx, req, opts...)`
			`}`

rename Streamer to Stream 2018-04-14 20:15:09 +03:00			`func (c *clientWrapper) Publish(ctx context.Context, p client.Message, opts ...client.PublishOption) error {`
Appending to metadata is a side effect. Let's not do that anymore. 2016-04-15 18:45:59 +03:00			`ctx = c.setHeaders(ctx)`
Experimental top level init 2015-12-21 02:50:16 +03:00			`return c.Client.Publish(ctx, p, opts...)`
			`}`
Move wrapper internally since its not top level relevant 2019-11-16 21:48:24 +03:00
trace wrapper 2020-01-25 00:58:29 +03:00			`func (c *traceWrapper) Call(ctx context.Context, req client.Request, rsp interface{}, opts ...client.CallOption) error {`
			`newCtx, s := c.trace.Start(ctx, req.Service()+"."+req.Endpoint())`

Trace type is now being recorded (#1188) 2020-02-12 13:57:17 +03:00			`s.Type = trace.SpanTypeRequestOutbound`
trace wrapper 2020-01-25 00:58:29 +03:00			`err := c.Client.Call(newCtx, req, rsp, opts...)`
			`if err != nil {`
			`s.Metadata["error"] = err.Error()`
			`}`

			`// finish the trace`
			`c.trace.Finish(s)`

			`return err`
			`}`

add MICRO_AUTH_TOKEN, parse token in wrapper, preload config and othe… (#1261) * add MICRO_AUTH_TOKEN, parse token in wrapper, preload config and other things * fix wrapper panic 2020-02-26 01:15:44 +03:00			`// FromService wraps a client to inject service and auth metadata`
			`func FromService(name string, c client.Client, fn func() auth.Auth) client.Client {`
Move wrapper internally since its not top level relevant 2019-11-16 21:48:24 +03:00			`return &clientWrapper{`
move test data 2019-11-16 21:52:27 +03:00			`c,`
add MICRO_AUTH_TOKEN, parse token in wrapper, preload config and othe… (#1261) * add MICRO_AUTH_TOKEN, parse token in wrapper, preload config and other things * fix wrapper panic 2020-02-26 01:15:44 +03:00			`fn,`
move test data 2019-11-16 21:52:27 +03:00			`metadata.Metadata{`
			`HeaderPrefix + "From-Service": name,`
			`},`
			`}`
Move wrapper internally since its not top level relevant 2019-11-16 21:48:24 +03:00			`}`
add requests/errors to stats 2019-12-18 21:36:42 +03:00
			`// HandlerStats wraps a server handler to generate request/error stats`
			`func HandlerStats(stats stats.Stats) server.HandlerWrapper {`
			`// return a handler wrapper`
			`return func(h server.HandlerFunc) server.HandlerFunc {`
			`// return a function that returns a function`
			`return func(ctx context.Context, req server.Request, rsp interface{}) error {`
			`// execute the handler`
			`err := h(ctx, req, rsp)`
			`// record the stats`
			`stats.Record(err)`
			`// return the error`
			`return err`
			`}`
			`}`
			`}`
trace wrapper 2020-01-25 00:58:29 +03:00
			`// TraceCall is a call tracing wrapper`
Refactor debug/trace ready for Jaeger 2020-01-29 18:45:11 +03:00			`func TraceCall(name string, t trace.Tracer, c client.Client) client.Client {`
trace wrapper 2020-01-25 00:58:29 +03:00			`return &traceWrapper{`
			`name: name,`
			`trace: t,`
			`Client: c,`
			`}`
			`}`

			`// TraceHandler wraps a server handler to perform tracing`
Refactor debug/trace ready for Jaeger 2020-01-29 18:45:11 +03:00			`func TraceHandler(t trace.Tracer) server.HandlerWrapper {`
trace wrapper 2020-01-25 00:58:29 +03:00			`// return a handler wrapper`
			`return func(h server.HandlerFunc) server.HandlerFunc {`
			`// return a function that returns a function`
			`return func(ctx context.Context, req server.Request, rsp interface{}) error {`
Don't store traces for Debug endpoints 2020-02-07 23:58:03 +03:00			`// don't store traces for debug`
			`if strings.HasPrefix(req.Endpoint(), "Debug.") {`
			`return h(ctx, req, rsp)`
			`}`

trace wrapper 2020-01-25 00:58:29 +03:00			`// get the span`
			`newCtx, s := t.Start(ctx, req.Service()+"."+req.Endpoint())`
Trace type is now being recorded (#1188) 2020-02-12 13:57:17 +03:00			`s.Type = trace.SpanTypeRequestInbound`
trace wrapper 2020-01-25 00:58:29 +03:00
			`err := h(newCtx, req, rsp)`
			`if err != nil {`
			`s.Metadata["error"] = err.Error()`
			`}`

			`// finish`
			`t.Finish(s)`

			`return err`
			`}`
			`}`
			`}`
Auth Wrapper (#1174) * Auth Wrapper * Tweak cmd flag * auth_excludes => auth_exclude * Make Auth.Excludes variadic * Use metadata.Get (passes through http and http2 it will go through various case formats) * fix auth wrapper auth.Auth interface initialisation Co-authored-by: Asim Aslam <asim@aslam.me> 2020-02-10 11:26:28 +03:00
			`// AuthHandler wraps a server handler to perform auth`
use requested service (#1413) 2020-03-25 23:59:37 +03:00			`func AuthHandler(fn func() auth.Auth) server.HandlerWrapper {`
Auth Wrapper (#1174) * Auth Wrapper * Tweak cmd flag * auth_excludes => auth_exclude * Make Auth.Excludes variadic * Use metadata.Get (passes through http and http2 it will go through various case formats) * fix auth wrapper auth.Auth interface initialisation Co-authored-by: Asim Aslam <asim@aslam.me> 2020-02-10 11:26:28 +03:00			`return func(h server.HandlerFunc) server.HandlerFunc {`
			`return func(ctx context.Context, req server.Request, rsp interface{}) error {`
			`// get the auth.Auth interface`
			`a := fn()`

Auth Improvements (#1195) * Exclude Stats & Trace from Auth * Update Excluded Endpoints Format * Tweak Implementation 2020-02-13 17:07:14 +03:00			`// Check for debug endpoints which should be excluded from auth`
			`if strings.HasPrefix(req.Endpoint(), "Debug.") {`
			`return h(ctx, req, rsp)`
Auth Wrapper (#1174) * Auth Wrapper * Tweak cmd flag * auth_excludes => auth_exclude * Make Auth.Excludes variadic * Use metadata.Get (passes through http and http2 it will go through various case formats) * fix auth wrapper auth.Auth interface initialisation Co-authored-by: Asim Aslam <asim@aslam.me> 2020-02-10 11:26:28 +03:00			`}`

Updated auth interface (#1384) * Updated auth interface * Add Rule * Remove Rule * Return token from Renew * Renew => Refresh * Implement Tokens & Default Auth Implementation * Change default auth to noop * Change default auth to noop * Move token.Token to auth.Token * Remove Token from Account * Auth service implementation * Decode JWT locally * Cookie for secret * Move string to bottom of interface definition * Depricate auth_exclude * Update auth wrappers * Update go.sum Co-authored-by: Ben Toogood <ben@micro.mu> 2020-03-23 19:19:30 +03:00			`// Check for auth service endpoints which should be excluded from auth`
			`if strings.HasPrefix(req.Endpoint(), "Auth.") {`
			`return h(ctx, req, rsp)`
			`}`

Auth Wrapper (#1174) * Auth Wrapper * Tweak cmd flag * auth_excludes => auth_exclude * Make Auth.Excludes variadic * Use metadata.Get (passes through http and http2 it will go through various case formats) * fix auth wrapper auth.Auth interface initialisation Co-authored-by: Asim Aslam <asim@aslam.me> 2020-02-10 11:26:28 +03:00			`// Extract the token if present. Note: if noop is being used`
			`// then the token can be blank without erroring`
			`var token string`
			`if header, ok := metadata.Get(ctx, "Authorization"); ok {`
			`// Ensure the correct scheme is being used`
Add ContextWithToken (#1407) * Add ContextWithToken * Tidying up BearerScheme Co-authored-by: Ben Toogood <ben@micro.mu> 2020-03-25 14:20:53 +03:00			`if !strings.HasPrefix(header, auth.BearerScheme) {`
Auth Wrapper (#1174) * Auth Wrapper * Tweak cmd flag * auth_excludes => auth_exclude * Make Auth.Excludes variadic * Use metadata.Get (passes through http and http2 it will go through various case formats) * fix auth wrapper auth.Auth interface initialisation Co-authored-by: Asim Aslam <asim@aslam.me> 2020-02-10 11:26:28 +03:00			`return errors.Unauthorized("go.micro.auth", "invalid authorization header. expected Bearer schema")`
			`}`

Add ContextWithToken (#1407) * Add ContextWithToken * Tidying up BearerScheme Co-authored-by: Ben Toogood <ben@micro.mu> 2020-03-25 14:20:53 +03:00			`token = header[len(auth.BearerScheme):]`
Auth Wrapper (#1174) * Auth Wrapper * Tweak cmd flag * auth_excludes => auth_exclude * Make Auth.Excludes variadic * Use metadata.Get (passes through http and http2 it will go through various case formats) * fix auth wrapper auth.Auth interface initialisation Co-authored-by: Asim Aslam <asim@aslam.me> 2020-02-10 11:26:28 +03:00			`}`

Fix service level auth, add improved error descriptions to aid with debugging (#1403) Co-authored-by: Ben Toogood <ben@micro.mu> 2020-03-25 12:35:29 +03:00			`// Inspect the token and get the account`
Updated auth interface (#1384) * Updated auth interface * Add Rule * Remove Rule * Return token from Renew * Renew => Refresh * Implement Tokens & Default Auth Implementation * Change default auth to noop * Change default auth to noop * Move token.Token to auth.Token * Remove Token from Account * Auth service implementation * Decode JWT locally * Cookie for secret * Move string to bottom of interface definition * Depricate auth_exclude * Update auth wrappers * Update go.sum Co-authored-by: Ben Toogood <ben@micro.mu> 2020-03-23 19:19:30 +03:00			`account, err := a.Inspect(token)`
			`if err != nil {`
Fix auth bug restricting access to unauthorised endpoints (#1405) Co-authored-by: Ben Toogood <ben@micro.mu> 2020-03-25 13:31:33 +03:00			`account = &auth.Account{}`
Fix service level auth, add improved error descriptions to aid with debugging (#1403) Co-authored-by: Ben Toogood <ben@micro.mu> 2020-03-25 12:35:29 +03:00			`}`

			`// Verify the caller has access to the resource`
use requested service (#1413) 2020-03-25 23:59:37 +03:00			`err = a.Verify(account, &auth.Resource{Type: "service", Name: req.Service(), Endpoint: req.Endpoint()})`
Fix auth bug restricting access to unauthorised endpoints (#1405) Co-authored-by: Ben Toogood <ben@micro.mu> 2020-03-25 13:31:33 +03:00			`if err != nil && len(account.ID) > 0 {`
use requested service (#1413) 2020-03-25 23:59:37 +03:00			`return errors.Forbidden("go.micro.auth", "Forbidden call made to %v:%v by %v", req.Service(), req.Endpoint(), account.ID)`
Fix auth bug restricting access to unauthorised endpoints (#1405) Co-authored-by: Ben Toogood <ben@micro.mu> 2020-03-25 13:31:33 +03:00			`} else if err != nil {`
use requested service (#1413) 2020-03-25 23:59:37 +03:00			`return errors.Unauthorized("go.micro.auth", "Unauthorised call made to %v:%v", req.Service(), req.Endpoint())`
Set auth account in context (#1293) 2020-03-04 12:54:52 +03:00			`}`

Updated auth interface (#1384) * Updated auth interface * Add Rule * Remove Rule * Return token from Renew * Renew => Refresh * Implement Tokens & Default Auth Implementation * Change default auth to noop * Change default auth to noop * Move token.Token to auth.Token * Remove Token from Account * Auth service implementation * Decode JWT locally * Cookie for secret * Move string to bottom of interface definition * Depricate auth_exclude * Update auth wrappers * Update go.sum Co-authored-by: Ben Toogood <ben@micro.mu> 2020-03-23 19:19:30 +03:00			`// There is an account, set it in the context`
			`ctx, err = auth.ContextWithAccount(ctx, account)`
			`if err != nil {`
			`return err`
Auth Wrapper (#1174) * Auth Wrapper * Tweak cmd flag * auth_excludes => auth_exclude * Make Auth.Excludes variadic * Use metadata.Get (passes through http and http2 it will go through various case formats) * fix auth wrapper auth.Auth interface initialisation Co-authored-by: Asim Aslam <asim@aslam.me> 2020-02-10 11:26:28 +03:00			`}`

Set auth account in context (#1293) 2020-03-04 12:54:52 +03:00			`// The user is authorised, allow the call`
Auth Wrapper (#1174) * Auth Wrapper * Tweak cmd flag * auth_excludes => auth_exclude * Make Auth.Excludes variadic * Use metadata.Get (passes through http and http2 it will go through various case formats) * fix auth wrapper auth.Auth interface initialisation Co-authored-by: Asim Aslam <asim@aslam.me> 2020-02-10 11:26:28 +03:00			`return h(ctx, req, rsp)`
			`}`
			`}`
			`}`