micro/util/wrapper/wrapper.go

295 lines
8.4 KiB
Go
Raw Normal View History

package wrapper
2015-12-20 23:50:16 +00:00
import (
2018-03-03 11:53:52 +00:00
"context"
2020-05-24 20:26:37 +01:00
"reflect"
2020-02-07 20:58:03 +00:00
"strings"
2018-03-03 11:53:52 +00:00
"github.com/micro/go-micro/v2/auth"
"github.com/micro/go-micro/v2/client"
"github.com/micro/go-micro/v2/debug/stats"
"github.com/micro/go-micro/v2/debug/trace"
"github.com/micro/go-micro/v2/errors"
"github.com/micro/go-micro/v2/metadata"
"github.com/micro/go-micro/v2/server"
2015-12-20 23:50:16 +00:00
)
2020-04-29 15:11:06 +01:00
type fromServiceWrapper struct {
2015-12-20 23:50:16 +00:00
client.Client
// headers to inject
2016-01-28 17:55:28 +00:00
headers metadata.Metadata
2015-12-20 23:50:16 +00:00
}
var (
HeaderPrefix = "Micro-"
)
2020-04-29 15:11:06 +01:00
func (f *fromServiceWrapper) setHeaders(ctx context.Context) context.Context {
// don't overwrite keys
2020-04-29 15:11:06 +01:00
return metadata.MergeContext(ctx, f.headers, false)
2015-12-20 23:50:16 +00:00
}
2020-04-29 15:11:06 +01:00
func (f *fromServiceWrapper) Call(ctx context.Context, req client.Request, rsp interface{}, opts ...client.CallOption) error {
ctx = f.setHeaders(ctx)
return f.Client.Call(ctx, req, rsp, opts...)
2015-12-20 23:50:16 +00:00
}
2020-04-29 15:11:06 +01:00
func (f *fromServiceWrapper) Stream(ctx context.Context, req client.Request, opts ...client.CallOption) (client.Stream, error) {
ctx = f.setHeaders(ctx)
return f.Client.Stream(ctx, req, opts...)
2015-12-20 23:50:16 +00:00
}
2020-04-29 15:11:06 +01:00
func (f *fromServiceWrapper) Publish(ctx context.Context, p client.Message, opts ...client.PublishOption) error {
ctx = f.setHeaders(ctx)
return f.Client.Publish(ctx, p, opts...)
2020-01-24 21:58:29 +00:00
}
// FromService wraps a client to inject service and auth metadata
2020-04-29 15:11:06 +01:00
func FromService(name string, c client.Client) client.Client {
return &fromServiceWrapper{
2019-11-16 18:52:27 +00:00
c,
metadata.Metadata{
HeaderPrefix + "From-Service": name,
},
}
}
2019-12-18 18:36:42 +00:00
// HandlerStats wraps a server handler to generate request/error stats
func HandlerStats(stats stats.Stats) server.HandlerWrapper {
// return a handler wrapper
return func(h server.HandlerFunc) server.HandlerFunc {
// return a function that returns a function
return func(ctx context.Context, req server.Request, rsp interface{}) error {
// execute the handler
err := h(ctx, req, rsp)
// record the stats
stats.Record(err)
// return the error
return err
}
}
}
2020-01-24 21:58:29 +00:00
2020-04-29 15:11:06 +01:00
type traceWrapper struct {
client.Client
name string
trace trace.Tracer
}
func (c *traceWrapper) Call(ctx context.Context, req client.Request, rsp interface{}, opts ...client.CallOption) error {
newCtx, s := c.trace.Start(ctx, req.Service()+"."+req.Endpoint())
s.Type = trace.SpanTypeRequestOutbound
err := c.Client.Call(newCtx, req, rsp, opts...)
if err != nil {
s.Metadata["error"] = err.Error()
}
// finish the trace
c.trace.Finish(s)
return err
}
2020-01-24 21:58:29 +00:00
// TraceCall is a call tracing wrapper
2020-01-29 15:45:11 +00:00
func TraceCall(name string, t trace.Tracer, c client.Client) client.Client {
2020-01-24 21:58:29 +00:00
return &traceWrapper{
name: name,
trace: t,
Client: c,
}
}
// TraceHandler wraps a server handler to perform tracing
2020-01-29 15:45:11 +00:00
func TraceHandler(t trace.Tracer) server.HandlerWrapper {
2020-01-24 21:58:29 +00:00
// return a handler wrapper
return func(h server.HandlerFunc) server.HandlerFunc {
// return a function that returns a function
return func(ctx context.Context, req server.Request, rsp interface{}) error {
2020-02-07 20:58:03 +00:00
// don't store traces for debug
if strings.HasPrefix(req.Endpoint(), "Debug.") {
return h(ctx, req, rsp)
}
2020-01-24 21:58:29 +00:00
// get the span
newCtx, s := t.Start(ctx, req.Service()+"."+req.Endpoint())
s.Type = trace.SpanTypeRequestInbound
2020-01-24 21:58:29 +00:00
err := h(newCtx, req, rsp)
if err != nil {
s.Metadata["error"] = err.Error()
}
// finish
t.Finish(s)
return err
}
}
}
2020-04-29 15:11:06 +01:00
type authWrapper struct {
client.Client
auth func() auth.Auth
}
func (a *authWrapper) Call(ctx context.Context, req client.Request, rsp interface{}, opts ...client.CallOption) error {
// parse the options
var options client.CallOptions
for _, o := range opts {
o(&options)
}
// check to see if the authorization header has already been set.
// We dont't override the header unless the ServiceToken option has
2020-04-29 15:15:38 +01:00
// been specified or the header wasn't provided
2020-04-29 15:11:06 +01:00
if _, ok := metadata.Get(ctx, "Authorization"); ok && !options.ServiceToken {
return a.Client.Call(ctx, req, rsp, opts...)
}
// if auth is nil we won't be able to get an access token, so we execute
// the request without one.
aa := a.auth()
if aa == nil {
2020-04-29 15:11:06 +01:00
return a.Client.Call(ctx, req, rsp, opts...)
}
2020-05-21 11:35:07 +01:00
// set the namespace header if it has not been set (e.g. on a service to service request)
if _, ok := metadata.Get(ctx, "Micro-Namespace"); !ok {
ctx = metadata.Set(ctx, "Micro-Namespace", aa.Options().Namespace)
}
2020-04-29 15:11:06 +01:00
// check to see if we have a valid access token
aaOpts := aa.Options()
2020-05-21 11:35:07 +01:00
if aaOpts.Token != nil && !aaOpts.Token.Expired() {
ctx = metadata.Set(ctx, "Authorization", auth.BearerScheme+aaOpts.Token.AccessToken)
2020-05-13 18:17:04 +01:00
return a.Client.Call(ctx, req, rsp, opts...)
}
2020-05-13 13:13:11 +01:00
// call without an auth token
return a.Client.Call(ctx, req, rsp, opts...)
2020-04-29 15:11:06 +01:00
}
// AuthClient wraps requests with the auth header
2020-05-14 11:25:19 +01:00
func AuthClient(auth func() auth.Auth, c client.Client) client.Client {
return &authWrapper{c, auth}
2020-04-29 15:11:06 +01:00
}
// AuthHandler wraps a server handler to perform auth
2020-03-25 20:59:37 +00:00
func AuthHandler(fn func() auth.Auth) server.HandlerWrapper {
return func(h server.HandlerFunc) server.HandlerFunc {
return func(ctx context.Context, req server.Request, rsp interface{}) error {
// get the auth.Auth interface
a := fn()
// Check for debug endpoints which should be excluded from auth
if strings.HasPrefix(req.Endpoint(), "Debug.") {
return h(ctx, req, rsp)
}
// Extract the token if present. Note: if noop is being used
// then the token can be blank without erroring
2020-05-21 16:41:55 +01:00
var account *auth.Account
if header, ok := metadata.Get(ctx, "Authorization"); ok {
// Ensure the correct scheme is being used
if !strings.HasPrefix(header, auth.BearerScheme) {
2020-04-02 18:41:06 +01:00
return errors.Unauthorized(req.Service(), "invalid authorization header. expected Bearer schema")
}
2020-05-21 16:41:55 +01:00
// Strip the prefix and inspect the resulting token
account, _ = a.Inspect(strings.TrimPrefix(header, auth.BearerScheme))
}
2020-05-21 16:41:55 +01:00
// Extract the namespace header
ns, ok := metadata.Get(ctx, "Micro-Namespace")
if !ok {
ns = a.Options().Namespace
ctx = metadata.Set(ctx, "Micro-Namespace", ns)
}
2020-05-26 17:35:06 +01:00
// Check the issuer matches the services namespace. TODO: Stop allowing go.micro to access
// any namespace and instead check for the server issuer.
if account != nil && account.Issuer != ns && account.Issuer != "go.micro" {
2020-05-21 16:41:55 +01:00
return errors.Forbidden(req.Service(), "Account was not issued by %v", ns)
}
2020-04-02 18:41:06 +01:00
// construct the resource
res := &auth.Resource{
2020-04-07 16:24:51 +01:00
Type: "service",
Name: req.Service(),
Endpoint: req.Endpoint(),
}
// Verify the caller has access to the resource
2020-05-26 15:52:21 +01:00
err := a.Verify(account, res, auth.VerifyContext(ctx))
2020-05-20 16:11:34 +01:00
if err != nil && account != nil {
2020-04-02 18:41:06 +01:00
return errors.Forbidden(req.Service(), "Forbidden call made to %v:%v by %v", req.Service(), req.Endpoint(), account.ID)
} else if err != nil {
2020-05-30 00:49:22 +08:00
return errors.Unauthorized(req.Service(), "Unauthorized call made to %v:%v", req.Service(), req.Endpoint())
2020-03-04 09:54:52 +00:00
}
// There is an account, set it in the context
2020-05-20 16:11:34 +01:00
if account != nil {
ctx = auth.ContextWithAccount(ctx, account)
}
2020-03-04 09:54:52 +00:00
// The user is authorised, allow the call
return h(ctx, req, rsp)
}
}
}
2020-05-22 16:52:24 +01:00
type cacheWrapper struct {
2020-05-24 20:26:37 +01:00
cacheFn func() *client.Cache
2020-05-22 16:52:24 +01:00
client.Client
}
// Call executes the request. If the CacheExpiry option was set, the response will be cached using
// a hash of the metadata and request as the key.
func (c *cacheWrapper) Call(ctx context.Context, req client.Request, rsp interface{}, opts ...client.CallOption) error {
// parse the options
var options client.CallOptions
for _, o := range opts {
o(&options)
}
// if the client doesn't have a cacbe setup don't continue
2020-05-24 20:26:37 +01:00
cache := c.cacheFn()
2020-05-22 16:52:24 +01:00
if cache == nil {
return c.Client.Call(ctx, req, rsp, opts...)
}
// if the cache expiry is not set, execute the call without the cache
if options.CacheExpiry == 0 {
return c.Client.Call(ctx, req, rsp, opts...)
}
2020-05-24 20:26:37 +01:00
// if the response is nil don't call the cache since we can't assign the response
if rsp == nil {
return c.Client.Call(ctx, req, rsp, opts...)
}
// check to see if there is a response cached, if there is assign it
if r, ok := cache.Get(ctx, &req); ok {
2020-05-24 20:26:37 +01:00
val := reflect.ValueOf(rsp).Elem()
val.Set(reflect.ValueOf(r).Elem())
2020-05-22 16:52:24 +01:00
return nil
}
// don't cache the result if there was an error
if err := c.Client.Call(ctx, req, rsp, opts...); err != nil {
return err
}
// set the result in the cache
cache.Set(ctx, &req, rsp, options.CacheExpiry)
return nil
}
// CacheClient wraps requests with the cache wrapper
2020-05-24 18:45:57 +01:00
func CacheClient(cacheFn func() *client.Cache, c client.Client) client.Client {
return &cacheWrapper{cacheFn, c}
2020-05-22 16:52:24 +01:00
}