micro/util/auth/auth.go

88 lines
1.9 KiB
Go
Raw Normal View History

package auth // import "go.unistack.org/micro/v3/util/auth"
2020-05-14 16:10:14 +01:00
import (
"context"
2020-05-14 16:10:14 +01:00
"time"
"go.unistack.org/micro/v3/auth"
"go.unistack.org/micro/v3/logger"
"go.unistack.org/micro/v3/util/id"
2020-05-14 16:10:14 +01:00
)
// Verify the auth credentials and refresh the auth token periodically
func Verify(a auth.Auth) error {
2020-05-14 16:10:14 +01:00
// extract the account creds from options, these can be set by flags
accID := a.Options().ID
accSecret := a.Options().Secret
// if no credentials were provided, self generate an account
if len(accID) == 0 && len(accSecret) == 0 {
2020-05-14 16:10:14 +01:00
opts := []auth.GenerateOption{
auth.WithType("service"),
2020-05-21 14:56:17 +01:00
auth.WithScopes("service"),
2020-05-14 16:10:14 +01:00
}
id, err := id.New()
if err != nil {
return err
}
acc, err := a.Generate(id, opts...)
2020-05-14 16:10:14 +01:00
if err != nil {
return err
}
if logger.V(logger.DebugLevel) {
logger.Debug(context.TODO(), "Auth [%v] Generated an auth account: %s", a.String())
}
2020-05-14 16:10:14 +01:00
accID = acc.ID
accSecret = acc.Secret
}
// generate the first token
token, err := a.Token(
auth.WithCredentials(accID, accSecret),
auth.WithExpiry(time.Minute*10),
)
if err != nil {
return err
}
// set the credentials and token in auth options
_ = a.Init(
2020-05-14 16:10:14 +01:00
auth.ClientToken(token),
auth.Credentials(accID, accSecret),
)
// periodically check to see if the token needs refreshing
go func() {
timer := time.NewTicker(time.Second * 15)
for {
<-timer.C
// don't refresh the token if it's not close to expiring
tok := a.Options().Token
if tok.Expiry.Unix() > time.Now().Add(time.Minute).Unix() {
continue
}
// generate the first token
tok, err := a.Token(
2020-05-20 11:59:01 +01:00
auth.WithToken(tok.RefreshToken),
2020-05-14 16:10:14 +01:00
auth.WithExpiry(time.Minute*10),
)
if err != nil {
if logger.V(logger.WarnLevel) {
logger.Warn(context.TODO(), "[Auth] Error refreshing token: %v", err)
}
2020-05-14 16:10:14 +01:00
continue
}
// set the token
_ = a.Init(auth.ClientToken(tok))
2020-05-14 16:10:14 +01:00
}
}()
return nil
}