auth: pass namespace options in auth service requests (#1800)

* auth: pass namespace options in auth service requests

* auth/service/proto: update field index

Co-authored-by: Asim Aslam <asim@aslam.me>
This commit is contained in:
ben-toogood 2020-07-07 08:30:25 +01:00 committed by GitHub
parent f5ed7e5833
commit 0a937745cd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 232 additions and 69 deletions

View File

@ -227,7 +227,8 @@ func NewTokenOptions(opts ...TokenOption) TokenOptions {
}
type VerifyOptions struct {
Context context.Context
Context context.Context
Namespace string
}
type VerifyOption func(o *VerifyOptions)
@ -237,9 +238,15 @@ func VerifyContext(ctx context.Context) VerifyOption {
o.Context = ctx
}
}
func VerifyNamespace(ns string) VerifyOption {
return func(o *VerifyOptions) {
o.Namespace = ns
}
}
type RulesOptions struct {
Context context.Context
Context context.Context
Namespace string
}
type RulesOption func(o *RulesOptions)
@ -249,3 +256,9 @@ func RulesContext(ctx context.Context) RulesOption {
o.Context = ctx
}
}
func RulesNamespace(ns string) RulesOption {
return func(o *RulesOptions) {
o.Namespace = ns
}
}

View File

@ -53,6 +53,7 @@ func (Access) EnumDescriptor() ([]byte, []int) {
}
type ListAccountsRequest struct {
Options *Options `protobuf:"bytes,1,opt,name=options,proto3" json:"options,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
@ -83,6 +84,13 @@ func (m *ListAccountsRequest) XXX_DiscardUnknown() {
var xxx_messageInfo_ListAccountsRequest proto.InternalMessageInfo
func (m *ListAccountsRequest) GetOptions() *Options {
if m != nil {
return m.Options
}
return nil
}
type ListAccountsResponse struct {
Accounts []*Account `protobuf:"bytes,1,rep,name=accounts,proto3" json:"accounts,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
@ -326,6 +334,7 @@ type GenerateRequest struct {
Secret string `protobuf:"bytes,5,opt,name=secret,proto3" json:"secret,omitempty"`
Type string `protobuf:"bytes,6,opt,name=type,proto3" json:"type,omitempty"`
Provider string `protobuf:"bytes,7,opt,name=provider,proto3" json:"provider,omitempty"`
Options *Options `protobuf:"bytes,8,opt,name=options,proto3" json:"options,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
@ -398,6 +407,13 @@ func (m *GenerateRequest) GetProvider() string {
return ""
}
func (m *GenerateRequest) GetOptions() *Options {
if m != nil {
return m.Options
}
return nil
}
type GenerateResponse struct {
Account *Account `protobuf:"bytes,1,opt,name=account,proto3" json:"account,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
@ -440,6 +456,7 @@ func (m *GenerateResponse) GetAccount() *Account {
type GrantRequest struct {
Scope string `protobuf:"bytes,1,opt,name=scope,proto3" json:"scope,omitempty"`
Resource *Resource `protobuf:"bytes,2,opt,name=resource,proto3" json:"resource,omitempty"`
Options *Options `protobuf:"bytes,3,opt,name=options,proto3" json:"options,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
@ -484,6 +501,13 @@ func (m *GrantRequest) GetResource() *Resource {
return nil
}
func (m *GrantRequest) GetOptions() *Options {
if m != nil {
return m.Options
}
return nil
}
type GrantResponse struct {
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
@ -518,6 +542,7 @@ var xxx_messageInfo_GrantResponse proto.InternalMessageInfo
type RevokeRequest struct {
Scope string `protobuf:"bytes,1,opt,name=scope,proto3" json:"scope,omitempty"`
Resource *Resource `protobuf:"bytes,2,opt,name=resource,proto3" json:"resource,omitempty"`
Options *Options `protobuf:"bytes,3,opt,name=options,proto3" json:"options,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
@ -562,6 +587,13 @@ func (m *RevokeRequest) GetResource() *Resource {
return nil
}
func (m *RevokeRequest) GetOptions() *Options {
if m != nil {
return m.Options
}
return nil
}
type RevokeResponse struct {
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
@ -595,6 +627,7 @@ var xxx_messageInfo_RevokeResponse proto.InternalMessageInfo
type InspectRequest struct {
Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"`
Options *Options `protobuf:"bytes,2,opt,name=options,proto3" json:"options,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
@ -632,6 +665,13 @@ func (m *InspectRequest) GetToken() string {
return ""
}
func (m *InspectRequest) GetOptions() *Options {
if m != nil {
return m.Options
}
return nil
}
type InspectResponse struct {
Account *Account `protobuf:"bytes,1,opt,name=account,proto3" json:"account,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
@ -676,6 +716,7 @@ type TokenRequest struct {
Secret string `protobuf:"bytes,2,opt,name=secret,proto3" json:"secret,omitempty"`
RefreshToken string `protobuf:"bytes,3,opt,name=refresh_token,json=refreshToken,proto3" json:"refresh_token,omitempty"`
TokenExpiry int64 `protobuf:"varint,4,opt,name=token_expiry,json=tokenExpiry,proto3" json:"token_expiry,omitempty"`
Options *Options `protobuf:"bytes,5,opt,name=options,proto3" json:"options,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
@ -734,6 +775,13 @@ func (m *TokenRequest) GetTokenExpiry() int64 {
return 0
}
func (m *TokenRequest) GetOptions() *Options {
if m != nil {
return m.Options
}
return nil
}
type TokenResponse struct {
Token *Token `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
@ -844,8 +892,48 @@ func (m *Rule) GetPriority() int32 {
return 0
}
type Options struct {
Namespace string `protobuf:"bytes,1,opt,name=namespace,proto3" json:"namespace,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
}
func (m *Options) Reset() { *m = Options{} }
func (m *Options) String() string { return proto.CompactTextString(m) }
func (*Options) ProtoMessage() {}
func (*Options) Descriptor() ([]byte, []int) {
return fileDescriptor_21300bfacc51fc2a, []int{16}
}
func (m *Options) XXX_Unmarshal(b []byte) error {
return xxx_messageInfo_Options.Unmarshal(m, b)
}
func (m *Options) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
return xxx_messageInfo_Options.Marshal(b, m, deterministic)
}
func (m *Options) XXX_Merge(src proto.Message) {
xxx_messageInfo_Options.Merge(m, src)
}
func (m *Options) XXX_Size() int {
return xxx_messageInfo_Options.Size(m)
}
func (m *Options) XXX_DiscardUnknown() {
xxx_messageInfo_Options.DiscardUnknown(m)
}
var xxx_messageInfo_Options proto.InternalMessageInfo
func (m *Options) GetNamespace() string {
if m != nil {
return m.Namespace
}
return ""
}
type CreateRequest struct {
Rule *Rule `protobuf:"bytes,1,opt,name=rule,proto3" json:"rule,omitempty"`
Options *Options `protobuf:"bytes,2,opt,name=options,proto3" json:"options,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
@ -855,7 +943,7 @@ func (m *CreateRequest) Reset() { *m = CreateRequest{} }
func (m *CreateRequest) String() string { return proto.CompactTextString(m) }
func (*CreateRequest) ProtoMessage() {}
func (*CreateRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_21300bfacc51fc2a, []int{16}
return fileDescriptor_21300bfacc51fc2a, []int{17}
}
func (m *CreateRequest) XXX_Unmarshal(b []byte) error {
@ -883,6 +971,13 @@ func (m *CreateRequest) GetRule() *Rule {
return nil
}
func (m *CreateRequest) GetOptions() *Options {
if m != nil {
return m.Options
}
return nil
}
type CreateResponse struct {
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
@ -893,7 +988,7 @@ func (m *CreateResponse) Reset() { *m = CreateResponse{} }
func (m *CreateResponse) String() string { return proto.CompactTextString(m) }
func (*CreateResponse) ProtoMessage() {}
func (*CreateResponse) Descriptor() ([]byte, []int) {
return fileDescriptor_21300bfacc51fc2a, []int{17}
return fileDescriptor_21300bfacc51fc2a, []int{18}
}
func (m *CreateResponse) XXX_Unmarshal(b []byte) error {
@ -916,6 +1011,7 @@ var xxx_messageInfo_CreateResponse proto.InternalMessageInfo
type DeleteRequest struct {
Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
Options *Options `protobuf:"bytes,2,opt,name=options,proto3" json:"options,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
@ -925,7 +1021,7 @@ func (m *DeleteRequest) Reset() { *m = DeleteRequest{} }
func (m *DeleteRequest) String() string { return proto.CompactTextString(m) }
func (*DeleteRequest) ProtoMessage() {}
func (*DeleteRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_21300bfacc51fc2a, []int{18}
return fileDescriptor_21300bfacc51fc2a, []int{19}
}
func (m *DeleteRequest) XXX_Unmarshal(b []byte) error {
@ -953,6 +1049,13 @@ func (m *DeleteRequest) GetId() string {
return ""
}
func (m *DeleteRequest) GetOptions() *Options {
if m != nil {
return m.Options
}
return nil
}
type DeleteResponse struct {
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
@ -963,7 +1066,7 @@ func (m *DeleteResponse) Reset() { *m = DeleteResponse{} }
func (m *DeleteResponse) String() string { return proto.CompactTextString(m) }
func (*DeleteResponse) ProtoMessage() {}
func (*DeleteResponse) Descriptor() ([]byte, []int) {
return fileDescriptor_21300bfacc51fc2a, []int{19}
return fileDescriptor_21300bfacc51fc2a, []int{20}
}
func (m *DeleteResponse) XXX_Unmarshal(b []byte) error {
@ -985,6 +1088,7 @@ func (m *DeleteResponse) XXX_DiscardUnknown() {
var xxx_messageInfo_DeleteResponse proto.InternalMessageInfo
type ListRequest struct {
Options *Options `protobuf:"bytes,2,opt,name=options,proto3" json:"options,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
@ -994,7 +1098,7 @@ func (m *ListRequest) Reset() { *m = ListRequest{} }
func (m *ListRequest) String() string { return proto.CompactTextString(m) }
func (*ListRequest) ProtoMessage() {}
func (*ListRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_21300bfacc51fc2a, []int{20}
return fileDescriptor_21300bfacc51fc2a, []int{21}
}
func (m *ListRequest) XXX_Unmarshal(b []byte) error {
@ -1015,6 +1119,13 @@ func (m *ListRequest) XXX_DiscardUnknown() {
var xxx_messageInfo_ListRequest proto.InternalMessageInfo
func (m *ListRequest) GetOptions() *Options {
if m != nil {
return m.Options
}
return nil
}
type ListResponse struct {
Rules []*Rule `protobuf:"bytes,1,rep,name=rules,proto3" json:"rules,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
@ -1026,7 +1137,7 @@ func (m *ListResponse) Reset() { *m = ListResponse{} }
func (m *ListResponse) String() string { return proto.CompactTextString(m) }
func (*ListResponse) ProtoMessage() {}
func (*ListResponse) Descriptor() ([]byte, []int) {
return fileDescriptor_21300bfacc51fc2a, []int{21}
return fileDescriptor_21300bfacc51fc2a, []int{22}
}
func (m *ListResponse) XXX_Unmarshal(b []byte) error {
@ -1074,6 +1185,7 @@ func init() {
proto.RegisterType((*TokenRequest)(nil), "go.micro.auth.TokenRequest")
proto.RegisterType((*TokenResponse)(nil), "go.micro.auth.TokenResponse")
proto.RegisterType((*Rule)(nil), "go.micro.auth.Rule")
proto.RegisterType((*Options)(nil), "go.micro.auth.Options")
proto.RegisterType((*CreateRequest)(nil), "go.micro.auth.CreateRequest")
proto.RegisterType((*CreateResponse)(nil), "go.micro.auth.CreateResponse")
proto.RegisterType((*DeleteRequest)(nil), "go.micro.auth.DeleteRequest")
@ -1085,62 +1197,66 @@ func init() {
func init() { proto.RegisterFile("auth/service/proto/auth.proto", fileDescriptor_21300bfacc51fc2a) }
var fileDescriptor_21300bfacc51fc2a = []byte{
// 872 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x56, 0x51, 0x8f, 0xdb, 0x44,
0x10, 0x3e, 0x27, 0xb1, 0x93, 0x9b, 0xc4, 0x77, 0xd1, 0xf6, 0x5a, 0xac, 0x94, 0x6b, 0xaf, 0x2e,
0x82, 0xa3, 0x82, 0x1c, 0x4a, 0x5f, 0x0a, 0x7d, 0xe1, 0xd4, 0x44, 0xa1, 0x85, 0x06, 0x61, 0x15,
0x21, 0x90, 0x50, 0x65, 0x9c, 0x81, 0xb3, 0x2e, 0x67, 0x9b, 0xdd, 0xf5, 0x89, 0xbc, 0x20, 0xf1,
0xc6, 0x8f, 0xe1, 0x27, 0xf1, 0xce, 0x1f, 0xe0, 0x07, 0x20, 0xef, 0xce, 0xba, 0xb1, 0xe3, 0x54,
0x15, 0x88, 0x37, 0xcf, 0xec, 0xb7, 0xb3, 0xf3, 0x7d, 0x3b, 0x33, 0x6b, 0x38, 0x0e, 0x73, 0x79,
0x71, 0x26, 0x90, 0x5f, 0xc7, 0x11, 0x9e, 0x65, 0x3c, 0x95, 0xe9, 0x59, 0xe1, 0x1a, 0xab, 0x4f,
0xe6, 0xfe, 0x94, 0x8e, 0xaf, 0xe2, 0x88, 0xa7, 0xe3, 0xc2, 0xe9, 0xdf, 0x84, 0x1b, 0x5f, 0xc4,
0x42, 0x9e, 0x47, 0x51, 0x9a, 0x27, 0x52, 0x04, 0xf8, 0x73, 0x8e, 0x42, 0xfa, 0xcf, 0xe0, 0xa8,
0xea, 0x16, 0x59, 0x9a, 0x08, 0x64, 0x13, 0xe8, 0x85, 0xe4, 0xf3, 0xac, 0x93, 0xf6, 0x69, 0x7f,
0x72, 0x6b, 0x5c, 0x09, 0x38, 0xa6, 0x2d, 0x41, 0x89, 0xf3, 0x7f, 0xb3, 0xc0, 0x7e, 0x91, 0x5e,
0x62, 0xc2, 0xee, 0xc1, 0x20, 0x8c, 0x22, 0x14, 0xe2, 0xa5, 0x2c, 0x6c, 0xcf, 0x3a, 0xb1, 0x4e,
0xf7, 0x83, 0xbe, 0xf6, 0x69, 0xc8, 0x7d, 0x70, 0x39, 0xfe, 0xc8, 0x51, 0x5c, 0x10, 0xa6, 0xa5,
0x30, 0x03, 0x72, 0x6a, 0x90, 0x07, 0xdd, 0x88, 0x63, 0x28, 0x71, 0xe9, 0xb5, 0x4f, 0xac, 0xd3,
0x76, 0x60, 0x4c, 0x76, 0x0b, 0x1c, 0xfc, 0x25, 0x8b, 0xf9, 0xda, 0xeb, 0xa8, 0x05, 0xb2, 0xfc,
0xbf, 0x2d, 0xe8, 0x52, 0x66, 0xec, 0x00, 0x5a, 0xf1, 0x92, 0xce, 0x6e, 0xc5, 0x4b, 0xc6, 0xa0,
0x23, 0xd7, 0x19, 0xd2, 0x49, 0xea, 0x9b, 0x7d, 0x0a, 0xbd, 0x2b, 0x94, 0xe1, 0x32, 0x94, 0xa1,
0xd7, 0x51, 0x3c, 0xdf, 0x69, 0xe6, 0x39, 0x7e, 0x4e, 0xb0, 0x59, 0x22, 0xf9, 0x3a, 0x28, 0x77,
0x15, 0x99, 0x88, 0x28, 0xcd, 0x50, 0x78, 0xf6, 0x49, 0xfb, 0x74, 0x3f, 0x20, 0xab, 0xf0, 0xc7,
0x42, 0xe4, 0xc8, 0x3d, 0x47, 0x9d, 0x47, 0x96, 0xc2, 0x63, 0xc4, 0x51, 0x7a, 0x5d, 0xed, 0xd7,
0xd6, 0xe8, 0x31, 0xb8, 0x95, 0x23, 0xd8, 0x10, 0xda, 0x97, 0xb8, 0xa6, 0xfc, 0x8b, 0x4f, 0x76,
0x04, 0xf6, 0x75, 0xb8, 0xca, 0x0d, 0x03, 0x6d, 0x7c, 0xd2, 0x7a, 0x64, 0xf9, 0x0b, 0xe8, 0x05,
0x28, 0xd2, 0x9c, 0x47, 0x58, 0xd0, 0x4c, 0xc2, 0x2b, 0xa4, 0x8d, 0xea, 0xbb, 0x91, 0xfa, 0x08,
0x7a, 0x98, 0x2c, 0xb3, 0x34, 0x4e, 0xa4, 0x52, 0x77, 0x3f, 0x28, 0x6d, 0xff, 0xf7, 0x16, 0x1c,
0xce, 0x31, 0x41, 0x1e, 0x4a, 0xa4, 0x52, 0xd9, 0x92, 0xf3, 0xb3, 0x0d, 0xe9, 0xda, 0x4a, 0xba,
0x0f, 0x6a, 0xd2, 0xd5, 0x22, 0xbc, 0x81, 0x84, 0x9d, 0xba, 0x84, 0x24, 0x95, 0xbd, 0x29, 0x55,
0xc9, 0xc6, 0xa9, 0xb2, 0xc9, 0x78, 0x7a, 0x1d, 0x2f, 0x91, 0x93, 0xb0, 0xa5, 0xfd, 0xdf, 0xa4,
0x9d, 0xc2, 0xf0, 0x15, 0x0f, 0xea, 0x8e, 0x8f, 0xa0, 0x4b, 0x55, 0xaf, 0x62, 0xec, 0x6e, 0x0e,
0x03, 0xf3, 0xbf, 0x85, 0xc1, 0x9c, 0x87, 0x89, 0x34, 0x62, 0x1e, 0x81, 0xad, 0x48, 0x52, 0x0e,
0xda, 0x60, 0x0f, 0xa1, 0xc7, 0xe9, 0x1a, 0x55, 0x22, 0xfd, 0xc9, 0x5b, 0xb5, 0xc0, 0xe6, 0x96,
0x83, 0x12, 0xe8, 0x1f, 0x82, 0x4b, 0xa1, 0x75, 0x76, 0xfe, 0x77, 0xe0, 0x06, 0x78, 0x9d, 0x5e,
0xe2, 0xff, 0x70, 0xd8, 0x10, 0x0e, 0x4c, 0x6c, 0x3a, 0xed, 0x5d, 0x38, 0x78, 0x9a, 0x88, 0x0c,
0xa3, 0x4d, 0x6e, 0x9b, 0x6d, 0xaf, 0x0d, 0xff, 0x09, 0x1c, 0x96, 0xb8, 0x7f, 0x2d, 0xe3, 0xaf,
0x30, 0x50, 0x93, 0x61, 0x57, 0x4d, 0xbe, 0xaa, 0x98, 0x56, 0xa5, 0x62, 0xb6, 0xa6, 0x4d, 0xbb,
0x61, 0xda, 0xdc, 0x83, 0x81, 0x5a, 0x7c, 0x59, 0x99, 0x2c, 0x7d, 0xe5, 0x9b, 0xe9, 0xf1, 0xf2,
0x18, 0x5c, 0x3a, 0x9f, 0x28, 0x3c, 0xd8, 0xe4, 0xda, 0x9f, 0x1c, 0xd5, 0x08, 0x68, 0x30, 0x29,
0xf0, 0x87, 0x05, 0x9d, 0x20, 0x5f, 0xe1, 0x56, 0xd6, 0xe5, 0xfd, 0xb4, 0x76, 0xdd, 0x4f, 0xfb,
0x0d, 0xef, 0x87, 0x7d, 0x08, 0x8e, 0x9e, 0xb2, 0x2a, 0xfb, 0x83, 0xc9, 0xcd, 0x6d, 0x45, 0x51,
0x88, 0x80, 0x40, 0xba, 0x6b, 0xe2, 0x94, 0xc7, 0x72, 0xad, 0x7a, 0xcc, 0x0e, 0x4a, 0xdb, 0x7f,
0x04, 0xee, 0x13, 0x35, 0x6d, 0x8d, 0xd8, 0xef, 0x41, 0x87, 0xe7, 0x2b, 0x24, 0xaa, 0x37, 0xea,
0xc9, 0xe4, 0x2b, 0x0c, 0x14, 0xa0, 0x28, 0x12, 0xb3, 0x93, 0x8a, 0xe4, 0x2e, 0xb8, 0x53, 0x5c,
0xe1, 0xce, 0x61, 0x52, 0x6c, 0x31, 0x00, 0xda, 0xe2, 0x42, 0xbf, 0x78, 0x99, 0xcc, 0x43, 0xf5,
0x31, 0x0c, 0xb4, 0x49, 0xc2, 0xbf, 0x0f, 0x76, 0x71, 0x96, 0x79, 0x9d, 0x1a, 0xb3, 0xd1, 0x88,
0x07, 0x63, 0x70, 0x34, 0x6d, 0xd6, 0x87, 0xee, 0xd7, 0x8b, 0xcf, 0x17, 0x5f, 0x7e, 0xb3, 0x18,
0xee, 0x15, 0xc6, 0x3c, 0x38, 0x5f, 0xbc, 0x98, 0x4d, 0x87, 0x16, 0x03, 0x70, 0xa6, 0xb3, 0xc5,
0xd3, 0xd9, 0x74, 0xd8, 0x9a, 0xfc, 0x65, 0x41, 0xe7, 0x3c, 0x97, 0x17, 0xec, 0x39, 0xf4, 0x4c,
0xeb, 0xb3, 0x3b, 0xaf, 0x9f, 0x6d, 0xa3, 0xbb, 0x3b, 0xd7, 0x89, 0xcf, 0x1e, 0x7b, 0x06, 0x5d,
0xea, 0x00, 0x76, 0x5c, 0x43, 0x57, 0x3b, 0x68, 0x74, 0x67, 0xd7, 0x72, 0x19, 0x6b, 0x6a, 0x9e,
0xda, 0xdb, 0x8d, 0x15, 0x47, 0x71, 0xde, 0x6e, 0x5e, 0x34, 0x51, 0x26, 0xdf, 0x43, 0xcf, 0xbc,
0xfc, 0xec, 0x2b, 0xe8, 0x14, 0x02, 0x33, 0xbf, 0xb6, 0xa7, 0xe1, 0xaf, 0x61, 0x74, 0xff, 0xb5,
0x98, 0x32, 0xfc, 0x9f, 0x16, 0xd8, 0xc5, 0x45, 0x08, 0x36, 0x07, 0x47, 0x57, 0x04, 0xab, 0xa7,
0x54, 0x29, 0xb1, 0xd1, 0xf1, 0x8e, 0xd5, 0x92, 0xf7, 0x1c, 0x1c, 0x5d, 0x27, 0x5b, 0x81, 0x2a,
0xf5, 0xb5, 0x15, 0xa8, 0x56, 0x5c, 0x7b, 0xec, 0x9c, 0xe8, 0x8e, 0x1a, 0xa8, 0x98, 0x20, 0xb7,
0x1b, 0xd7, 0x4c, 0x88, 0x1f, 0x1c, 0xf5, 0xa3, 0xf5, 0xf0, 0x9f, 0x00, 0x00, 0x00, 0xff, 0xff,
0x52, 0x12, 0xc2, 0xdb, 0x89, 0x09, 0x00, 0x00,
// 944 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x56, 0x4f, 0x8f, 0xdb, 0x44,
0x14, 0x5f, 0xdb, 0xb1, 0x93, 0x7d, 0x49, 0x76, 0xa3, 0xe9, 0x52, 0xac, 0xb4, 0x5b, 0xb6, 0x2e,
0x52, 0x97, 0x0a, 0xb2, 0x55, 0x7a, 0x01, 0x7a, 0x80, 0x55, 0x13, 0x85, 0x16, 0x9a, 0xaa, 0x56,
0x11, 0x5c, 0x50, 0x65, 0x9c, 0x07, 0x6b, 0x36, 0x6b, 0x9b, 0x99, 0xf1, 0x8a, 0x1c, 0x39, 0xc3,
0x47, 0xe1, 0xc0, 0x99, 0xcf, 0xc2, 0x9d, 0x2f, 0xc0, 0x07, 0x40, 0x9e, 0x3f, 0x5e, 0xdb, 0x71,
0xaa, 0x68, 0xb9, 0xf4, 0xe6, 0xf7, 0xe6, 0xcd, 0x6f, 0xde, 0xef, 0x37, 0xef, 0x3d, 0x0f, 0x1c,
0x06, 0x19, 0x3f, 0x3b, 0x61, 0x48, 0x2f, 0xa3, 0x10, 0x4f, 0x52, 0x9a, 0xf0, 0xe4, 0x24, 0x77,
0x8d, 0xc4, 0x27, 0xe9, 0xff, 0x98, 0x8c, 0x2e, 0xa2, 0x90, 0x26, 0xa3, 0xdc, 0xe9, 0xcd, 0xe0,
0xc6, 0x57, 0x11, 0xe3, 0xa7, 0x61, 0x98, 0x64, 0x31, 0x67, 0x3e, 0xfe, 0x9c, 0x21, 0xe3, 0xe4,
0x21, 0xb4, 0x93, 0x94, 0x47, 0x49, 0xcc, 0x5c, 0xe3, 0xc8, 0x38, 0xee, 0x8e, 0x6f, 0x8e, 0x2a,
0xfb, 0x46, 0x2f, 0xe4, 0xaa, 0xaf, 0xc3, 0xbc, 0x67, 0x70, 0x50, 0x05, 0x62, 0x69, 0x12, 0x33,
0x24, 0x63, 0xe8, 0x04, 0xca, 0xe7, 0x1a, 0x47, 0x56, 0x03, 0x94, 0xda, 0xe2, 0x17, 0x71, 0xde,
0xaf, 0x06, 0xd8, 0xaf, 0x92, 0x73, 0x8c, 0xc9, 0x5d, 0xe8, 0x05, 0x61, 0x88, 0x8c, 0xbd, 0xe6,
0xb9, 0x2d, 0x92, 0xd9, 0xf5, 0xbb, 0xd2, 0x27, 0x43, 0xee, 0x41, 0x9f, 0xe2, 0x0f, 0x14, 0xd9,
0x99, 0x8a, 0x31, 0x45, 0x4c, 0x4f, 0x39, 0x65, 0x90, 0x0b, 0xed, 0x90, 0x62, 0xc0, 0x71, 0xe1,
0x5a, 0x47, 0xc6, 0xb1, 0xe5, 0x6b, 0x93, 0xdc, 0x04, 0x07, 0x7f, 0x49, 0x23, 0xba, 0x72, 0x5b,
0x62, 0x41, 0x59, 0xde, 0xbf, 0x06, 0xb4, 0x55, 0x66, 0x64, 0x0f, 0xcc, 0x68, 0xa1, 0xce, 0x36,
0xa3, 0x05, 0x21, 0xd0, 0xe2, 0xab, 0x14, 0xd5, 0x49, 0xe2, 0x9b, 0x7c, 0x0e, 0x9d, 0x0b, 0xe4,
0xc1, 0x22, 0xe0, 0x81, 0xdb, 0x12, 0x3c, 0xdf, 0x6f, 0xe6, 0x39, 0x7a, 0xae, 0xc2, 0xa6, 0x31,
0xa7, 0x2b, 0xbf, 0xd8, 0x95, 0x67, 0xc2, 0xc2, 0x24, 0x45, 0xe6, 0xda, 0x47, 0xd6, 0xf1, 0xae,
0xaf, 0xac, 0xdc, 0x1f, 0x31, 0x96, 0x21, 0x75, 0x1d, 0x71, 0x9e, 0xb2, 0x44, 0x3c, 0x86, 0x14,
0xb9, 0xdb, 0x96, 0x7e, 0x69, 0x0d, 0x1f, 0x43, 0xbf, 0x72, 0x04, 0x19, 0x80, 0x75, 0x8e, 0x2b,
0x95, 0x7f, 0xfe, 0x49, 0x0e, 0xc0, 0xbe, 0x0c, 0x96, 0x99, 0x66, 0x20, 0x8d, 0x4f, 0xcd, 0x8f,
0x0d, 0x6f, 0x0e, 0x1d, 0x1f, 0x59, 0x92, 0xd1, 0x10, 0x73, 0x9a, 0x71, 0x70, 0x81, 0x6a, 0xa3,
0xf8, 0x6e, 0xa4, 0x3e, 0x84, 0x0e, 0xc6, 0x8b, 0x34, 0x89, 0x62, 0x2e, 0xd4, 0xdd, 0xf5, 0x0b,
0xdb, 0xfb, 0xcb, 0x84, 0xfd, 0x19, 0xc6, 0x48, 0x03, 0x8e, 0xba, 0xb8, 0xea, 0x72, 0x7e, 0x51,
0x92, 0xce, 0x12, 0xd2, 0x7d, 0x58, 0x93, 0xae, 0x86, 0xb0, 0x85, 0x84, 0xad, 0xba, 0x84, 0x4a,
0x2a, 0xbb, 0x2c, 0x55, 0xc1, 0xc6, 0xa9, 0xb2, 0x49, 0x69, 0x72, 0x19, 0x2d, 0x90, 0x2a, 0x61,
0x0b, 0xbb, 0xdc, 0x16, 0x9d, 0xad, 0xda, 0xe2, 0xff, 0x5d, 0xc6, 0x04, 0x06, 0x57, 0xcc, 0x55,
0x3f, 0x3d, 0x84, 0xb6, 0xea, 0x93, 0x0d, 0x9d, 0xa9, 0xdb, 0x49, 0x87, 0x79, 0xbf, 0x19, 0xd0,
0x9b, 0xd1, 0x20, 0xe6, 0x5a, 0xff, 0x03, 0xb0, 0x85, 0x2e, 0x2a, 0x09, 0x69, 0x90, 0x47, 0xd0,
0xa1, 0xea, 0xe6, 0x45, 0x26, 0xdd, 0xf1, 0xbb, 0x35, 0x64, 0x5d, 0x18, 0x7e, 0x11, 0x58, 0x16,
0xc4, 0xda, 0x6e, 0x4e, 0xec, 0x43, 0x5f, 0x25, 0x23, 0x09, 0x79, 0xbf, 0x1b, 0xd0, 0xf7, 0xf1,
0x32, 0x39, 0xc7, 0xb7, 0x22, 0xbf, 0x01, 0xec, 0xe9, 0x6c, 0x54, 0x82, 0xdf, 0xc2, 0xde, 0xd3,
0x98, 0xa5, 0x18, 0x96, 0x05, 0x2c, 0x8f, 0x23, 0x69, 0x94, 0xcf, 0x32, 0xb7, 0x3b, 0xeb, 0x09,
0xec, 0x17, 0xc8, 0xd7, 0xbe, 0xde, 0x3f, 0x0d, 0xe8, 0x89, 0x21, 0xb7, 0xa9, 0xbd, 0xae, 0x8a,
0xdf, 0xac, 0x14, 0xff, 0xda, 0xe0, 0xb4, 0x1a, 0x06, 0xe7, 0x5d, 0xe8, 0x89, 0xc5, 0xd7, 0x95,
0x21, 0xd9, 0x15, 0xbe, 0xa9, 0x70, 0x95, 0x79, 0xdb, 0xdb, 0xf1, 0x7e, 0x0c, 0x7d, 0x95, 0xb1,
0x62, 0xfd, 0xa0, 0x2c, 0x68, 0x77, 0x7c, 0x50, 0x03, 0x90, 0xc1, 0x32, 0xc4, 0xfb, 0xc3, 0x80,
0x96, 0x9f, 0x2d, 0x71, 0x8d, 0x67, 0x51, 0x36, 0xe6, 0xa6, 0xb2, 0xb1, 0xb6, 0x2d, 0x9b, 0x8f,
0xc0, 0x91, 0xbf, 0x18, 0xc1, 0x77, 0x6f, 0xfc, 0xce, 0xfa, 0x25, 0x20, 0x63, 0xbe, 0x0a, 0x92,
0x23, 0x23, 0x4a, 0x68, 0xc4, 0x57, 0x42, 0x02, 0xdb, 0x2f, 0x6c, 0xef, 0x3e, 0xb4, 0x15, 0x7f,
0x72, 0x1b, 0x76, 0xf3, 0x19, 0xca, 0xd2, 0x20, 0xd4, 0xb5, 0x7d, 0xe5, 0xf0, 0x7e, 0x82, 0xfe,
0x13, 0xf1, 0x4f, 0xd2, 0xf7, 0x78, 0x1f, 0x5a, 0x34, 0x5b, 0xa2, 0xd2, 0xe4, 0x46, 0x3d, 0xeb,
0x6c, 0x89, 0xbe, 0x08, 0xb8, 0x46, 0xe1, 0x0d, 0x60, 0x4f, 0x9f, 0xa5, 0x8a, 0xfc, 0x25, 0xf4,
0x27, 0xb8, 0xc4, 0xcd, 0x43, 0xfa, 0x5a, 0x87, 0x68, 0x48, 0x75, 0xc8, 0x67, 0xd0, 0xcd, 0xdf,
0x08, 0x0d, 0x8f, 0x8c, 0x2d, 0x21, 0x3f, 0x81, 0x9e, 0x04, 0x50, 0x75, 0xf3, 0x01, 0xd8, 0xb9,
0x02, 0xfa, 0x65, 0xd1, 0xa8, 0x91, 0x8c, 0x78, 0x30, 0x02, 0x47, 0xde, 0x1a, 0xe9, 0x42, 0xfb,
0xeb, 0xf9, 0x97, 0xf3, 0x17, 0xdf, 0xcc, 0x07, 0x3b, 0xb9, 0x31, 0xf3, 0x4f, 0xe7, 0xaf, 0xa6,
0x93, 0x81, 0x41, 0x00, 0x9c, 0xc9, 0x74, 0xfe, 0x74, 0x3a, 0x19, 0x98, 0xe3, 0x7f, 0x0c, 0x68,
0x9d, 0x66, 0xfc, 0x8c, 0x3c, 0x87, 0x8e, 0x1e, 0xc2, 0xe4, 0xce, 0x9b, 0xff, 0x4b, 0xc3, 0xf7,
0x36, 0xae, 0x2b, 0x05, 0x76, 0xc8, 0x33, 0x68, 0xab, 0x9e, 0x27, 0x87, 0xb5, 0xe8, 0xea, 0x94,
0x19, 0xde, 0xd9, 0xb4, 0x5c, 0x60, 0x4d, 0xf4, 0x33, 0xe9, 0x56, 0x63, 0xc3, 0x28, 0x9c, 0xdb,
0xcd, 0x8b, 0x1a, 0x65, 0xfc, 0x1d, 0x74, 0xf4, 0xab, 0x8d, 0xbc, 0x84, 0x56, 0x2e, 0x30, 0xf1,
0x6a, 0x7b, 0x1a, 0xde, 0x88, 0xc3, 0x7b, 0x6f, 0x8c, 0x29, 0xe0, 0xff, 0x36, 0xc0, 0xce, 0x2f,
0x82, 0x91, 0x19, 0x38, 0xb2, 0xea, 0x48, 0x3d, 0xa5, 0x4a, 0xe1, 0x0f, 0x0f, 0x37, 0xac, 0x16,
0xbc, 0x67, 0xe0, 0xc8, 0xca, 0x5a, 0x03, 0xaa, 0xd4, 0xf0, 0x1a, 0x50, 0xad, 0x1c, 0x77, 0xc8,
0xa9, 0xa2, 0x3b, 0x6c, 0xa0, 0xa2, 0x41, 0x6e, 0x35, 0xae, 0x69, 0x88, 0xef, 0x1d, 0xf1, 0xac,
0x7e, 0xf4, 0x5f, 0x00, 0x00, 0x00, 0xff, 0xff, 0xc8, 0x52, 0x98, 0x4d, 0x77, 0x0b, 0x00, 0x00,
}
// Reference imports to suppress errors if they are not otherwise used.

View File

@ -19,6 +19,7 @@ service Rules {
}
message ListAccountsRequest {
Options options = 1;
}
message ListAccountsResponse {
@ -54,6 +55,7 @@ message GenerateRequest {
string secret = 5;
string type = 6;
string provider = 7;
Options options = 8;
}
message GenerateResponse {
@ -63,6 +65,7 @@ message GenerateResponse {
message GrantRequest {
string scope = 1;
Resource resource = 2;
Options options = 3;
}
message GrantResponse {}
@ -70,12 +73,14 @@ message GrantResponse {}
message RevokeRequest {
string scope = 1;
Resource resource = 2;
Options options = 3;
}
message RevokeResponse {}
message InspectRequest {
string token = 1;
Options options = 2;
}
message InspectResponse {
@ -87,6 +92,7 @@ message TokenRequest {
string secret = 2;
string refresh_token = 3;
int64 token_expiry = 4;
Options options = 5;
}
message TokenResponse {
@ -107,19 +113,26 @@ message Rule {
int32 priority = 5;
}
message Options {
string namespace = 1;
}
message CreateRequest {
Rule rule = 1;
Options options = 2;
}
message CreateResponse {}
message DeleteRequest {
string id = 1;
Options options = 2;
}
message DeleteResponse {}
message ListRequest {
Options options = 2;
}
message ListResponse {

View File

@ -56,6 +56,9 @@ func (s *svc) Generate(id string, opts ...auth.GenerateOption) (*auth.Account, e
Scopes: options.Scopes,
Metadata: options.Metadata,
Provider: options.Provider,
Options: &pb.Options{
Namespace: s.Options().Issuer,
},
}, s.callOpts()...)
if err != nil {
return nil, err
@ -85,6 +88,9 @@ func (s *svc) Grant(rule *auth.Rule) error {
Endpoint: rule.Resource.Endpoint,
},
},
Options: &pb.Options{
Namespace: s.Options().Issuer,
},
}, s.callOpts()...)
return err
@ -93,7 +99,9 @@ func (s *svc) Grant(rule *auth.Rule) error {
// Revoke access to a resource
func (s *svc) Revoke(rule *auth.Rule) error {
_, err := s.rules.Delete(context.TODO(), &pb.DeleteRequest{
Id: rule.ID,
Id: rule.ID, Options: &pb.Options{
Namespace: s.Options().Issuer,
},
}, s.callOpts()...)
return err
@ -107,9 +115,14 @@ func (s *svc) Rules(opts ...auth.RulesOption) ([]*auth.Rule, error) {
if options.Context == nil {
options.Context = context.TODO()
}
if len(options.Namespace) == 0 {
options.Namespace = s.options.Issuer
}
callOpts := append(s.callOpts(), client.WithCache(time.Second*30))
rsp, err := s.rules.List(options.Context, &pb.ListRequest{}, callOpts...)
rsp, err := s.rules.List(options.Context, &pb.ListRequest{
Options: &pb.Options{Namespace: options.Namespace},
}, callOpts...)
if err != nil {
return nil, err
}
@ -129,7 +142,10 @@ func (s *svc) Verify(acc *auth.Account, res *auth.Resource, opts ...auth.VerifyO
o(&options)
}
rs, err := s.Rules(auth.RulesContext(options.Context))
rs, err := s.Rules(
auth.RulesContext(options.Context),
auth.RulesNamespace(options.Namespace),
)
if err != nil {
return err
}
@ -146,7 +162,9 @@ func (s *svc) Inspect(token string) (*auth.Account, error) {
// the token is not a JWT or we do not have the keys to decode it,
// fall back to the auth service
rsp, err := s.auth.Inspect(context.TODO(), &pb.InspectRequest{Token: token}, s.callOpts()...)
rsp, err := s.auth.Inspect(context.TODO(), &pb.InspectRequest{
Token: token, Options: &pb.Options{Namespace: s.Options().Issuer},
}, s.callOpts()...)
if err != nil {
return nil, err
}
@ -162,6 +180,9 @@ func (s *svc) Token(opts ...auth.TokenOption) (*auth.Token, error) {
Secret: options.Secret,
RefreshToken: options.RefreshToken,
TokenExpiry: int64(options.Expiry.Seconds()),
Options: &pb.Options{
Namespace: s.Options().Issuer,
},
}, s.callOpts()...)
if err != nil {
return nil, err

View File

@ -10,7 +10,7 @@ import (
// Generate generates a service account for and continually
// refreshes the access token.
func Generate(id string, name string, a auth.Auth) error {
func Generate(id, name string, a auth.Auth) error {
// extract the account creds from options, these can be set by flags
accID := a.Options().ID
accSecret := a.Options().Secret