Auth: Set address

2020-05-13 17:54:47 +01:00 · 2020-05-13 17:54:47 +01:00 · 366fb228e5
commit 366fb228e5
parent ebd53794af
2 changed files with 37 additions and 22 deletions
--- a/auth/options.go
+++ b/auth/options.go
@ -44,10 +44,19 @@ type Options struct {
 	Store store.Store
 	// Client to use for RPC
 	Client client.Client
+	// Addrs sets the addresses of auth
+	Addrs []string
 }

 type Option func(o *Options)

+// Addrs is the auth addresses to use
+func Addrs(addrs ...string) Option {
+	return func(o *Options) {
+		o.Addrs = addrs
+	}
+}
+
 // Namespace the service belongs to
 func Namespace(n string) Option {
 	return func(o *Options) {
--- a/auth/service/service.go
+++ b/auth/service/service.go
@ -19,7 +19,27 @@ import (

 // NewAuth returns a new instance of the Auth service
 func NewAuth(opts ...auth.Option) auth.Auth {
-	return &svc{options: auth.NewOptions(opts...)}
+	options := auth.NewOptions(opts...)
+
+	addrs := options.Addrs
+	if len(addrs) == 0 {
+		addrs = []string{"127.0.0.1:8010"}
+	}
+
+	svc := &svc{options: options, addrs: addrs}
+
+	// load rules periodically from the auth service
+	go func() {
+		ruleTimer := time.NewTicker(time.Second * 30)
+
+		for {
+			time.Sleep(jitter.Do(time.Second * 5))
+			svc.loadRules()
+			<-ruleTimer.C
+		}
+	}()
+
+	return svc
 }

 // svc is the service implementation of the Auth interface
@ -28,6 +48,7 @@ type svc struct {
 	auth    pb.AuthService
 	rule    pb.RulesService
 	jwt     token.Provider
+	addrs   []string

 	rules []*pb.Rule
 	sync.Mutex
@ -54,21 +75,6 @@ func (s *svc) Init(opts ...auth.Option) {
 	if key := s.options.PublicKey; len(key) > 0 {
 		s.jwt = jwt.NewTokenProvider(token.WithPublicKey(key))
 	}
-
-	// load rules periodically from the auth service
-	go func() {
-		ruleTimer := time.NewTicker(time.Second * 30)
-
-		for {
-			// jitter for up to 5 seconds, this stops
-			// all the services calling the auth service
-			// at the exact same time
-			time.Sleep(jitter.Do(time.Second * 5))
-			s.loadRules()
-
-			<-ruleTimer.C
-		}
-	}()
 }

 func (s *svc) Options() auth.Options {
@ -89,7 +95,7 @@ func (s *svc) Generate(id string, opts ...auth.GenerateOption) (*auth.Account, e
 		Metadata:  options.Metadata,
 		Provider:  options.Provider,
 		Namespace: options.Namespace,
-	})
+	}, client.WithAddress(s.addrs...))
 	if err != nil {
 		return nil, err
 	}
@ -108,7 +114,7 @@ func (s *svc) Grant(role string, res *auth.Resource) error {
 			Name:      res.Name,
 			Endpoint:  res.Endpoint,
 		},
-	})
+	}, client.WithAddress(s.addrs...))
 	return err
 }

@ -123,7 +129,7 @@ func (s *svc) Revoke(role string, res *auth.Resource) error {
 			Name:      res.Name,
 			Endpoint:  res.Endpoint,
 		},
-	})
+	}, client.WithAddress(s.addrs...))
 	return err
 }

@ -193,7 +199,7 @@ func (s *svc) Inspect(token string) (*auth.Account, error) {

 	// the token is not a JWT or we do not have the keys to decode it,
 	// fall back to the auth service
-	rsp, err := s.auth.Inspect(context.TODO(), &pb.InspectRequest{Token: token})
+	rsp, err := s.auth.Inspect(context.TODO(), &pb.InspectRequest{Token: token}, client.WithAddress(s.addrs...))
 	if err != nil {
 		return nil, err
 	}
@ -209,7 +215,7 @@ func (s *svc) Token(opts ...auth.TokenOption) (*auth.Token, error) {
 		Secret:       options.Secret,
 		RefreshToken: options.RefreshToken,
 		TokenExpiry:  int64(options.Expiry.Seconds()),
-	})
+	}, client.WithAddress(s.addrs...))
 	if err != nil {
 		return nil, err
 	}
@ -274,7 +280,7 @@ func (s *svc) listRules(filters ...string) []*pb.Rule {

 // loadRules retrieves the rules from the auth service
 func (s *svc) loadRules() {
-	rsp, err := s.rule.List(context.TODO(), &pb.ListRequest{})
+	rsp, err := s.rule.List(context.TODO(), &pb.ListRequest{}, client.WithAddress(s.addrs...))
 	s.Lock()
 	defer s.Unlock()