add MICRO_AUTH_TOKEN, parse token in wrapper, preload config and othe… (#1261)
* add MICRO_AUTH_TOKEN, parse token in wrapper, preload config and other things * fix wrapper panic
This commit is contained in:
Asim Aslam
GitHub
@@ -15,6 +15,10 @@ import (
|
||||
|
||||
type clientWrapper struct {
|
||||
client.Client
|
||||
|
||||
// Auth interface
|
||||
auth func() auth.Auth
|
||||
// headers to inject
|
||||
headers metadata.Metadata
|
||||
}
|
||||
|
||||
@@ -27,7 +31,7 @@ type traceWrapper struct {
|
||||
|
||||
var (
|
||||
HeaderPrefix = "Micro-"
|
||||
BearerSchema = "Bearer "
|
||||
BearerScheme = "Bearer "
|
||||
)
|
||||
|
||||
func (c *clientWrapper) setHeaders(ctx context.Context) context.Context {
|
||||
@@ -35,6 +39,15 @@ func (c *clientWrapper) setHeaders(ctx context.Context) context.Context {
|
||||
mda, _ := metadata.FromContext(ctx)
|
||||
md := metadata.Copy(mda)
|
||||
|
||||
// get auth token
|
||||
if a := c.auth(); a != nil {
|
||||
tk := a.Options().Token
|
||||
// if the token if exists and auth header isn't set then set it
|
||||
if len(tk) > 0 && len(md["Authorization"]) == 0 {
|
||||
md["Authorization"] = BearerScheme + tk
|
||||
}
|
||||
}
|
||||
|
||||
// set headers
|
||||
for k, v := range c.headers {
|
||||
if _, ok := md[k]; !ok {
|
||||
@@ -75,10 +88,11 @@ func (c *traceWrapper) Call(ctx context.Context, req client.Request, rsp interfa
|
||||
return err
|
||||
}
|
||||
|
||||
// FromService wraps a client to inject From-Service header into metadata
|
||||
func FromService(name string, c client.Client) client.Client {
|
||||
// FromService wraps a client to inject service and auth metadata
|
||||
func FromService(name string, c client.Client, fn func() auth.Auth) client.Client {
|
||||
return &clientWrapper{
|
||||
c,
|
||||
fn,
|
||||
metadata.Metadata{
|
||||
HeaderPrefix + "From-Service": name,
|
||||
},
|
||||
@@ -151,7 +165,7 @@ func AuthHandler(fn func() auth.Auth) server.HandlerWrapper {
|
||||
}
|
||||
|
||||
// Exclude any user excluded endpoints
|
||||
for _, e := range a.Options().Excludes {
|
||||
for _, e := range a.Options().Exclude {
|
||||
if e == req.Endpoint() {
|
||||
return h(ctx, req, rsp)
|
||||
}
|
||||
@@ -162,15 +176,15 @@ func AuthHandler(fn func() auth.Auth) server.HandlerWrapper {
|
||||
var token string
|
||||
if header, ok := metadata.Get(ctx, "Authorization"); ok {
|
||||
// Ensure the correct scheme is being used
|
||||
if !strings.HasPrefix(header, BearerSchema) {
|
||||
if !strings.HasPrefix(header, BearerScheme) {
|
||||
return errors.Unauthorized("go.micro.auth", "invalid authorization header. expected Bearer schema")
|
||||
}
|
||||
|
||||
token = header[len(BearerSchema):]
|
||||
token = header[len(BearerScheme):]
|
||||
}
|
||||
|
||||
// Validate the token
|
||||
if _, err := a.Validate(token); err != nil {
|
||||
// Verify the token
|
||||
if _, err := a.Verify(token); err != nil {
|
||||
return errors.Unauthorized("go.micro.auth", err.Error())
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user