diff --git a/auth/service/proto/accounts/accounts.pb.go b/auth/service/proto/accounts/accounts.pb.go new file mode 100644 index 00000000..e776cb64 --- /dev/null +++ b/auth/service/proto/accounts/accounts.pb.go @@ -0,0 +1,117 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// source: github.com/micro/go-micro/auth/service/proto/accounts/accounts.proto + +package go_micro_auth + +import ( + fmt "fmt" + proto "github.com/golang/protobuf/proto" + auth "github.com/micro/go-micro/v2/auth/service/proto/auth" + math "math" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package + +type ListAccountsRequest struct { + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *ListAccountsRequest) Reset() { *m = ListAccountsRequest{} } +func (m *ListAccountsRequest) String() string { return proto.CompactTextString(m) } +func (*ListAccountsRequest) ProtoMessage() {} +func (*ListAccountsRequest) Descriptor() ([]byte, []int) { + return fileDescriptor_25929ace37374fcc, []int{0} +} + +func (m *ListAccountsRequest) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_ListAccountsRequest.Unmarshal(m, b) +} +func (m *ListAccountsRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_ListAccountsRequest.Marshal(b, m, deterministic) +} +func (m *ListAccountsRequest) XXX_Merge(src proto.Message) { + xxx_messageInfo_ListAccountsRequest.Merge(m, src) +} +func (m *ListAccountsRequest) XXX_Size() int { + return xxx_messageInfo_ListAccountsRequest.Size(m) +} +func (m *ListAccountsRequest) XXX_DiscardUnknown() { + xxx_messageInfo_ListAccountsRequest.DiscardUnknown(m) +} + +var xxx_messageInfo_ListAccountsRequest proto.InternalMessageInfo + +type ListAccountsResponse struct { + Accounts []*auth.Account `protobuf:"bytes,1,rep,name=accounts,proto3" json:"accounts,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *ListAccountsResponse) Reset() { *m = ListAccountsResponse{} } +func (m *ListAccountsResponse) String() string { return proto.CompactTextString(m) } +func (*ListAccountsResponse) ProtoMessage() {} +func (*ListAccountsResponse) Descriptor() ([]byte, []int) { + return fileDescriptor_25929ace37374fcc, []int{1} +} + +func (m *ListAccountsResponse) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_ListAccountsResponse.Unmarshal(m, b) +} +func (m *ListAccountsResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_ListAccountsResponse.Marshal(b, m, deterministic) +} +func (m *ListAccountsResponse) XXX_Merge(src proto.Message) { + xxx_messageInfo_ListAccountsResponse.Merge(m, src) +} +func (m *ListAccountsResponse) XXX_Size() int { + return xxx_messageInfo_ListAccountsResponse.Size(m) +} +func (m *ListAccountsResponse) XXX_DiscardUnknown() { + xxx_messageInfo_ListAccountsResponse.DiscardUnknown(m) +} + +var xxx_messageInfo_ListAccountsResponse proto.InternalMessageInfo + +func (m *ListAccountsResponse) GetAccounts() []*auth.Account { + if m != nil { + return m.Accounts + } + return nil +} + +func init() { + proto.RegisterType((*ListAccountsRequest)(nil), "go.micro.auth.ListAccountsRequest") + proto.RegisterType((*ListAccountsResponse)(nil), "go.micro.auth.ListAccountsResponse") +} + +func init() { + proto.RegisterFile("github.com/micro/go-micro/auth/service/proto/accounts/accounts.proto", fileDescriptor_25929ace37374fcc) +} + +var fileDescriptor_25929ace37374fcc = []byte{ + // 186 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x72, 0x49, 0xcf, 0x2c, 0xc9, + 0x28, 0x4d, 0xd2, 0x4b, 0xce, 0xcf, 0xd5, 0xcf, 0xcd, 0x4c, 0x2e, 0xca, 0xd7, 0x4f, 0xcf, 0xd7, + 0x85, 0x30, 0x12, 0x4b, 0x4b, 0x32, 0xf4, 0x8b, 0x53, 0x8b, 0xca, 0x32, 0x93, 0x53, 0xf5, 0x0b, + 0x8a, 0xf2, 0x4b, 0xf2, 0xf5, 0x13, 0x93, 0x93, 0xf3, 0x4b, 0xf3, 0x4a, 0x8a, 0xe1, 0x0c, 0x3d, + 0xb0, 0xb8, 0x10, 0x6f, 0x7a, 0xbe, 0x1e, 0x58, 0x93, 0x1e, 0x48, 0x93, 0x94, 0x0d, 0x69, 0x86, + 0x82, 0x84, 0x40, 0x04, 0xc4, 0x30, 0x25, 0x51, 0x2e, 0x61, 0x9f, 0xcc, 0xe2, 0x12, 0x47, 0xa8, + 0x15, 0x41, 0xa9, 0x85, 0xa5, 0xa9, 0xc5, 0x25, 0x4a, 0x5e, 0x5c, 0x22, 0xa8, 0xc2, 0xc5, 0x05, + 0xf9, 0x79, 0xc5, 0xa9, 0x42, 0x46, 0x5c, 0x1c, 0x30, 0xd7, 0x48, 0x30, 0x2a, 0x30, 0x6b, 0x70, + 0x1b, 0x89, 0xe9, 0xa1, 0x38, 0x47, 0x0f, 0xaa, 0x25, 0x08, 0xae, 0xce, 0x28, 0x96, 0x8b, 0x03, + 0x66, 0x8e, 0x50, 0x20, 0x17, 0x0b, 0xc8, 0x5c, 0x21, 0x25, 0x34, 0x5d, 0x58, 0xdc, 0x20, 0xa5, + 0x8c, 0x57, 0x0d, 0xc4, 0x41, 0x4a, 0x0c, 0x49, 0x6c, 0x60, 0x8f, 0x18, 0x03, 0x02, 0x00, 0x00, + 0xff, 0xff, 0x23, 0x27, 0x81, 0xfe, 0x5d, 0x01, 0x00, 0x00, +} diff --git a/auth/service/proto/accounts/accounts.pb.micro.go b/auth/service/proto/accounts/accounts.pb.micro.go new file mode 100644 index 00000000..820b968d --- /dev/null +++ b/auth/service/proto/accounts/accounts.pb.micro.go @@ -0,0 +1,86 @@ +// Code generated by protoc-gen-micro. DO NOT EDIT. +// source: github.com/micro/go-micro/auth/service/proto/accounts/accounts.proto + +package go_micro_auth + +import ( + fmt "fmt" + proto "github.com/golang/protobuf/proto" + _ "github.com/micro/go-micro/v2/auth/service/proto/auth" + math "math" +) + +import ( + context "context" + client "github.com/micro/go-micro/v2/client" + server "github.com/micro/go-micro/v2/server" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package + +// Reference imports to suppress errors if they are not otherwise used. +var _ context.Context +var _ client.Option +var _ server.Option + +// Client API for Accounts service + +type AccountsService interface { + List(ctx context.Context, in *ListAccountsRequest, opts ...client.CallOption) (*ListAccountsResponse, error) +} + +type accountsService struct { + c client.Client + name string +} + +func NewAccountsService(name string, c client.Client) AccountsService { + return &accountsService{ + c: c, + name: name, + } +} + +func (c *accountsService) List(ctx context.Context, in *ListAccountsRequest, opts ...client.CallOption) (*ListAccountsResponse, error) { + req := c.c.NewRequest(c.name, "Accounts.List", in) + out := new(ListAccountsResponse) + err := c.c.Call(ctx, req, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +// Server API for Accounts service + +type AccountsHandler interface { + List(context.Context, *ListAccountsRequest, *ListAccountsResponse) error +} + +func RegisterAccountsHandler(s server.Server, hdlr AccountsHandler, opts ...server.HandlerOption) error { + type accounts interface { + List(ctx context.Context, in *ListAccountsRequest, out *ListAccountsResponse) error + } + type Accounts struct { + accounts + } + h := &accountsHandler{hdlr} + return s.Handle(s.NewHandler(&Accounts{h}, opts...)) +} + +type accountsHandler struct { + AccountsHandler +} + +func (h *accountsHandler) List(ctx context.Context, in *ListAccountsRequest, out *ListAccountsResponse) error { + return h.AccountsHandler.List(ctx, in, out) +} diff --git a/auth/service/proto/accounts/accounts.proto b/auth/service/proto/accounts/accounts.proto new file mode 100644 index 00000000..8f93aa23 --- /dev/null +++ b/auth/service/proto/accounts/accounts.proto @@ -0,0 +1,16 @@ +syntax = "proto3"; + +package go.micro.auth; + +import "github.com/micro/go-micro/auth/service/proto/auth/auth.proto"; + +service Accounts { + rpc List(ListAccountsRequest) returns (ListAccountsResponse) {}; +} + +message ListAccountsRequest { +} + +message ListAccountsResponse { + repeated Account accounts = 1; +} diff --git a/auth/service/proto/auth.pb.go b/auth/service/proto/auth/auth.pb.go similarity index 69% rename from auth/service/proto/auth.pb.go rename to auth/service/proto/auth/auth.pb.go index 5ca611a8..31c89570 100644 --- a/auth/service/proto/auth.pb.go +++ b/auth/service/proto/auth/auth.pb.go @@ -1,5 +1,5 @@ // Code generated by protoc-gen-go. DO NOT EDIT. -// source: auth/service/proto/auth.proto +// source: github.com/micro/go-micro/auth/service/proto/auth/auth.proto package go_micro_auth @@ -20,61 +20,6 @@ var _ = math.Inf // proto package needs to be updated. const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package -type Rule struct { - Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` - Role string `protobuf:"bytes,2,opt,name=role,proto3" json:"role,omitempty"` - Resource *Resource `protobuf:"bytes,3,opt,name=resource,proto3" json:"resource,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *Rule) Reset() { *m = Rule{} } -func (m *Rule) String() string { return proto.CompactTextString(m) } -func (*Rule) ProtoMessage() {} -func (*Rule) Descriptor() ([]byte, []int) { - return fileDescriptor_21300bfacc51fc2a, []int{0} -} - -func (m *Rule) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_Rule.Unmarshal(m, b) -} -func (m *Rule) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_Rule.Marshal(b, m, deterministic) -} -func (m *Rule) XXX_Merge(src proto.Message) { - xxx_messageInfo_Rule.Merge(m, src) -} -func (m *Rule) XXX_Size() int { - return xxx_messageInfo_Rule.Size(m) -} -func (m *Rule) XXX_DiscardUnknown() { - xxx_messageInfo_Rule.DiscardUnknown(m) -} - -var xxx_messageInfo_Rule proto.InternalMessageInfo - -func (m *Rule) GetId() string { - if m != nil { - return m.Id - } - return "" -} - -func (m *Rule) GetRole() string { - if m != nil { - return m.Role - } - return "" -} - -func (m *Rule) GetResource() *Resource { - if m != nil { - return m.Resource - } - return nil -} - type Token struct { Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"` Type string `protobuf:"bytes,2,opt,name=type,proto3" json:"type,omitempty"` @@ -92,7 +37,7 @@ func (m *Token) Reset() { *m = Token{} } func (m *Token) String() string { return proto.CompactTextString(m) } func (*Token) ProtoMessage() {} func (*Token) Descriptor() ([]byte, []int) { - return fileDescriptor_21300bfacc51fc2a, []int{1} + return fileDescriptor_b246cecfa8195ff3, []int{0} } func (m *Token) XXX_Unmarshal(b []byte) error { @@ -176,7 +121,7 @@ func (m *Account) Reset() { *m = Account{} } func (m *Account) String() string { return proto.CompactTextString(m) } func (*Account) ProtoMessage() {} func (*Account) Descriptor() ([]byte, []int) { - return fileDescriptor_21300bfacc51fc2a, []int{2} + return fileDescriptor_b246cecfa8195ff3, []int{1} } func (m *Account) XXX_Unmarshal(b []byte) error { @@ -238,7 +183,7 @@ func (m *Resource) Reset() { *m = Resource{} } func (m *Resource) String() string { return proto.CompactTextString(m) } func (*Resource) ProtoMessage() {} func (*Resource) Descriptor() ([]byte, []int) { - return fileDescriptor_21300bfacc51fc2a, []int{3} + return fileDescriptor_b246cecfa8195ff3, []int{2} } func (m *Resource) XXX_Unmarshal(b []byte) error { @@ -294,7 +239,7 @@ func (m *GenerateRequest) Reset() { *m = GenerateRequest{} } func (m *GenerateRequest) String() string { return proto.CompactTextString(m) } func (*GenerateRequest) ProtoMessage() {} func (*GenerateRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_21300bfacc51fc2a, []int{4} + return fileDescriptor_b246cecfa8195ff3, []int{3} } func (m *GenerateRequest) XXX_Unmarshal(b []byte) error { @@ -354,7 +299,7 @@ func (m *GenerateResponse) Reset() { *m = GenerateResponse{} } func (m *GenerateResponse) String() string { return proto.CompactTextString(m) } func (*GenerateResponse) ProtoMessage() {} func (*GenerateResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_21300bfacc51fc2a, []int{5} + return fileDescriptor_b246cecfa8195ff3, []int{4} } func (m *GenerateResponse) XXX_Unmarshal(b []byte) error { @@ -394,7 +339,7 @@ func (m *GrantRequest) Reset() { *m = GrantRequest{} } func (m *GrantRequest) String() string { return proto.CompactTextString(m) } func (*GrantRequest) ProtoMessage() {} func (*GrantRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_21300bfacc51fc2a, []int{6} + return fileDescriptor_b246cecfa8195ff3, []int{5} } func (m *GrantRequest) XXX_Unmarshal(b []byte) error { @@ -439,7 +384,7 @@ func (m *GrantResponse) Reset() { *m = GrantResponse{} } func (m *GrantResponse) String() string { return proto.CompactTextString(m) } func (*GrantResponse) ProtoMessage() {} func (*GrantResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_21300bfacc51fc2a, []int{7} + return fileDescriptor_b246cecfa8195ff3, []int{6} } func (m *GrantResponse) XXX_Unmarshal(b []byte) error { @@ -472,7 +417,7 @@ func (m *RevokeRequest) Reset() { *m = RevokeRequest{} } func (m *RevokeRequest) String() string { return proto.CompactTextString(m) } func (*RevokeRequest) ProtoMessage() {} func (*RevokeRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_21300bfacc51fc2a, []int{8} + return fileDescriptor_b246cecfa8195ff3, []int{7} } func (m *RevokeRequest) XXX_Unmarshal(b []byte) error { @@ -517,7 +462,7 @@ func (m *RevokeResponse) Reset() { *m = RevokeResponse{} } func (m *RevokeResponse) String() string { return proto.CompactTextString(m) } func (*RevokeResponse) ProtoMessage() {} func (*RevokeResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_21300bfacc51fc2a, []int{9} + return fileDescriptor_b246cecfa8195ff3, []int{8} } func (m *RevokeResponse) XXX_Unmarshal(b []byte) error { @@ -549,7 +494,7 @@ func (m *InspectRequest) Reset() { *m = InspectRequest{} } func (m *InspectRequest) String() string { return proto.CompactTextString(m) } func (*InspectRequest) ProtoMessage() {} func (*InspectRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_21300bfacc51fc2a, []int{10} + return fileDescriptor_b246cecfa8195ff3, []int{9} } func (m *InspectRequest) XXX_Unmarshal(b []byte) error { @@ -588,7 +533,7 @@ func (m *InspectResponse) Reset() { *m = InspectResponse{} } func (m *InspectResponse) String() string { return proto.CompactTextString(m) } func (*InspectResponse) ProtoMessage() {} func (*InspectResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_21300bfacc51fc2a, []int{11} + return fileDescriptor_b246cecfa8195ff3, []int{10} } func (m *InspectResponse) XXX_Unmarshal(b []byte) error { @@ -628,7 +573,7 @@ func (m *RefreshRequest) Reset() { *m = RefreshRequest{} } func (m *RefreshRequest) String() string { return proto.CompactTextString(m) } func (*RefreshRequest) ProtoMessage() {} func (*RefreshRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_21300bfacc51fc2a, []int{12} + return fileDescriptor_b246cecfa8195ff3, []int{11} } func (m *RefreshRequest) XXX_Unmarshal(b []byte) error { @@ -674,7 +619,7 @@ func (m *RefreshResponse) Reset() { *m = RefreshResponse{} } func (m *RefreshResponse) String() string { return proto.CompactTextString(m) } func (*RefreshResponse) ProtoMessage() {} func (*RefreshResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_21300bfacc51fc2a, []int{13} + return fileDescriptor_b246cecfa8195ff3, []int{12} } func (m *RefreshResponse) XXX_Unmarshal(b []byte) error { @@ -702,78 +647,7 @@ func (m *RefreshResponse) GetToken() *Token { return nil } -type ListRulesRequest struct { - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *ListRulesRequest) Reset() { *m = ListRulesRequest{} } -func (m *ListRulesRequest) String() string { return proto.CompactTextString(m) } -func (*ListRulesRequest) ProtoMessage() {} -func (*ListRulesRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_21300bfacc51fc2a, []int{14} -} - -func (m *ListRulesRequest) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_ListRulesRequest.Unmarshal(m, b) -} -func (m *ListRulesRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_ListRulesRequest.Marshal(b, m, deterministic) -} -func (m *ListRulesRequest) XXX_Merge(src proto.Message) { - xxx_messageInfo_ListRulesRequest.Merge(m, src) -} -func (m *ListRulesRequest) XXX_Size() int { - return xxx_messageInfo_ListRulesRequest.Size(m) -} -func (m *ListRulesRequest) XXX_DiscardUnknown() { - xxx_messageInfo_ListRulesRequest.DiscardUnknown(m) -} - -var xxx_messageInfo_ListRulesRequest proto.InternalMessageInfo - -type ListRulesResponse struct { - Rules []*Rule `protobuf:"bytes,1,rep,name=rules,proto3" json:"rules,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *ListRulesResponse) Reset() { *m = ListRulesResponse{} } -func (m *ListRulesResponse) String() string { return proto.CompactTextString(m) } -func (*ListRulesResponse) ProtoMessage() {} -func (*ListRulesResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_21300bfacc51fc2a, []int{15} -} - -func (m *ListRulesResponse) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_ListRulesResponse.Unmarshal(m, b) -} -func (m *ListRulesResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_ListRulesResponse.Marshal(b, m, deterministic) -} -func (m *ListRulesResponse) XXX_Merge(src proto.Message) { - xxx_messageInfo_ListRulesResponse.Merge(m, src) -} -func (m *ListRulesResponse) XXX_Size() int { - return xxx_messageInfo_ListRulesResponse.Size(m) -} -func (m *ListRulesResponse) XXX_DiscardUnknown() { - xxx_messageInfo_ListRulesResponse.DiscardUnknown(m) -} - -var xxx_messageInfo_ListRulesResponse proto.InternalMessageInfo - -func (m *ListRulesResponse) GetRules() []*Rule { - if m != nil { - return m.Rules - } - return nil -} - func init() { - proto.RegisterType((*Rule)(nil), "go.micro.auth.Rule") proto.RegisterType((*Token)(nil), "go.micro.auth.Token") proto.RegisterMapType((map[string]string)(nil), "go.micro.auth.Token.MetadataEntry") proto.RegisterType((*Account)(nil), "go.micro.auth.Account") @@ -790,56 +664,51 @@ func init() { proto.RegisterType((*InspectResponse)(nil), "go.micro.auth.InspectResponse") proto.RegisterType((*RefreshRequest)(nil), "go.micro.auth.RefreshRequest") proto.RegisterType((*RefreshResponse)(nil), "go.micro.auth.RefreshResponse") - proto.RegisterType((*ListRulesRequest)(nil), "go.micro.auth.ListRulesRequest") - proto.RegisterType((*ListRulesResponse)(nil), "go.micro.auth.ListRulesResponse") } -func init() { proto.RegisterFile("auth/service/proto/auth.proto", fileDescriptor_21300bfacc51fc2a) } - -var fileDescriptor_21300bfacc51fc2a = []byte{ - // 696 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x55, 0xdb, 0x6e, 0xd3, 0x40, - 0x10, 0xad, 0xed, 0xdc, 0x3a, 0x69, 0x9a, 0xb0, 0x54, 0xc5, 0x32, 0x6d, 0x09, 0x06, 0xa1, 0x82, - 0xaa, 0x14, 0xa5, 0x2f, 0x08, 0x44, 0x45, 0x45, 0xab, 0x72, 0x2b, 0x42, 0x16, 0x12, 0xbc, 0x55, - 0xae, 0x33, 0x50, 0xd3, 0xd4, 0x36, 0xeb, 0x75, 0x45, 0xfe, 0x82, 0x2f, 0xe3, 0x0b, 0x78, 0xe3, - 0x47, 0xd0, 0xae, 0x77, 0xb7, 0x8e, 0x13, 0x23, 0xc4, 0xe5, 0x6d, 0x77, 0x76, 0x7c, 0xce, 0xcc, - 0x99, 0x33, 0x09, 0xac, 0xfb, 0x19, 0x3b, 0xdd, 0x4e, 0x91, 0x5e, 0x84, 0x01, 0x6e, 0x27, 0x34, - 0x66, 0xf1, 0x36, 0x0f, 0x0d, 0xc4, 0x91, 0x74, 0x3e, 0xc6, 0x83, 0xf3, 0x30, 0xa0, 0xf1, 0x80, - 0x07, 0xdd, 0x63, 0xa8, 0x79, 0xd9, 0x18, 0xc9, 0x32, 0x98, 0xe1, 0xc8, 0x36, 0xfa, 0xc6, 0xe6, - 0xa2, 0x67, 0x86, 0x23, 0x42, 0xa0, 0x46, 0xe3, 0x31, 0xda, 0xa6, 0x88, 0x88, 0x33, 0xd9, 0x81, - 0x16, 0xc5, 0x34, 0xce, 0x68, 0x80, 0xb6, 0xd5, 0x37, 0x36, 0xdb, 0xc3, 0x6b, 0x83, 0x29, 0xb4, - 0x81, 0x27, 0x9f, 0x3d, 0x9d, 0xe8, 0x7e, 0x35, 0xa1, 0xfe, 0x36, 0x3e, 0xc3, 0x88, 0xac, 0x40, - 0x9d, 0xf1, 0x83, 0x64, 0xc9, 0x2f, 0x9c, 0x88, 0x4d, 0x12, 0x4d, 0xc4, 0xcf, 0xc4, 0x86, 0x66, - 0x40, 0xd1, 0x67, 0x38, 0x12, 0x3c, 0x96, 0xa7, 0xae, 0x64, 0x15, 0x1a, 0xf8, 0x25, 0x09, 0xe9, - 0xc4, 0xae, 0x89, 0x07, 0x79, 0xe3, 0x5f, 0xa4, 0xd9, 0xc9, 0x27, 0x0c, 0x98, 0x5d, 0x17, 0x40, - 0xea, 0xca, 0x59, 0x79, 0xf1, 0xa9, 0xdd, 0xe8, 0x5b, 0x9c, 0x55, 0x5c, 0xc8, 0x2e, 0xb4, 0xce, - 0x91, 0xf9, 0x23, 0x9f, 0xf9, 0x76, 0xb3, 0x6f, 0x6d, 0xb6, 0x87, 0x6e, 0xa9, 0x15, 0x51, 0xf3, - 0xe0, 0x48, 0x26, 0x1d, 0x44, 0x8c, 0x4e, 0x3c, 0xfd, 0x8d, 0xf3, 0x08, 0x3a, 0x53, 0x4f, 0xa4, - 0x07, 0xd6, 0x19, 0x4e, 0x64, 0x6b, 0xfc, 0xc8, 0x89, 0x2f, 0xfc, 0x71, 0xa6, 0x3a, 0xcb, 0x2f, - 0x0f, 0xcd, 0x07, 0x86, 0xfb, 0xdd, 0x80, 0xe6, 0x5e, 0x10, 0xc4, 0x59, 0xc4, 0x66, 0x74, 0xdf, - 0x82, 0x46, 0x8a, 0x01, 0x45, 0x26, 0x3e, 0x6b, 0x0f, 0x57, 0xe6, 0x95, 0xe5, 0xc9, 0x9c, 0xcb, - 0xe6, 0xac, 0x62, 0x73, 0x4f, 0x0a, 0xcd, 0xd5, 0x44, 0x73, 0xb7, 0x4b, 0x28, 0x92, 0xfd, 0xff, - 0xb4, 0xf7, 0x1a, 0x5a, 0xca, 0x07, 0x7c, 0xba, 0x91, 0x7f, 0x8e, 0xf2, 0x43, 0x71, 0x9e, 0x3b, - 0x71, 0x07, 0x5a, 0x18, 0x8d, 0x92, 0x38, 0x8c, 0x98, 0x18, 0xf9, 0xa2, 0xa7, 0xef, 0xee, 0x0f, - 0x03, 0xba, 0x87, 0x18, 0x21, 0xf5, 0x19, 0x7a, 0xf8, 0x39, 0xc3, 0x74, 0x56, 0x36, 0x2d, 0x84, - 0x59, 0x14, 0xe2, 0x59, 0x41, 0x08, 0x4b, 0x08, 0xb1, 0x55, 0x12, 0xa2, 0x84, 0x5b, 0x25, 0x08, - 0xb9, 0x05, 0x9d, 0x5c, 0xf2, 0xe3, 0x29, 0xfb, 0x2d, 0xe5, 0xc1, 0x03, 0x11, 0xfb, 0x3b, 0xd5, - 0xf6, 0xa1, 0x77, 0x59, 0x4c, 0x9a, 0xc4, 0x51, 0x8a, 0xe4, 0x3e, 0x34, 0xfd, 0x7c, 0x52, 0x02, - 0xa3, 0x3d, 0x5c, 0x9d, 0x3f, 0x47, 0x4f, 0xa5, 0xb9, 0xef, 0x60, 0xe9, 0x90, 0xfa, 0x11, 0x53, - 0x3a, 0xa9, 0x35, 0x36, 0x2a, 0xd6, 0xd8, 0xfc, 0xdd, 0x35, 0xee, 0x42, 0x47, 0x02, 0xe7, 0xb5, - 0xb9, 0xef, 0xa1, 0xe3, 0xe1, 0x45, 0x7c, 0x86, 0xff, 0x9c, 0xaa, 0x07, 0xcb, 0x0a, 0x59, 0x72, - 0xdd, 0x81, 0xe5, 0xe7, 0x51, 0x9a, 0x60, 0xa0, 0xfb, 0x9a, 0xfb, 0x5b, 0xe2, 0x3e, 0x85, 0xae, - 0xce, 0xfb, 0x63, 0x09, 0x5f, 0x72, 0xfa, 0x0f, 0x14, 0xd3, 0x53, 0x45, 0xb6, 0xaa, 0x77, 0x32, - 0x67, 0x53, 0xdb, 0x77, 0x13, 0x96, 0x04, 0xaf, 0xf2, 0x84, 0x29, 0x3c, 0xd1, 0x16, 0xb1, 0xdc, - 0x12, 0xee, 0x63, 0xe8, 0x6a, 0x30, 0x59, 0xd1, 0xbd, 0x62, 0xe9, 0x55, 0x0b, 0x2e, 0x1b, 0x22, - 0xd0, 0x7b, 0x15, 0xa6, 0x8c, 0xff, 0x42, 0xa7, 0xb2, 0x1a, 0x77, 0x17, 0xae, 0x14, 0x62, 0x12, - 0xf4, 0x2e, 0xd4, 0x29, 0x0f, 0xd8, 0x86, 0xb0, 0xf9, 0xd5, 0xb2, 0xca, 0xd9, 0x18, 0xbd, 0x3c, - 0x63, 0xf8, 0xcd, 0x82, 0xda, 0x5e, 0xc6, 0x4e, 0xc9, 0x11, 0xb4, 0x94, 0xe3, 0xc8, 0xc6, 0xaf, - 0xf7, 0xc2, 0xb9, 0x51, 0xf9, 0x2e, 0x47, 0xb4, 0x40, 0xf6, 0xa1, 0x2e, 0x1c, 0x42, 0xae, 0x97, - 0x73, 0x0b, 0x86, 0x74, 0xd6, 0xe6, 0x3f, 0x6a, 0x94, 0x43, 0x68, 0xe4, 0xc3, 0x27, 0x6b, 0x33, - 0x4e, 0x29, 0xb8, 0xcd, 0x59, 0xaf, 0x78, 0xd5, 0x40, 0x2f, 0xa0, 0x29, 0xbd, 0x40, 0xca, 0xb9, - 0xd3, 0x5e, 0x72, 0x36, 0xaa, 0x9e, 0x8b, 0x58, 0x72, 0x8a, 0x64, 0x96, 0xb7, 0x68, 0x95, 0x19, - 0xac, 0xd2, 0xf0, 0xdd, 0x05, 0xf2, 0x06, 0x16, 0xf5, 0xf8, 0x48, 0x59, 0xd6, 0xf2, 0xb0, 0x9d, - 0x7e, 0x75, 0x82, 0x42, 0x3c, 0x69, 0x88, 0x3f, 0xf6, 0x9d, 0x9f, 0x01, 0x00, 0x00, 0xff, 0xff, - 0x91, 0x77, 0xf2, 0xa6, 0xf9, 0x07, 0x00, 0x00, +func init() { + proto.RegisterFile("github.com/micro/go-micro/auth/service/proto/auth/auth.proto", fileDescriptor_b246cecfa8195ff3) +} + +var fileDescriptor_b246cecfa8195ff3 = []byte{ + // 612 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x55, 0xcd, 0x6e, 0xd3, 0x40, + 0x10, 0xae, 0xed, 0x34, 0x49, 0x27, 0x4d, 0x13, 0xad, 0xaa, 0x60, 0x45, 0xa2, 0x04, 0x83, 0x50, + 0x84, 0x8a, 0x83, 0xd2, 0x0b, 0xe2, 0x4f, 0x54, 0x50, 0x95, 0x1f, 0x95, 0x83, 0x85, 0x04, 0x37, + 0xe4, 0x38, 0x43, 0x62, 0xd2, 0x78, 0xcd, 0x7a, 0x1d, 0x91, 0xb7, 0xe0, 0x01, 0xb9, 0x71, 0xe6, + 0x1d, 0xd0, 0xae, 0x77, 0x5d, 0xc7, 0x49, 0x38, 0xf0, 0x73, 0x89, 0x66, 0x66, 0x67, 0xbf, 0x6f, + 0xe6, 0x9b, 0xd9, 0x18, 0x1e, 0x4f, 0x42, 0x3e, 0x4d, 0x47, 0x6e, 0x40, 0xe7, 0x83, 0x79, 0x18, + 0x30, 0x3a, 0x98, 0xd0, 0x7b, 0x99, 0xe1, 0xa7, 0x7c, 0x3a, 0x48, 0x90, 0x2d, 0xc2, 0x00, 0x07, + 0x31, 0xa3, 0x5c, 0x85, 0xc4, 0x8f, 0x2b, 0x7d, 0xd2, 0x9c, 0x50, 0x57, 0x26, 0xbb, 0x22, 0xe8, + 0x7c, 0x33, 0x61, 0xf7, 0x1d, 0x9d, 0x61, 0x44, 0x0e, 0x61, 0x97, 0x0b, 0xc3, 0x36, 0x7a, 0x46, + 0x7f, 0xcf, 0xcb, 0x1c, 0x42, 0xa0, 0xc2, 0x97, 0x31, 0xda, 0xa6, 0x0c, 0x4a, 0x9b, 0xd8, 0x50, + 0x0b, 0x18, 0xfa, 0x1c, 0xc7, 0xb6, 0xd5, 0x33, 0xfa, 0x96, 0xa7, 0x5d, 0xd2, 0x81, 0x2a, 0x7e, + 0x8d, 0x43, 0xb6, 0xb4, 0x2b, 0xf2, 0x40, 0x79, 0xe2, 0x46, 0x92, 0x8e, 0x3e, 0x63, 0xc0, 0xed, + 0x5d, 0x09, 0xa4, 0x5d, 0xc1, 0xca, 0xe8, 0x25, 0x26, 0x76, 0xb5, 0x67, 0x09, 0x56, 0xe9, 0x90, + 0xa7, 0x50, 0x9f, 0x23, 0xf7, 0xc7, 0x3e, 0xf7, 0xed, 0x5a, 0xcf, 0xea, 0x37, 0x86, 0x8e, 0xbb, + 0x52, 0xb7, 0x2b, 0x6b, 0x76, 0x2f, 0x54, 0xd2, 0x59, 0xc4, 0xd9, 0xd2, 0xcb, 0xef, 0x74, 0x1f, + 0x41, 0x73, 0xe5, 0x88, 0xb4, 0xc1, 0x9a, 0xe1, 0x52, 0xb5, 0x26, 0x4c, 0x41, 0xbc, 0xf0, 0x2f, + 0x53, 0xdd, 0x59, 0xe6, 0x3c, 0x34, 0x1f, 0x18, 0xce, 0x77, 0x03, 0x6a, 0xa7, 0x41, 0x40, 0xd3, + 0x88, 0x93, 0x03, 0x30, 0xc3, 0xb1, 0xba, 0x66, 0x86, 0x63, 0x72, 0x0c, 0xd5, 0x04, 0x03, 0x86, + 0x5c, 0x5e, 0x6b, 0x0c, 0x0f, 0x37, 0x95, 0xe5, 0xa9, 0x9c, 0xab, 0xe6, 0xac, 0x62, 0x73, 0xcf, + 0x0a, 0xcd, 0x55, 0x64, 0x73, 0xb7, 0x4b, 0x28, 0x8a, 0xfd, 0xff, 0xb4, 0xf7, 0x16, 0xea, 0x1e, + 0x26, 0x34, 0x65, 0x01, 0x8a, 0xe9, 0x46, 0xfe, 0x1c, 0xd5, 0x45, 0x69, 0x6f, 0x9c, 0x78, 0x17, + 0xea, 0x18, 0x8d, 0x63, 0x1a, 0x46, 0x5c, 0x8e, 0x7c, 0xcf, 0xcb, 0x7d, 0xe7, 0x87, 0x01, 0xad, + 0x73, 0x8c, 0x90, 0xf9, 0x1c, 0x3d, 0xfc, 0x92, 0x62, 0xb2, 0x2e, 0x5b, 0x2e, 0x84, 0x59, 0x14, + 0xe2, 0x65, 0x41, 0x08, 0x4b, 0x0a, 0x71, 0x5c, 0x12, 0xa2, 0x84, 0xbb, 0x4d, 0x10, 0x72, 0x0b, + 0x9a, 0x99, 0xe4, 0x1f, 0x57, 0xd6, 0x6f, 0x3f, 0x0b, 0x9e, 0xc9, 0xd8, 0xdf, 0xa9, 0xf6, 0x02, + 0xda, 0x57, 0xc5, 0x24, 0x31, 0x8d, 0x12, 0x24, 0xf7, 0xa1, 0xe6, 0x67, 0x93, 0x92, 0x18, 0x8d, + 0x61, 0x67, 0xf3, 0x1c, 0x3d, 0x9d, 0xe6, 0xbc, 0x87, 0xfd, 0x73, 0xe6, 0x47, 0x5c, 0xeb, 0x44, + 0xa0, 0x22, 0xa4, 0xd0, 0xfa, 0x0b, 0x9b, 0x9c, 0x40, 0x9d, 0xa9, 0xf9, 0xa8, 0x25, 0xbb, 0x56, + 0x82, 0xd5, 0xe3, 0xf3, 0xf2, 0x44, 0xa7, 0x05, 0x4d, 0x05, 0x9c, 0xd5, 0xe6, 0x7c, 0x80, 0xa6, + 0x87, 0x0b, 0x3a, 0xc3, 0x7f, 0x4e, 0xd5, 0x86, 0x03, 0x8d, 0xac, 0xb8, 0xee, 0xc0, 0xc1, 0xab, + 0x28, 0x89, 0x31, 0xc8, 0xfb, 0xda, 0xf8, 0x5f, 0xe2, 0x3c, 0x87, 0x56, 0x9e, 0xf7, 0xc7, 0x12, + 0xbe, 0x11, 0xf4, 0x9f, 0x18, 0x26, 0x53, 0x4d, 0xd6, 0xc9, 0xdf, 0x64, 0xc6, 0xa6, 0x5f, 0xdf, + 0x4d, 0xd8, 0x97, 0xbc, 0x7a, 0x27, 0x4c, 0xb9, 0x13, 0x0d, 0x19, 0xcb, 0x56, 0xc2, 0x79, 0x02, + 0xad, 0x1c, 0x4c, 0x55, 0x74, 0xb7, 0x58, 0xfa, 0xb6, 0x07, 0x9e, 0xa5, 0x0c, 0x7f, 0x1a, 0x50, + 0x39, 0x4d, 0xf9, 0x94, 0x5c, 0x40, 0x5d, 0x6f, 0x07, 0x39, 0xfa, 0xfd, 0x0e, 0x77, 0x6f, 0x6c, + 0x3d, 0x57, 0x72, 0xee, 0x90, 0xd7, 0x50, 0x53, 0x42, 0x91, 0xeb, 0xa5, 0xec, 0x55, 0xa1, 0xbb, + 0x47, 0xdb, 0x8e, 0x8b, 0x58, 0xaa, 0xc5, 0x35, 0xac, 0x55, 0x1d, 0xd7, 0xb0, 0x4a, 0xca, 0x38, + 0x3b, 0xa3, 0xaa, 0xfc, 0x84, 0x9c, 0xfc, 0x0a, 0x00, 0x00, 0xff, 0xff, 0xe9, 0x1b, 0x69, 0xa7, + 0x82, 0x06, 0x00, 0x00, } diff --git a/auth/service/proto/auth.pb.micro.go b/auth/service/proto/auth/auth.pb.micro.go similarity index 62% rename from auth/service/proto/auth.pb.micro.go rename to auth/service/proto/auth/auth.pb.micro.go index 0d162a71..61107958 100644 --- a/auth/service/proto/auth.pb.micro.go +++ b/auth/service/proto/auth/auth.pb.micro.go @@ -1,5 +1,5 @@ // Code generated by protoc-gen-micro. DO NOT EDIT. -// source: auth/service/proto/auth.proto +// source: github.com/micro/go-micro/auth/service/proto/auth/auth.proto package go_micro_auth @@ -35,11 +35,8 @@ var _ server.Option type AuthService interface { Generate(ctx context.Context, in *GenerateRequest, opts ...client.CallOption) (*GenerateResponse, error) - Grant(ctx context.Context, in *GrantRequest, opts ...client.CallOption) (*GrantResponse, error) - Revoke(ctx context.Context, in *RevokeRequest, opts ...client.CallOption) (*RevokeResponse, error) Inspect(ctx context.Context, in *InspectRequest, opts ...client.CallOption) (*InspectResponse, error) Refresh(ctx context.Context, in *RefreshRequest, opts ...client.CallOption) (*RefreshResponse, error) - ListRules(ctx context.Context, in *ListRulesRequest, opts ...client.CallOption) (*ListRulesResponse, error) } type authService struct { @@ -64,26 +61,6 @@ func (c *authService) Generate(ctx context.Context, in *GenerateRequest, opts .. return out, nil } -func (c *authService) Grant(ctx context.Context, in *GrantRequest, opts ...client.CallOption) (*GrantResponse, error) { - req := c.c.NewRequest(c.name, "Auth.Grant", in) - out := new(GrantResponse) - err := c.c.Call(ctx, req, out, opts...) - if err != nil { - return nil, err - } - return out, nil -} - -func (c *authService) Revoke(ctx context.Context, in *RevokeRequest, opts ...client.CallOption) (*RevokeResponse, error) { - req := c.c.NewRequest(c.name, "Auth.Revoke", in) - out := new(RevokeResponse) - err := c.c.Call(ctx, req, out, opts...) - if err != nil { - return nil, err - } - return out, nil -} - func (c *authService) Inspect(ctx context.Context, in *InspectRequest, opts ...client.CallOption) (*InspectResponse, error) { req := c.c.NewRequest(c.name, "Auth.Inspect", in) out := new(InspectResponse) @@ -104,35 +81,19 @@ func (c *authService) Refresh(ctx context.Context, in *RefreshRequest, opts ...c return out, nil } -func (c *authService) ListRules(ctx context.Context, in *ListRulesRequest, opts ...client.CallOption) (*ListRulesResponse, error) { - req := c.c.NewRequest(c.name, "Auth.ListRules", in) - out := new(ListRulesResponse) - err := c.c.Call(ctx, req, out, opts...) - if err != nil { - return nil, err - } - return out, nil -} - // Server API for Auth service type AuthHandler interface { Generate(context.Context, *GenerateRequest, *GenerateResponse) error - Grant(context.Context, *GrantRequest, *GrantResponse) error - Revoke(context.Context, *RevokeRequest, *RevokeResponse) error Inspect(context.Context, *InspectRequest, *InspectResponse) error Refresh(context.Context, *RefreshRequest, *RefreshResponse) error - ListRules(context.Context, *ListRulesRequest, *ListRulesResponse) error } func RegisterAuthHandler(s server.Server, hdlr AuthHandler, opts ...server.HandlerOption) error { type auth interface { Generate(ctx context.Context, in *GenerateRequest, out *GenerateResponse) error - Grant(ctx context.Context, in *GrantRequest, out *GrantResponse) error - Revoke(ctx context.Context, in *RevokeRequest, out *RevokeResponse) error Inspect(ctx context.Context, in *InspectRequest, out *InspectResponse) error Refresh(ctx context.Context, in *RefreshRequest, out *RefreshResponse) error - ListRules(ctx context.Context, in *ListRulesRequest, out *ListRulesResponse) error } type Auth struct { auth @@ -149,14 +110,6 @@ func (h *authHandler) Generate(ctx context.Context, in *GenerateRequest, out *Ge return h.AuthHandler.Generate(ctx, in, out) } -func (h *authHandler) Grant(ctx context.Context, in *GrantRequest, out *GrantResponse) error { - return h.AuthHandler.Grant(ctx, in, out) -} - -func (h *authHandler) Revoke(ctx context.Context, in *RevokeRequest, out *RevokeResponse) error { - return h.AuthHandler.Revoke(ctx, in, out) -} - func (h *authHandler) Inspect(ctx context.Context, in *InspectRequest, out *InspectResponse) error { return h.AuthHandler.Inspect(ctx, in, out) } @@ -164,7 +117,3 @@ func (h *authHandler) Inspect(ctx context.Context, in *InspectRequest, out *Insp func (h *authHandler) Refresh(ctx context.Context, in *RefreshRequest, out *RefreshResponse) error { return h.AuthHandler.Refresh(ctx, in, out) } - -func (h *authHandler) ListRules(ctx context.Context, in *ListRulesRequest, out *ListRulesResponse) error { - return h.AuthHandler.ListRules(ctx, in, out) -} diff --git a/auth/service/proto/auth.proto b/auth/service/proto/auth/auth.proto similarity index 78% rename from auth/service/proto/auth.proto rename to auth/service/proto/auth/auth.proto index 8efb64a5..a31d6102 100644 --- a/auth/service/proto/auth.proto +++ b/auth/service/proto/auth/auth.proto @@ -4,17 +4,8 @@ package go.micro.auth; service Auth { rpc Generate(GenerateRequest) returns (GenerateResponse) {}; - rpc Grant(GrantRequest) returns (GrantResponse) {}; - rpc Revoke(RevokeRequest) returns (RevokeResponse) {}; rpc Inspect(InspectRequest) returns (InspectResponse) {}; rpc Refresh(RefreshRequest) returns (RefreshResponse) {}; - rpc ListRules(ListRulesRequest) returns (ListRulesResponse) {}; -} - -message Rule { - string id = 1; - string role = 2; - Resource resource = 3; } message Token { @@ -80,11 +71,4 @@ message RefreshRequest { message RefreshResponse { Token token = 1; -} - -message ListRulesRequest { -} - -message ListRulesResponse { - repeated Rule rules = 1; -} +} \ No newline at end of file diff --git a/auth/service/proto/rules/rules.pb.go b/auth/service/proto/rules/rules.pb.go new file mode 100644 index 00000000..d9efd3a9 --- /dev/null +++ b/auth/service/proto/rules/rules.pb.go @@ -0,0 +1,398 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// source: github.com/micro/go-micro/auth/service/proto/rules/rules.proto + +package go_micro_auth + +import ( + fmt "fmt" + proto "github.com/golang/protobuf/proto" + auth "github.com/micro/go-micro/v2/auth/service/proto/auth" + math "math" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package + +type Access int32 + +const ( + Access_UNKNOWN Access = 0 + Access_GRANTED Access = 1 + Access_DENIED Access = 2 +) + +var Access_name = map[int32]string{ + 0: "UNKNOWN", + 1: "GRANTED", + 2: "DENIED", +} + +var Access_value = map[string]int32{ + "UNKNOWN": 0, + "GRANTED": 1, + "DENIED": 2, +} + +func (x Access) String() string { + return proto.EnumName(Access_name, int32(x)) +} + +func (Access) EnumDescriptor() ([]byte, []int) { + return fileDescriptor_d5bb7c98c32bdd99, []int{0} +} + +type Rule struct { + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + Role string `protobuf:"bytes,2,opt,name=role,proto3" json:"role,omitempty"` + Resource *auth.Resource `protobuf:"bytes,3,opt,name=resource,proto3" json:"resource,omitempty"` + Access Access `protobuf:"varint,4,opt,name=access,proto3,enum=go.micro.auth.Access" json:"access,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Rule) Reset() { *m = Rule{} } +func (m *Rule) String() string { return proto.CompactTextString(m) } +func (*Rule) ProtoMessage() {} +func (*Rule) Descriptor() ([]byte, []int) { + return fileDescriptor_d5bb7c98c32bdd99, []int{0} +} + +func (m *Rule) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_Rule.Unmarshal(m, b) +} +func (m *Rule) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_Rule.Marshal(b, m, deterministic) +} +func (m *Rule) XXX_Merge(src proto.Message) { + xxx_messageInfo_Rule.Merge(m, src) +} +func (m *Rule) XXX_Size() int { + return xxx_messageInfo_Rule.Size(m) +} +func (m *Rule) XXX_DiscardUnknown() { + xxx_messageInfo_Rule.DiscardUnknown(m) +} + +var xxx_messageInfo_Rule proto.InternalMessageInfo + +func (m *Rule) GetId() string { + if m != nil { + return m.Id + } + return "" +} + +func (m *Rule) GetRole() string { + if m != nil { + return m.Role + } + return "" +} + +func (m *Rule) GetResource() *auth.Resource { + if m != nil { + return m.Resource + } + return nil +} + +func (m *Rule) GetAccess() Access { + if m != nil { + return m.Access + } + return Access_UNKNOWN +} + +type CreateRequest struct { + Role string `protobuf:"bytes,1,opt,name=role,proto3" json:"role,omitempty"` + Resource *auth.Resource `protobuf:"bytes,2,opt,name=resource,proto3" json:"resource,omitempty"` + Access Access `protobuf:"varint,3,opt,name=access,proto3,enum=go.micro.auth.Access" json:"access,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *CreateRequest) Reset() { *m = CreateRequest{} } +func (m *CreateRequest) String() string { return proto.CompactTextString(m) } +func (*CreateRequest) ProtoMessage() {} +func (*CreateRequest) Descriptor() ([]byte, []int) { + return fileDescriptor_d5bb7c98c32bdd99, []int{1} +} + +func (m *CreateRequest) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_CreateRequest.Unmarshal(m, b) +} +func (m *CreateRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_CreateRequest.Marshal(b, m, deterministic) +} +func (m *CreateRequest) XXX_Merge(src proto.Message) { + xxx_messageInfo_CreateRequest.Merge(m, src) +} +func (m *CreateRequest) XXX_Size() int { + return xxx_messageInfo_CreateRequest.Size(m) +} +func (m *CreateRequest) XXX_DiscardUnknown() { + xxx_messageInfo_CreateRequest.DiscardUnknown(m) +} + +var xxx_messageInfo_CreateRequest proto.InternalMessageInfo + +func (m *CreateRequest) GetRole() string { + if m != nil { + return m.Role + } + return "" +} + +func (m *CreateRequest) GetResource() *auth.Resource { + if m != nil { + return m.Resource + } + return nil +} + +func (m *CreateRequest) GetAccess() Access { + if m != nil { + return m.Access + } + return Access_UNKNOWN +} + +type CreateResponse struct { + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *CreateResponse) Reset() { *m = CreateResponse{} } +func (m *CreateResponse) String() string { return proto.CompactTextString(m) } +func (*CreateResponse) ProtoMessage() {} +func (*CreateResponse) Descriptor() ([]byte, []int) { + return fileDescriptor_d5bb7c98c32bdd99, []int{2} +} + +func (m *CreateResponse) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_CreateResponse.Unmarshal(m, b) +} +func (m *CreateResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_CreateResponse.Marshal(b, m, deterministic) +} +func (m *CreateResponse) XXX_Merge(src proto.Message) { + xxx_messageInfo_CreateResponse.Merge(m, src) +} +func (m *CreateResponse) XXX_Size() int { + return xxx_messageInfo_CreateResponse.Size(m) +} +func (m *CreateResponse) XXX_DiscardUnknown() { + xxx_messageInfo_CreateResponse.DiscardUnknown(m) +} + +var xxx_messageInfo_CreateResponse proto.InternalMessageInfo + +type DeleteRequest struct { + Role string `protobuf:"bytes,1,opt,name=role,proto3" json:"role,omitempty"` + Resource *auth.Resource `protobuf:"bytes,2,opt,name=resource,proto3" json:"resource,omitempty"` + Access Access `protobuf:"varint,3,opt,name=access,proto3,enum=go.micro.auth.Access" json:"access,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *DeleteRequest) Reset() { *m = DeleteRequest{} } +func (m *DeleteRequest) String() string { return proto.CompactTextString(m) } +func (*DeleteRequest) ProtoMessage() {} +func (*DeleteRequest) Descriptor() ([]byte, []int) { + return fileDescriptor_d5bb7c98c32bdd99, []int{3} +} + +func (m *DeleteRequest) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_DeleteRequest.Unmarshal(m, b) +} +func (m *DeleteRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_DeleteRequest.Marshal(b, m, deterministic) +} +func (m *DeleteRequest) XXX_Merge(src proto.Message) { + xxx_messageInfo_DeleteRequest.Merge(m, src) +} +func (m *DeleteRequest) XXX_Size() int { + return xxx_messageInfo_DeleteRequest.Size(m) +} +func (m *DeleteRequest) XXX_DiscardUnknown() { + xxx_messageInfo_DeleteRequest.DiscardUnknown(m) +} + +var xxx_messageInfo_DeleteRequest proto.InternalMessageInfo + +func (m *DeleteRequest) GetRole() string { + if m != nil { + return m.Role + } + return "" +} + +func (m *DeleteRequest) GetResource() *auth.Resource { + if m != nil { + return m.Resource + } + return nil +} + +func (m *DeleteRequest) GetAccess() Access { + if m != nil { + return m.Access + } + return Access_UNKNOWN +} + +type DeleteResponse struct { + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *DeleteResponse) Reset() { *m = DeleteResponse{} } +func (m *DeleteResponse) String() string { return proto.CompactTextString(m) } +func (*DeleteResponse) ProtoMessage() {} +func (*DeleteResponse) Descriptor() ([]byte, []int) { + return fileDescriptor_d5bb7c98c32bdd99, []int{4} +} + +func (m *DeleteResponse) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_DeleteResponse.Unmarshal(m, b) +} +func (m *DeleteResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_DeleteResponse.Marshal(b, m, deterministic) +} +func (m *DeleteResponse) XXX_Merge(src proto.Message) { + xxx_messageInfo_DeleteResponse.Merge(m, src) +} +func (m *DeleteResponse) XXX_Size() int { + return xxx_messageInfo_DeleteResponse.Size(m) +} +func (m *DeleteResponse) XXX_DiscardUnknown() { + xxx_messageInfo_DeleteResponse.DiscardUnknown(m) +} + +var xxx_messageInfo_DeleteResponse proto.InternalMessageInfo + +type ListRequest struct { + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *ListRequest) Reset() { *m = ListRequest{} } +func (m *ListRequest) String() string { return proto.CompactTextString(m) } +func (*ListRequest) ProtoMessage() {} +func (*ListRequest) Descriptor() ([]byte, []int) { + return fileDescriptor_d5bb7c98c32bdd99, []int{5} +} + +func (m *ListRequest) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_ListRequest.Unmarshal(m, b) +} +func (m *ListRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_ListRequest.Marshal(b, m, deterministic) +} +func (m *ListRequest) XXX_Merge(src proto.Message) { + xxx_messageInfo_ListRequest.Merge(m, src) +} +func (m *ListRequest) XXX_Size() int { + return xxx_messageInfo_ListRequest.Size(m) +} +func (m *ListRequest) XXX_DiscardUnknown() { + xxx_messageInfo_ListRequest.DiscardUnknown(m) +} + +var xxx_messageInfo_ListRequest proto.InternalMessageInfo + +type ListResponse struct { + Rules []*Rule `protobuf:"bytes,1,rep,name=rules,proto3" json:"rules,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *ListResponse) Reset() { *m = ListResponse{} } +func (m *ListResponse) String() string { return proto.CompactTextString(m) } +func (*ListResponse) ProtoMessage() {} +func (*ListResponse) Descriptor() ([]byte, []int) { + return fileDescriptor_d5bb7c98c32bdd99, []int{6} +} + +func (m *ListResponse) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_ListResponse.Unmarshal(m, b) +} +func (m *ListResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_ListResponse.Marshal(b, m, deterministic) +} +func (m *ListResponse) XXX_Merge(src proto.Message) { + xxx_messageInfo_ListResponse.Merge(m, src) +} +func (m *ListResponse) XXX_Size() int { + return xxx_messageInfo_ListResponse.Size(m) +} +func (m *ListResponse) XXX_DiscardUnknown() { + xxx_messageInfo_ListResponse.DiscardUnknown(m) +} + +var xxx_messageInfo_ListResponse proto.InternalMessageInfo + +func (m *ListResponse) GetRules() []*Rule { + if m != nil { + return m.Rules + } + return nil +} + +func init() { + proto.RegisterEnum("go.micro.auth.Access", Access_name, Access_value) + proto.RegisterType((*Rule)(nil), "go.micro.auth.Rule") + proto.RegisterType((*CreateRequest)(nil), "go.micro.auth.CreateRequest") + proto.RegisterType((*CreateResponse)(nil), "go.micro.auth.CreateResponse") + proto.RegisterType((*DeleteRequest)(nil), "go.micro.auth.DeleteRequest") + proto.RegisterType((*DeleteResponse)(nil), "go.micro.auth.DeleteResponse") + proto.RegisterType((*ListRequest)(nil), "go.micro.auth.ListRequest") + proto.RegisterType((*ListResponse)(nil), "go.micro.auth.ListResponse") +} + +func init() { + proto.RegisterFile("github.com/micro/go-micro/auth/service/proto/rules/rules.proto", fileDescriptor_d5bb7c98c32bdd99) +} + +var fileDescriptor_d5bb7c98c32bdd99 = []byte{ + // 384 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x93, 0x41, 0x6b, 0xdb, 0x30, + 0x1c, 0xc5, 0x23, 0xc7, 0xf1, 0xb6, 0xbf, 0x97, 0x60, 0x34, 0xc6, 0x8c, 0xb7, 0x81, 0xc9, 0xc9, + 0x1b, 0xc4, 0x06, 0xe7, 0x34, 0x18, 0x83, 0x30, 0x87, 0x30, 0x36, 0x3c, 0x10, 0x2d, 0x3d, 0x27, + 0xce, 0x9f, 0xc4, 0xe0, 0x54, 0xa9, 0x64, 0xf7, 0x2b, 0xf4, 0xd6, 0x4f, 0xd8, 0x0f, 0x53, 0x2c, + 0x39, 0xa1, 0x71, 0x1a, 0x68, 0x6e, 0xbd, 0x08, 0x49, 0xef, 0xe9, 0xf9, 0xa7, 0x67, 0x1b, 0x7e, + 0xad, 0xf2, 0x72, 0x5d, 0x2d, 0xc2, 0x8c, 0x6f, 0xa2, 0x4d, 0x9e, 0x09, 0x1e, 0xad, 0xf8, 0x48, + 0x4f, 0xe6, 0x55, 0xb9, 0x8e, 0x24, 0x8a, 0xdb, 0x3c, 0xc3, 0x68, 0x2b, 0x78, 0xc9, 0x23, 0x51, + 0x15, 0x28, 0xf5, 0x18, 0xaa, 0x1d, 0xda, 0x5f, 0xf1, 0x50, 0xd9, 0xc3, 0xda, 0xee, 0xfd, 0x3c, + 0x2b, 0x4e, 0x6d, 0xd5, 0x83, 0x0e, 0x1b, 0xde, 0x13, 0x30, 0x59, 0x55, 0x20, 0x1d, 0x80, 0x91, + 0x2f, 0x5d, 0xe2, 0x93, 0xe0, 0x1d, 0x33, 0xf2, 0x25, 0xa5, 0x60, 0x0a, 0x5e, 0xa0, 0x6b, 0xa8, + 0x1d, 0x35, 0xa7, 0x63, 0x78, 0x2b, 0x50, 0xf2, 0x4a, 0x64, 0xe8, 0x76, 0x7d, 0x12, 0xd8, 0xf1, + 0xa7, 0xf0, 0x00, 0x26, 0x64, 0x8d, 0xcc, 0xf6, 0x46, 0x3a, 0x02, 0x6b, 0x9e, 0x65, 0x28, 0xa5, + 0x6b, 0xfa, 0x24, 0x18, 0xc4, 0x1f, 0x5b, 0x47, 0x26, 0x4a, 0x64, 0x8d, 0x69, 0x78, 0x47, 0xa0, + 0xff, 0x5b, 0xe0, 0xbc, 0x44, 0x86, 0x37, 0x15, 0xca, 0x72, 0x4f, 0x42, 0x4e, 0x90, 0x18, 0xe7, + 0x93, 0x74, 0x5f, 0x42, 0xe2, 0xc0, 0x60, 0x07, 0x22, 0xb7, 0xfc, 0x5a, 0xa2, 0x62, 0x4b, 0xb0, + 0xc0, 0x57, 0xc1, 0xb6, 0x03, 0x69, 0xd8, 0xfa, 0x60, 0xff, 0xcb, 0x65, 0xd9, 0x80, 0x0d, 0x7f, + 0xc0, 0x7b, 0xbd, 0xd4, 0x32, 0xfd, 0x06, 0x3d, 0xf5, 0x0d, 0xb9, 0xc4, 0xef, 0x06, 0x76, 0xfc, + 0xa1, 0x4d, 0x54, 0x15, 0xc8, 0xb4, 0xe3, 0x7b, 0x08, 0x96, 0x7e, 0x1a, 0xb5, 0xe1, 0xcd, 0x65, + 0xfa, 0x37, 0xfd, 0x7f, 0x95, 0x3a, 0x9d, 0x7a, 0x31, 0x63, 0x93, 0xf4, 0x62, 0x9a, 0x38, 0x84, + 0x02, 0x58, 0xc9, 0x34, 0xfd, 0x33, 0x4d, 0x1c, 0x23, 0x7e, 0x20, 0xd0, 0xab, 0xcf, 0x4b, 0x3a, + 0x03, 0x4b, 0x37, 0x46, 0xbf, 0xb4, 0xf2, 0x0f, 0xde, 0xa8, 0xf7, 0xf5, 0x84, 0xda, 0x5c, 0xa5, + 0x53, 0x07, 0xe9, 0xeb, 0x1d, 0x05, 0x1d, 0xd4, 0x7f, 0x14, 0xd4, 0xea, 0xa4, 0x43, 0x27, 0x60, + 0xd6, 0x35, 0x50, 0xaf, 0x65, 0x7c, 0x52, 0x95, 0xf7, 0xf9, 0x59, 0x6d, 0x17, 0xb1, 0xb0, 0xd4, + 0x8f, 0x32, 0x7e, 0x0c, 0x00, 0x00, 0xff, 0xff, 0x85, 0x65, 0x07, 0x9d, 0xb7, 0x03, 0x00, 0x00, +} diff --git a/auth/service/proto/rules/rules.pb.micro.go b/auth/service/proto/rules/rules.pb.micro.go new file mode 100644 index 00000000..ee3a7f24 --- /dev/null +++ b/auth/service/proto/rules/rules.pb.micro.go @@ -0,0 +1,120 @@ +// Code generated by protoc-gen-micro. DO NOT EDIT. +// source: github.com/micro/go-micro/auth/service/proto/rules/rules.proto + +package go_micro_auth + +import ( + fmt "fmt" + proto "github.com/golang/protobuf/proto" + _ "github.com/micro/go-micro/v2/auth/service/proto/auth" + math "math" +) + +import ( + context "context" + client "github.com/micro/go-micro/v2/client" + server "github.com/micro/go-micro/v2/server" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package + +// Reference imports to suppress errors if they are not otherwise used. +var _ context.Context +var _ client.Option +var _ server.Option + +// Client API for Rules service + +type RulesService interface { + Create(ctx context.Context, in *CreateRequest, opts ...client.CallOption) (*CreateResponse, error) + Delete(ctx context.Context, in *DeleteRequest, opts ...client.CallOption) (*DeleteResponse, error) + List(ctx context.Context, in *ListRequest, opts ...client.CallOption) (*ListResponse, error) +} + +type rulesService struct { + c client.Client + name string +} + +func NewRulesService(name string, c client.Client) RulesService { + return &rulesService{ + c: c, + name: name, + } +} + +func (c *rulesService) Create(ctx context.Context, in *CreateRequest, opts ...client.CallOption) (*CreateResponse, error) { + req := c.c.NewRequest(c.name, "Rules.Create", in) + out := new(CreateResponse) + err := c.c.Call(ctx, req, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *rulesService) Delete(ctx context.Context, in *DeleteRequest, opts ...client.CallOption) (*DeleteResponse, error) { + req := c.c.NewRequest(c.name, "Rules.Delete", in) + out := new(DeleteResponse) + err := c.c.Call(ctx, req, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *rulesService) List(ctx context.Context, in *ListRequest, opts ...client.CallOption) (*ListResponse, error) { + req := c.c.NewRequest(c.name, "Rules.List", in) + out := new(ListResponse) + err := c.c.Call(ctx, req, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +// Server API for Rules service + +type RulesHandler interface { + Create(context.Context, *CreateRequest, *CreateResponse) error + Delete(context.Context, *DeleteRequest, *DeleteResponse) error + List(context.Context, *ListRequest, *ListResponse) error +} + +func RegisterRulesHandler(s server.Server, hdlr RulesHandler, opts ...server.HandlerOption) error { + type rules interface { + Create(ctx context.Context, in *CreateRequest, out *CreateResponse) error + Delete(ctx context.Context, in *DeleteRequest, out *DeleteResponse) error + List(ctx context.Context, in *ListRequest, out *ListResponse) error + } + type Rules struct { + rules + } + h := &rulesHandler{hdlr} + return s.Handle(s.NewHandler(&Rules{h}, opts...)) +} + +type rulesHandler struct { + RulesHandler +} + +func (h *rulesHandler) Create(ctx context.Context, in *CreateRequest, out *CreateResponse) error { + return h.RulesHandler.Create(ctx, in, out) +} + +func (h *rulesHandler) Delete(ctx context.Context, in *DeleteRequest, out *DeleteResponse) error { + return h.RulesHandler.Delete(ctx, in, out) +} + +func (h *rulesHandler) List(ctx context.Context, in *ListRequest, out *ListResponse) error { + return h.RulesHandler.List(ctx, in, out) +} diff --git a/auth/service/proto/rules/rules.proto b/auth/service/proto/rules/rules.proto new file mode 100644 index 00000000..d4937b51 --- /dev/null +++ b/auth/service/proto/rules/rules.proto @@ -0,0 +1,47 @@ +syntax = "proto3"; + +package go.micro.auth; + +import "github.com/micro/go-micro/auth/service/proto/auth/auth.proto"; + +service Rules { + rpc Create(CreateRequest) returns (CreateResponse) {}; + rpc Delete(DeleteRequest) returns (DeleteResponse) {}; + rpc List(ListRequest) returns (ListResponse) {}; +} + +enum Access { + UNKNOWN = 0; + GRANTED = 1; + DENIED = 2; +} + +message Rule { + string id = 1; + string role = 2; + Resource resource = 3; + Access access = 4; +} + +message CreateRequest { + string role = 1; + Resource resource = 2; + Access access = 3; +} + +message CreateResponse {} + +message DeleteRequest { + string role = 1; + Resource resource = 2; + Access access = 3; +} + +message DeleteResponse {} + +message ListRequest { +} + +message ListResponse { + repeated Rule rules = 1; +} diff --git a/auth/service/service.go b/auth/service/service.go index 190551f9..d3d8d388 100644 --- a/auth/service/service.go +++ b/auth/service/service.go @@ -8,7 +8,8 @@ import ( "time" "github.com/micro/go-micro/v2/auth" - pb "github.com/micro/go-micro/v2/auth/service/proto" + authPb "github.com/micro/go-micro/v2/auth/service/proto/auth" + rulePb "github.com/micro/go-micro/v2/auth/service/proto/rules" "github.com/micro/go-micro/v2/auth/token" "github.com/micro/go-micro/v2/auth/token/jwt" "github.com/micro/go-micro/v2/client" @@ -26,10 +27,11 @@ func NewAuth(opts ...auth.Option) auth.Auth { // svc is the service implementation of the Auth interface type svc struct { options auth.Options - auth pb.AuthService + auth authPb.AuthService + rule rulePb.RulesService jwt token.Provider - rules []*pb.Rule + rules []*rulePb.Rule sync.Mutex } @@ -43,7 +45,8 @@ func (s *svc) Init(opts ...auth.Option) { } dc := client.DefaultClient - s.auth = pb.NewAuthService("go.micro.auth", dc) + s.auth = authPb.NewAuthService("go.micro.auth", dc) + s.rule = rulePb.NewRulesService("go.micro.auth", dc) // if we have a JWT public key passed as an option, // we can decode tokens with the type "JWT" locally @@ -78,7 +81,7 @@ func (s *svc) Options() auth.Options { func (s *svc) Generate(id string, opts ...auth.GenerateOption) (*auth.Account, error) { options := auth.NewGenerateOptions(opts...) - rsp, err := s.auth.Generate(context.TODO(), &pb.GenerateRequest{ + rsp, err := s.auth.Generate(context.TODO(), &authPb.GenerateRequest{ Id: id, Roles: options.Roles, Metadata: options.Metadata, @@ -93,9 +96,10 @@ func (s *svc) Generate(id string, opts ...auth.GenerateOption) (*auth.Account, e // Grant access to a resource func (s *svc) Grant(role string, res *auth.Resource) error { - _, err := s.auth.Grant(context.TODO(), &pb.GrantRequest{ - Role: role, - Resource: &pb.Resource{ + _, err := s.rule.Create(context.TODO(), &rulePb.CreateRequest{ + Role: role, + Access: rulePb.Access_GRANTED, + Resource: &authPb.Resource{ Type: res.Type, Name: res.Name, Endpoint: res.Endpoint, @@ -106,9 +110,10 @@ func (s *svc) Grant(role string, res *auth.Resource) error { // Revoke access to a resource func (s *svc) Revoke(role string, res *auth.Resource) error { - _, err := s.auth.Revoke(context.TODO(), &pb.RevokeRequest{ - Role: role, - Resource: &pb.Resource{ + _, err := s.rule.Delete(context.TODO(), &rulePb.DeleteRequest{ + Role: role, + Access: rulePb.Access_GRANTED, + Resource: &authPb.Resource{ Type: res.Type, Name: res.Name, Endpoint: res.Endpoint, @@ -120,10 +125,11 @@ func (s *svc) Revoke(role string, res *auth.Resource) error { // Verify an account has access to a resource func (s *svc) Verify(acc *auth.Account, res *auth.Resource) error { queries := [][]string{ - {res.Type, "*"}, // check for wildcard resource type, e.g. service.* - {res.Type, res.Name, "*"}, // check for wildcard name, e.g. service.foo* - {res.Type, res.Name, res.Endpoint, "*"}, // check for wildcard endpoints, e.g. service.foo.ListFoo:* - {res.Type, res.Name, res.Endpoint}, // check for specific role, e.g. service.foo.ListFoo:admin + {res.Type, res.Name, res.Endpoint}, // check for specific role, e.g. service.foo.ListFoo:admin (role is checked in accessForRule) + {res.Type, res.Name, res.Endpoint, "*"}, // check for wildcard role, e.g. service.foo.ListFoo:* + {res.Type, res.Name, "*"}, // check for wildcard endpoint, e.g. service.foo* + {res.Type, "*"}, // check for wildcard name, e.g. service.* + {"*"}, // check for wildcard type, e.g. * } // endpoint is a url which can have wildcard excludes, e.g. @@ -137,12 +143,18 @@ func (s *svc) Verify(acc *auth.Account, res *auth.Resource) error { for _, q := range queries { for _, rule := range s.listRules(q...) { - if isValidRule(rule, acc, res) { - return nil + switch accessForRule(rule, acc, res) { + case rulePb.Access_UNKNOWN: + continue // rule did not specify access, check the next rule + case rulePb.Access_GRANTED: + return nil // rule grants the account access to the resource + case rulePb.Access_DENIED: + return auth.ErrForbidden // reule denies access to the resource } } } + // no rules were found for the resource, default to denying access return auth.ErrForbidden } @@ -162,7 +174,7 @@ func (s *svc) Inspect(token string) (*auth.Account, error) { } } - rsp, err := s.auth.Inspect(context.TODO(), &pb.InspectRequest{ + rsp, err := s.auth.Inspect(context.TODO(), &authPb.InspectRequest{ Token: token, }) if err != nil { @@ -176,7 +188,7 @@ func (s *svc) Inspect(token string) (*auth.Account, error) { func (s *svc) Refresh(secret string, opts ...auth.RefreshOption) (*auth.Token, error) { options := auth.NewRefreshOptions(opts...) - rsp, err := s.auth.Refresh(context.Background(), &pb.RefreshRequest{ + rsp, err := s.auth.Refresh(context.Background(), &authPb.RefreshRequest{ Secret: secret, TokenExpiry: int64(options.TokenExpiry.Seconds()), }) @@ -189,36 +201,36 @@ func (s *svc) Refresh(secret string, opts ...auth.RefreshOption) (*auth.Token, e var ruleJoinKey = ":" -// isValidRule returns a bool, indicating if a rule permits access to a +// accessForRule returns a rule status, indicating if a rule permits access to a // resource for a given account -func isValidRule(rule *pb.Rule, acc *auth.Account, res *auth.Resource) bool { +func accessForRule(rule *rulePb.Rule, acc *auth.Account, res *auth.Resource) rulePb.Access { if rule.Role == "*" { - return true + return rule.Access } for _, role := range acc.Roles { if rule.Role == role { - return true + return rule.Access } // allow user.anything if role is user.* if strings.HasSuffix(rule.Role, ".*") && strings.HasPrefix(rule.Role, role+".") { - return true + return rule.Access } } - return false + return rulePb.Access_DENIED } // listRules gets all the rules from the store which have an id // prefix matching the filters -func (s *svc) listRules(filters ...string) []*pb.Rule { +func (s *svc) listRules(filters ...string) []*rulePb.Rule { s.Lock() defer s.Unlock() prefix := strings.Join(filters, ruleJoinKey) - var rules []*pb.Rule + var rules []*rulePb.Rule for _, r := range s.rules { if strings.HasPrefix(r.Id, prefix) { rules = append(rules, r) @@ -230,7 +242,7 @@ func (s *svc) listRules(filters ...string) []*pb.Rule { // loadRules retrieves the rules from the auth service func (s *svc) loadRules() { - rsp, err := s.auth.ListRules(context.TODO(), &pb.ListRulesRequest{}, client.WithRetries(3)) + rsp, err := s.rule.List(context.TODO(), &rulePb.ListRequest{}) s.Lock() defer s.Unlock() @@ -242,7 +254,7 @@ func (s *svc) loadRules() { s.rules = rsp.Rules } -func serializeToken(t *pb.Token) *auth.Token { +func serializeToken(t *authPb.Token) *auth.Token { return &auth.Token{ Token: t.Token, Type: t.Type, @@ -254,7 +266,7 @@ func serializeToken(t *pb.Token) *auth.Token { } } -func serializeAccount(a *pb.Account) *auth.Account { +func serializeAccount(a *authPb.Account) *auth.Account { var secret *auth.Token if a.Secret != nil { secret = serializeToken(a.Secret) diff --git a/auth/token/basic/basic.go b/auth/token/basic/basic.go index edf5d2fb..87469127 100644 --- a/auth/token/basic/basic.go +++ b/auth/token/basic/basic.go @@ -2,6 +2,7 @@ package basic import ( "encoding/json" + "fmt" "time" "github.com/google/uuid" @@ -15,6 +16,11 @@ type Basic struct { store store.Store } +var ( + // StorePrefix to isolate tokens + StorePrefix = "tokens/" +) + // NewTokenProvider returns an initialized basic provider func NewTokenProvider(opts ...token.Option) token.Provider { options := token.NewOptions(opts...) @@ -51,7 +57,7 @@ func (b *Basic) Generate(subject string, opts ...token.GenerateOption) (*auth.To // write to the store err = b.store.Write(&store.Record{ - Key: token.Token, + Key: fmt.Sprintf("%v%v", StorePrefix, token.Token), Value: bytes, Expiry: options.Expiry, }) @@ -66,7 +72,7 @@ func (b *Basic) Generate(subject string, opts ...token.GenerateOption) (*auth.To // Inspect a token func (b *Basic) Inspect(t string) (*auth.Token, error) { // lookup the token in the store - recs, err := b.store.Read(t) + recs, err := b.store.Read(StorePrefix + t) if err == store.ErrNotFound { return nil, token.ErrInvalidToken } else if err != nil {