unistack-org/micro
4
0
Fork 2
Code Issues 18 Pull Requests Actions Packages Projects Releases 324 Wiki Activity

Remove roles (replaced with scope)

Browse Source
This commit is contained in:
Ben Toogood
2020-05-21 14:56:17 +01:00
parent 4de19805ba
commit 856c73b341
13 changed files with 93 additions and 226 deletions
Download Patch File Download Diff File Expand all files Collapse all files

147
auth/service/proto/auth.pb.go
View File

@@ -188,7 +188,6 @@ func (m *Token) GetExpiry() int64 {
type Account struct {
Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
Type string `protobuf:"bytes,2,opt,name=type,proto3" json:"type,omitempty"`
Roles []string `protobuf:"bytes,3,rep,name=roles,proto3" json:"roles,omitempty"`
Metadata map[string]string `protobuf:"bytes,4,rep,name=metadata,proto3" json:"metadata,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
Scopes []string `protobuf:"bytes,5,rep,name=scopes,proto3" json:"scopes,omitempty"`
Provider string `protobuf:"bytes,6,opt,name=provider,proto3" json:"provider,omitempty"`
@@ -237,13 +236,6 @@ func (m *Account) GetType() string {
return ""
}
func (m *Account) GetRoles() []string {
if m != nil {
return m.Roles
}
return nil
}
func (m *Account) GetMetadata() map[string]string {
if m != nil {
return m.Metadata
@@ -329,7 +321,6 @@ func (m *Resource) GetEndpoint() string {
type GenerateRequest struct {
Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
Roles []string `protobuf:"bytes,2,rep,name=roles,proto3" json:"roles,omitempty"`
Metadata map[string]string `protobuf:"bytes,3,rep,name=metadata,proto3" json:"metadata,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
Scopes []string `protobuf:"bytes,4,rep,name=scopes,proto3" json:"scopes,omitempty"`
Secret string `protobuf:"bytes,5,opt,name=secret,proto3" json:"secret,omitempty"`
@@ -372,13 +363,6 @@ func (m *GenerateRequest) GetId() string {
return ""
}
func (m *GenerateRequest) GetRoles() []string {
if m != nil {
return m.Roles
}
return nil
}
func (m *GenerateRequest) GetMetadata() map[string]string {
if m != nil {
return m.Metadata
@@ -454,7 +438,7 @@ func (m *GenerateResponse) GetAccount() *Account {
}
type GrantRequest struct {
Role string `protobuf:"bytes,1,opt,name=role,proto3" json:"role,omitempty"`
Scope string `protobuf:"bytes,1,opt,name=scope,proto3" json:"scope,omitempty"`
Resource *Resource `protobuf:"bytes,2,opt,name=resource,proto3" json:"resource,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
@@ -486,9 +470,9 @@ func (m *GrantRequest) XXX_DiscardUnknown() {
var xxx_messageInfo_GrantRequest proto.InternalMessageInfo
func (m *GrantRequest) GetRole() string {
func (m *GrantRequest) GetScope() string {
if m != nil {
return m.Role
return m.Scope
}
return ""
}
@@ -532,7 +516,7 @@ func (m *GrantResponse) XXX_DiscardUnknown() {
var xxx_messageInfo_GrantResponse proto.InternalMessageInfo
type RevokeRequest struct {
Role string `protobuf:"bytes,1,opt,name=role,proto3" json:"role,omitempty"`
Scope string `protobuf:"bytes,1,opt,name=scope,proto3" json:"scope,omitempty"`
Resource *Resource `protobuf:"bytes,2,opt,name=resource,proto3" json:"resource,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
@@ -564,9 +548,9 @@ func (m *RevokeRequest) XXX_DiscardUnknown() {
var xxx_messageInfo_RevokeRequest proto.InternalMessageInfo
func (m *RevokeRequest) GetRole() string {
func (m *RevokeRequest) GetScope() string {
if m != nil {
return m.Role
return m.Scope
}
return ""
}
@@ -791,7 +775,7 @@ func (m *TokenResponse) GetToken() *Token {
type Rule struct {
Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
Role string `protobuf:"bytes,2,opt,name=role,proto3" json:"role,omitempty"`
Scope string `protobuf:"bytes,2,opt,name=scope,proto3" json:"scope,omitempty"`
Resource *Resource `protobuf:"bytes,3,opt,name=resource,proto3" json:"resource,omitempty"`
Access Access `protobuf:"varint,4,opt,name=access,proto3,enum=go.micro.auth.Access" json:"access,omitempty"`
Priority int32 `protobuf:"varint,5,opt,name=priority,proto3" json:"priority,omitempty"`
@@ -832,9 +816,9 @@ func (m *Rule) GetId() string {
return ""
}
func (m *Rule) GetRole() string {
func (m *Rule) GetScope() string {
if m != nil {
return m.Role
return m.Scope
}
return ""
}
@@ -1101,63 +1085,62 @@ func init() {
func init() { proto.RegisterFile("auth/service/proto/auth.proto", fileDescriptor_21300bfacc51fc2a) }
var fileDescriptor_21300bfacc51fc2a = []byte{
// 890 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xac, 0x56, 0xdd, 0x8e, 0xdb, 0x44,
0x14, 0x5e, 0xff, 0xc4, 0xc9, 0x9e, 0xc4, 0xbb, 0xd1, 0x74, 0x5b, 0xac, 0x94, 0x6d, 0xb7, 0x2e,
0x82, 0xa5, 0x82, 0x2c, 0x4a, 0x6f, 0x0a, 0xbd, 0x61, 0xd5, 0x44, 0xa1, 0x85, 0x06, 0x61, 0x15,
0x95, 0x1b, 0x54, 0x19, 0xe7, 0xc0, 0x5a, 0x9b, 0xb5, 0xc3, 0xcc, 0x38, 0x22, 0x37, 0x48, 0xbc,
0x00, 0x8f, 0xc0, 0x03, 0xf0, 0x4c, 0xdc, 0xf3, 0x1a, 0x68, 0xfe, 0xbc, 0xb1, 0xe3, 0x54, 0x2b,
0xe0, 0x6e, 0xce, 0xcc, 0x77, 0xce, 0x9c, 0xef, 0x3b, 0x67, 0x8e, 0x0d, 0xc7, 0x71, 0xc1, 0x2f,
0xce, 0x18, 0xd2, 0x55, 0x9a, 0xe0, 0xd9, 0x92, 0xe6, 0x3c, 0x3f, 0x13, 0x5b, 0x43, 0xb9, 0x24,
0xfe, 0x4f, 0xf9, 0xf0, 0x2a, 0x4d, 0x68, 0x3e, 0x14, 0x9b, 0xe1, 0x6d, 0xb8, 0xf5, 0x55, 0xca,
0xf8, 0x79, 0x92, 0xe4, 0x45, 0xc6, 0x59, 0x84, 0x3f, 0x17, 0xc8, 0x78, 0xf8, 0x02, 0x8e, 0xaa,
0xdb, 0x6c, 0x99, 0x67, 0x0c, 0xc9, 0x08, 0x3a, 0xb1, 0xde, 0x0b, 0xac, 0x13, 0xe7, 0xb4, 0x3b,
0xba, 0x33, 0xac, 0x04, 0x1c, 0x6a, 0x97, 0xa8, 0xc4, 0x85, 0xbf, 0x59, 0xd0, 0x7a, 0x95, 0x5f,
0x62, 0x46, 0x1e, 0x40, 0x2f, 0x4e, 0x12, 0x64, 0xec, 0x0d, 0x17, 0x76, 0x60, 0x9d, 0x58, 0xa7,
0xfb, 0x51, 0x57, 0xed, 0x29, 0xc8, 0x43, 0xf0, 0x29, 0xfe, 0x48, 0x91, 0x5d, 0x68, 0x8c, 0x2d,
0x31, 0x3d, 0xbd, 0xa9, 0x40, 0x01, 0xb4, 0x13, 0x8a, 0x31, 0xc7, 0x79, 0xe0, 0x9c, 0x58, 0xa7,
0x4e, 0x64, 0x4c, 0x72, 0x07, 0x3c, 0xfc, 0x65, 0x99, 0xd2, 0x75, 0xe0, 0xca, 0x03, 0x6d, 0x85,
0xbf, 0xdb, 0xd0, 0xd6, 0x99, 0x91, 0x03, 0xb0, 0xd3, 0xb9, 0xbe, 0xdb, 0x4e, 0xe7, 0x84, 0x80,
0xcb, 0xd7, 0x4b, 0xd4, 0x37, 0xc9, 0x35, 0x39, 0x82, 0x16, 0xcd, 0x17, 0xc8, 0x02, 0xe7, 0xc4,
0x39, 0xdd, 0x8f, 0x94, 0x41, 0x3e, 0x87, 0xce, 0x15, 0xf2, 0x78, 0x1e, 0xf3, 0x38, 0x70, 0x25,
0xfb, 0xf7, 0x9a, 0xd9, 0x0f, 0x5f, 0x6a, 0xd8, 0x24, 0xe3, 0x74, 0x1d, 0x95, 0x5e, 0x22, 0x3f,
0x96, 0xe4, 0x4b, 0x64, 0x41, 0x4b, 0x06, 0xd6, 0x16, 0x19, 0x40, 0x67, 0x49, 0xf3, 0x55, 0x3a,
0x47, 0x1a, 0x78, 0x32, 0x8f, 0xd2, 0x96, 0x3e, 0x98, 0x50, 0xe4, 0x41, 0x5b, 0x9e, 0x68, 0x6b,
0xf0, 0x14, 0xfc, 0xca, 0x35, 0xa4, 0x0f, 0xce, 0x25, 0xae, 0x35, 0x33, 0xb1, 0x14, 0x34, 0x56,
0xf1, 0xa2, 0x30, 0xdc, 0x94, 0xf1, 0x99, 0xfd, 0xc4, 0x0a, 0x67, 0xd0, 0x89, 0x90, 0xe5, 0x05,
0x4d, 0x50, 0x08, 0x90, 0xc5, 0x57, 0xa8, 0x1d, 0xe5, 0xba, 0x51, 0x94, 0x01, 0x74, 0x30, 0x9b,
0x2f, 0xf3, 0x34, 0xe3, 0x52, 0xf7, 0xfd, 0xa8, 0xb4, 0xc3, 0x3f, 0x6c, 0x38, 0x9c, 0x62, 0x86,
0x34, 0xe6, 0xa8, 0x9b, 0x68, 0x4b, 0xe8, 0x52, 0x54, 0x7b, 0x53, 0xd4, 0x2f, 0x36, 0x44, 0x75,
0xa4, 0xa8, 0x1f, 0xd5, 0x44, 0xad, 0xc5, 0xbd, 0x81, 0xb8, 0x6e, 0x45, 0xdc, 0x6b, 0x01, 0x5b,
0x9b, 0x02, 0x96, 0x1c, 0xbd, 0x2a, 0xc7, 0xb2, 0x10, 0xed, 0x6a, 0x21, 0xfe, 0x9b, 0xe0, 0x63,
0xe8, 0x5f, 0xf3, 0xd0, 0xaf, 0xe9, 0x13, 0x68, 0xeb, 0x57, 0x22, 0x63, 0xec, 0x7e, 0x4c, 0x06,
0x16, 0xbe, 0x86, 0xde, 0x94, 0xc6, 0x19, 0x37, 0x12, 0x13, 0x70, 0x85, 0x8a, 0xa6, 0x74, 0x62,
0x4d, 0x1e, 0x43, 0x87, 0xea, 0xd2, 0xca, 0x34, 0xba, 0xa3, 0x77, 0x6a, 0x61, 0x4d, 0xe5, 0xa3,
0x12, 0x18, 0x1e, 0x82, 0xaf, 0x03, 0xab, 0xdc, 0xc2, 0xef, 0xc0, 0x8f, 0x70, 0x95, 0x5f, 0xe2,
0xff, 0x7e, 0x55, 0x1f, 0x0e, 0x4c, 0x64, 0x7d, 0xd7, 0xfb, 0x70, 0xf0, 0x3c, 0x63, 0x4b, 0x4c,
0x4a, 0x5e, 0x47, 0xd0, 0xda, 0x1c, 0x11, 0xca, 0x08, 0x9f, 0xc1, 0x61, 0x89, 0xfb, 0xd7, 0x12,
0xfe, 0x0a, 0x3d, 0x39, 0x45, 0x76, 0x75, 0xe9, 0x75, 0xb7, 0xd8, 0x95, 0x6e, 0xd9, 0x9a, 0x4c,
0x4e, 0xc3, 0x64, 0x7a, 0x00, 0x3d, 0x79, 0xf8, 0xa6, 0x32, 0x85, 0xba, 0x72, 0x6f, 0xa2, 0x46,
0xd1, 0x53, 0xf0, 0xf5, 0xfd, 0x9a, 0xc2, 0xa3, 0x4d, 0xae, 0xdd, 0xd1, 0x51, 0x8d, 0x80, 0x02,
0x6b, 0x05, 0xfe, 0xb4, 0xc0, 0x8d, 0x8a, 0x05, 0x36, 0x0d, 0x31, 0x59, 0x1d, 0x7b, 0x47, 0x75,
0x9c, 0x1b, 0x56, 0x87, 0x7c, 0x0c, 0x9e, 0x9a, 0xc7, 0x32, 0xf7, 0x83, 0xd1, 0xed, 0x6d, 0x3d,
0x91, 0xb1, 0x48, 0x83, 0xd4, 0x7b, 0x49, 0x73, 0x9a, 0xf2, 0xb5, 0x7c, 0x5d, 0xad, 0xa8, 0xb4,
0xc3, 0x27, 0xe0, 0x3f, 0x93, 0x73, 0xd9, 0x48, 0xfd, 0x01, 0xb8, 0xb4, 0xd0, 0x2d, 0xd4, 0x1d,
0xdd, 0xaa, 0x27, 0x53, 0x2c, 0x30, 0x92, 0x00, 0xd1, 0x22, 0xc6, 0x53, 0xb7, 0xc8, 0x7d, 0xf0,
0xc7, 0xb8, 0xc0, 0x9d, 0xc3, 0x45, 0xb8, 0x18, 0x80, 0x76, 0xf1, 0xa1, 0x2b, 0xbe, 0x61, 0xe6,
0x93, 0xf6, 0x29, 0xf4, 0x94, 0xa9, 0x65, 0xff, 0x10, 0x5a, 0xe2, 0x2e, 0xf3, 0x1d, 0x6b, 0xcc,
0x46, 0x21, 0x1e, 0x0d, 0xc1, 0x53, 0xb4, 0x49, 0x17, 0xda, 0xdf, 0xce, 0xbe, 0x9c, 0x7d, 0xfd,
0x7a, 0xd6, 0xdf, 0x13, 0xc6, 0x34, 0x3a, 0x9f, 0xbd, 0x9a, 0x8c, 0xfb, 0x16, 0x01, 0xf0, 0xc6,
0x93, 0xd9, 0xf3, 0xc9, 0xb8, 0x6f, 0x8f, 0xfe, 0xb6, 0xc0, 0x3d, 0x2f, 0xf8, 0x05, 0x79, 0x09,
0x1d, 0xf3, 0xe8, 0xc9, 0xbd, 0xb7, 0x4f, 0xb5, 0xc1, 0xfd, 0x9d, 0xe7, 0x9a, 0xcf, 0x1e, 0x79,
0x01, 0x6d, 0xdd, 0xff, 0xe4, 0xb8, 0x86, 0xae, 0xbe, 0x9f, 0xc1, 0xbd, 0x5d, 0xc7, 0x65, 0xac,
0xb1, 0xf9, 0x28, 0xdf, 0x6d, 0xec, 0x37, 0x1d, 0xe7, 0xdd, 0xe6, 0x43, 0x13, 0x65, 0xf4, 0x3d,
0x74, 0xcc, 0x3f, 0x02, 0xf9, 0x06, 0x5c, 0x21, 0x30, 0x09, 0x6b, 0x3e, 0x0d, 0xff, 0x17, 0x83,
0x87, 0x6f, 0xc5, 0x94, 0xe1, 0xff, 0xb2, 0xa0, 0x25, 0x0a, 0xc1, 0xc8, 0x14, 0x3c, 0xd5, 0x11,
0xa4, 0x9e, 0x52, 0xa5, 0xc5, 0x06, 0xc7, 0x3b, 0x4e, 0x4b, 0xde, 0x53, 0xf0, 0x54, 0x9f, 0x6c,
0x05, 0xaa, 0xf4, 0xd7, 0x56, 0xa0, 0x5a, 0x73, 0xed, 0x91, 0x73, 0x4d, 0x77, 0xd0, 0x40, 0xc5,
0x04, 0xb9, 0xdb, 0x78, 0x66, 0x42, 0xfc, 0xe0, 0xc9, 0x5f, 0xb2, 0xc7, 0xff, 0x04, 0x00, 0x00,
0xff, 0xff, 0x27, 0x7b, 0xf3, 0x60, 0xb3, 0x09, 0x00, 0x00,
// 871 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x56, 0x5f, 0x8f, 0xdb, 0x44,
0x10, 0x3f, 0xe7, 0x8f, 0x93, 0x9b, 0xc4, 0x77, 0xd1, 0xf6, 0x5a, 0xac, 0x94, 0x6b, 0xaf, 0x2e,
0x82, 0xa3, 0x82, 0x1c, 0x4a, 0x5f, 0x0a, 0x7d, 0xe1, 0xd4, 0x44, 0xa1, 0x85, 0x06, 0x61, 0x15,
0x21, 0x90, 0x50, 0x65, 0x9c, 0x81, 0xb3, 0x2e, 0x67, 0x9b, 0xdd, 0x75, 0x44, 0x5e, 0x90, 0x78,
0xe3, 0xc3, 0xf0, 0x91, 0x78, 0xe7, 0x2b, 0xf0, 0x88, 0xbc, 0x3b, 0xeb, 0x8b, 0x1d, 0xa7, 0x3a,
0x81, 0x78, 0xf3, 0xec, 0xfe, 0x76, 0x66, 0x7e, 0xbf, 0x9d, 0x99, 0x35, 0x1c, 0x07, 0x99, 0xbc,
0x38, 0x13, 0xc8, 0x57, 0x51, 0x88, 0x67, 0x29, 0x4f, 0x64, 0x72, 0x96, 0x2f, 0x8d, 0xd4, 0x27,
0x73, 0x7e, 0x4a, 0x46, 0x57, 0x51, 0xc8, 0x93, 0x51, 0xbe, 0xe8, 0xdd, 0x86, 0x5b, 0x5f, 0x44,
0x42, 0x9e, 0x87, 0x61, 0x92, 0xc5, 0x52, 0xf8, 0xf8, 0x73, 0x86, 0x42, 0x7a, 0x2f, 0xe0, 0xa8,
0xbc, 0x2c, 0xd2, 0x24, 0x16, 0xc8, 0xc6, 0xd0, 0x0d, 0x68, 0xcd, 0xb5, 0x4e, 0x9a, 0xa7, 0xbd,
0xf1, 0x9d, 0x51, 0xc9, 0xe1, 0x88, 0x8e, 0xf8, 0x05, 0xce, 0xfb, 0xcd, 0x82, 0xf6, 0xab, 0xe4,
0x12, 0x63, 0xf6, 0x00, 0xfa, 0x41, 0x18, 0xa2, 0x10, 0xaf, 0x65, 0x6e, 0xbb, 0xd6, 0x89, 0x75,
0xba, 0xef, 0xf7, 0xf4, 0x9a, 0x86, 0x3c, 0x04, 0x87, 0xe3, 0x8f, 0x1c, 0xc5, 0x05, 0x61, 0x1a,
0x0a, 0xd3, 0xa7, 0x45, 0x0d, 0x72, 0xa1, 0x13, 0x72, 0x0c, 0x24, 0x2e, 0xdc, 0xe6, 0x89, 0x75,
0xda, 0xf4, 0x8d, 0xc9, 0xee, 0x80, 0x8d, 0xbf, 0xa4, 0x11, 0x5f, 0xbb, 0x2d, 0xb5, 0x41, 0x96,
0xf7, 0xb7, 0x05, 0x1d, 0xca, 0x8c, 0x1d, 0x40, 0x23, 0x5a, 0x50, 0xec, 0x46, 0xb4, 0x60, 0x0c,
0x5a, 0x72, 0x9d, 0x22, 0x45, 0x52, 0xdf, 0xec, 0x53, 0xe8, 0x5e, 0xa1, 0x0c, 0x16, 0x81, 0x0c,
0xdc, 0x96, 0xe2, 0xf9, 0x4e, 0x3d, 0xcf, 0xd1, 0x4b, 0x82, 0x4d, 0x63, 0xc9, 0xd7, 0x7e, 0x71,
0x2a, 0xcf, 0x44, 0x84, 0x49, 0x8a, 0xc2, 0x6d, 0x9f, 0x34, 0x4f, 0xf7, 0x7d, 0xb2, 0xd8, 0x10,
0xba, 0x29, 0x4f, 0x56, 0xd1, 0x02, 0xb9, 0x6b, 0xab, 0x88, 0x85, 0xad, 0xce, 0x60, 0xc8, 0x51,
0xba, 0x1d, 0xb5, 0x43, 0xd6, 0xf0, 0x29, 0x38, 0xa5, 0x30, 0x6c, 0x00, 0xcd, 0x4b, 0x5c, 0x13,
0x87, 0xfc, 0x93, 0x1d, 0x41, 0x7b, 0x15, 0x2c, 0x33, 0xc3, 0x42, 0x1b, 0x9f, 0x34, 0x9e, 0x58,
0xde, 0x1c, 0xba, 0x3e, 0x8a, 0x24, 0xe3, 0x21, 0xe6, 0x54, 0xe3, 0xe0, 0x0a, 0xe9, 0xa0, 0xfa,
0xae, 0xa5, 0x3f, 0x84, 0x2e, 0xc6, 0x8b, 0x34, 0x89, 0x62, 0xa9, 0x14, 0xde, 0xf7, 0x0b, 0xdb,
0xfb, 0xbd, 0x01, 0x87, 0x33, 0x8c, 0x91, 0x07, 0x12, 0xa9, 0x5c, 0xb6, 0x24, 0xfd, 0x6c, 0x43,
0xbe, 0xa6, 0x92, 0xef, 0x83, 0x8a, 0x7c, 0x15, 0x0f, 0x37, 0x90, 0xb1, 0x55, 0x92, 0xf1, 0x5a,
0xaa, 0xf6, 0xa6, 0x54, 0x05, 0x1b, 0xbb, 0xcc, 0xa6, 0x90, 0xbc, 0x53, 0x96, 0xfc, 0xbf, 0x49,
0x3b, 0x81, 0xc1, 0x35, 0x0f, 0xea, 0x90, 0x8f, 0xa0, 0x43, 0x95, 0xaf, 0x7c, 0xec, 0x6e, 0x10,
0x03, 0xf3, 0xbe, 0x85, 0xfe, 0x8c, 0x07, 0xb1, 0x34, 0x62, 0x1e, 0x41, 0x5b, 0x91, 0xa4, 0x1c,
0xb4, 0xc1, 0x1e, 0x43, 0x97, 0xd3, 0x35, 0xaa, 0x44, 0x7a, 0xe3, 0xb7, 0x2a, 0x8e, 0xcd, 0x2d,
0xfb, 0x05, 0xd0, 0x3b, 0x04, 0x87, 0x5c, 0xeb, 0xec, 0xbc, 0xef, 0xc0, 0xf1, 0x71, 0x95, 0x5c,
0xe2, 0xff, 0x10, 0x6c, 0x00, 0x07, 0xc6, 0x37, 0x45, 0x7b, 0x17, 0x0e, 0x9e, 0xc7, 0x22, 0xc5,
0x70, 0x93, 0xdb, 0x66, 0xeb, 0x6b, 0xc3, 0x7b, 0x06, 0x87, 0x05, 0xee, 0x5f, 0xcb, 0xf8, 0x2b,
0xf4, 0xd5, 0x74, 0xd8, 0x55, 0x93, 0xd7, 0x15, 0xd3, 0x28, 0x55, 0xcc, 0xd6, 0xc4, 0x69, 0xd6,
0x4c, 0x9c, 0x07, 0xd0, 0x57, 0x9b, 0xaf, 0x4b, 0xd3, 0xa5, 0xa7, 0xd6, 0xa6, 0x7a, 0xc4, 0x3c,
0x05, 0x87, 0xe2, 0x13, 0x85, 0x47, 0x9b, 0x5c, 0x7b, 0xe3, 0xa3, 0x0a, 0x01, 0x0d, 0x26, 0x05,
0xfe, 0xb0, 0xa0, 0xe5, 0x67, 0x4b, 0xdc, 0xca, 0xba, 0xb8, 0x9f, 0xc6, 0xae, 0xfb, 0x69, 0xde,
0xf0, 0x7e, 0xd8, 0x87, 0x60, 0xeb, 0x49, 0xab, 0xb2, 0x3f, 0x18, 0xdf, 0xde, 0x56, 0x14, 0x85,
0xf0, 0x09, 0xa4, 0xbb, 0x26, 0x4a, 0x78, 0x24, 0xd7, 0xaa, 0xc7, 0xda, 0x7e, 0x61, 0x7b, 0x4f,
0xc0, 0x79, 0xa6, 0x26, 0xae, 0x11, 0xfb, 0x3d, 0x68, 0xf1, 0x6c, 0x89, 0x44, 0xf5, 0x56, 0x35,
0x99, 0x6c, 0x89, 0xbe, 0x02, 0xe4, 0x45, 0x62, 0x4e, 0x52, 0x91, 0xdc, 0x07, 0x67, 0x82, 0x4b,
0xdc, 0x39, 0x4c, 0xf2, 0x23, 0x06, 0x40, 0x47, 0x1c, 0xe8, 0xe5, 0xaf, 0x93, 0x79, 0xac, 0x3e,
0x86, 0xbe, 0x36, 0x49, 0xf8, 0xf7, 0xa1, 0x9d, 0xc7, 0x32, 0x2f, 0x54, 0x6d, 0x36, 0x1a, 0xf1,
0x68, 0x04, 0xb6, 0xa6, 0xcd, 0x7a, 0xd0, 0xf9, 0x7a, 0xfe, 0xf9, 0xfc, 0xcb, 0x6f, 0xe6, 0x83,
0xbd, 0xdc, 0x98, 0xf9, 0xe7, 0xf3, 0x57, 0xd3, 0xc9, 0xc0, 0x62, 0x00, 0xf6, 0x64, 0x3a, 0x7f,
0x3e, 0x9d, 0x0c, 0x1a, 0xe3, 0xbf, 0x2c, 0x68, 0x9d, 0x67, 0xf2, 0x82, 0xbd, 0x84, 0xae, 0x69,
0x7d, 0x76, 0xef, 0xcd, 0xb3, 0x6d, 0x78, 0x7f, 0xe7, 0x3e, 0xf1, 0xd9, 0x63, 0x2f, 0xa0, 0x43,
0x1d, 0xc0, 0x8e, 0x2b, 0xe8, 0x72, 0x07, 0x0d, 0xef, 0xed, 0xda, 0x2e, 0x7c, 0x4d, 0xcc, 0x73,
0x7b, 0xb7, 0xb6, 0xe2, 0xc8, 0xcf, 0xdb, 0xf5, 0x9b, 0xc6, 0xcb, 0xf8, 0x7b, 0xe8, 0x9a, 0xd7,
0x9f, 0x7d, 0x05, 0xad, 0x5c, 0x60, 0xe6, 0x55, 0xce, 0xd4, 0xfc, 0x39, 0x0c, 0x1f, 0xbe, 0x11,
0x53, 0xb8, 0xff, 0xd3, 0x82, 0x76, 0x7e, 0x11, 0x82, 0xcd, 0xc0, 0xd6, 0x15, 0xc1, 0xaa, 0x29,
0x95, 0x4a, 0x6c, 0x78, 0xbc, 0x63, 0xb7, 0xe0, 0x3d, 0x03, 0x5b, 0xd7, 0xc9, 0x96, 0xa3, 0x52,
0x7d, 0x6d, 0x39, 0xaa, 0x14, 0xd7, 0x1e, 0x3b, 0x27, 0xba, 0xc3, 0x1a, 0x2a, 0xc6, 0xc9, 0xdd,
0xda, 0x3d, 0xe3, 0xe2, 0x07, 0x5b, 0xfd, 0x6c, 0x3d, 0xfe, 0x27, 0x00, 0x00, 0xff, 0xff, 0xda,
0xef, 0x0e, 0x5f, 0x8d, 0x09, 0x00, 0x00,
}
// Reference imports to suppress errors if they are not otherwise used.

8
auth/service/proto/auth.proto
View File

@@ -35,7 +35,6 @@ message Token {
message Account {
string id = 1;
string type = 2;
repeated string roles = 3;
map<string, string> metadata = 4;
repeated string scopes = 5;
string provider = 6;
@@ -50,7 +49,6 @@ message Resource{
message GenerateRequest {
string id = 1;
repeated string roles = 2;
map<string, string> metadata = 3;
repeated string scopes = 4;
string secret = 5;
@@ -63,14 +61,14 @@ message GenerateResponse {
}
message GrantRequest {
string role = 1;
string scope = 1;
Resource resource = 2;
}
message GrantResponse {}
message RevokeRequest {
string role = 1;
string scope = 1;
Resource resource = 2;
}
@@ -103,7 +101,7 @@ enum Access {
message Rule {
string id = 1;
string role = 2;
string scope = 2;
Resource resource = 3;
Access access = 4;
int32 priority = 5;

35
auth/service/service.go
View File

@@ -65,7 +65,6 @@ func (s *svc) Generate(id string, opts ...auth.GenerateOption) (*auth.Account, e
Id: id,
Type: options.Type,
Secret: options.Secret,
Roles: options.Roles,
Scopes: options.Scopes,
Metadata: options.Metadata,
Provider: options.Provider,
@@ -82,7 +81,7 @@ func (s *svc) Grant(rule *auth.Rule) error {
_, err := s.rule.Create(context.TODO(), &pb.CreateRequest{
Rule: &pb.Rule{
Id: rule.ID,
Role: rule.Role,
Scope: rule.Scope,
Priority: rule.Priority,
Access: pb.Access_GRANTED,
Resource: &pb.Resource{
@@ -156,35 +155,6 @@ func (s *svc) Token(opts ...auth.TokenOption) (*auth.Token, error) {
return serializeToken(rsp.Token), nil
}
var ruleJoinKey = ":"
// accessForRule returns a rule status, indicating if a rule permits access to a
// resource for a given account
func accessForRule(rule *pb.Rule, acc *auth.Account, res *auth.Resource) pb.Access {
// a blank role permits access to the public
if rule.Role == "" {
return rule.Access
}
// a * role permits access to any user
if rule.Role == "*" && acc != nil {
return rule.Access
}
for _, role := range acc.Roles {
if rule.Role == role {
return rule.Access
}
// allow user.anything if role is user.*
if strings.HasSuffix(rule.Role, ".*") && strings.HasPrefix(rule.Role, role+".") {
return rule.Access
}
}
return pb.Access_UNKNOWN
}
// loadRules retrieves the rules from the auth service. Since this implementation is used by micro
// clients, which support muti-tenancy we may have to persist rules in multiple namespaces.
func (s *svc) loadRules(namespace string) {
@@ -206,7 +176,7 @@ func (s *svc) loadRules(namespace string) {
rules = append(rules, &auth.Rule{
ID: r.Id,
Role: r.Role,
Scope: r.Scope,
Access: access,
Priority: r.Priority,
Resource: &auth.Resource{
@@ -244,7 +214,6 @@ func serializeToken(t *pb.Token) *auth.Token {
func serializeAccount(a *pb.Account) *auth.Account {
return &auth.Account{
ID: a.Id,
Roles: a.Roles,
Secret: a.Secret,
Metadata: a.Metadata,
Provider: a.Provider,