Remove roles (replaced with scope)

2020-05-21 14:56:17 +01:00
parent 4de19805ba
commit 856c73b341
13 changed files with 93 additions and 226 deletions
--- a/auth/token/basic/basic_test.go
+++ b/auth/token/basic/basic_test.go
@@ -32,10 +32,10 @@ func TestInspect(t *testing.T) {

 	t.Run("Valid token", func(t *testing.T) {
 		md := map[string]string{"foo": "bar"}
-		roles := []string{"admin"}
+		scopes := []string{"admin"}
 		subject := "test"

-		tok, err := b.Generate(&auth.Account{ID: subject, Roles: roles, Metadata: md})
+		tok, err := b.Generate(&auth.Account{ID: subject, Scopes: scopes, Metadata: md})
 		if err != nil {
 			t.Fatalf("Generate returned %v error, expected nil", err)
 		}
@@ -47,8 +47,8 @@ func TestInspect(t *testing.T) {
 		if tok2.ID != subject {
 			t.Errorf("Inspect returned %v as the token subject, expected %v", tok2.ID, subject)
 		}
-		if len(tok2.Roles) != len(roles) {
-			t.Errorf("Inspect returned %v roles, expected %v", len(tok2.Roles), len(roles))
+		if len(tok2.Scopes) != len(scopes) {
+			t.Errorf("Inspect returned %v scopes, expected %v", len(tok2.Scopes), len(scopes))
 		}
 		if len(tok2.Metadata) != len(md) {
 			t.Errorf("Inspect returned %v as the token metadata, expected %v", tok2.Metadata, md)
--- a/auth/token/jwt/jwt.go
+++ b/auth/token/jwt/jwt.go
@@ -12,7 +12,6 @@ import (
 // authClaims to be encoded in the JWT
 type authClaims struct {
 	Type     string            `json:"type"`
-	Roles    []string          `json:"roles"`
 	Scopes   []string          `json:"scopes"`
 	Provider string            `json:"provider"`
 	Metadata map[string]string `json:"metadata"`
@@ -52,7 +51,7 @@ func (j *JWT) Generate(acc *auth.Account, opts ...token.GenerateOption) (*token.
 	// generate the JWT
 	expiry := time.Now().Add(options.Expiry)
 	t := jwt.NewWithClaims(jwt.SigningMethodRS256, authClaims{
-		acc.Type, acc.Roles, acc.Scopes, acc.Provider, acc.Metadata, jwt.StandardClaims{
+		acc.Type, acc.Scopes, acc.Provider, acc.Metadata, jwt.StandardClaims{
 			Subject:   acc.ID,
 			ExpiresAt: expiry.Unix(),
 		},
@@ -99,7 +98,6 @@ func (j *JWT) Inspect(t string) (*auth.Account, error) {
 	return &auth.Account{
 		ID:       claims.Subject,
 		Type:     claims.Type,
-		Roles:    claims.Roles,
 		Scopes:   claims.Scopes,
 		Provider: claims.Provider,
 		Metadata: claims.Metadata,
--- a/auth/token/jwt/jwt_test.go
+++ b/auth/token/jwt/jwt_test.go
@@ -42,10 +42,10 @@ func TestInspect(t *testing.T) {

 	t.Run("Valid token", func(t *testing.T) {
 		md := map[string]string{"foo": "bar"}
-		roles := []string{"admin"}
+		scopes := []string{"admin"}
 		subject := "test"

-		acc := &auth.Account{ID: subject, Roles: roles, Metadata: md}
+		acc := &auth.Account{ID: subject, Scopes: scopes, Metadata: md}
 		tok, err := j.Generate(acc)
 		if err != nil {
 			t.Fatalf("Generate returned %v error, expected nil", err)
@@ -58,8 +58,8 @@ func TestInspect(t *testing.T) {
 		if acc.ID != subject {
 			t.Errorf("Inspect returned %v as the token subject, expected %v", acc.ID, subject)
 		}
-		if len(tok2.Roles) != len(roles) {
-			t.Errorf("Inspect returned %v roles, expected %v", len(tok2.Roles), len(roles))
+		if len(tok2.Scopes) != len(scopes) {
+			t.Errorf("Inspect returned %v scopes, expected %v", len(tok2.Scopes), len(scopes))
 		}
 		if len(tok2.Metadata) != len(md) {
 			t.Errorf("Inspect returned %v as the token metadata, expected %v", tok2.Metadata, md)