unistack-org/micro
4
0
Fork 2
Code Issues 18 Pull Requests Actions Packages Projects Releases 324 Wiki Activity

Remove roles (replaced with scope)

Browse Source
This commit is contained in:
Ben Toogood
2020-05-21 14:56:17 +01:00
parent 4de19805ba
commit 856c73b341
13 changed files with 93 additions and 226 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
auth/token/jwt/jwt.go
View File

@@ -12,7 +12,6 @@ import (
// authClaims to be encoded in the JWT
type authClaims struct {
Type string `json:"type"`
Roles []string `json:"roles"`
Scopes []string `json:"scopes"`
Provider string `json:"provider"`
Metadata map[string]string `json:"metadata"`
@@ -52,7 +51,7 @@ func (j *JWT) Generate(acc *auth.Account, opts ...token.GenerateOption) (*token.
// generate the JWT
expiry := time.Now().Add(options.Expiry)
t := jwt.NewWithClaims(jwt.SigningMethodRS256, authClaims{
acc.Type, acc.Roles, acc.Scopes, acc.Provider, acc.Metadata, jwt.StandardClaims{
acc.Type, acc.Scopes, acc.Provider, acc.Metadata, jwt.StandardClaims{
Subject: acc.ID,
ExpiresAt: expiry.Unix(),
},
@@ -99,7 +98,6 @@ func (j *JWT) Inspect(t string) (*auth.Account, error) {
return &auth.Account{
ID: claims.Subject,
Type: claims.Type,
Roles: claims.Roles,
Scopes: claims.Scopes,
Provider: claims.Provider,
Metadata: claims.Metadata,

8
auth/token/jwt/jwt_test.go
View File

@@ -42,10 +42,10 @@ func TestInspect(t *testing.T) {
t.Run("Valid token", func(t *testing.T) {
md := map[string]string{"foo": "bar"}
roles := []string{"admin"}
scopes := []string{"admin"}
subject := "test"
acc := &auth.Account{ID: subject, Roles: roles, Metadata: md}
acc := &auth.Account{ID: subject, Scopes: scopes, Metadata: md}
tok, err := j.Generate(acc)
if err != nil {
t.Fatalf("Generate returned %v error, expected nil", err)
@@ -58,8 +58,8 @@ func TestInspect(t *testing.T) {
if acc.ID != subject {
t.Errorf("Inspect returned %v as the token subject, expected %v", acc.ID, subject)
}
if len(tok2.Roles) != len(roles) {
t.Errorf("Inspect returned %v roles, expected %v", len(tok2.Roles), len(roles))
if len(tok2.Scopes) != len(scopes) {
t.Errorf("Inspect returned %v scopes, expected %v", len(tok2.Scopes), len(scopes))
}
if len(tok2.Metadata) != len(md) {
t.Errorf("Inspect returned %v as the token metadata, expected %v", tok2.Metadata, md)