Further Refactoring

This commit is contained in:
Ben Toogood 2020-04-01 14:25:00 +01:00
parent 82bc3cbf8d
commit 8e4d9e1702
13 changed files with 223 additions and 401 deletions

View File

@ -32,9 +32,7 @@ type Auth interface {
// Options set for auth
Options() Options
// Generate a new account
Generate(id string, opts ...GenerateOption) (*Account, error)
// Login to an existing account
Login(id string, opts ...LoginOption) (*Account, error)
Generate(id, secret string, opts ...GenerateOption) (*Account, error)
// Grant access to a resource
Grant(role string, res *Resource) error
// Revoke access to a resource
@ -44,7 +42,7 @@ type Auth interface {
// Inspect a token
Inspect(token string) (*Account, error)
// Token generated using refresh token
Token(id, refreshToken string, opts ...TokenOption) (*Token, error)
Token(opts ...TokenOption) (*Token, error)
// String returns the name of the implementation
String() string
}
@ -67,8 +65,6 @@ type Account struct {
Type string `json:"type"`
// Provider who issued the account
Provider string `json:"provider"`
// RefreshToken used to renew the account
RefreshToken string `json:"refresh_token"`
// Roles associated with the Account
Roles []string `json:"roles"`
// Any other associated metadata
@ -81,22 +77,14 @@ type Account struct {
// Token can be short or long lived
type Token struct {
// The token itself
Token string `json:"token"`
// Type of token, e.g. JWT
Type string `json:"type"`
// The token to be used for accessing resources
AccessToken string `json:"access_token"`
// RefreshToken to be used to generate a new token
RefreshToken string `json:"refresh_token"`
// Time of token creation
Created time.Time `json:"created"`
// Time of token expiry
Expiry time.Time `json:"expiry"`
// Subject of the token, e.g. the account ID
Subject string `json:"subject"`
// Roles granted to the token
Roles []string `json:"roles"`
// Metadata embedded in the token
Metadata map[string]string `json:"metadata"`
// Namespace the token belongs to
Namespace string `json:"namespace"`
}
const (

View File

@ -34,20 +34,19 @@ func (n *noop) Options() Options {
}
// Generate a new account
func (n *noop) Generate(id string, opts ...GenerateOption) (*Account, error) {
func (n *noop) Generate(id, secret string, opts ...GenerateOption) (*Account, error) {
options := NewGenerateOptions(opts...)
return &Account{
ID: id,
Roles: options.Roles,
Metadata: options.Metadata,
RefreshToken: uuid.New().String(),
ID: id,
Roles: options.Roles,
Metadata: options.Metadata,
}, nil
}
// Login to an existing account
func (n *noop) Login(id string, opts ...LoginOption) (*Account, error) {
return &Account{ID: id}, nil
func (n *noop) Login(opts ...LoginOption) (*Account, error) {
return &Account{}, nil
}
// Grant access to a resource
@ -73,6 +72,6 @@ func (n *noop) Inspect(token string) (*Account, error) {
}
// Token generation using an account id and secret
func (n *noop) Token(id, tok string, opts ...TokenOption) (*Token, error) {
func (n *noop) Token(opts ...TokenOption) (*Token, error) {
return &Token{}, nil
}

View File

@ -10,14 +10,12 @@ import (
type Options struct {
// ID is the services auth ID
ID string
// RefreshToken is used to generate new tokens
RefreshToken string
// Secret is used to authenticate the service
Secret string
// Token is the services token used to authenticate itself
Token *Token
// Public key base64 encoded
// PublicKey for decoding JWTs
PublicKey string
// Private key base64 encoded
PrivateKey string
// Provider is an auth provider
Provider provider.Provider
// LoginURL is the relative url path where a user can login
@ -42,18 +40,11 @@ func PublicKey(key string) Option {
}
}
// PrivateKey is the JWT private key
func PrivateKey(key string) Option {
return func(o *Options) {
o.PrivateKey = key
}
}
// Credentials sets the auth credentials
func Credentials(id, refresh string) Option {
func Credentials(id, secret string) Option {
return func(o *Options) {
o.ID = id
o.RefreshToken = refresh
o.Secret = secret
}
}
@ -78,8 +69,6 @@ type GenerateOptions struct {
Roles []string
// Namespace the account belongs too
Namespace string
// Secret to use with the account
Secret string
// Provider of the account, e.g. oauth
Provider string
// Type of the account, e.g. user
@ -116,13 +105,6 @@ func WithNamespace(n string) GenerateOption {
}
}
// WithSecret for the generated account
func WithSecret(s string) GenerateOption {
return func(o *GenerateOptions) {
o.Secret = s
}
}
// WithProvider for the generated account
func WithProvider(p string) GenerateOption {
return func(o *GenerateOptions) {
@ -163,16 +145,35 @@ func NewLoginOptions(opts ...LoginOption) LoginOptions {
}
type TokenOptions struct {
// TokenExpiry is the time the token should live for
TokenExpiry time.Duration
// ID for the account
ID string
// Secret for the account
Secret string
// RefreshToken is used to refesh a token
RefreshToken string
// Expiry is the time the token should live for
Expiry time.Duration
}
type TokenOption func(o *TokenOptions)
// WithTokenExpiry for the token
func WithTokenExpiry(ex time.Duration) TokenOption {
// WithExpiry for the token
func WithExpiry(ex time.Duration) TokenOption {
return func(o *TokenOptions) {
o.TokenExpiry = ex
o.Expiry = ex
}
}
func WithCredentials(id, secret string) TokenOption {
return func(o *TokenOptions) {
o.ID = id
o.Secret = secret
}
}
func WithToken(rt string) TokenOption {
return func(o *TokenOptions) {
o.RefreshToken = rt
}
}
@ -184,8 +185,8 @@ func NewTokenOptions(opts ...TokenOption) TokenOptions {
}
// set defualt expiry of token
if options.TokenExpiry == 0 {
options.TokenExpiry = time.Minute
if options.Expiry == 0 {
options.Expiry = time.Minute
}
return options

View File

@ -119,8 +119,8 @@ func (m *ListAccountsResponse) GetAccounts() []*Account {
}
type Token struct {
Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"`
Type string `protobuf:"bytes,2,opt,name=type,proto3" json:"type,omitempty"`
AccessToken string `protobuf:"bytes,1,opt,name=access_token,json=accessToken,proto3" json:"access_token,omitempty"`
RefreshToken string `protobuf:"bytes,2,opt,name=refresh_token,json=refreshToken,proto3" json:"refresh_token,omitempty"`
Created int64 `protobuf:"varint,3,opt,name=created,proto3" json:"created,omitempty"`
Expiry int64 `protobuf:"varint,4,opt,name=expiry,proto3" json:"expiry,omitempty"`
Subject string `protobuf:"bytes,5,opt,name=subject,proto3" json:"subject,omitempty"`
@ -157,16 +157,16 @@ func (m *Token) XXX_DiscardUnknown() {
var xxx_messageInfo_Token proto.InternalMessageInfo
func (m *Token) GetToken() string {
func (m *Token) GetAccessToken() string {
if m != nil {
return m.Token
return m.AccessToken
}
return ""
}
func (m *Token) GetType() string {
func (m *Token) GetRefreshToken() string {
if m != nil {
return m.Type
return m.RefreshToken
}
return ""
}
@ -219,8 +219,7 @@ type Account struct {
Roles []string `protobuf:"bytes,3,rep,name=roles,proto3" json:"roles,omitempty"`
Metadata map[string]string `protobuf:"bytes,4,rep,name=metadata,proto3" json:"metadata,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
Namespace string `protobuf:"bytes,5,opt,name=namespace,proto3" json:"namespace,omitempty"`
RefreshToken string `protobuf:"bytes,6,opt,name=refresh_token,json=refreshToken,proto3" json:"refresh_token,omitempty"`
Provider string `protobuf:"bytes,7,opt,name=provider,proto3" json:"provider,omitempty"`
Provider string `protobuf:"bytes,6,opt,name=provider,proto3" json:"provider,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
@ -286,13 +285,6 @@ func (m *Account) GetNamespace() string {
return ""
}
func (m *Account) GetRefreshToken() string {
if m != nil {
return m.RefreshToken
}
return ""
}
func (m *Account) GetProvider() string {
if m != nil {
return m.Provider
@ -355,92 +347,6 @@ func (m *Resource) GetEndpoint() string {
return ""
}
type LoginRequest struct {
Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
Secret string `protobuf:"bytes,2,opt,name=secret,proto3" json:"secret,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
}
func (m *LoginRequest) Reset() { *m = LoginRequest{} }
func (m *LoginRequest) String() string { return proto.CompactTextString(m) }
func (*LoginRequest) ProtoMessage() {}
func (*LoginRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{5}
}
func (m *LoginRequest) XXX_Unmarshal(b []byte) error {
return xxx_messageInfo_LoginRequest.Unmarshal(m, b)
}
func (m *LoginRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
return xxx_messageInfo_LoginRequest.Marshal(b, m, deterministic)
}
func (m *LoginRequest) XXX_Merge(src proto.Message) {
xxx_messageInfo_LoginRequest.Merge(m, src)
}
func (m *LoginRequest) XXX_Size() int {
return xxx_messageInfo_LoginRequest.Size(m)
}
func (m *LoginRequest) XXX_DiscardUnknown() {
xxx_messageInfo_LoginRequest.DiscardUnknown(m)
}
var xxx_messageInfo_LoginRequest proto.InternalMessageInfo
func (m *LoginRequest) GetId() string {
if m != nil {
return m.Id
}
return ""
}
func (m *LoginRequest) GetSecret() string {
if m != nil {
return m.Secret
}
return ""
}
type LoginResponse struct {
Account *Account `protobuf:"bytes,1,opt,name=account,proto3" json:"account,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
}
func (m *LoginResponse) Reset() { *m = LoginResponse{} }
func (m *LoginResponse) String() string { return proto.CompactTextString(m) }
func (*LoginResponse) ProtoMessage() {}
func (*LoginResponse) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{6}
}
func (m *LoginResponse) XXX_Unmarshal(b []byte) error {
return xxx_messageInfo_LoginResponse.Unmarshal(m, b)
}
func (m *LoginResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
return xxx_messageInfo_LoginResponse.Marshal(b, m, deterministic)
}
func (m *LoginResponse) XXX_Merge(src proto.Message) {
xxx_messageInfo_LoginResponse.Merge(m, src)
}
func (m *LoginResponse) XXX_Size() int {
return xxx_messageInfo_LoginResponse.Size(m)
}
func (m *LoginResponse) XXX_DiscardUnknown() {
xxx_messageInfo_LoginResponse.DiscardUnknown(m)
}
var xxx_messageInfo_LoginResponse proto.InternalMessageInfo
func (m *LoginResponse) GetAccount() *Account {
if m != nil {
return m.Account
}
return nil
}
type GenerateRequest struct {
Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
Roles []string `protobuf:"bytes,2,rep,name=roles,proto3" json:"roles,omitempty"`
@ -458,7 +364,7 @@ func (m *GenerateRequest) Reset() { *m = GenerateRequest{} }
func (m *GenerateRequest) String() string { return proto.CompactTextString(m) }
func (*GenerateRequest) ProtoMessage() {}
func (*GenerateRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{7}
return fileDescriptor_11312eec02fd5712, []int{5}
}
func (m *GenerateRequest) XXX_Unmarshal(b []byte) error {
@ -539,7 +445,7 @@ func (m *GenerateResponse) Reset() { *m = GenerateResponse{} }
func (m *GenerateResponse) String() string { return proto.CompactTextString(m) }
func (*GenerateResponse) ProtoMessage() {}
func (*GenerateResponse) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{8}
return fileDescriptor_11312eec02fd5712, []int{6}
}
func (m *GenerateResponse) XXX_Unmarshal(b []byte) error {
@ -579,7 +485,7 @@ func (m *GrantRequest) Reset() { *m = GrantRequest{} }
func (m *GrantRequest) String() string { return proto.CompactTextString(m) }
func (*GrantRequest) ProtoMessage() {}
func (*GrantRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{9}
return fileDescriptor_11312eec02fd5712, []int{7}
}
func (m *GrantRequest) XXX_Unmarshal(b []byte) error {
@ -624,7 +530,7 @@ func (m *GrantResponse) Reset() { *m = GrantResponse{} }
func (m *GrantResponse) String() string { return proto.CompactTextString(m) }
func (*GrantResponse) ProtoMessage() {}
func (*GrantResponse) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{10}
return fileDescriptor_11312eec02fd5712, []int{8}
}
func (m *GrantResponse) XXX_Unmarshal(b []byte) error {
@ -657,7 +563,7 @@ func (m *RevokeRequest) Reset() { *m = RevokeRequest{} }
func (m *RevokeRequest) String() string { return proto.CompactTextString(m) }
func (*RevokeRequest) ProtoMessage() {}
func (*RevokeRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{11}
return fileDescriptor_11312eec02fd5712, []int{9}
}
func (m *RevokeRequest) XXX_Unmarshal(b []byte) error {
@ -702,7 +608,7 @@ func (m *RevokeResponse) Reset() { *m = RevokeResponse{} }
func (m *RevokeResponse) String() string { return proto.CompactTextString(m) }
func (*RevokeResponse) ProtoMessage() {}
func (*RevokeResponse) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{12}
return fileDescriptor_11312eec02fd5712, []int{10}
}
func (m *RevokeResponse) XXX_Unmarshal(b []byte) error {
@ -734,7 +640,7 @@ func (m *InspectRequest) Reset() { *m = InspectRequest{} }
func (m *InspectRequest) String() string { return proto.CompactTextString(m) }
func (*InspectRequest) ProtoMessage() {}
func (*InspectRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{13}
return fileDescriptor_11312eec02fd5712, []int{11}
}
func (m *InspectRequest) XXX_Unmarshal(b []byte) error {
@ -773,7 +679,7 @@ func (m *InspectResponse) Reset() { *m = InspectResponse{} }
func (m *InspectResponse) String() string { return proto.CompactTextString(m) }
func (*InspectResponse) ProtoMessage() {}
func (*InspectResponse) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{14}
return fileDescriptor_11312eec02fd5712, []int{12}
}
func (m *InspectResponse) XXX_Unmarshal(b []byte) error {
@ -803,8 +709,9 @@ func (m *InspectResponse) GetAccount() *Account {
type TokenRequest struct {
Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
RefreshToken string `protobuf:"bytes,2,opt,name=refresh_token,json=refreshToken,proto3" json:"refresh_token,omitempty"`
TokenExpiry int64 `protobuf:"varint,3,opt,name=token_expiry,json=tokenExpiry,proto3" json:"token_expiry,omitempty"`
Secret string `protobuf:"bytes,2,opt,name=secret,proto3" json:"secret,omitempty"`
RefreshToken string `protobuf:"bytes,3,opt,name=refresh_token,json=refreshToken,proto3" json:"refresh_token,omitempty"`
TokenExpiry int64 `protobuf:"varint,4,opt,name=token_expiry,json=tokenExpiry,proto3" json:"token_expiry,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
@ -814,7 +721,7 @@ func (m *TokenRequest) Reset() { *m = TokenRequest{} }
func (m *TokenRequest) String() string { return proto.CompactTextString(m) }
func (*TokenRequest) ProtoMessage() {}
func (*TokenRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{15}
return fileDescriptor_11312eec02fd5712, []int{13}
}
func (m *TokenRequest) XXX_Unmarshal(b []byte) error {
@ -842,6 +749,13 @@ func (m *TokenRequest) GetId() string {
return ""
}
func (m *TokenRequest) GetSecret() string {
if m != nil {
return m.Secret
}
return ""
}
func (m *TokenRequest) GetRefreshToken() string {
if m != nil {
return m.RefreshToken
@ -867,7 +781,7 @@ func (m *TokenResponse) Reset() { *m = TokenResponse{} }
func (m *TokenResponse) String() string { return proto.CompactTextString(m) }
func (*TokenResponse) ProtoMessage() {}
func (*TokenResponse) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{16}
return fileDescriptor_11312eec02fd5712, []int{14}
}
func (m *TokenResponse) XXX_Unmarshal(b []byte) error {
@ -909,7 +823,7 @@ func (m *Rule) Reset() { *m = Rule{} }
func (m *Rule) String() string { return proto.CompactTextString(m) }
func (*Rule) ProtoMessage() {}
func (*Rule) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{17}
return fileDescriptor_11312eec02fd5712, []int{15}
}
func (m *Rule) XXX_Unmarshal(b []byte) error {
@ -971,7 +885,7 @@ func (m *CreateRequest) Reset() { *m = CreateRequest{} }
func (m *CreateRequest) String() string { return proto.CompactTextString(m) }
func (*CreateRequest) ProtoMessage() {}
func (*CreateRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{18}
return fileDescriptor_11312eec02fd5712, []int{16}
}
func (m *CreateRequest) XXX_Unmarshal(b []byte) error {
@ -1023,7 +937,7 @@ func (m *CreateResponse) Reset() { *m = CreateResponse{} }
func (m *CreateResponse) String() string { return proto.CompactTextString(m) }
func (*CreateResponse) ProtoMessage() {}
func (*CreateResponse) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{19}
return fileDescriptor_11312eec02fd5712, []int{17}
}
func (m *CreateResponse) XXX_Unmarshal(b []byte) error {
@ -1057,7 +971,7 @@ func (m *DeleteRequest) Reset() { *m = DeleteRequest{} }
func (m *DeleteRequest) String() string { return proto.CompactTextString(m) }
func (*DeleteRequest) ProtoMessage() {}
func (*DeleteRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{20}
return fileDescriptor_11312eec02fd5712, []int{18}
}
func (m *DeleteRequest) XXX_Unmarshal(b []byte) error {
@ -1109,7 +1023,7 @@ func (m *DeleteResponse) Reset() { *m = DeleteResponse{} }
func (m *DeleteResponse) String() string { return proto.CompactTextString(m) }
func (*DeleteResponse) ProtoMessage() {}
func (*DeleteResponse) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{21}
return fileDescriptor_11312eec02fd5712, []int{19}
}
func (m *DeleteResponse) XXX_Unmarshal(b []byte) error {
@ -1140,7 +1054,7 @@ func (m *ListRequest) Reset() { *m = ListRequest{} }
func (m *ListRequest) String() string { return proto.CompactTextString(m) }
func (*ListRequest) ProtoMessage() {}
func (*ListRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{22}
return fileDescriptor_11312eec02fd5712, []int{20}
}
func (m *ListRequest) XXX_Unmarshal(b []byte) error {
@ -1172,7 +1086,7 @@ func (m *ListResponse) Reset() { *m = ListResponse{} }
func (m *ListResponse) String() string { return proto.CompactTextString(m) }
func (*ListResponse) ProtoMessage() {}
func (*ListResponse) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{23}
return fileDescriptor_11312eec02fd5712, []int{21}
}
func (m *ListResponse) XXX_Unmarshal(b []byte) error {
@ -1209,8 +1123,6 @@ func init() {
proto.RegisterType((*Account)(nil), "go.micro.auth.Account")
proto.RegisterMapType((map[string]string)(nil), "go.micro.auth.Account.MetadataEntry")
proto.RegisterType((*Resource)(nil), "go.micro.auth.Resource")
proto.RegisterType((*LoginRequest)(nil), "go.micro.auth.LoginRequest")
proto.RegisterType((*LoginResponse)(nil), "go.micro.auth.LoginResponse")
proto.RegisterType((*GenerateRequest)(nil), "go.micro.auth.GenerateRequest")
proto.RegisterMapType((map[string]string)(nil), "go.micro.auth.GenerateRequest.MetadataEntry")
proto.RegisterType((*GenerateResponse)(nil), "go.micro.auth.GenerateResponse")
@ -1236,65 +1148,63 @@ func init() {
}
var fileDescriptor_11312eec02fd5712 = []byte{
// 947 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x56, 0xdd, 0x8e, 0xdb, 0x44,
0x14, 0x5e, 0xdb, 0x89, 0xe3, 0x3d, 0x89, 0xb3, 0xd1, 0x74, 0xbb, 0x58, 0xe9, 0x0f, 0x8b, 0x8b,
0xd0, 0x52, 0xd1, 0x2c, 0x4a, 0x25, 0xfe, 0x2a, 0x21, 0xa2, 0x26, 0x0a, 0x2d, 0x6d, 0x10, 0x56,
0x51, 0xb9, 0x41, 0x95, 0xd7, 0x39, 0xdd, 0x35, 0x9b, 0xb5, 0xc3, 0xcc, 0x78, 0xc5, 0x3e, 0x01,
0x77, 0xbc, 0x03, 0x12, 0xb7, 0xf0, 0x44, 0x3c, 0x0c, 0x9a, 0xf1, 0x8c, 0xd7, 0x71, 0x9c, 0x6a,
0x55, 0x16, 0x89, 0xbb, 0x39, 0x33, 0x67, 0xbe, 0x73, 0xbe, 0xf3, 0x37, 0x03, 0x9f, 0x1e, 0xc7,
0xfc, 0x24, 0x3b, 0x1a, 0x44, 0xe9, 0xd9, 0xe1, 0x59, 0x1c, 0xd1, 0xf4, 0xf0, 0x38, 0x7d, 0x90,
0x2f, 0xc2, 0x8c, 0x9f, 0x1c, 0x32, 0xa4, 0xe7, 0x71, 0x84, 0x87, 0x4b, 0x9a, 0xf2, 0x7c, 0x6b,
0x20, 0x97, 0xc4, 0x3d, 0x4e, 0x07, 0x52, 0x6f, 0x20, 0x36, 0xfd, 0x9b, 0x70, 0xe3, 0x59, 0xcc,
0xf8, 0x28, 0x8a, 0xd2, 0x2c, 0xe1, 0x2c, 0xc0, 0x9f, 0x33, 0x64, 0xdc, 0x7f, 0x0a, 0xbb, 0xab,
0xdb, 0x6c, 0x99, 0x26, 0x0c, 0xc9, 0x10, 0x9c, 0x50, 0xed, 0x79, 0xc6, 0xbe, 0x75, 0xd0, 0x1e,
0xee, 0x0d, 0x56, 0x00, 0x07, 0xea, 0x4a, 0x50, 0xe8, 0xf9, 0x7f, 0x99, 0xd0, 0x7c, 0x91, 0x9e,
0x62, 0x42, 0x76, 0xa1, 0xc9, 0xc5, 0xc2, 0x33, 0xf6, 0x8d, 0x83, 0xed, 0x20, 0x17, 0x08, 0x81,
0x06, 0xbf, 0x58, 0xa2, 0x67, 0xca, 0x4d, 0xb9, 0x26, 0x1e, 0xb4, 0x22, 0x8a, 0x21, 0xc7, 0xb9,
0x67, 0xed, 0x1b, 0x07, 0x56, 0xa0, 0x45, 0xb2, 0x07, 0x36, 0xfe, 0xb2, 0x8c, 0xe9, 0x85, 0xd7,
0x90, 0x07, 0x4a, 0x12, 0x37, 0x58, 0x76, 0xf4, 0x13, 0x46, 0xdc, 0x6b, 0x4a, 0x20, 0x2d, 0x0a,
0xab, 0x34, 0x5d, 0x20, 0xf3, 0xec, 0x7d, 0x4b, 0x58, 0x95, 0x02, 0xf9, 0x12, 0x9c, 0x33, 0xe4,
0xe1, 0x3c, 0xe4, 0xa1, 0xd7, 0x92, 0x4c, 0xfc, 0x0a, 0x13, 0xe9, 0xf3, 0xe0, 0xb9, 0x52, 0x9a,
0x24, 0x9c, 0x5e, 0x04, 0xc5, 0x1d, 0x72, 0x1b, 0xb6, 0x93, 0xf0, 0x0c, 0xd9, 0x32, 0x8c, 0xd0,
0x73, 0xa4, 0xc5, 0xcb, 0x8d, 0xfe, 0x23, 0x70, 0x57, 0x2e, 0x92, 0x1e, 0x58, 0xa7, 0x78, 0xa1,
0x88, 0x8b, 0xa5, 0x70, 0xeb, 0x3c, 0x5c, 0x64, 0x9a, 0x77, 0x2e, 0x7c, 0x61, 0x7e, 0x66, 0xf8,
0xbf, 0x9b, 0xd0, 0x52, 0x61, 0x24, 0x5d, 0x30, 0xe3, 0xb9, 0xba, 0x66, 0xc6, 0xf3, 0xda, 0x60,
0x15, 0x04, 0xad, 0x32, 0xc1, 0xaf, 0x4a, 0x04, 0x1b, 0x92, 0xe0, 0xfb, 0xf5, 0xa9, 0xba, 0x1a,
0xc5, 0x66, 0x85, 0x22, 0xb9, 0x07, 0x2e, 0xc5, 0xd7, 0x14, 0xd9, 0xc9, 0xab, 0x3c, 0xa9, 0xb6,
0xd4, 0xe8, 0xa8, 0xcd, 0x3c, 0xe3, 0x7d, 0x70, 0x96, 0x34, 0x3d, 0x8f, 0xe7, 0x48, 0xbd, 0x96,
0x3c, 0x2f, 0xe4, 0x7f, 0x17, 0xa3, 0x19, 0x38, 0x01, 0xb2, 0x34, 0xa3, 0x11, 0x8a, 0x98, 0x08,
0xb7, 0xd4, 0x45, 0xb9, 0xae, 0x8d, 0x53, 0x1f, 0x1c, 0x4c, 0xe6, 0xcb, 0x34, 0x4e, 0xb8, 0xac,
0xaa, 0xed, 0xa0, 0x90, 0xfd, 0x4f, 0xa0, 0xf3, 0x2c, 0x3d, 0x8e, 0x13, 0xd5, 0x00, 0x6b, 0x71,
0xdf, 0x03, 0x9b, 0x61, 0x44, 0x91, 0x2b, 0x44, 0x25, 0xf9, 0x23, 0x70, 0xd5, 0x3d, 0xd5, 0x21,
0x1f, 0x43, 0x4b, 0x55, 0xbe, 0xbc, 0xbd, 0xb9, 0x41, 0xb4, 0x9a, 0xff, 0x87, 0x09, 0x3b, 0x53,
0x4c, 0x90, 0x86, 0x1c, 0x37, 0x99, 0x2f, 0x52, 0x6c, 0x96, 0x53, 0xfc, 0x75, 0x29, 0xc5, 0x96,
0x4c, 0xf1, 0x47, 0x15, 0x63, 0x15, 0xdc, 0xab, 0xa5, 0xba, 0x51, 0x4d, 0xf5, 0x25, 0xf9, 0x66,
0x99, 0x7c, 0x11, 0x64, 0x7b, 0x35, 0xc8, 0xff, 0x4d, 0xc6, 0xc7, 0xd0, 0xbb, 0x64, 0xf3, 0xd6,
0xc1, 0x7e, 0x09, 0x9d, 0x29, 0x0d, 0x13, 0xae, 0x03, 0x4d, 0xa0, 0x21, 0x62, 0xa9, 0x6b, 0x47,
0xac, 0xc9, 0x43, 0x70, 0xa8, 0xaa, 0x2d, 0xe9, 0x46, 0x7b, 0xf8, 0x4e, 0x05, 0x56, 0x97, 0x5e,
0x50, 0x28, 0xfa, 0x3b, 0xe0, 0x2a, 0xe0, 0xdc, 0x37, 0xff, 0x07, 0x70, 0x03, 0x3c, 0x4f, 0x4f,
0xf1, 0xda, 0x4d, 0xf5, 0xa0, 0xab, 0x91, 0x95, 0xad, 0x0f, 0xa0, 0xfb, 0x24, 0x61, 0x4b, 0x8c,
0x0a, 0x5e, 0xb5, 0xa3, 0xd6, 0x7f, 0x0c, 0x3b, 0x85, 0xde, 0x5b, 0x87, 0xf0, 0x35, 0x74, 0x64,
0x73, 0x6f, 0xaa, 0xd5, 0xb5, 0xc1, 0x60, 0xd6, 0x0c, 0x86, 0xf7, 0xa0, 0x23, 0x0f, 0x5f, 0xa9,
0x61, 0x9e, 0x4f, 0xf9, 0xb6, 0xdc, 0x9b, 0xc8, 0x2d, 0xff, 0x11, 0xb8, 0xca, 0x8e, 0x72, 0xf5,
0x7e, 0x99, 0x53, 0x7b, 0xb8, 0x5b, 0x37, 0xaf, 0x35, 0xd3, 0xdf, 0x0c, 0x68, 0x04, 0xd9, 0x02,
0xeb, 0x06, 0xa8, 0xcc, 0x82, 0xb9, 0x21, 0x0b, 0xd6, 0x15, 0xb3, 0x40, 0x1e, 0x80, 0x1d, 0x46,
0x11, 0x32, 0x26, 0xfb, 0xa5, 0x3b, 0xbc, 0xb9, 0x1e, 0x37, 0x64, 0x2c, 0x50, 0x4a, 0xfe, 0xaf,
0x06, 0xb8, 0x8f, 0xe5, 0x1b, 0x76, 0xdd, 0xf5, 0x50, 0xf2, 0xc4, 0xba, 0x8a, 0x27, 0x3d, 0xe8,
0x6a, 0x47, 0x54, 0xf9, 0x08, 0xdf, 0xc6, 0xb8, 0xc0, 0xff, 0x85, 0x6f, 0xda, 0x11, 0xe5, 0x9b,
0x0b, 0x6d, 0xf1, 0x13, 0xd1, 0x1f, 0x93, 0xcf, 0xa1, 0x93, 0x8b, 0xaa, 0x26, 0x3e, 0x84, 0x26,
0xcd, 0xc4, 0x60, 0xcc, 0x7f, 0x23, 0x37, 0xaa, 0x1e, 0x65, 0x0b, 0x0c, 0x72, 0x8d, 0xfb, 0x03,
0xb0, 0x73, 0x6b, 0xa4, 0x0d, 0xad, 0xef, 0x67, 0xdf, 0xcc, 0xbe, 0x7d, 0x39, 0xeb, 0x6d, 0x09,
0x61, 0x1a, 0x8c, 0x66, 0x2f, 0x26, 0xe3, 0x9e, 0x41, 0x00, 0xec, 0xf1, 0x64, 0xf6, 0x64, 0x32,
0xee, 0x99, 0xc3, 0x3f, 0x4d, 0x68, 0x8c, 0x32, 0x7e, 0x42, 0x9e, 0x83, 0xa3, 0x27, 0x0f, 0xb9,
0xfb, 0xe6, 0x01, 0xdb, 0x7f, 0x77, 0xe3, 0xb9, 0xe2, 0xb3, 0x45, 0x9e, 0x42, 0x4b, 0x35, 0x21,
0xb9, 0x53, 0xd1, 0x5e, 0x6d, 0xe2, 0xfe, 0xdd, 0x4d, 0xc7, 0x05, 0xd6, 0x58, 0x7f, 0xad, 0x6e,
0xd5, 0x36, 0x83, 0xc2, 0xb9, 0x5d, 0x7f, 0x58, 0x46, 0x91, 0x8f, 0xd8, 0x1a, 0x4a, 0xf9, 0x49,
0x5c, 0x43, 0x59, 0x79, 0xf7, 0xfc, 0xad, 0xe1, 0x8f, 0xe0, 0xe8, 0xff, 0x22, 0xf9, 0x0e, 0x1a,
0x22, 0x4d, 0xa4, 0xfa, 0xa7, 0xaa, 0xf9, 0x6b, 0xf6, 0xef, 0xbd, 0x51, 0xa7, 0x80, 0xff, 0xdb,
0x80, 0xa6, 0x48, 0x27, 0x23, 0x53, 0xb0, 0xf3, 0x02, 0x26, 0x55, 0x97, 0x56, 0x1a, 0xac, 0x7f,
0x67, 0xc3, 0x69, 0xc1, 0x7b, 0x0a, 0x76, 0x5e, 0x6d, 0x6b, 0x40, 0x2b, 0xdd, 0xb0, 0x06, 0x54,
0x29, 0xd1, 0x2d, 0x32, 0x52, 0x74, 0xfb, 0x35, 0x54, 0x34, 0xc8, 0xad, 0xda, 0x33, 0x0d, 0x71,
0x64, 0xcb, 0xef, 0xf9, 0xc3, 0x7f, 0x02, 0x00, 0x00, 0xff, 0xff, 0x8f, 0xd3, 0xdd, 0x57, 0xd9,
0x0b, 0x00, 0x00,
// 924 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x56, 0x4b, 0x6f, 0xdb, 0x46,
0x10, 0x36, 0x49, 0x89, 0xa2, 0x47, 0x0f, 0x0b, 0x1b, 0xc7, 0x25, 0x94, 0x47, 0x1d, 0xa6, 0x28,
0xdc, 0xa0, 0x91, 0x0b, 0xe5, 0xd0, 0x47, 0x80, 0xa2, 0x46, 0x24, 0xa8, 0x49, 0x1b, 0x15, 0x25,
0x52, 0xa4, 0x97, 0x22, 0xa0, 0xa9, 0xa9, 0xcd, 0x5a, 0x26, 0xd9, 0xdd, 0xa5, 0x51, 0x5f, 0x7a,
0xed, 0xad, 0xbf, 0xa2, 0x3f, 0xa7, 0x3f, 0xa1, 0xf7, 0xfe, 0x89, 0x1e, 0x0a, 0xee, 0x83, 0x16,
0x29, 0xca, 0x10, 0x5a, 0x1f, 0x72, 0xdb, 0x79, 0xec, 0xec, 0x7c, 0xdf, 0x0c, 0x87, 0x03, 0x1f,
0x9f, 0x44, 0xfc, 0x34, 0x3b, 0x1e, 0x86, 0xc9, 0xf9, 0xe1, 0x79, 0x14, 0xd2, 0xe4, 0xf0, 0x24,
0x79, 0x2c, 0x0f, 0x41, 0xc6, 0x4f, 0x0f, 0x19, 0xd2, 0x8b, 0x28, 0xc4, 0xc3, 0x94, 0x26, 0x5c,
0xaa, 0x86, 0xe2, 0x48, 0xba, 0x27, 0xc9, 0x50, 0xf8, 0x0d, 0x73, 0xa5, 0x77, 0x1b, 0x6e, 0x7d,
0x1d, 0x31, 0x7e, 0x14, 0x86, 0x49, 0x16, 0x73, 0xe6, 0xe3, 0xcf, 0x19, 0x32, 0xee, 0xbd, 0x80,
0xdd, 0xb2, 0x9a, 0xa5, 0x49, 0xcc, 0x90, 0x8c, 0xc0, 0x09, 0x94, 0xce, 0x35, 0xf6, 0xad, 0x83,
0xf6, 0x68, 0x6f, 0x58, 0x0a, 0x38, 0x54, 0x57, 0xfc, 0xc2, 0xcf, 0xfb, 0xd3, 0x84, 0xe6, 0xab,
0xe4, 0x0c, 0x63, 0xf2, 0x00, 0x3a, 0x41, 0x18, 0x22, 0x63, 0x6f, 0x78, 0x2e, 0xbb, 0xc6, 0xbe,
0x71, 0xb0, 0xed, 0xb7, 0xa5, 0x4e, 0xba, 0x3c, 0x84, 0x2e, 0xc5, 0x1f, 0x29, 0xb2, 0x53, 0xe5,
0x63, 0x0a, 0x9f, 0x8e, 0x52, 0x4a, 0x27, 0x17, 0x5a, 0x21, 0xc5, 0x80, 0xe3, 0xdc, 0xb5, 0xf6,
0x8d, 0x03, 0xcb, 0xd7, 0x22, 0xd9, 0x03, 0x1b, 0x7f, 0x49, 0x23, 0x7a, 0xe9, 0x36, 0x84, 0x41,
0x49, 0xf9, 0x0d, 0x96, 0x1d, 0xff, 0x84, 0x21, 0x77, 0x9b, 0x22, 0xa0, 0x16, 0xc9, 0x2e, 0x34,
0x69, 0xb2, 0x40, 0xe6, 0xda, 0xfb, 0xd6, 0xc1, 0xb6, 0x2f, 0x05, 0xf2, 0x39, 0x38, 0xe7, 0xc8,
0x83, 0x79, 0xc0, 0x03, 0xb7, 0x25, 0x70, 0x7a, 0x15, 0x9c, 0x22, 0x93, 0xe1, 0x4b, 0xe5, 0x34,
0x89, 0x39, 0xbd, 0xf4, 0x8b, 0x3b, 0xe4, 0x2e, 0x6c, 0xc7, 0xc1, 0x39, 0xb2, 0x34, 0x08, 0xd1,
0x75, 0xc4, 0x8b, 0x57, 0x8a, 0xc1, 0x53, 0xe8, 0x96, 0x2e, 0x92, 0x3e, 0x58, 0x67, 0x78, 0xa9,
0xf8, 0xc8, 0x8f, 0x79, 0x5a, 0x17, 0xc1, 0x22, 0x43, 0x85, 0x5f, 0x0a, 0x9f, 0x99, 0x9f, 0x18,
0xde, 0x3f, 0x06, 0xb4, 0x14, 0xc9, 0xa4, 0x07, 0x66, 0x34, 0x57, 0xd7, 0xcc, 0x68, 0x4e, 0x08,
0x34, 0xf8, 0x65, 0xaa, 0x2f, 0x89, 0xf3, 0x15, 0x40, 0x6b, 0x19, 0xe0, 0x17, 0x4b, 0x00, 0x1b,
0x02, 0xe0, 0x7b, 0xf5, 0x85, 0xdc, 0x0c, 0x62, 0xb3, 0x02, 0x91, 0x0c, 0xc0, 0x49, 0x69, 0x72,
0x11, 0xcd, 0x91, 0xba, 0xb6, 0x30, 0x16, 0xf2, 0xff, 0x83, 0x3f, 0x03, 0xc7, 0x47, 0x96, 0x64,
0x34, 0xc4, 0x1c, 0x6e, 0xfe, 0xa2, 0xba, 0x28, 0xce, 0xb5, 0x14, 0x0c, 0xc0, 0xc1, 0x78, 0x9e,
0x26, 0x51, 0xcc, 0x45, 0xc3, 0x6c, 0xfb, 0x85, 0xec, 0xfd, 0x61, 0xc2, 0xce, 0x14, 0x63, 0xa4,
0x01, 0x47, 0xd5, 0xfd, 0x2b, 0xb4, 0x16, 0x14, 0x9a, 0xcb, 0x14, 0x7e, 0xb9, 0x44, 0xa1, 0x25,
0x28, 0xfc, 0xb0, 0x42, 0x61, 0x25, 0xee, 0x66, 0x54, 0x36, 0xaa, 0x54, 0xee, 0x81, 0xcd, 0x30,
0xa4, 0xa8, 0x5b, 0x57, 0x49, 0x05, 0x52, 0xbb, 0x8c, 0xb4, 0xa0, 0xbd, 0x75, 0x93, 0xb4, 0x8f,
0xa1, 0x7f, 0x85, 0x46, 0x0d, 0x83, 0x8f, 0xa0, 0xa5, 0x3e, 0x72, 0x11, 0x63, 0xfd, 0x2c, 0xd0,
0x6e, 0xde, 0x6b, 0xe8, 0x4c, 0x69, 0x10, 0x73, 0x4d, 0x34, 0x81, 0x46, 0xce, 0xa5, 0x2e, 0x60,
0x7e, 0x26, 0x4f, 0xc0, 0xa1, 0xaa, 0xc0, 0x22, 0x8d, 0xf6, 0xe8, 0x9d, 0x4a, 0x58, 0x5d, 0x7f,
0xbf, 0x70, 0xf4, 0x76, 0xa0, 0xab, 0x02, 0xcb, 0xdc, 0xbc, 0xef, 0xa1, 0xeb, 0xe3, 0x45, 0x72,
0x86, 0x37, 0xfe, 0x54, 0x1f, 0x7a, 0x3a, 0xb2, 0x7a, 0xeb, 0x7d, 0xe8, 0x3d, 0x8f, 0x59, 0x8a,
0x61, 0x81, 0x6b, 0x17, 0x9a, 0xcb, 0x13, 0x4e, 0x0a, 0xde, 0x33, 0xd8, 0x29, 0xfc, 0xfe, 0x33,
0x85, 0xbf, 0x42, 0x47, 0x8c, 0x9e, 0x75, 0xbd, 0x7a, 0xd5, 0x2d, 0x66, 0xa9, 0x5b, 0x56, 0x06,
0xab, 0x55, 0x33, 0x58, 0x1f, 0x40, 0x47, 0x18, 0xdf, 0x94, 0x86, 0x68, 0x5b, 0xe8, 0x26, 0x42,
0xe5, 0x3d, 0x85, 0xae, 0x7a, 0x5f, 0x41, 0x78, 0xb4, 0x8c, 0xb5, 0x3d, 0xda, 0xad, 0x9b, 0x93,
0x9a, 0x81, 0xdf, 0x0d, 0x68, 0xf8, 0xd9, 0x02, 0xeb, 0x06, 0x97, 0xa8, 0x8e, 0xb9, 0xa6, 0x3a,
0xd6, 0x86, 0xd5, 0x21, 0x8f, 0xc1, 0x96, 0xbf, 0x13, 0x91, 0x7b, 0x6f, 0x74, 0x7b, 0x95, 0x4f,
0x64, 0xcc, 0x57, 0x4e, 0xde, 0x6f, 0x06, 0x74, 0x9f, 0x89, 0x7f, 0xc7, 0x4d, 0xf7, 0xc9, 0x52,
0x26, 0xd6, 0x26, 0x99, 0xf4, 0xa1, 0xa7, 0x13, 0x51, 0x6d, 0x95, 0xe7, 0x36, 0xc6, 0x05, 0xbe,
0x15, 0xb9, 0xe9, 0x44, 0x54, 0x6e, 0x5d, 0x68, 0xe7, 0xfb, 0x81, 0x5e, 0x17, 0x3e, 0x85, 0x8e,
0x14, 0x55, 0x4f, 0x7c, 0x00, 0x4d, 0x9a, 0xe5, 0x03, 0x53, 0xee, 0x08, 0xb7, 0xaa, 0x19, 0x65,
0x0b, 0xf4, 0xa5, 0xc7, 0xa3, 0x21, 0xd8, 0xf2, 0x35, 0xd2, 0x86, 0xd6, 0x77, 0xb3, 0xaf, 0x66,
0xdf, 0xbc, 0x9e, 0xf5, 0xb7, 0x72, 0x61, 0xea, 0x1f, 0xcd, 0x5e, 0x4d, 0xc6, 0x7d, 0x83, 0x00,
0xd8, 0xe3, 0xc9, 0xec, 0xf9, 0x64, 0xdc, 0x37, 0x47, 0x7f, 0x1b, 0xd0, 0x38, 0xca, 0xf8, 0x29,
0x79, 0x09, 0x8e, 0x9e, 0x48, 0xe4, 0xfe, 0xf5, 0x83, 0x77, 0xf0, 0xee, 0x5a, 0xbb, 0xc2, 0xb3,
0x45, 0x5e, 0x40, 0x4b, 0x7d, 0x9c, 0xe4, 0x5e, 0xc5, 0xbb, 0xfc, 0x71, 0x0f, 0xee, 0xaf, 0x33,
0x17, 0xb1, 0xc6, 0x7a, 0xe1, 0xb9, 0x53, 0xfb, 0x31, 0xa8, 0x38, 0x77, 0xeb, 0x8d, 0x3a, 0xca,
0xe8, 0x07, 0x70, 0xf4, 0xfe, 0x45, 0xbe, 0x85, 0x46, 0x4e, 0x30, 0xa9, 0x6e, 0x21, 0x35, 0xbb,
0xdb, 0xe0, 0xe1, 0xb5, 0x3e, 0x45, 0xf8, 0xbf, 0x0c, 0x68, 0xe6, 0x85, 0x60, 0x64, 0x0a, 0xb6,
0x6c, 0x3d, 0x52, 0x4d, 0xa9, 0xf4, 0x69, 0x0c, 0xee, 0xad, 0xb1, 0x16, 0xb8, 0xa7, 0x60, 0xcb,
0x3e, 0x59, 0x09, 0x54, 0xea, 0xe3, 0x95, 0x40, 0x95, 0xe6, 0xda, 0x22, 0x47, 0x0a, 0xee, 0xa0,
0x06, 0x8a, 0x0e, 0x72, 0xa7, 0xd6, 0xa6, 0x43, 0x1c, 0xdb, 0x62, 0xdd, 0x7d, 0xf2, 0x6f, 0x00,
0x00, 0x00, 0xff, 0xff, 0xd8, 0x6c, 0xbf, 0xd6, 0x29, 0x0b, 0x00, 0x00,
}

View File

@ -37,7 +37,6 @@ type AuthService interface {
Generate(ctx context.Context, in *GenerateRequest, opts ...client.CallOption) (*GenerateResponse, error)
Inspect(ctx context.Context, in *InspectRequest, opts ...client.CallOption) (*InspectResponse, error)
Token(ctx context.Context, in *TokenRequest, opts ...client.CallOption) (*TokenResponse, error)
Login(ctx context.Context, in *LoginRequest, opts ...client.CallOption) (*LoginResponse, error)
}
type authService struct {
@ -82,23 +81,12 @@ func (c *authService) Token(ctx context.Context, in *TokenRequest, opts ...clien
return out, nil
}
func (c *authService) Login(ctx context.Context, in *LoginRequest, opts ...client.CallOption) (*LoginResponse, error) {
req := c.c.NewRequest(c.name, "Auth.Login", in)
out := new(LoginResponse)
err := c.c.Call(ctx, req, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
// Server API for Auth service
type AuthHandler interface {
Generate(context.Context, *GenerateRequest, *GenerateResponse) error
Inspect(context.Context, *InspectRequest, *InspectResponse) error
Token(context.Context, *TokenRequest, *TokenResponse) error
Login(context.Context, *LoginRequest, *LoginResponse) error
}
func RegisterAuthHandler(s server.Server, hdlr AuthHandler, opts ...server.HandlerOption) error {
@ -106,7 +94,6 @@ func RegisterAuthHandler(s server.Server, hdlr AuthHandler, opts ...server.Handl
Generate(ctx context.Context, in *GenerateRequest, out *GenerateResponse) error
Inspect(ctx context.Context, in *InspectRequest, out *InspectResponse) error
Token(ctx context.Context, in *TokenRequest, out *TokenResponse) error
Login(ctx context.Context, in *LoginRequest, out *LoginResponse) error
}
type Auth struct {
auth
@ -131,10 +118,6 @@ func (h *authHandler) Token(ctx context.Context, in *TokenRequest, out *TokenRes
return h.AuthHandler.Token(ctx, in, out)
}
func (h *authHandler) Login(ctx context.Context, in *LoginRequest, out *LoginResponse) error {
return h.AuthHandler.Login(ctx, in, out)
}
// Client API for Accounts service
type AccountsService interface {

View File

@ -6,7 +6,6 @@ service Auth {
rpc Generate(GenerateRequest) returns (GenerateResponse) {};
rpc Inspect(InspectRequest) returns (InspectResponse) {};
rpc Token(TokenRequest) returns (TokenResponse) {};
rpc Login(LoginRequest) returns (LoginResponse) {};
}
service Accounts {
@ -27,8 +26,8 @@ message ListAccountsResponse {
}
message Token {
string token = 1;
string type = 2;
string access_token = 1;
string refresh_token = 2;
int64 created = 3;
int64 expiry = 4;
string subject = 5;
@ -43,8 +42,7 @@ message Account {
repeated string roles = 3;
map<string, string> metadata = 4;
string namespace = 5;
string refresh_token = 6;
string provider = 7;
string provider = 6;
}
message Resource{
@ -53,15 +51,6 @@ message Resource{
string endpoint = 3;
}
message LoginRequest {
string id = 1;
string secret = 2;
}
message LoginResponse {
Account account = 1;
}
message GenerateRequest {
string id = 1;
repeated string roles = 2;
@ -100,8 +89,9 @@ message InspectResponse {
message TokenRequest {
string id = 1;
string refresh_token = 2;
int64 token_expiry = 3;
string secret = 2;
string refresh_token = 3;
int64 token_expiry = 4;
}
message TokenResponse {

View File

@ -73,11 +73,11 @@ func (s *svc) Init(opts ...auth.Option) {
// we have client credentials and must load a new token
// periodically
if len(s.options.ID) > 0 || len(s.options.RefreshToken) > 0 {
if len(s.options.ID) > 0 || len(s.options.Secret) > 0 {
tokenTimer := time.NewTicker(time.Minute)
go func() {
s.loadToken()
s.refreshToken()
for {
<-tokenTimer.C
@ -94,7 +94,7 @@ func (s *svc) Init(opts ...auth.Option) {
// all the services calling the auth service
// at the exact same time
time.Sleep(jitter.Do(time.Second * 5))
s.loadToken()
s.refreshToken()
}
}()
}
@ -107,14 +107,14 @@ func (s *svc) Options() auth.Options {
}
// Generate a new account
func (s *svc) Generate(id string, opts ...auth.GenerateOption) (*auth.Account, error) {
func (s *svc) Generate(id, secret string, opts ...auth.GenerateOption) (*auth.Account, error) {
options := auth.NewGenerateOptions(opts...)
rsp, err := s.auth.Generate(context.TODO(), &pb.GenerateRequest{
Id: id,
Secret: secret,
Type: options.Type,
Roles: options.Roles,
Secret: options.Secret,
Metadata: options.Metadata,
Provider: options.Provider,
Namespace: options.Namespace,
@ -126,16 +126,6 @@ func (s *svc) Generate(id string, opts ...auth.GenerateOption) (*auth.Account, e
return serializeAccount(rsp.Account), nil
}
// Login to an account
func (s *svc) Login(id string, opts ...auth.LoginOption) (*auth.Account, error) {
options := auth.NewLoginOptions(opts...)
rsp, err := s.auth.Login(context.TODO(), &pb.LoginRequest{Id: id, Secret: options.Secret})
if err != nil {
return nil, err
}
return serializeAccount(rsp.Account), nil
}
// Grant access to a resource
func (s *svc) Grant(role string, res *auth.Resource) error {
_, err := s.rule.Create(context.TODO(), &pb.CreateRequest{
@ -204,23 +194,14 @@ func (s *svc) Verify(acc *auth.Account, res *auth.Resource) error {
// Inspect a token
func (s *svc) Inspect(token string) (*auth.Account, error) {
// try to decode JWT locally and fall back to srv if an error
// occurs, TODO: find a better way of determining if the token
// is a JWT, possibly update the interface to take an auth.Token
// and not just the string
// try to decode JWT locally and fall back to srv if an error occurs
if len(strings.Split(token, ".")) == 3 && s.jwt != nil {
if tok, err := s.jwt.Inspect(token); err == nil {
return &auth.Account{
ID: tok.Subject,
Roles: tok.Roles,
Metadata: tok.Metadata,
}, nil
if acc, err := s.jwt.Inspect(token); err == nil {
return acc, nil
}
}
rsp, err := s.auth.Inspect(context.TODO(), &pb.InspectRequest{
Token: token,
})
rsp, err := s.auth.Inspect(context.TODO(), &pb.InspectRequest{Token: token})
if err != nil {
return nil, err
}
@ -229,13 +210,14 @@ func (s *svc) Inspect(token string) (*auth.Account, error) {
}
// Token generation using an account ID and secret
func (s *svc) Token(id, refresh string, opts ...auth.TokenOption) (*auth.Token, error) {
func (s *svc) Token(opts ...auth.TokenOption) (*auth.Token, error) {
options := auth.NewTokenOptions(opts...)
rsp, err := s.auth.Token(context.Background(), &pb.TokenRequest{
Id: id,
RefreshToken: refresh,
TokenExpiry: int64(options.TokenExpiry.Seconds()),
Id: options.ID,
Secret: options.Secret,
RefreshToken: options.RefreshToken,
TokenExpiry: int64(options.Expiry.Seconds()),
})
if err != nil {
return nil, err
@ -299,13 +281,22 @@ func (s *svc) loadRules() {
s.rules = rsp.Rules
}
// loadToken generates a new token for the service to use when making calls
func (s *svc) loadToken() {
rsp, err := s.auth.Token(context.TODO(), &pb.TokenRequest{
Id: s.Options().ID,
RefreshToken: s.Options().RefreshToken,
TokenExpiry: int64((time.Minute * 15).Seconds()),
})
// refreshToken generates a new token for the service to use when making calls
func (s *svc) refreshToken() {
req := &pb.TokenRequest{
TokenExpiry: int64((time.Minute * 15).Seconds()),
}
if s.Options().Token == nil {
// we do not have a token, use the credentials to get one
req.Id = s.Options().ID
req.Secret = s.Options().Secret
} else {
// we have a token, refresh it
req.RefreshToken = s.Options().Token.RefreshToken
}
rsp, err := s.auth.Token(context.TODO(), req)
s.Lock()
defer s.Unlock()
@ -319,23 +310,19 @@ func (s *svc) loadToken() {
func serializeToken(t *pb.Token) *auth.Token {
return &auth.Token{
Token: t.Token,
Type: t.Type,
Created: time.Unix(t.Created, 0),
Expiry: time.Unix(t.Expiry, 0),
Subject: t.Subject,
Roles: t.Roles,
Metadata: t.Metadata,
AccessToken: t.AccessToken,
RefreshToken: t.RefreshToken,
Created: time.Unix(t.Created, 0),
Expiry: time.Unix(t.Expiry, 0),
}
}
func serializeAccount(a *pb.Account) *auth.Account {
return &auth.Account{
ID: a.Id,
Roles: a.Roles,
Metadata: a.Metadata,
Provider: a.Provider,
Namespace: a.Namespace,
RefreshToken: a.RefreshToken,
ID: a.Id,
Roles: a.Roles,
Metadata: a.Metadata,
Provider: a.Provider,
Namespace: a.Namespace,
}
}

View File

@ -35,30 +35,19 @@ func NewTokenProvider(opts ...token.Option) token.Provider {
}
// Generate a token for an account
func (b *Basic) Generate(subject string, opts ...token.GenerateOption) (*auth.Token, error) {
func (b *Basic) Generate(acc *auth.Account, opts ...token.GenerateOption) (*token.Token, error) {
options := token.NewGenerateOptions(opts...)
// construct the token
token := auth.Token{
Subject: subject,
Type: b.String(),
Token: uuid.New().String(),
Created: time.Now(),
Expiry: time.Now().Add(options.Expiry),
Metadata: options.Metadata,
Roles: options.Roles,
Namespace: options.Namespace,
}
// marshal the account to bytes
bytes, err := json.Marshal(token)
bytes, err := json.Marshal(acc)
if err != nil {
return nil, err
}
// write to the store
key := uuid.New().String()
err = b.store.Write(&store.Record{
Key: fmt.Sprintf("%v%v", StorePrefix, token.Token),
Key: fmt.Sprintf("%v%v", StorePrefix, key),
Value: bytes,
Expiry: options.Expiry,
})
@ -67,11 +56,15 @@ func (b *Basic) Generate(subject string, opts ...token.GenerateOption) (*auth.To
}
// return the token
return &token, nil
return &token.Token{
Token: key,
Created: time.Now(),
Expiry: time.Now().Add(options.Expiry),
}, nil
}
// Inspect a token
func (b *Basic) Inspect(t string) (*auth.Token, error) {
func (b *Basic) Inspect(t string) (*auth.Account, error) {
// lookup the token in the store
recs, err := b.store.Read(StorePrefix + t)
if err == store.ErrNotFound {
@ -82,18 +75,12 @@ func (b *Basic) Inspect(t string) (*auth.Token, error) {
bytes := recs[0].Value
// unmarshal the bytes
var tok *auth.Token
if err := json.Unmarshal(bytes, &tok); err != nil {
var acc *auth.Account
if err := json.Unmarshal(bytes, &acc); err != nil {
return nil, err
}
// ensure the token hasn't expired, the store should
// expire the token but we're checking again
if tok.Expiry.Unix() < time.Now().Unix() {
return nil, token.ErrInvalidToken
}
return tok, err
return acc, nil
}
// String returns basic

View File

@ -11,7 +11,9 @@ import (
// authClaims to be encoded in the JWT
type authClaims struct {
Type string `json:"type"`
Roles []string `json:"roles"`
Provider string `json:"provider"`
Metadata map[string]string `json:"metadata"`
Namespace string `json:"namespace"`
@ -31,7 +33,7 @@ func NewTokenProvider(opts ...token.Option) token.Provider {
}
// Generate a new JWT
func (j *JWT) Generate(subject string, opts ...token.GenerateOption) (*auth.Token, error) {
func (j *JWT) Generate(acc *auth.Account, opts ...token.GenerateOption) (*token.Token, error) {
// decode the private key
priv, err := base64.StdEncoding.DecodeString(j.opts.PrivateKey)
if err != nil {
@ -50,8 +52,8 @@ func (j *JWT) Generate(subject string, opts ...token.GenerateOption) (*auth.Toke
// generate the JWT
expiry := time.Now().Add(options.Expiry)
t := jwt.NewWithClaims(jwt.SigningMethodRS256, authClaims{
options.Roles, options.Metadata, options.Namespace, jwt.StandardClaims{
Subject: subject,
acc.Type, acc.Roles, acc.Provider, acc.Metadata, acc.Namespace, jwt.StandardClaims{
Subject: acc.ID,
ExpiresAt: expiry.Unix(),
},
})
@ -61,20 +63,15 @@ func (j *JWT) Generate(subject string, opts ...token.GenerateOption) (*auth.Toke
}
// return the token
return &auth.Token{
Subject: subject,
Token: tok,
Type: j.String(),
Created: time.Now(),
Expiry: expiry,
Roles: options.Roles,
Metadata: options.Metadata,
Namespace: options.Namespace,
return &token.Token{
Token: tok,
Expiry: expiry,
Created: time.Now(),
}, nil
}
// Inspect a JWT
func (j *JWT) Inspect(t string) (*auth.Token, error) {
func (j *JWT) Inspect(t string) (*auth.Account, error) {
// decode the public key
pub, err := base64.StdEncoding.DecodeString(j.opts.PublicKey)
if err != nil {
@ -99,11 +96,12 @@ func (j *JWT) Inspect(t string) (*auth.Token, error) {
}
// return the token
return &auth.Token{
Token: t,
Subject: claims.Subject,
Metadata: claims.Metadata,
return &auth.Account{
ID: claims.Subject,
Type: claims.Type,
Roles: claims.Roles,
Provider: claims.Provider,
Metadata: claims.Metadata,
Namespace: claims.Namespace,
}, nil
}

View File

@ -53,12 +53,6 @@ func NewOptions(opts ...Option) Options {
type GenerateOptions struct {
// Expiry for the token
Expiry time.Duration
// Metadata associated with the account
Metadata map[string]string
// Roles/scopes associated with the account
Roles []string
// Namespace the account belongs too
Namespace string
}
type GenerateOption func(o *GenerateOptions)
@ -70,27 +64,6 @@ func WithExpiry(d time.Duration) GenerateOption {
}
}
// WithMetadata for the token
func WithMetadata(md map[string]string) func(o *GenerateOptions) {
return func(o *GenerateOptions) {
o.Metadata = md
}
}
// WithRoles for the token
func WithRoles(rs ...string) func(o *GenerateOptions) {
return func(o *GenerateOptions) {
o.Roles = rs
}
}
// WithNamespace for the token
func WithNamespace(n string) func(o *GenerateOptions) {
return func(o *GenerateOptions) {
o.Namespace = n
}
}
// NewGenerateOptions from a slice of options
func NewGenerateOptions(opts ...GenerateOption) GenerateOptions {
var options GenerateOptions

View File

@ -2,6 +2,7 @@ package token
import (
"errors"
"time"
"github.com/micro/go-micro/v2/auth"
)
@ -17,7 +18,16 @@ var (
// Provider generates and inspects tokens
type Provider interface {
Generate(subject string, opts ...GenerateOption) (*auth.Token, error)
Inspect(token string) (*auth.Token, error)
Generate(account *auth.Account, opts ...GenerateOption) (*Token, error)
Inspect(token string) (*auth.Account, error)
String() string
}
type Token struct {
// The actual token
Token string `json:"token"`
// Time of token creation
Created time.Time `json:"created"`
// Time of token expiry
Expiry time.Time `json:"expiry"`
}

View File

@ -135,7 +135,7 @@ func (g *grpcClient) call(ctx context.Context, node *registry.Node, req client.R
// was passed with the request, set the service token
var srvToken string
if g.opts.Auth != nil && g.opts.Auth.Options().Token != nil {
srvToken = g.opts.Auth.Options().Token.Token
srvToken = g.opts.Auth.Options().Token.AccessToken
}
if (opts.ServiceToken || len(header["authorization"]) == 0) && len(srvToken) > 0 {
header["authorization"] = auth.BearerScheme + srvToken

View File

@ -671,10 +671,6 @@ func (c *cmd) Before(ctx *cli.Context) error {
authOpts = append(authOpts, auth.PublicKey(ctx.String("auth_public_key")))
}
if len(ctx.String("auth_private_key")) > 0 {
authOpts = append(authOpts, auth.PrivateKey(ctx.String("auth_private_key")))
}
if name := ctx.String("auth_provider"); len(name) > 0 {
p, ok := DefaultAuthProviders[name]
if !ok {