Further Refactoring

This commit is contained in:
Ben Toogood 2020-04-01 14:25:00 +01:00
parent 82bc3cbf8d
commit 8e4d9e1702
13 changed files with 223 additions and 401 deletions

View File

@ -32,9 +32,7 @@ type Auth interface {
// Options set for auth // Options set for auth
Options() Options Options() Options
// Generate a new account // Generate a new account
Generate(id string, opts ...GenerateOption) (*Account, error) Generate(id, secret string, opts ...GenerateOption) (*Account, error)
// Login to an existing account
Login(id string, opts ...LoginOption) (*Account, error)
// Grant access to a resource // Grant access to a resource
Grant(role string, res *Resource) error Grant(role string, res *Resource) error
// Revoke access to a resource // Revoke access to a resource
@ -44,7 +42,7 @@ type Auth interface {
// Inspect a token // Inspect a token
Inspect(token string) (*Account, error) Inspect(token string) (*Account, error)
// Token generated using refresh token // Token generated using refresh token
Token(id, refreshToken string, opts ...TokenOption) (*Token, error) Token(opts ...TokenOption) (*Token, error)
// String returns the name of the implementation // String returns the name of the implementation
String() string String() string
} }
@ -67,8 +65,6 @@ type Account struct {
Type string `json:"type"` Type string `json:"type"`
// Provider who issued the account // Provider who issued the account
Provider string `json:"provider"` Provider string `json:"provider"`
// RefreshToken used to renew the account
RefreshToken string `json:"refresh_token"`
// Roles associated with the Account // Roles associated with the Account
Roles []string `json:"roles"` Roles []string `json:"roles"`
// Any other associated metadata // Any other associated metadata
@ -81,22 +77,14 @@ type Account struct {
// Token can be short or long lived // Token can be short or long lived
type Token struct { type Token struct {
// The token itself // The token to be used for accessing resources
Token string `json:"token"` AccessToken string `json:"access_token"`
// Type of token, e.g. JWT // RefreshToken to be used to generate a new token
Type string `json:"type"` RefreshToken string `json:"refresh_token"`
// Time of token creation // Time of token creation
Created time.Time `json:"created"` Created time.Time `json:"created"`
// Time of token expiry // Time of token expiry
Expiry time.Time `json:"expiry"` Expiry time.Time `json:"expiry"`
// Subject of the token, e.g. the account ID
Subject string `json:"subject"`
// Roles granted to the token
Roles []string `json:"roles"`
// Metadata embedded in the token
Metadata map[string]string `json:"metadata"`
// Namespace the token belongs to
Namespace string `json:"namespace"`
} }
const ( const (

View File

@ -34,20 +34,19 @@ func (n *noop) Options() Options {
} }
// Generate a new account // Generate a new account
func (n *noop) Generate(id string, opts ...GenerateOption) (*Account, error) { func (n *noop) Generate(id, secret string, opts ...GenerateOption) (*Account, error) {
options := NewGenerateOptions(opts...) options := NewGenerateOptions(opts...)
return &Account{ return &Account{
ID: id, ID: id,
Roles: options.Roles, Roles: options.Roles,
Metadata: options.Metadata, Metadata: options.Metadata,
RefreshToken: uuid.New().String(),
}, nil }, nil
} }
// Login to an existing account // Login to an existing account
func (n *noop) Login(id string, opts ...LoginOption) (*Account, error) { func (n *noop) Login(opts ...LoginOption) (*Account, error) {
return &Account{ID: id}, nil return &Account{}, nil
} }
// Grant access to a resource // Grant access to a resource
@ -73,6 +72,6 @@ func (n *noop) Inspect(token string) (*Account, error) {
} }
// Token generation using an account id and secret // Token generation using an account id and secret
func (n *noop) Token(id, tok string, opts ...TokenOption) (*Token, error) { func (n *noop) Token(opts ...TokenOption) (*Token, error) {
return &Token{}, nil return &Token{}, nil
} }

View File

@ -10,14 +10,12 @@ import (
type Options struct { type Options struct {
// ID is the services auth ID // ID is the services auth ID
ID string ID string
// RefreshToken is used to generate new tokens // Secret is used to authenticate the service
RefreshToken string Secret string
// Token is the services token used to authenticate itself // Token is the services token used to authenticate itself
Token *Token Token *Token
// Public key base64 encoded // PublicKey for decoding JWTs
PublicKey string PublicKey string
// Private key base64 encoded
PrivateKey string
// Provider is an auth provider // Provider is an auth provider
Provider provider.Provider Provider provider.Provider
// LoginURL is the relative url path where a user can login // LoginURL is the relative url path where a user can login
@ -42,18 +40,11 @@ func PublicKey(key string) Option {
} }
} }
// PrivateKey is the JWT private key
func PrivateKey(key string) Option {
return func(o *Options) {
o.PrivateKey = key
}
}
// Credentials sets the auth credentials // Credentials sets the auth credentials
func Credentials(id, refresh string) Option { func Credentials(id, secret string) Option {
return func(o *Options) { return func(o *Options) {
o.ID = id o.ID = id
o.RefreshToken = refresh o.Secret = secret
} }
} }
@ -78,8 +69,6 @@ type GenerateOptions struct {
Roles []string Roles []string
// Namespace the account belongs too // Namespace the account belongs too
Namespace string Namespace string
// Secret to use with the account
Secret string
// Provider of the account, e.g. oauth // Provider of the account, e.g. oauth
Provider string Provider string
// Type of the account, e.g. user // Type of the account, e.g. user
@ -116,13 +105,6 @@ func WithNamespace(n string) GenerateOption {
} }
} }
// WithSecret for the generated account
func WithSecret(s string) GenerateOption {
return func(o *GenerateOptions) {
o.Secret = s
}
}
// WithProvider for the generated account // WithProvider for the generated account
func WithProvider(p string) GenerateOption { func WithProvider(p string) GenerateOption {
return func(o *GenerateOptions) { return func(o *GenerateOptions) {
@ -163,16 +145,35 @@ func NewLoginOptions(opts ...LoginOption) LoginOptions {
} }
type TokenOptions struct { type TokenOptions struct {
// TokenExpiry is the time the token should live for // ID for the account
TokenExpiry time.Duration ID string
// Secret for the account
Secret string
// RefreshToken is used to refesh a token
RefreshToken string
// Expiry is the time the token should live for
Expiry time.Duration
} }
type TokenOption func(o *TokenOptions) type TokenOption func(o *TokenOptions)
// WithTokenExpiry for the token // WithExpiry for the token
func WithTokenExpiry(ex time.Duration) TokenOption { func WithExpiry(ex time.Duration) TokenOption {
return func(o *TokenOptions) { return func(o *TokenOptions) {
o.TokenExpiry = ex o.Expiry = ex
}
}
func WithCredentials(id, secret string) TokenOption {
return func(o *TokenOptions) {
o.ID = id
o.Secret = secret
}
}
func WithToken(rt string) TokenOption {
return func(o *TokenOptions) {
o.RefreshToken = rt
} }
} }
@ -184,8 +185,8 @@ func NewTokenOptions(opts ...TokenOption) TokenOptions {
} }
// set defualt expiry of token // set defualt expiry of token
if options.TokenExpiry == 0 { if options.Expiry == 0 {
options.TokenExpiry = time.Minute options.Expiry = time.Minute
} }
return options return options

View File

@ -119,8 +119,8 @@ func (m *ListAccountsResponse) GetAccounts() []*Account {
} }
type Token struct { type Token struct {
Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"` AccessToken string `protobuf:"bytes,1,opt,name=access_token,json=accessToken,proto3" json:"access_token,omitempty"`
Type string `protobuf:"bytes,2,opt,name=type,proto3" json:"type,omitempty"` RefreshToken string `protobuf:"bytes,2,opt,name=refresh_token,json=refreshToken,proto3" json:"refresh_token,omitempty"`
Created int64 `protobuf:"varint,3,opt,name=created,proto3" json:"created,omitempty"` Created int64 `protobuf:"varint,3,opt,name=created,proto3" json:"created,omitempty"`
Expiry int64 `protobuf:"varint,4,opt,name=expiry,proto3" json:"expiry,omitempty"` Expiry int64 `protobuf:"varint,4,opt,name=expiry,proto3" json:"expiry,omitempty"`
Subject string `protobuf:"bytes,5,opt,name=subject,proto3" json:"subject,omitempty"` Subject string `protobuf:"bytes,5,opt,name=subject,proto3" json:"subject,omitempty"`
@ -157,16 +157,16 @@ func (m *Token) XXX_DiscardUnknown() {
var xxx_messageInfo_Token proto.InternalMessageInfo var xxx_messageInfo_Token proto.InternalMessageInfo
func (m *Token) GetToken() string { func (m *Token) GetAccessToken() string {
if m != nil { if m != nil {
return m.Token return m.AccessToken
} }
return "" return ""
} }
func (m *Token) GetType() string { func (m *Token) GetRefreshToken() string {
if m != nil { if m != nil {
return m.Type return m.RefreshToken
} }
return "" return ""
} }
@ -219,8 +219,7 @@ type Account struct {
Roles []string `protobuf:"bytes,3,rep,name=roles,proto3" json:"roles,omitempty"` Roles []string `protobuf:"bytes,3,rep,name=roles,proto3" json:"roles,omitempty"`
Metadata map[string]string `protobuf:"bytes,4,rep,name=metadata,proto3" json:"metadata,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` Metadata map[string]string `protobuf:"bytes,4,rep,name=metadata,proto3" json:"metadata,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
Namespace string `protobuf:"bytes,5,opt,name=namespace,proto3" json:"namespace,omitempty"` Namespace string `protobuf:"bytes,5,opt,name=namespace,proto3" json:"namespace,omitempty"`
RefreshToken string `protobuf:"bytes,6,opt,name=refresh_token,json=refreshToken,proto3" json:"refresh_token,omitempty"` Provider string `protobuf:"bytes,6,opt,name=provider,proto3" json:"provider,omitempty"`
Provider string `protobuf:"bytes,7,opt,name=provider,proto3" json:"provider,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"` XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"` XXX_sizecache int32 `json:"-"`
@ -286,13 +285,6 @@ func (m *Account) GetNamespace() string {
return "" return ""
} }
func (m *Account) GetRefreshToken() string {
if m != nil {
return m.RefreshToken
}
return ""
}
func (m *Account) GetProvider() string { func (m *Account) GetProvider() string {
if m != nil { if m != nil {
return m.Provider return m.Provider
@ -355,92 +347,6 @@ func (m *Resource) GetEndpoint() string {
return "" return ""
} }
type LoginRequest struct {
Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
Secret string `protobuf:"bytes,2,opt,name=secret,proto3" json:"secret,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
}
func (m *LoginRequest) Reset() { *m = LoginRequest{} }
func (m *LoginRequest) String() string { return proto.CompactTextString(m) }
func (*LoginRequest) ProtoMessage() {}
func (*LoginRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{5}
}
func (m *LoginRequest) XXX_Unmarshal(b []byte) error {
return xxx_messageInfo_LoginRequest.Unmarshal(m, b)
}
func (m *LoginRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
return xxx_messageInfo_LoginRequest.Marshal(b, m, deterministic)
}
func (m *LoginRequest) XXX_Merge(src proto.Message) {
xxx_messageInfo_LoginRequest.Merge(m, src)
}
func (m *LoginRequest) XXX_Size() int {
return xxx_messageInfo_LoginRequest.Size(m)
}
func (m *LoginRequest) XXX_DiscardUnknown() {
xxx_messageInfo_LoginRequest.DiscardUnknown(m)
}
var xxx_messageInfo_LoginRequest proto.InternalMessageInfo
func (m *LoginRequest) GetId() string {
if m != nil {
return m.Id
}
return ""
}
func (m *LoginRequest) GetSecret() string {
if m != nil {
return m.Secret
}
return ""
}
type LoginResponse struct {
Account *Account `protobuf:"bytes,1,opt,name=account,proto3" json:"account,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
}
func (m *LoginResponse) Reset() { *m = LoginResponse{} }
func (m *LoginResponse) String() string { return proto.CompactTextString(m) }
func (*LoginResponse) ProtoMessage() {}
func (*LoginResponse) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{6}
}
func (m *LoginResponse) XXX_Unmarshal(b []byte) error {
return xxx_messageInfo_LoginResponse.Unmarshal(m, b)
}
func (m *LoginResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
return xxx_messageInfo_LoginResponse.Marshal(b, m, deterministic)
}
func (m *LoginResponse) XXX_Merge(src proto.Message) {
xxx_messageInfo_LoginResponse.Merge(m, src)
}
func (m *LoginResponse) XXX_Size() int {
return xxx_messageInfo_LoginResponse.Size(m)
}
func (m *LoginResponse) XXX_DiscardUnknown() {
xxx_messageInfo_LoginResponse.DiscardUnknown(m)
}
var xxx_messageInfo_LoginResponse proto.InternalMessageInfo
func (m *LoginResponse) GetAccount() *Account {
if m != nil {
return m.Account
}
return nil
}
type GenerateRequest struct { type GenerateRequest struct {
Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
Roles []string `protobuf:"bytes,2,rep,name=roles,proto3" json:"roles,omitempty"` Roles []string `protobuf:"bytes,2,rep,name=roles,proto3" json:"roles,omitempty"`
@ -458,7 +364,7 @@ func (m *GenerateRequest) Reset() { *m = GenerateRequest{} }
func (m *GenerateRequest) String() string { return proto.CompactTextString(m) } func (m *GenerateRequest) String() string { return proto.CompactTextString(m) }
func (*GenerateRequest) ProtoMessage() {} func (*GenerateRequest) ProtoMessage() {}
func (*GenerateRequest) Descriptor() ([]byte, []int) { func (*GenerateRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{7} return fileDescriptor_11312eec02fd5712, []int{5}
} }
func (m *GenerateRequest) XXX_Unmarshal(b []byte) error { func (m *GenerateRequest) XXX_Unmarshal(b []byte) error {
@ -539,7 +445,7 @@ func (m *GenerateResponse) Reset() { *m = GenerateResponse{} }
func (m *GenerateResponse) String() string { return proto.CompactTextString(m) } func (m *GenerateResponse) String() string { return proto.CompactTextString(m) }
func (*GenerateResponse) ProtoMessage() {} func (*GenerateResponse) ProtoMessage() {}
func (*GenerateResponse) Descriptor() ([]byte, []int) { func (*GenerateResponse) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{8} return fileDescriptor_11312eec02fd5712, []int{6}
} }
func (m *GenerateResponse) XXX_Unmarshal(b []byte) error { func (m *GenerateResponse) XXX_Unmarshal(b []byte) error {
@ -579,7 +485,7 @@ func (m *GrantRequest) Reset() { *m = GrantRequest{} }
func (m *GrantRequest) String() string { return proto.CompactTextString(m) } func (m *GrantRequest) String() string { return proto.CompactTextString(m) }
func (*GrantRequest) ProtoMessage() {} func (*GrantRequest) ProtoMessage() {}
func (*GrantRequest) Descriptor() ([]byte, []int) { func (*GrantRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{9} return fileDescriptor_11312eec02fd5712, []int{7}
} }
func (m *GrantRequest) XXX_Unmarshal(b []byte) error { func (m *GrantRequest) XXX_Unmarshal(b []byte) error {
@ -624,7 +530,7 @@ func (m *GrantResponse) Reset() { *m = GrantResponse{} }
func (m *GrantResponse) String() string { return proto.CompactTextString(m) } func (m *GrantResponse) String() string { return proto.CompactTextString(m) }
func (*GrantResponse) ProtoMessage() {} func (*GrantResponse) ProtoMessage() {}
func (*GrantResponse) Descriptor() ([]byte, []int) { func (*GrantResponse) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{10} return fileDescriptor_11312eec02fd5712, []int{8}
} }
func (m *GrantResponse) XXX_Unmarshal(b []byte) error { func (m *GrantResponse) XXX_Unmarshal(b []byte) error {
@ -657,7 +563,7 @@ func (m *RevokeRequest) Reset() { *m = RevokeRequest{} }
func (m *RevokeRequest) String() string { return proto.CompactTextString(m) } func (m *RevokeRequest) String() string { return proto.CompactTextString(m) }
func (*RevokeRequest) ProtoMessage() {} func (*RevokeRequest) ProtoMessage() {}
func (*RevokeRequest) Descriptor() ([]byte, []int) { func (*RevokeRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{11} return fileDescriptor_11312eec02fd5712, []int{9}
} }
func (m *RevokeRequest) XXX_Unmarshal(b []byte) error { func (m *RevokeRequest) XXX_Unmarshal(b []byte) error {
@ -702,7 +608,7 @@ func (m *RevokeResponse) Reset() { *m = RevokeResponse{} }
func (m *RevokeResponse) String() string { return proto.CompactTextString(m) } func (m *RevokeResponse) String() string { return proto.CompactTextString(m) }
func (*RevokeResponse) ProtoMessage() {} func (*RevokeResponse) ProtoMessage() {}
func (*RevokeResponse) Descriptor() ([]byte, []int) { func (*RevokeResponse) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{12} return fileDescriptor_11312eec02fd5712, []int{10}
} }
func (m *RevokeResponse) XXX_Unmarshal(b []byte) error { func (m *RevokeResponse) XXX_Unmarshal(b []byte) error {
@ -734,7 +640,7 @@ func (m *InspectRequest) Reset() { *m = InspectRequest{} }
func (m *InspectRequest) String() string { return proto.CompactTextString(m) } func (m *InspectRequest) String() string { return proto.CompactTextString(m) }
func (*InspectRequest) ProtoMessage() {} func (*InspectRequest) ProtoMessage() {}
func (*InspectRequest) Descriptor() ([]byte, []int) { func (*InspectRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{13} return fileDescriptor_11312eec02fd5712, []int{11}
} }
func (m *InspectRequest) XXX_Unmarshal(b []byte) error { func (m *InspectRequest) XXX_Unmarshal(b []byte) error {
@ -773,7 +679,7 @@ func (m *InspectResponse) Reset() { *m = InspectResponse{} }
func (m *InspectResponse) String() string { return proto.CompactTextString(m) } func (m *InspectResponse) String() string { return proto.CompactTextString(m) }
func (*InspectResponse) ProtoMessage() {} func (*InspectResponse) ProtoMessage() {}
func (*InspectResponse) Descriptor() ([]byte, []int) { func (*InspectResponse) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{14} return fileDescriptor_11312eec02fd5712, []int{12}
} }
func (m *InspectResponse) XXX_Unmarshal(b []byte) error { func (m *InspectResponse) XXX_Unmarshal(b []byte) error {
@ -803,8 +709,9 @@ func (m *InspectResponse) GetAccount() *Account {
type TokenRequest struct { type TokenRequest struct {
Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
RefreshToken string `protobuf:"bytes,2,opt,name=refresh_token,json=refreshToken,proto3" json:"refresh_token,omitempty"` Secret string `protobuf:"bytes,2,opt,name=secret,proto3" json:"secret,omitempty"`
TokenExpiry int64 `protobuf:"varint,3,opt,name=token_expiry,json=tokenExpiry,proto3" json:"token_expiry,omitempty"` RefreshToken string `protobuf:"bytes,3,opt,name=refresh_token,json=refreshToken,proto3" json:"refresh_token,omitempty"`
TokenExpiry int64 `protobuf:"varint,4,opt,name=token_expiry,json=tokenExpiry,proto3" json:"token_expiry,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"` XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"` XXX_sizecache int32 `json:"-"`
@ -814,7 +721,7 @@ func (m *TokenRequest) Reset() { *m = TokenRequest{} }
func (m *TokenRequest) String() string { return proto.CompactTextString(m) } func (m *TokenRequest) String() string { return proto.CompactTextString(m) }
func (*TokenRequest) ProtoMessage() {} func (*TokenRequest) ProtoMessage() {}
func (*TokenRequest) Descriptor() ([]byte, []int) { func (*TokenRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{15} return fileDescriptor_11312eec02fd5712, []int{13}
} }
func (m *TokenRequest) XXX_Unmarshal(b []byte) error { func (m *TokenRequest) XXX_Unmarshal(b []byte) error {
@ -842,6 +749,13 @@ func (m *TokenRequest) GetId() string {
return "" return ""
} }
func (m *TokenRequest) GetSecret() string {
if m != nil {
return m.Secret
}
return ""
}
func (m *TokenRequest) GetRefreshToken() string { func (m *TokenRequest) GetRefreshToken() string {
if m != nil { if m != nil {
return m.RefreshToken return m.RefreshToken
@ -867,7 +781,7 @@ func (m *TokenResponse) Reset() { *m = TokenResponse{} }
func (m *TokenResponse) String() string { return proto.CompactTextString(m) } func (m *TokenResponse) String() string { return proto.CompactTextString(m) }
func (*TokenResponse) ProtoMessage() {} func (*TokenResponse) ProtoMessage() {}
func (*TokenResponse) Descriptor() ([]byte, []int) { func (*TokenResponse) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{16} return fileDescriptor_11312eec02fd5712, []int{14}
} }
func (m *TokenResponse) XXX_Unmarshal(b []byte) error { func (m *TokenResponse) XXX_Unmarshal(b []byte) error {
@ -909,7 +823,7 @@ func (m *Rule) Reset() { *m = Rule{} }
func (m *Rule) String() string { return proto.CompactTextString(m) } func (m *Rule) String() string { return proto.CompactTextString(m) }
func (*Rule) ProtoMessage() {} func (*Rule) ProtoMessage() {}
func (*Rule) Descriptor() ([]byte, []int) { func (*Rule) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{17} return fileDescriptor_11312eec02fd5712, []int{15}
} }
func (m *Rule) XXX_Unmarshal(b []byte) error { func (m *Rule) XXX_Unmarshal(b []byte) error {
@ -971,7 +885,7 @@ func (m *CreateRequest) Reset() { *m = CreateRequest{} }
func (m *CreateRequest) String() string { return proto.CompactTextString(m) } func (m *CreateRequest) String() string { return proto.CompactTextString(m) }
func (*CreateRequest) ProtoMessage() {} func (*CreateRequest) ProtoMessage() {}
func (*CreateRequest) Descriptor() ([]byte, []int) { func (*CreateRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{18} return fileDescriptor_11312eec02fd5712, []int{16}
} }
func (m *CreateRequest) XXX_Unmarshal(b []byte) error { func (m *CreateRequest) XXX_Unmarshal(b []byte) error {
@ -1023,7 +937,7 @@ func (m *CreateResponse) Reset() { *m = CreateResponse{} }
func (m *CreateResponse) String() string { return proto.CompactTextString(m) } func (m *CreateResponse) String() string { return proto.CompactTextString(m) }
func (*CreateResponse) ProtoMessage() {} func (*CreateResponse) ProtoMessage() {}
func (*CreateResponse) Descriptor() ([]byte, []int) { func (*CreateResponse) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{19} return fileDescriptor_11312eec02fd5712, []int{17}
} }
func (m *CreateResponse) XXX_Unmarshal(b []byte) error { func (m *CreateResponse) XXX_Unmarshal(b []byte) error {
@ -1057,7 +971,7 @@ func (m *DeleteRequest) Reset() { *m = DeleteRequest{} }
func (m *DeleteRequest) String() string { return proto.CompactTextString(m) } func (m *DeleteRequest) String() string { return proto.CompactTextString(m) }
func (*DeleteRequest) ProtoMessage() {} func (*DeleteRequest) ProtoMessage() {}
func (*DeleteRequest) Descriptor() ([]byte, []int) { func (*DeleteRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{20} return fileDescriptor_11312eec02fd5712, []int{18}
} }
func (m *DeleteRequest) XXX_Unmarshal(b []byte) error { func (m *DeleteRequest) XXX_Unmarshal(b []byte) error {
@ -1109,7 +1023,7 @@ func (m *DeleteResponse) Reset() { *m = DeleteResponse{} }
func (m *DeleteResponse) String() string { return proto.CompactTextString(m) } func (m *DeleteResponse) String() string { return proto.CompactTextString(m) }
func (*DeleteResponse) ProtoMessage() {} func (*DeleteResponse) ProtoMessage() {}
func (*DeleteResponse) Descriptor() ([]byte, []int) { func (*DeleteResponse) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{21} return fileDescriptor_11312eec02fd5712, []int{19}
} }
func (m *DeleteResponse) XXX_Unmarshal(b []byte) error { func (m *DeleteResponse) XXX_Unmarshal(b []byte) error {
@ -1140,7 +1054,7 @@ func (m *ListRequest) Reset() { *m = ListRequest{} }
func (m *ListRequest) String() string { return proto.CompactTextString(m) } func (m *ListRequest) String() string { return proto.CompactTextString(m) }
func (*ListRequest) ProtoMessage() {} func (*ListRequest) ProtoMessage() {}
func (*ListRequest) Descriptor() ([]byte, []int) { func (*ListRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{22} return fileDescriptor_11312eec02fd5712, []int{20}
} }
func (m *ListRequest) XXX_Unmarshal(b []byte) error { func (m *ListRequest) XXX_Unmarshal(b []byte) error {
@ -1172,7 +1086,7 @@ func (m *ListResponse) Reset() { *m = ListResponse{} }
func (m *ListResponse) String() string { return proto.CompactTextString(m) } func (m *ListResponse) String() string { return proto.CompactTextString(m) }
func (*ListResponse) ProtoMessage() {} func (*ListResponse) ProtoMessage() {}
func (*ListResponse) Descriptor() ([]byte, []int) { func (*ListResponse) Descriptor() ([]byte, []int) {
return fileDescriptor_11312eec02fd5712, []int{23} return fileDescriptor_11312eec02fd5712, []int{21}
} }
func (m *ListResponse) XXX_Unmarshal(b []byte) error { func (m *ListResponse) XXX_Unmarshal(b []byte) error {
@ -1209,8 +1123,6 @@ func init() {
proto.RegisterType((*Account)(nil), "go.micro.auth.Account") proto.RegisterType((*Account)(nil), "go.micro.auth.Account")
proto.RegisterMapType((map[string]string)(nil), "go.micro.auth.Account.MetadataEntry") proto.RegisterMapType((map[string]string)(nil), "go.micro.auth.Account.MetadataEntry")
proto.RegisterType((*Resource)(nil), "go.micro.auth.Resource") proto.RegisterType((*Resource)(nil), "go.micro.auth.Resource")
proto.RegisterType((*LoginRequest)(nil), "go.micro.auth.LoginRequest")
proto.RegisterType((*LoginResponse)(nil), "go.micro.auth.LoginResponse")
proto.RegisterType((*GenerateRequest)(nil), "go.micro.auth.GenerateRequest") proto.RegisterType((*GenerateRequest)(nil), "go.micro.auth.GenerateRequest")
proto.RegisterMapType((map[string]string)(nil), "go.micro.auth.GenerateRequest.MetadataEntry") proto.RegisterMapType((map[string]string)(nil), "go.micro.auth.GenerateRequest.MetadataEntry")
proto.RegisterType((*GenerateResponse)(nil), "go.micro.auth.GenerateResponse") proto.RegisterType((*GenerateResponse)(nil), "go.micro.auth.GenerateResponse")
@ -1236,65 +1148,63 @@ func init() {
} }
var fileDescriptor_11312eec02fd5712 = []byte{ var fileDescriptor_11312eec02fd5712 = []byte{
// 947 bytes of a gzipped FileDescriptorProto // 924 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x56, 0xdd, 0x8e, 0xdb, 0x44, 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x56, 0x4b, 0x6f, 0xdb, 0x46,
0x14, 0x5e, 0xdb, 0x89, 0xe3, 0x3d, 0x89, 0xb3, 0xd1, 0x74, 0xbb, 0x58, 0xe9, 0x0f, 0x8b, 0x8b, 0x10, 0x36, 0x49, 0x89, 0xa2, 0x47, 0x0f, 0x0b, 0x1b, 0xc7, 0x25, 0x94, 0x47, 0x1d, 0xa6, 0x28,
0xd0, 0x52, 0xd1, 0x2c, 0x4a, 0x25, 0xfe, 0x2a, 0x21, 0xa2, 0x26, 0x0a, 0x2d, 0x6d, 0x10, 0x56, 0xdc, 0xa0, 0x91, 0x0b, 0xe5, 0xd0, 0x47, 0x80, 0xa2, 0x46, 0x24, 0xa8, 0x49, 0x1b, 0x15, 0x25,
0x51, 0xb9, 0x41, 0x95, 0xd7, 0x39, 0xdd, 0x35, 0x9b, 0xb5, 0xc3, 0xcc, 0x78, 0xc5, 0x3e, 0x01, 0x52, 0xa4, 0x97, 0x22, 0xa0, 0xa9, 0xa9, 0xcd, 0x5a, 0x26, 0xd9, 0xdd, 0xa5, 0x51, 0x5f, 0x7a,
0x77, 0xbc, 0x03, 0x12, 0xb7, 0xf0, 0x44, 0x3c, 0x0c, 0x9a, 0xf1, 0x8c, 0xd7, 0x71, 0x9c, 0x6a, 0xed, 0xad, 0xbf, 0xa2, 0x3f, 0xa7, 0x3f, 0xa1, 0xf7, 0xfe, 0x89, 0x1e, 0x0a, 0xee, 0x83, 0x16,
0x55, 0x16, 0x89, 0xbb, 0x39, 0x33, 0x67, 0xbe, 0x73, 0xbe, 0xf3, 0x37, 0x03, 0x9f, 0x1e, 0xc7, 0x29, 0xca, 0x10, 0x5a, 0x1f, 0x72, 0xdb, 0x79, 0xec, 0xec, 0x7c, 0xdf, 0x0c, 0x87, 0x03, 0x1f,
0xfc, 0x24, 0x3b, 0x1a, 0x44, 0xe9, 0xd9, 0xe1, 0x59, 0x1c, 0xd1, 0xf4, 0xf0, 0x38, 0x7d, 0x90, 0x9f, 0x44, 0xfc, 0x34, 0x3b, 0x1e, 0x86, 0xc9, 0xf9, 0xe1, 0x79, 0x14, 0xd2, 0xe4, 0xf0, 0x24,
0x2f, 0xc2, 0x8c, 0x9f, 0x1c, 0x32, 0xa4, 0xe7, 0x71, 0x84, 0x87, 0x4b, 0x9a, 0xf2, 0x7c, 0x6b, 0x79, 0x2c, 0x0f, 0x41, 0xc6, 0x4f, 0x0f, 0x19, 0xd2, 0x8b, 0x28, 0xc4, 0xc3, 0x94, 0x26, 0x5c,
0x20, 0x97, 0xc4, 0x3d, 0x4e, 0x07, 0x52, 0x6f, 0x20, 0x36, 0xfd, 0x9b, 0x70, 0xe3, 0x59, 0xcc, 0xaa, 0x86, 0xe2, 0x48, 0xba, 0x27, 0xc9, 0x50, 0xf8, 0x0d, 0x73, 0xa5, 0x77, 0x1b, 0x6e, 0x7d,
0xf8, 0x28, 0x8a, 0xd2, 0x2c, 0xe1, 0x2c, 0xc0, 0x9f, 0x33, 0x64, 0xdc, 0x7f, 0x0a, 0xbb, 0xab, 0x1d, 0x31, 0x7e, 0x14, 0x86, 0x49, 0x16, 0x73, 0xe6, 0xe3, 0xcf, 0x19, 0x32, 0xee, 0xbd, 0x80,
0xdb, 0x6c, 0x99, 0x26, 0x0c, 0xc9, 0x10, 0x9c, 0x50, 0xed, 0x79, 0xc6, 0xbe, 0x75, 0xd0, 0x1e, 0xdd, 0xb2, 0x9a, 0xa5, 0x49, 0xcc, 0x90, 0x8c, 0xc0, 0x09, 0x94, 0xce, 0x35, 0xf6, 0xad, 0x83,
0xee, 0x0d, 0x56, 0x00, 0x07, 0xea, 0x4a, 0x50, 0xe8, 0xf9, 0x7f, 0x99, 0xd0, 0x7c, 0x91, 0x9e, 0xf6, 0x68, 0x6f, 0x58, 0x0a, 0x38, 0x54, 0x57, 0xfc, 0xc2, 0xcf, 0xfb, 0xd3, 0x84, 0xe6, 0xab,
0x62, 0x42, 0x76, 0xa1, 0xc9, 0xc5, 0xc2, 0x33, 0xf6, 0x8d, 0x83, 0xed, 0x20, 0x17, 0x08, 0x81, 0xe4, 0x0c, 0x63, 0xf2, 0x00, 0x3a, 0x41, 0x18, 0x22, 0x63, 0x6f, 0x78, 0x2e, 0xbb, 0xc6, 0xbe,
0x06, 0xbf, 0x58, 0xa2, 0x67, 0xca, 0x4d, 0xb9, 0x26, 0x1e, 0xb4, 0x22, 0x8a, 0x21, 0xc7, 0xb9, 0x71, 0xb0, 0xed, 0xb7, 0xa5, 0x4e, 0xba, 0x3c, 0x84, 0x2e, 0xc5, 0x1f, 0x29, 0xb2, 0x53, 0xe5,
0x67, 0xed, 0x1b, 0x07, 0x56, 0xa0, 0x45, 0xb2, 0x07, 0x36, 0xfe, 0xb2, 0x8c, 0xe9, 0x85, 0xd7, 0x63, 0x0a, 0x9f, 0x8e, 0x52, 0x4a, 0x27, 0x17, 0x5a, 0x21, 0xc5, 0x80, 0xe3, 0xdc, 0xb5, 0xf6,
0x90, 0x07, 0x4a, 0x12, 0x37, 0x58, 0x76, 0xf4, 0x13, 0x46, 0xdc, 0x6b, 0x4a, 0x20, 0x2d, 0x0a, 0x8d, 0x03, 0xcb, 0xd7, 0x22, 0xd9, 0x03, 0x1b, 0x7f, 0x49, 0x23, 0x7a, 0xe9, 0x36, 0x84, 0x41,
0xab, 0x34, 0x5d, 0x20, 0xf3, 0xec, 0x7d, 0x4b, 0x58, 0x95, 0x02, 0xf9, 0x12, 0x9c, 0x33, 0xe4, 0x49, 0xf9, 0x0d, 0x96, 0x1d, 0xff, 0x84, 0x21, 0x77, 0x9b, 0x22, 0xa0, 0x16, 0xc9, 0x2e, 0x34,
0xe1, 0x3c, 0xe4, 0xa1, 0xd7, 0x92, 0x4c, 0xfc, 0x0a, 0x13, 0xe9, 0xf3, 0xe0, 0xb9, 0x52, 0x9a, 0x69, 0xb2, 0x40, 0xe6, 0xda, 0xfb, 0xd6, 0xc1, 0xb6, 0x2f, 0x05, 0xf2, 0x39, 0x38, 0xe7, 0xc8,
0x24, 0x9c, 0x5e, 0x04, 0xc5, 0x1d, 0x72, 0x1b, 0xb6, 0x93, 0xf0, 0x0c, 0xd9, 0x32, 0x8c, 0xd0, 0x83, 0x79, 0xc0, 0x03, 0xb7, 0x25, 0x70, 0x7a, 0x15, 0x9c, 0x22, 0x93, 0xe1, 0x4b, 0xe5, 0x34,
0x73, 0xa4, 0xc5, 0xcb, 0x8d, 0xfe, 0x23, 0x70, 0x57, 0x2e, 0x92, 0x1e, 0x58, 0xa7, 0x78, 0xa1, 0x89, 0x39, 0xbd, 0xf4, 0x8b, 0x3b, 0xe4, 0x2e, 0x6c, 0xc7, 0xc1, 0x39, 0xb2, 0x34, 0x08, 0xd1,
0x88, 0x8b, 0xa5, 0x70, 0xeb, 0x3c, 0x5c, 0x64, 0x9a, 0x77, 0x2e, 0x7c, 0x61, 0x7e, 0x66, 0xf8, 0x75, 0xc4, 0x8b, 0x57, 0x8a, 0xc1, 0x53, 0xe8, 0x96, 0x2e, 0x92, 0x3e, 0x58, 0x67, 0x78, 0xa9,
0xbf, 0x9b, 0xd0, 0x52, 0x61, 0x24, 0x5d, 0x30, 0xe3, 0xb9, 0xba, 0x66, 0xc6, 0xf3, 0xda, 0x60, 0xf8, 0xc8, 0x8f, 0x79, 0x5a, 0x17, 0xc1, 0x22, 0x43, 0x85, 0x5f, 0x0a, 0x9f, 0x99, 0x9f, 0x18,
0x15, 0x04, 0xad, 0x32, 0xc1, 0xaf, 0x4a, 0x04, 0x1b, 0x92, 0xe0, 0xfb, 0xf5, 0xa9, 0xba, 0x1a, 0xde, 0x3f, 0x06, 0xb4, 0x14, 0xc9, 0xa4, 0x07, 0x66, 0x34, 0x57, 0xd7, 0xcc, 0x68, 0x4e, 0x08,
0xc5, 0x66, 0x85, 0x22, 0xb9, 0x07, 0x2e, 0xc5, 0xd7, 0x14, 0xd9, 0xc9, 0xab, 0x3c, 0xa9, 0xb6, 0x34, 0xf8, 0x65, 0xaa, 0x2f, 0x89, 0xf3, 0x15, 0x40, 0x6b, 0x19, 0xe0, 0x17, 0x4b, 0x00, 0x1b,
0xd4, 0xe8, 0xa8, 0xcd, 0x3c, 0xe3, 0x7d, 0x70, 0x96, 0x34, 0x3d, 0x8f, 0xe7, 0x48, 0xbd, 0x96, 0x02, 0xe0, 0x7b, 0xf5, 0x85, 0xdc, 0x0c, 0x62, 0xb3, 0x02, 0x91, 0x0c, 0xc0, 0x49, 0x69, 0x72,
0x3c, 0x2f, 0xe4, 0x7f, 0x17, 0xa3, 0x19, 0x38, 0x01, 0xb2, 0x34, 0xa3, 0x11, 0x8a, 0x98, 0x08, 0x11, 0xcd, 0x91, 0xba, 0xb6, 0x30, 0x16, 0xf2, 0xff, 0x83, 0x3f, 0x03, 0xc7, 0x47, 0x96, 0x64,
0xb7, 0xd4, 0x45, 0xb9, 0xae, 0x8d, 0x53, 0x1f, 0x1c, 0x4c, 0xe6, 0xcb, 0x34, 0x4e, 0xb8, 0xac, 0x34, 0xc4, 0x1c, 0x6e, 0xfe, 0xa2, 0xba, 0x28, 0xce, 0xb5, 0x14, 0x0c, 0xc0, 0xc1, 0x78, 0x9e,
0xaa, 0xed, 0xa0, 0x90, 0xfd, 0x4f, 0xa0, 0xf3, 0x2c, 0x3d, 0x8e, 0x13, 0xd5, 0x00, 0x6b, 0x71, 0x26, 0x51, 0xcc, 0x45, 0xc3, 0x6c, 0xfb, 0x85, 0xec, 0xfd, 0x61, 0xc2, 0xce, 0x14, 0x63, 0xa4,
0xdf, 0x03, 0x9b, 0x61, 0x44, 0x91, 0x2b, 0x44, 0x25, 0xf9, 0x23, 0x70, 0xd5, 0x3d, 0xd5, 0x21, 0x01, 0x47, 0xd5, 0xfd, 0x2b, 0xb4, 0x16, 0x14, 0x9a, 0xcb, 0x14, 0x7e, 0xb9, 0x44, 0xa1, 0x25,
0x1f, 0x43, 0x4b, 0x55, 0xbe, 0xbc, 0xbd, 0xb9, 0x41, 0xb4, 0x9a, 0xff, 0x87, 0x09, 0x3b, 0x53, 0x28, 0xfc, 0xb0, 0x42, 0x61, 0x25, 0xee, 0x66, 0x54, 0x36, 0xaa, 0x54, 0xee, 0x81, 0xcd, 0x30,
0x4c, 0x90, 0x86, 0x1c, 0x37, 0x99, 0x2f, 0x52, 0x6c, 0x96, 0x53, 0xfc, 0x75, 0x29, 0xc5, 0x96, 0xa4, 0xa8, 0x5b, 0x57, 0x49, 0x05, 0x52, 0xbb, 0x8c, 0xb4, 0xa0, 0xbd, 0x75, 0x93, 0xb4, 0x8f,
0x4c, 0xf1, 0x47, 0x15, 0x63, 0x15, 0xdc, 0xab, 0xa5, 0xba, 0x51, 0x4d, 0xf5, 0x25, 0xf9, 0x66, 0xa1, 0x7f, 0x85, 0x46, 0x0d, 0x83, 0x8f, 0xa0, 0xa5, 0x3e, 0x72, 0x11, 0x63, 0xfd, 0x2c, 0xd0,
0x99, 0x7c, 0x11, 0x64, 0x7b, 0x35, 0xc8, 0xff, 0x4d, 0xc6, 0xc7, 0xd0, 0xbb, 0x64, 0xf3, 0xd6, 0x6e, 0xde, 0x6b, 0xe8, 0x4c, 0x69, 0x10, 0x73, 0x4d, 0x34, 0x81, 0x46, 0xce, 0xa5, 0x2e, 0x60,
0xc1, 0x7e, 0x09, 0x9d, 0x29, 0x0d, 0x13, 0xae, 0x03, 0x4d, 0xa0, 0x21, 0x62, 0xa9, 0x6b, 0x47, 0x7e, 0x26, 0x4f, 0xc0, 0xa1, 0xaa, 0xc0, 0x22, 0x8d, 0xf6, 0xe8, 0x9d, 0x4a, 0x58, 0x5d, 0x7f,
0xac, 0xc9, 0x43, 0x70, 0xa8, 0xaa, 0x2d, 0xe9, 0x46, 0x7b, 0xf8, 0x4e, 0x05, 0x56, 0x97, 0x5e, 0xbf, 0x70, 0xf4, 0x76, 0xa0, 0xab, 0x02, 0xcb, 0xdc, 0xbc, 0xef, 0xa1, 0xeb, 0xe3, 0x45, 0x72,
0x50, 0x28, 0xfa, 0x3b, 0xe0, 0x2a, 0xe0, 0xdc, 0x37, 0xff, 0x07, 0x70, 0x03, 0x3c, 0x4f, 0x4f, 0x86, 0x37, 0xfe, 0x54, 0x1f, 0x7a, 0x3a, 0xb2, 0x7a, 0xeb, 0x7d, 0xe8, 0x3d, 0x8f, 0x59, 0x8a,
0xf1, 0xda, 0x4d, 0xf5, 0xa0, 0xab, 0x91, 0x95, 0xad, 0x0f, 0xa0, 0xfb, 0x24, 0x61, 0x4b, 0x8c, 0x61, 0x81, 0x6b, 0x17, 0x9a, 0xcb, 0x13, 0x4e, 0x0a, 0xde, 0x33, 0xd8, 0x29, 0xfc, 0xfe, 0x33,
0x0a, 0x5e, 0xb5, 0xa3, 0xd6, 0x7f, 0x0c, 0x3b, 0x85, 0xde, 0x5b, 0x87, 0xf0, 0x35, 0x74, 0x64, 0x85, 0xbf, 0x42, 0x47, 0x8c, 0x9e, 0x75, 0xbd, 0x7a, 0xd5, 0x2d, 0x66, 0xa9, 0x5b, 0x56, 0x06,
0x73, 0x6f, 0xaa, 0xd5, 0xb5, 0xc1, 0x60, 0xd6, 0x0c, 0x86, 0xf7, 0xa0, 0x23, 0x0f, 0x5f, 0xa9, 0xab, 0x55, 0x33, 0x58, 0x1f, 0x40, 0x47, 0x18, 0xdf, 0x94, 0x86, 0x68, 0x5b, 0xe8, 0x26, 0x42,
0x61, 0x9e, 0x4f, 0xf9, 0xb6, 0xdc, 0x9b, 0xc8, 0x2d, 0xff, 0x11, 0xb8, 0xca, 0x8e, 0x72, 0xf5, 0xe5, 0x3d, 0x85, 0xae, 0x7a, 0x5f, 0x41, 0x78, 0xb4, 0x8c, 0xb5, 0x3d, 0xda, 0xad, 0x9b, 0x93,
0x7e, 0x99, 0x53, 0x7b, 0xb8, 0x5b, 0x37, 0xaf, 0x35, 0xd3, 0xdf, 0x0c, 0x68, 0x04, 0xd9, 0x02, 0x9a, 0x81, 0xdf, 0x0d, 0x68, 0xf8, 0xd9, 0x02, 0xeb, 0x06, 0x97, 0xa8, 0x8e, 0xb9, 0xa6, 0x3a,
0xeb, 0x06, 0xa8, 0xcc, 0x82, 0xb9, 0x21, 0x0b, 0xd6, 0x15, 0xb3, 0x40, 0x1e, 0x80, 0x1d, 0x46, 0xd6, 0x86, 0xd5, 0x21, 0x8f, 0xc1, 0x96, 0xbf, 0x13, 0x91, 0x7b, 0x6f, 0x74, 0x7b, 0x95, 0x4f,
0x11, 0x32, 0x26, 0xfb, 0xa5, 0x3b, 0xbc, 0xb9, 0x1e, 0x37, 0x64, 0x2c, 0x50, 0x4a, 0xfe, 0xaf, 0x64, 0xcc, 0x57, 0x4e, 0xde, 0x6f, 0x06, 0x74, 0x9f, 0x89, 0x7f, 0xc7, 0x4d, 0xf7, 0xc9, 0x52,
0x06, 0xb8, 0x8f, 0xe5, 0x1b, 0x76, 0xdd, 0xf5, 0x50, 0xf2, 0xc4, 0xba, 0x8a, 0x27, 0x3d, 0xe8, 0x26, 0xd6, 0x26, 0x99, 0xf4, 0xa1, 0xa7, 0x13, 0x51, 0x6d, 0x95, 0xe7, 0x36, 0xc6, 0x05, 0xbe,
0x6a, 0x47, 0x54, 0xf9, 0x08, 0xdf, 0xc6, 0xb8, 0xc0, 0xff, 0x85, 0x6f, 0xda, 0x11, 0xe5, 0x9b, 0x15, 0xb9, 0xe9, 0x44, 0x54, 0x6e, 0x5d, 0x68, 0xe7, 0xfb, 0x81, 0x5e, 0x17, 0x3e, 0x85, 0x8e,
0x0b, 0x6d, 0xf1, 0x13, 0xd1, 0x1f, 0x93, 0xcf, 0xa1, 0x93, 0x8b, 0xaa, 0x26, 0x3e, 0x84, 0x26, 0x14, 0x55, 0x4f, 0x7c, 0x00, 0x4d, 0x9a, 0xe5, 0x03, 0x53, 0xee, 0x08, 0xb7, 0xaa, 0x19, 0x65,
0xcd, 0xc4, 0x60, 0xcc, 0x7f, 0x23, 0x37, 0xaa, 0x1e, 0x65, 0x0b, 0x0c, 0x72, 0x8d, 0xfb, 0x03, 0x0b, 0xf4, 0xa5, 0xc7, 0xa3, 0x21, 0xd8, 0xf2, 0x35, 0xd2, 0x86, 0xd6, 0x77, 0xb3, 0xaf, 0x66,
0xb0, 0x73, 0x6b, 0xa4, 0x0d, 0xad, 0xef, 0x67, 0xdf, 0xcc, 0xbe, 0x7d, 0x39, 0xeb, 0x6d, 0x09, 0xdf, 0xbc, 0x9e, 0xf5, 0xb7, 0x72, 0x61, 0xea, 0x1f, 0xcd, 0x5e, 0x4d, 0xc6, 0x7d, 0x83, 0x00,
0x61, 0x1a, 0x8c, 0x66, 0x2f, 0x26, 0xe3, 0x9e, 0x41, 0x00, 0xec, 0xf1, 0x64, 0xf6, 0x64, 0x32, 0xd8, 0xe3, 0xc9, 0xec, 0xf9, 0x64, 0xdc, 0x37, 0x47, 0x7f, 0x1b, 0xd0, 0x38, 0xca, 0xf8, 0x29,
0xee, 0x99, 0xc3, 0x3f, 0x4d, 0x68, 0x8c, 0x32, 0x7e, 0x42, 0x9e, 0x83, 0xa3, 0x27, 0x0f, 0xb9, 0x79, 0x09, 0x8e, 0x9e, 0x48, 0xe4, 0xfe, 0xf5, 0x83, 0x77, 0xf0, 0xee, 0x5a, 0xbb, 0xc2, 0xb3,
0xfb, 0xe6, 0x01, 0xdb, 0x7f, 0x77, 0xe3, 0xb9, 0xe2, 0xb3, 0x45, 0x9e, 0x42, 0x4b, 0x35, 0x21, 0x45, 0x5e, 0x40, 0x4b, 0x7d, 0x9c, 0xe4, 0x5e, 0xc5, 0xbb, 0xfc, 0x71, 0x0f, 0xee, 0xaf, 0x33,
0xb9, 0x53, 0xd1, 0x5e, 0x6d, 0xe2, 0xfe, 0xdd, 0x4d, 0xc7, 0x05, 0xd6, 0x58, 0x7f, 0xad, 0x6e, 0x17, 0xb1, 0xc6, 0x7a, 0xe1, 0xb9, 0x53, 0xfb, 0x31, 0xa8, 0x38, 0x77, 0xeb, 0x8d, 0x3a, 0xca,
0xd5, 0x36, 0x83, 0xc2, 0xb9, 0x5d, 0x7f, 0x58, 0x46, 0x91, 0x8f, 0xd8, 0x1a, 0x4a, 0xf9, 0x49, 0xe8, 0x07, 0x70, 0xf4, 0xfe, 0x45, 0xbe, 0x85, 0x46, 0x4e, 0x30, 0xa9, 0x6e, 0x21, 0x35, 0xbb,
0x5c, 0x43, 0x59, 0x79, 0xf7, 0xfc, 0xad, 0xe1, 0x8f, 0xe0, 0xe8, 0xff, 0x22, 0xf9, 0x0e, 0x1a, 0xdb, 0xe0, 0xe1, 0xb5, 0x3e, 0x45, 0xf8, 0xbf, 0x0c, 0x68, 0xe6, 0x85, 0x60, 0x64, 0x0a, 0xb6,
0x22, 0x4d, 0xa4, 0xfa, 0xa7, 0xaa, 0xf9, 0x6b, 0xf6, 0xef, 0xbd, 0x51, 0xa7, 0x80, 0xff, 0xdb, 0x6c, 0x3d, 0x52, 0x4d, 0xa9, 0xf4, 0x69, 0x0c, 0xee, 0xad, 0xb1, 0x16, 0xb8, 0xa7, 0x60, 0xcb,
0x80, 0xa6, 0x48, 0x27, 0x23, 0x53, 0xb0, 0xf3, 0x02, 0x26, 0x55, 0x97, 0x56, 0x1a, 0xac, 0x7f, 0x3e, 0x59, 0x09, 0x54, 0xea, 0xe3, 0x95, 0x40, 0x95, 0xe6, 0xda, 0x22, 0x47, 0x0a, 0xee, 0xa0,
0x67, 0xc3, 0x69, 0xc1, 0x7b, 0x0a, 0x76, 0x5e, 0x6d, 0x6b, 0x40, 0x2b, 0xdd, 0xb0, 0x06, 0x54, 0x06, 0x8a, 0x0e, 0x72, 0xa7, 0xd6, 0xa6, 0x43, 0x1c, 0xdb, 0x62, 0xdd, 0x7d, 0xf2, 0x6f, 0x00,
0x29, 0xd1, 0x2d, 0x32, 0x52, 0x74, 0xfb, 0x35, 0x54, 0x34, 0xc8, 0xad, 0xda, 0x33, 0x0d, 0x71, 0x00, 0x00, 0xff, 0xff, 0xd8, 0x6c, 0xbf, 0xd6, 0x29, 0x0b, 0x00, 0x00,
0x64, 0xcb, 0xef, 0xf9, 0xc3, 0x7f, 0x02, 0x00, 0x00, 0xff, 0xff, 0x8f, 0xd3, 0xdd, 0x57, 0xd9,
0x0b, 0x00, 0x00,
} }

View File

@ -37,7 +37,6 @@ type AuthService interface {
Generate(ctx context.Context, in *GenerateRequest, opts ...client.CallOption) (*GenerateResponse, error) Generate(ctx context.Context, in *GenerateRequest, opts ...client.CallOption) (*GenerateResponse, error)
Inspect(ctx context.Context, in *InspectRequest, opts ...client.CallOption) (*InspectResponse, error) Inspect(ctx context.Context, in *InspectRequest, opts ...client.CallOption) (*InspectResponse, error)
Token(ctx context.Context, in *TokenRequest, opts ...client.CallOption) (*TokenResponse, error) Token(ctx context.Context, in *TokenRequest, opts ...client.CallOption) (*TokenResponse, error)
Login(ctx context.Context, in *LoginRequest, opts ...client.CallOption) (*LoginResponse, error)
} }
type authService struct { type authService struct {
@ -82,23 +81,12 @@ func (c *authService) Token(ctx context.Context, in *TokenRequest, opts ...clien
return out, nil return out, nil
} }
func (c *authService) Login(ctx context.Context, in *LoginRequest, opts ...client.CallOption) (*LoginResponse, error) {
req := c.c.NewRequest(c.name, "Auth.Login", in)
out := new(LoginResponse)
err := c.c.Call(ctx, req, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
// Server API for Auth service // Server API for Auth service
type AuthHandler interface { type AuthHandler interface {
Generate(context.Context, *GenerateRequest, *GenerateResponse) error Generate(context.Context, *GenerateRequest, *GenerateResponse) error
Inspect(context.Context, *InspectRequest, *InspectResponse) error Inspect(context.Context, *InspectRequest, *InspectResponse) error
Token(context.Context, *TokenRequest, *TokenResponse) error Token(context.Context, *TokenRequest, *TokenResponse) error
Login(context.Context, *LoginRequest, *LoginResponse) error
} }
func RegisterAuthHandler(s server.Server, hdlr AuthHandler, opts ...server.HandlerOption) error { func RegisterAuthHandler(s server.Server, hdlr AuthHandler, opts ...server.HandlerOption) error {
@ -106,7 +94,6 @@ func RegisterAuthHandler(s server.Server, hdlr AuthHandler, opts ...server.Handl
Generate(ctx context.Context, in *GenerateRequest, out *GenerateResponse) error Generate(ctx context.Context, in *GenerateRequest, out *GenerateResponse) error
Inspect(ctx context.Context, in *InspectRequest, out *InspectResponse) error Inspect(ctx context.Context, in *InspectRequest, out *InspectResponse) error
Token(ctx context.Context, in *TokenRequest, out *TokenResponse) error Token(ctx context.Context, in *TokenRequest, out *TokenResponse) error
Login(ctx context.Context, in *LoginRequest, out *LoginResponse) error
} }
type Auth struct { type Auth struct {
auth auth
@ -131,10 +118,6 @@ func (h *authHandler) Token(ctx context.Context, in *TokenRequest, out *TokenRes
return h.AuthHandler.Token(ctx, in, out) return h.AuthHandler.Token(ctx, in, out)
} }
func (h *authHandler) Login(ctx context.Context, in *LoginRequest, out *LoginResponse) error {
return h.AuthHandler.Login(ctx, in, out)
}
// Client API for Accounts service // Client API for Accounts service
type AccountsService interface { type AccountsService interface {

View File

@ -6,7 +6,6 @@ service Auth {
rpc Generate(GenerateRequest) returns (GenerateResponse) {}; rpc Generate(GenerateRequest) returns (GenerateResponse) {};
rpc Inspect(InspectRequest) returns (InspectResponse) {}; rpc Inspect(InspectRequest) returns (InspectResponse) {};
rpc Token(TokenRequest) returns (TokenResponse) {}; rpc Token(TokenRequest) returns (TokenResponse) {};
rpc Login(LoginRequest) returns (LoginResponse) {};
} }
service Accounts { service Accounts {
@ -27,8 +26,8 @@ message ListAccountsResponse {
} }
message Token { message Token {
string token = 1; string access_token = 1;
string type = 2; string refresh_token = 2;
int64 created = 3; int64 created = 3;
int64 expiry = 4; int64 expiry = 4;
string subject = 5; string subject = 5;
@ -43,8 +42,7 @@ message Account {
repeated string roles = 3; repeated string roles = 3;
map<string, string> metadata = 4; map<string, string> metadata = 4;
string namespace = 5; string namespace = 5;
string refresh_token = 6; string provider = 6;
string provider = 7;
} }
message Resource{ message Resource{
@ -53,15 +51,6 @@ message Resource{
string endpoint = 3; string endpoint = 3;
} }
message LoginRequest {
string id = 1;
string secret = 2;
}
message LoginResponse {
Account account = 1;
}
message GenerateRequest { message GenerateRequest {
string id = 1; string id = 1;
repeated string roles = 2; repeated string roles = 2;
@ -100,8 +89,9 @@ message InspectResponse {
message TokenRequest { message TokenRequest {
string id = 1; string id = 1;
string refresh_token = 2; string secret = 2;
int64 token_expiry = 3; string refresh_token = 3;
int64 token_expiry = 4;
} }
message TokenResponse { message TokenResponse {

View File

@ -73,11 +73,11 @@ func (s *svc) Init(opts ...auth.Option) {
// we have client credentials and must load a new token // we have client credentials and must load a new token
// periodically // periodically
if len(s.options.ID) > 0 || len(s.options.RefreshToken) > 0 { if len(s.options.ID) > 0 || len(s.options.Secret) > 0 {
tokenTimer := time.NewTicker(time.Minute) tokenTimer := time.NewTicker(time.Minute)
go func() { go func() {
s.loadToken() s.refreshToken()
for { for {
<-tokenTimer.C <-tokenTimer.C
@ -94,7 +94,7 @@ func (s *svc) Init(opts ...auth.Option) {
// all the services calling the auth service // all the services calling the auth service
// at the exact same time // at the exact same time
time.Sleep(jitter.Do(time.Second * 5)) time.Sleep(jitter.Do(time.Second * 5))
s.loadToken() s.refreshToken()
} }
}() }()
} }
@ -107,14 +107,14 @@ func (s *svc) Options() auth.Options {
} }
// Generate a new account // Generate a new account
func (s *svc) Generate(id string, opts ...auth.GenerateOption) (*auth.Account, error) { func (s *svc) Generate(id, secret string, opts ...auth.GenerateOption) (*auth.Account, error) {
options := auth.NewGenerateOptions(opts...) options := auth.NewGenerateOptions(opts...)
rsp, err := s.auth.Generate(context.TODO(), &pb.GenerateRequest{ rsp, err := s.auth.Generate(context.TODO(), &pb.GenerateRequest{
Id: id, Id: id,
Secret: secret,
Type: options.Type, Type: options.Type,
Roles: options.Roles, Roles: options.Roles,
Secret: options.Secret,
Metadata: options.Metadata, Metadata: options.Metadata,
Provider: options.Provider, Provider: options.Provider,
Namespace: options.Namespace, Namespace: options.Namespace,
@ -126,16 +126,6 @@ func (s *svc) Generate(id string, opts ...auth.GenerateOption) (*auth.Account, e
return serializeAccount(rsp.Account), nil return serializeAccount(rsp.Account), nil
} }
// Login to an account
func (s *svc) Login(id string, opts ...auth.LoginOption) (*auth.Account, error) {
options := auth.NewLoginOptions(opts...)
rsp, err := s.auth.Login(context.TODO(), &pb.LoginRequest{Id: id, Secret: options.Secret})
if err != nil {
return nil, err
}
return serializeAccount(rsp.Account), nil
}
// Grant access to a resource // Grant access to a resource
func (s *svc) Grant(role string, res *auth.Resource) error { func (s *svc) Grant(role string, res *auth.Resource) error {
_, err := s.rule.Create(context.TODO(), &pb.CreateRequest{ _, err := s.rule.Create(context.TODO(), &pb.CreateRequest{
@ -204,23 +194,14 @@ func (s *svc) Verify(acc *auth.Account, res *auth.Resource) error {
// Inspect a token // Inspect a token
func (s *svc) Inspect(token string) (*auth.Account, error) { func (s *svc) Inspect(token string) (*auth.Account, error) {
// try to decode JWT locally and fall back to srv if an error // try to decode JWT locally and fall back to srv if an error occurs
// occurs, TODO: find a better way of determining if the token
// is a JWT, possibly update the interface to take an auth.Token
// and not just the string
if len(strings.Split(token, ".")) == 3 && s.jwt != nil { if len(strings.Split(token, ".")) == 3 && s.jwt != nil {
if tok, err := s.jwt.Inspect(token); err == nil { if acc, err := s.jwt.Inspect(token); err == nil {
return &auth.Account{ return acc, nil
ID: tok.Subject,
Roles: tok.Roles,
Metadata: tok.Metadata,
}, nil
} }
} }
rsp, err := s.auth.Inspect(context.TODO(), &pb.InspectRequest{ rsp, err := s.auth.Inspect(context.TODO(), &pb.InspectRequest{Token: token})
Token: token,
})
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -229,13 +210,14 @@ func (s *svc) Inspect(token string) (*auth.Account, error) {
} }
// Token generation using an account ID and secret // Token generation using an account ID and secret
func (s *svc) Token(id, refresh string, opts ...auth.TokenOption) (*auth.Token, error) { func (s *svc) Token(opts ...auth.TokenOption) (*auth.Token, error) {
options := auth.NewTokenOptions(opts...) options := auth.NewTokenOptions(opts...)
rsp, err := s.auth.Token(context.Background(), &pb.TokenRequest{ rsp, err := s.auth.Token(context.Background(), &pb.TokenRequest{
Id: id, Id: options.ID,
RefreshToken: refresh, Secret: options.Secret,
TokenExpiry: int64(options.TokenExpiry.Seconds()), RefreshToken: options.RefreshToken,
TokenExpiry: int64(options.Expiry.Seconds()),
}) })
if err != nil { if err != nil {
return nil, err return nil, err
@ -299,13 +281,22 @@ func (s *svc) loadRules() {
s.rules = rsp.Rules s.rules = rsp.Rules
} }
// loadToken generates a new token for the service to use when making calls // refreshToken generates a new token for the service to use when making calls
func (s *svc) loadToken() { func (s *svc) refreshToken() {
rsp, err := s.auth.Token(context.TODO(), &pb.TokenRequest{ req := &pb.TokenRequest{
Id: s.Options().ID, TokenExpiry: int64((time.Minute * 15).Seconds()),
RefreshToken: s.Options().RefreshToken, }
TokenExpiry: int64((time.Minute * 15).Seconds()),
}) if s.Options().Token == nil {
// we do not have a token, use the credentials to get one
req.Id = s.Options().ID
req.Secret = s.Options().Secret
} else {
// we have a token, refresh it
req.RefreshToken = s.Options().Token.RefreshToken
}
rsp, err := s.auth.Token(context.TODO(), req)
s.Lock() s.Lock()
defer s.Unlock() defer s.Unlock()
@ -319,23 +310,19 @@ func (s *svc) loadToken() {
func serializeToken(t *pb.Token) *auth.Token { func serializeToken(t *pb.Token) *auth.Token {
return &auth.Token{ return &auth.Token{
Token: t.Token, AccessToken: t.AccessToken,
Type: t.Type, RefreshToken: t.RefreshToken,
Created: time.Unix(t.Created, 0), Created: time.Unix(t.Created, 0),
Expiry: time.Unix(t.Expiry, 0), Expiry: time.Unix(t.Expiry, 0),
Subject: t.Subject,
Roles: t.Roles,
Metadata: t.Metadata,
} }
} }
func serializeAccount(a *pb.Account) *auth.Account { func serializeAccount(a *pb.Account) *auth.Account {
return &auth.Account{ return &auth.Account{
ID: a.Id, ID: a.Id,
Roles: a.Roles, Roles: a.Roles,
Metadata: a.Metadata, Metadata: a.Metadata,
Provider: a.Provider, Provider: a.Provider,
Namespace: a.Namespace, Namespace: a.Namespace,
RefreshToken: a.RefreshToken,
} }
} }

View File

@ -35,30 +35,19 @@ func NewTokenProvider(opts ...token.Option) token.Provider {
} }
// Generate a token for an account // Generate a token for an account
func (b *Basic) Generate(subject string, opts ...token.GenerateOption) (*auth.Token, error) { func (b *Basic) Generate(acc *auth.Account, opts ...token.GenerateOption) (*token.Token, error) {
options := token.NewGenerateOptions(opts...) options := token.NewGenerateOptions(opts...)
// construct the token
token := auth.Token{
Subject: subject,
Type: b.String(),
Token: uuid.New().String(),
Created: time.Now(),
Expiry: time.Now().Add(options.Expiry),
Metadata: options.Metadata,
Roles: options.Roles,
Namespace: options.Namespace,
}
// marshal the account to bytes // marshal the account to bytes
bytes, err := json.Marshal(token) bytes, err := json.Marshal(acc)
if err != nil { if err != nil {
return nil, err return nil, err
} }
// write to the store // write to the store
key := uuid.New().String()
err = b.store.Write(&store.Record{ err = b.store.Write(&store.Record{
Key: fmt.Sprintf("%v%v", StorePrefix, token.Token), Key: fmt.Sprintf("%v%v", StorePrefix, key),
Value: bytes, Value: bytes,
Expiry: options.Expiry, Expiry: options.Expiry,
}) })
@ -67,11 +56,15 @@ func (b *Basic) Generate(subject string, opts ...token.GenerateOption) (*auth.To
} }
// return the token // return the token
return &token, nil return &token.Token{
Token: key,
Created: time.Now(),
Expiry: time.Now().Add(options.Expiry),
}, nil
} }
// Inspect a token // Inspect a token
func (b *Basic) Inspect(t string) (*auth.Token, error) { func (b *Basic) Inspect(t string) (*auth.Account, error) {
// lookup the token in the store // lookup the token in the store
recs, err := b.store.Read(StorePrefix + t) recs, err := b.store.Read(StorePrefix + t)
if err == store.ErrNotFound { if err == store.ErrNotFound {
@ -82,18 +75,12 @@ func (b *Basic) Inspect(t string) (*auth.Token, error) {
bytes := recs[0].Value bytes := recs[0].Value
// unmarshal the bytes // unmarshal the bytes
var tok *auth.Token var acc *auth.Account
if err := json.Unmarshal(bytes, &tok); err != nil { if err := json.Unmarshal(bytes, &acc); err != nil {
return nil, err return nil, err
} }
// ensure the token hasn't expired, the store should return acc, nil
// expire the token but we're checking again
if tok.Expiry.Unix() < time.Now().Unix() {
return nil, token.ErrInvalidToken
}
return tok, err
} }
// String returns basic // String returns basic

View File

@ -11,7 +11,9 @@ import (
// authClaims to be encoded in the JWT // authClaims to be encoded in the JWT
type authClaims struct { type authClaims struct {
Type string `json:"type"`
Roles []string `json:"roles"` Roles []string `json:"roles"`
Provider string `json:"provider"`
Metadata map[string]string `json:"metadata"` Metadata map[string]string `json:"metadata"`
Namespace string `json:"namespace"` Namespace string `json:"namespace"`
@ -31,7 +33,7 @@ func NewTokenProvider(opts ...token.Option) token.Provider {
} }
// Generate a new JWT // Generate a new JWT
func (j *JWT) Generate(subject string, opts ...token.GenerateOption) (*auth.Token, error) { func (j *JWT) Generate(acc *auth.Account, opts ...token.GenerateOption) (*token.Token, error) {
// decode the private key // decode the private key
priv, err := base64.StdEncoding.DecodeString(j.opts.PrivateKey) priv, err := base64.StdEncoding.DecodeString(j.opts.PrivateKey)
if err != nil { if err != nil {
@ -50,8 +52,8 @@ func (j *JWT) Generate(subject string, opts ...token.GenerateOption) (*auth.Toke
// generate the JWT // generate the JWT
expiry := time.Now().Add(options.Expiry) expiry := time.Now().Add(options.Expiry)
t := jwt.NewWithClaims(jwt.SigningMethodRS256, authClaims{ t := jwt.NewWithClaims(jwt.SigningMethodRS256, authClaims{
options.Roles, options.Metadata, options.Namespace, jwt.StandardClaims{ acc.Type, acc.Roles, acc.Provider, acc.Metadata, acc.Namespace, jwt.StandardClaims{
Subject: subject, Subject: acc.ID,
ExpiresAt: expiry.Unix(), ExpiresAt: expiry.Unix(),
}, },
}) })
@ -61,20 +63,15 @@ func (j *JWT) Generate(subject string, opts ...token.GenerateOption) (*auth.Toke
} }
// return the token // return the token
return &auth.Token{ return &token.Token{
Subject: subject, Token: tok,
Token: tok, Expiry: expiry,
Type: j.String(), Created: time.Now(),
Created: time.Now(),
Expiry: expiry,
Roles: options.Roles,
Metadata: options.Metadata,
Namespace: options.Namespace,
}, nil }, nil
} }
// Inspect a JWT // Inspect a JWT
func (j *JWT) Inspect(t string) (*auth.Token, error) { func (j *JWT) Inspect(t string) (*auth.Account, error) {
// decode the public key // decode the public key
pub, err := base64.StdEncoding.DecodeString(j.opts.PublicKey) pub, err := base64.StdEncoding.DecodeString(j.opts.PublicKey)
if err != nil { if err != nil {
@ -99,11 +96,12 @@ func (j *JWT) Inspect(t string) (*auth.Token, error) {
} }
// return the token // return the token
return &auth.Token{ return &auth.Account{
Token: t, ID: claims.Subject,
Subject: claims.Subject, Type: claims.Type,
Metadata: claims.Metadata,
Roles: claims.Roles, Roles: claims.Roles,
Provider: claims.Provider,
Metadata: claims.Metadata,
Namespace: claims.Namespace, Namespace: claims.Namespace,
}, nil }, nil
} }

View File

@ -53,12 +53,6 @@ func NewOptions(opts ...Option) Options {
type GenerateOptions struct { type GenerateOptions struct {
// Expiry for the token // Expiry for the token
Expiry time.Duration Expiry time.Duration
// Metadata associated with the account
Metadata map[string]string
// Roles/scopes associated with the account
Roles []string
// Namespace the account belongs too
Namespace string
} }
type GenerateOption func(o *GenerateOptions) type GenerateOption func(o *GenerateOptions)
@ -70,27 +64,6 @@ func WithExpiry(d time.Duration) GenerateOption {
} }
} }
// WithMetadata for the token
func WithMetadata(md map[string]string) func(o *GenerateOptions) {
return func(o *GenerateOptions) {
o.Metadata = md
}
}
// WithRoles for the token
func WithRoles(rs ...string) func(o *GenerateOptions) {
return func(o *GenerateOptions) {
o.Roles = rs
}
}
// WithNamespace for the token
func WithNamespace(n string) func(o *GenerateOptions) {
return func(o *GenerateOptions) {
o.Namespace = n
}
}
// NewGenerateOptions from a slice of options // NewGenerateOptions from a slice of options
func NewGenerateOptions(opts ...GenerateOption) GenerateOptions { func NewGenerateOptions(opts ...GenerateOption) GenerateOptions {
var options GenerateOptions var options GenerateOptions

View File

@ -2,6 +2,7 @@ package token
import ( import (
"errors" "errors"
"time"
"github.com/micro/go-micro/v2/auth" "github.com/micro/go-micro/v2/auth"
) )
@ -17,7 +18,16 @@ var (
// Provider generates and inspects tokens // Provider generates and inspects tokens
type Provider interface { type Provider interface {
Generate(subject string, opts ...GenerateOption) (*auth.Token, error) Generate(account *auth.Account, opts ...GenerateOption) (*Token, error)
Inspect(token string) (*auth.Token, error) Inspect(token string) (*auth.Account, error)
String() string String() string
} }
type Token struct {
// The actual token
Token string `json:"token"`
// Time of token creation
Created time.Time `json:"created"`
// Time of token expiry
Expiry time.Time `json:"expiry"`
}

View File

@ -135,7 +135,7 @@ func (g *grpcClient) call(ctx context.Context, node *registry.Node, req client.R
// was passed with the request, set the service token // was passed with the request, set the service token
var srvToken string var srvToken string
if g.opts.Auth != nil && g.opts.Auth.Options().Token != nil { if g.opts.Auth != nil && g.opts.Auth.Options().Token != nil {
srvToken = g.opts.Auth.Options().Token.Token srvToken = g.opts.Auth.Options().Token.AccessToken
} }
if (opts.ServiceToken || len(header["authorization"]) == 0) && len(srvToken) > 0 { if (opts.ServiceToken || len(header["authorization"]) == 0) && len(srvToken) > 0 {
header["authorization"] = auth.BearerScheme + srvToken header["authorization"] = auth.BearerScheme + srvToken

View File

@ -671,10 +671,6 @@ func (c *cmd) Before(ctx *cli.Context) error {
authOpts = append(authOpts, auth.PublicKey(ctx.String("auth_public_key"))) authOpts = append(authOpts, auth.PublicKey(ctx.String("auth_public_key")))
} }
if len(ctx.String("auth_private_key")) > 0 {
authOpts = append(authOpts, auth.PrivateKey(ctx.String("auth_private_key")))
}
if name := ctx.String("auth_provider"); len(name) > 0 { if name := ctx.String("auth_provider"); len(name) > 0 {
p, ok := DefaultAuthProviders[name] p, ok := DefaultAuthProviders[name]
if !ok { if !ok {