Auth Provider (#1309)

* auth provider mock interface * Auth Provider Options * Implement API Server Auth Package * Add weh utils * Add Login URL * Auth Provider Options * Add auth provider scope and setting token in cookie * Remove auth_login_url flag Co-authored-by: Asim Aslam <asim@aslam.me> Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-07 11:06:57 +00:00
parent 8ee5607254
commit 9a7a65f05e
10 changed files with 350 additions and 1 deletions
--- a/auth/auth.go
+++ b/auth/auth.go
@@ -44,7 +44,7 @@ type Role struct {

 // Account provided by an auth provider
 type Account struct {
-	// ID of the account (UUID or email)
+	// ID of the account (UUIDV4, email or username)
 	Id string `json:"id"`
 	// Token used to authenticate
 	Token string `json:"token"`
@@ -62,6 +62,9 @@ const (
 	// MetadataKey is the key used when storing the account
 	// in metadata
 	MetadataKey = "auth-account"
+	// CookieName is the name of the cookie which stores the
+	// auth token
+	CookieName = "micro-token"
 )

 // AccountFromContext gets the account from the context, which
--- a/auth/options.go
+++ b/auth/options.go
@@ -1,5 +1,7 @@
 package auth

+import "github.com/micro/go-micro/v2/auth/provider"
+
 type Options struct {
 	// Token is an auth token
 	Token string
@@ -9,6 +11,10 @@ type Options struct {
 	PrivateKey string
 	// Endpoints to exclude
 	Exclude []string
+	// Provider is an auth provider
+	Provider provider.Provider
+	// LoginURL is the relative url path where a user can login
+	LoginURL string
 }

 type Option func(o *Options)
@@ -41,6 +47,20 @@ func Token(t string) Option {
 	}
 }

+// Provider set the auth provider
+func Provider(p provider.Provider) Option {
+	return func(o *Options) {
+		o.Provider = p
+	}
+}
+
+// LoginURL sets the auth LoginURL
+func LoginURL(url string) Option {
+	return func(o *Options) {
+		o.LoginURL = url
+	}
+}
+
 type GenerateOptions struct {
 	// Metadata associated with the account
 	Metadata map[string]string
--- a/auth/provider/basic/basic.go
+++ b/auth/provider/basic/basic.go
@@ -0,0 +1,34 @@
+package basic
+
+import (
+	"github.com/micro/go-micro/v2/auth/provider"
+)
+
+// NewProvider returns an initialised basic provider
+func NewProvider(opts ...provider.Option) provider.Provider {
+	var options provider.Options
+	for _, o := range opts {
+		o(&options)
+	}
+	return &basic{options}
+}
+
+type basic struct {
+	opts provider.Options
+}
+
+func (b *basic) String() string {
+	return "basic"
+}
+
+func (b *basic) Options() provider.Options {
+	return b.opts
+}
+
+func (b *basic) Endpoint() string {
+	return ""
+}
+
+func (b *basic) Redirect() string {
+	return ""
+}
--- a/auth/provider/oauth/oauth.go
+++ b/auth/provider/oauth/oauth.go
@@ -0,0 +1,42 @@
+package oauth
+
+import (
+	"fmt"
+
+	"github.com/micro/go-micro/v2/auth/provider"
+)
+
+// NewProvider returns an initialised oauth provider
+func NewProvider(opts ...provider.Option) provider.Provider {
+	var options provider.Options
+	for _, o := range opts {
+		o(&options)
+	}
+	return &oauth{options}
+}
+
+type oauth struct {
+	opts provider.Options
+}
+
+func (o *oauth) String() string {
+	return "oauth"
+}
+
+func (o *oauth) Options() provider.Options {
+	return o.opts
+}
+
+func (o *oauth) Endpoint() string {
+	s := fmt.Sprintf("%v?client_id=%v", o.opts.Endpoint, o.opts.ClientID)
+
+	if scope := o.opts.Scope; len(scope) > 0 {
+		s = fmt.Sprintf("%v&scope=%v", s, scope)
+	}
+
+	return s
+}
+
+func (o *oauth) Redirect() string {
+	return o.opts.Redirect
+}
--- a/auth/provider/options.go
+++ b/auth/provider/options.go
@@ -0,0 +1,47 @@
+package provider
+
+// Option returns a function which sets an option
+type Option func(*Options)
+
+// Options a provider can have
+type Options struct {
+	// ClientID is the application's ID.
+	ClientID string
+	// ClientSecret is the application's secret.
+	ClientSecret string
+	// Endpoint for the provider
+	Endpoint string
+	// Redirect url incase of UI
+	Redirect string
+	// Scope of the oauth request
+	Scope string
+}
+
+// Credentials is an option which sets the client id and secret
+func Credentials(id, secret string) Option {
+	return func(o *Options) {
+		o.ClientID = id
+		o.ClientSecret = secret
+	}
+}
+
+// Endpoint sets the endpoint option
+func Endpoint(e string) Option {
+	return func(o *Options) {
+		o.Endpoint = e
+	}
+}
+
+// Redirect sets the Redirect option
+func Redirect(r string) Option {
+	return func(o *Options) {
+		o.Redirect = r
+	}
+}
+
+// Scope sets the oauth scope
+func Scope(s string) Option {
+	return func(o *Options) {
+		o.Scope = s
+	}
+}
--- a/auth/provider/provider.go
+++ b/auth/provider/provider.go
@@ -0,0 +1,28 @@
+// Package provider is an external auth provider e.g oauth
+package provider
+
+import (
+	"time"
+)
+
+// Provider is an auth provider
+type Provider interface {
+	// String returns the name of the provider
+	String() string
+	// Options returns the options of a provider
+	Options() Options
+	// Endpoint for the provider
+	Endpoint() string
+	// Redirect url incase of UI
+	Redirect() string
+}
+
+// Grant is a granted authorisation
+type Grant struct {
+	// token for reuse
+	Token string
+	// Expiry of the token
+	Expiry time.Time
+	// Scopes associated with grant
+	Scopes []string
+}