Merge pull request #1631 from micro/auth-address

Auth: Set address
2020-05-13 18:02:10 +01:00 · 2020-05-13 18:02:10 +01:00 · a2d4d62f1c
commit a2d4d62f1c
parent bba8c254d7 8ab20f501c
2 changed files with 36 additions and 22 deletions
--- a/auth/options.go
+++ b/auth/options.go
@ -44,10 +44,19 @@ type Options struct {
 	Store store.Store
 	// Client to use for RPC
 	Client client.Client
+	// Addrs sets the addresses of auth
+	Addrs []string
 }

 type Option func(o *Options)

+// Addrs is the auth addresses to use
+func Addrs(addrs ...string) Option {
+	return func(o *Options) {
+		o.Addrs = addrs
+	}
+}
+
 // Namespace the service belongs to
 func Namespace(n string) Option {
 	return func(o *Options) {
--- a/auth/service/service.go
+++ b/auth/service/service.go
@ -23,6 +23,7 @@ type svc struct {
 	auth    pb.AuthService
 	rule    pb.RulesService
 	jwt     token.Provider
+	addrs   []string

 	rules []*pb.Rule
 	sync.Mutex
@ -50,21 +51,6 @@ func (s *svc) Init(opts ...auth.Option) {
 	if key := s.options.PublicKey; len(key) > 0 {
 		s.jwt = jwt.NewTokenProvider(token.WithPublicKey(key))
 	}
-
-	// load rules periodically from the auth service
-	go func() {
-		ruleTimer := time.NewTicker(time.Second * 30)
-
-		for {
-			// jitter for up to 5 seconds, this stops
-			// all the services calling the auth service
-			// at the exact same time
-			time.Sleep(jitter.Do(time.Second * 5))
-			s.loadRules()
-
-			<-ruleTimer.C
-		}
-	}()
 }

 func (s *svc) Options() auth.Options {
@ -85,7 +71,7 @@ func (s *svc) Generate(id string, opts ...auth.GenerateOption) (*auth.Account, e
 		Metadata:  options.Metadata,
 		Provider:  options.Provider,
 		Namespace: options.Namespace,
-	})
+	}, client.WithAddress(s.addrs...))
 	if err != nil {
 		return nil, err
 	}
@ -104,7 +90,7 @@ func (s *svc) Grant(role string, res *auth.Resource) error {
 			Name:      res.Name,
 			Endpoint:  res.Endpoint,
 		},
-	})
+	}, client.WithAddress(s.addrs...))
 	return err
 }

@ -119,7 +105,7 @@ func (s *svc) Revoke(role string, res *auth.Resource) error {
 			Name:      res.Name,
 			Endpoint:  res.Endpoint,
 		},
-	})
+	}, client.WithAddress(s.addrs...))
 	return err
 }

@ -189,7 +175,7 @@ func (s *svc) Inspect(token string) (*auth.Account, error) {

 	// the token is not a JWT or we do not have the keys to decode it,
 	// fall back to the auth service
-	rsp, err := s.auth.Inspect(context.TODO(), &pb.InspectRequest{Token: token})
+	rsp, err := s.auth.Inspect(context.TODO(), &pb.InspectRequest{Token: token}, client.WithAddress(s.addrs...))
 	if err != nil {
 		return nil, err
 	}
@ -205,7 +191,7 @@ func (s *svc) Token(opts ...auth.TokenOption) (*auth.Token, error) {
 		Secret:       options.Secret,
 		RefreshToken: options.RefreshToken,
 		TokenExpiry:  int64(options.Expiry.Seconds()),
-	})
+	}, client.WithAddress(s.addrs...))
 	if err != nil {
 		return nil, err
 	}
@ -270,7 +256,7 @@ func (s *svc) listRules(filters ...string) []*pb.Rule {

 // loadRules retrieves the rules from the auth service
 func (s *svc) loadRules() {
-	rsp, err := s.rule.List(context.TODO(), &pb.ListRequest{})
+	rsp, err := s.rule.List(context.TODO(), &pb.ListRequest{}, client.WithAddress(s.addrs...))
 	s.Lock()
 	defer s.Unlock()

@ -320,9 +306,28 @@ func NewAuth(opts ...auth.Option) auth.Auth {
 		options.Client = client.DefaultClient
 	}

-	return &svc{
+	addrs := options.Addrs
+	if len(addrs) == 0 {
+		addrs = []string{"127.0.0.1:8010"}
+	}
+
+	service := &svc{
 		auth:    pb.NewAuthService("go.micro.auth", options.Client),
 		rule:    pb.NewRulesService("go.micro.auth", options.Client),
 		options: options,
+		addrs:   addrs,
 	}
+
+	// load rules periodically from the auth service
+	go func() {
+		ruleTimer := time.NewTicker(time.Second * 30)
+
+		for {
+			time.Sleep(jitter.Do(time.Second * 5))
+			service.loadRules()
+			<-ruleTimer.C
+		}
+	}()
+
+	return service
 }