generate pseudo accounts (#1264)

* generate pseudo accounts

* when you think you're being clever

* return garbage pseudo account when no token
This commit is contained in:
Asim Aslam 2020-02-26 13:42:32 +00:00 committed by GitHub
parent 1034837f69
commit d651b16acd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 92 additions and 14 deletions

View File

@ -1,47 +1,122 @@
package auth package auth
import (
"encoding/base32"
"sync"
"time"
)
var ( var (
DefaultAuth = NewAuth() DefaultAuth = NewAuth()
) )
// NewAuth returns a new default registry which is noop func genAccount(id string) *Account {
// return a pseudo account
return &Account{
Id: id,
Token: base32.StdEncoding.EncodeToString([]byte(id)),
Created: time.Now(),
Expiry: time.Now().Add(time.Hour * 24),
Metadata: make(map[string]string),
}
}
// NewAuth returns a new default registry which is memory
func NewAuth(opts ...Option) Auth { func NewAuth(opts ...Option) Auth {
var options Options var options Options
for _, o := range opts { for _, o := range opts {
o(&options) o(&options)
} }
return &noop{
return &memory{
accounts: make(map[string]*Account),
opts: options, opts: options,
} }
} }
type noop struct { // TODO: replace with https://github.com/nats-io/nkeys
// We'll then register public key in registry to use
type memory struct {
opts Options opts Options
// accounts
sync.RWMutex
accounts map[string]*Account
} }
func (n *noop) Init(opts ...Option) error { func (n *memory) Init(opts ...Option) error {
for _, o := range opts { for _, o := range opts {
o(&n.opts) o(&n.opts)
} }
return nil return nil
} }
func (n *noop) Options() Options { func (n *memory) Options() Options {
return n.opts return n.opts
} }
func (n *noop) Generate(id string, opts ...GenerateOption) (*Account, error) { func (n *memory) Generate(id string, opts ...GenerateOption) (*Account, error) {
return nil, nil var options GenerateOptions
for _, o := range opts {
o(&options)
} }
func (n *noop) Revoke(token string) error { // return a pseudo account
acc := genAccount(id)
// set opts
if len(options.Roles) > 0 {
acc.Roles = options.Roles
}
if options.Metadata != nil {
acc.Metadata = options.Metadata
}
// TODO: don't overwrite
n.Lock()
// maybe save by account id?
n.accounts[acc.Token] = acc
n.Unlock()
return acc, nil
}
func (n *memory) Revoke(token string) error {
n.Lock()
delete(n.accounts, token)
n.Unlock()
return nil return nil
} }
func (n *noop) Verify(token string) (*Account, error) { func (n *memory) Verify(token string) (*Account, error) {
return nil, nil n.RLock()
defer n.RUnlock()
if len(token) == 0 {
// pseudo account?
return genAccount(""), nil
} }
func (n *noop) String() string { // try get the local account if it exists
return "noop" if acc, ok := n.accounts[token]; ok {
return acc, nil
}
// decode the token otherwise
b, err := base32.StdEncoding.DecodeString(token)
if err != nil {
return nil, err
}
// return a pseudo account based on token/id
return &Account{
Id: string(b),
Token: token,
Created: time.Now(),
Expiry: time.Now().Add(time.Hour * 24),
Metadata: make(map[string]string),
}, nil
}
func (n *memory) String() string {
return "memory"
} }

View File

@ -5,6 +5,7 @@ import (
"os" "os"
"os/user" "os/user"
"path/filepath" "path/filepath"
"strings"
conf "github.com/micro/go-micro/v2/config" conf "github.com/micro/go-micro/v2/config"
"github.com/micro/go-micro/v2/config/source/file" "github.com/micro/go-micro/v2/config/source/file"
@ -39,7 +40,9 @@ func Get(key string) (string, error) {
} }
// set a value // set a value
return c.Get(key).String(""), nil tk := c.Get(key).String("")
return strings.TrimSpace(tk), nil
} }
// Set a value in the .micro file // Set a value in the .micro file