From dbc537007d2a03ed524d023a35b20ee51466cd21 Mon Sep 17 00:00:00 2001 From: Asim Aslam Date: Mon, 25 Nov 2019 09:30:26 +0000 Subject: [PATCH 1/4] First interface for auth --- auth/auth.go | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 auth/auth.go diff --git a/auth/auth.go b/auth/auth.go new file mode 100644 index 00000000..6c6f7e4f --- /dev/null +++ b/auth/auth.go @@ -0,0 +1,26 @@ +// Package auth provides authentication and authorization capability +package auth + +// Auth providers authentication and authorization +type Auth interface { + // Generate a new authorization token + Generate(u string) (*Token, error) + // Revoke an authorization token + Revoke(t *Token) error + // Verify a token + Verify(t *Token) error +} + +// Token providers by an auth provider +type Token struct { + // Unique token id + Id string `json: "id"` + // Time of token creation + Created time.Time `json:"created"` + // Time of token expiry + Expiry time.Time `json:"expiry"` + // Roles associated with the token + Roles []string `json:"roles"` + // Any other associated metadata + Metadata map[string]string `json:"metadata"` +} From 7013e7467fc5ccfb48c4d8fe43f55e9fe6f2fa1c Mon Sep 17 00:00:00 2001 From: Asim Aslam Date: Mon, 25 Nov 2019 09:33:30 +0000 Subject: [PATCH 2/4] Undefined time --- auth/auth.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/auth/auth.go b/auth/auth.go index 6c6f7e4f..d34bf1fb 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -1,6 +1,10 @@ // Package auth provides authentication and authorization capability package auth +import ( + "time" +) + // Auth providers authentication and authorization type Auth interface { // Generate a new authorization token From 515014fbeb5eb68268feea878c64552c324209f5 Mon Sep 17 00:00:00 2001 From: Asim Aslam Date: Tue, 17 Dec 2019 21:27:05 +0000 Subject: [PATCH 3/4] update with resource --- auth/auth.go | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/auth/auth.go b/auth/auth.go index d34bf1fb..57286a85 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -7,12 +7,20 @@ import ( // Auth providers authentication and authorization type Auth interface { - // Generate a new authorization token - Generate(u string) (*Token, error) + // Generate a new auth token + Generate(string) (*Token, error) // Revoke an authorization token - Revoke(t *Token) error - // Verify a token - Verify(t *Token) error + Revoke(*Token) error + // Grant access to a resource + Grant(*Token, *Resource) error + // Verify a token can access a resource + Verify(*Token, *Resource) error +} + +// Resource is some thing to provide access to +type Resource struct { + // Name of the resource + Name string } // Token providers by an auth provider From ebae497a7251006b535008dabe21295dba8cf451 Mon Sep 17 00:00:00 2001 From: Asim Aslam Date: Tue, 17 Dec 2019 21:37:20 +0000 Subject: [PATCH 4/4] use service rather than resource --- auth/auth.go | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/auth/auth.go b/auth/auth.go index 57286a85..109019c4 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -12,15 +12,17 @@ type Auth interface { // Revoke an authorization token Revoke(*Token) error // Grant access to a resource - Grant(*Token, *Resource) error + Grant(*Token, *Service) error // Verify a token can access a resource - Verify(*Token, *Resource) error + Verify(*Token, *Service) error } -// Resource is some thing to provide access to -type Resource struct { +// Service is some thing to provide access to +type Service struct { // Name of the resource Name string + // Endpoint is the specific endpoint + Endpoint string } // Token providers by an auth provider