129 Commits

Author SHA1 Message Date
Ben Toogood
7e27c97c6c Remove Comment 2020-04-29 09:22:15 +01:00
Ben Toogood
669364985e JWT auth implementation 2020-04-29 09:21:17 +01:00
Asim Aslam
8ccbf53dfc secret cookie unused 2020-04-28 18:12:07 +01:00
Asim Aslam
f908110fb6
swap out context access for account (#1589) 2020-04-28 17:35:18 +01:00
Ben Toogood
19f0836e70 Add oauth login hint param 2020-04-21 13:37:26 +01:00
Ben Toogood
fe31a71557 Fix formatting 2020-04-15 11:50:52 +01:00
Ben Toogood
c9a6b07c52 Add priority to auth.CreateRequest and auth.DeleteRequest 2020-04-15 11:49:24 +01:00
Ben Toogood
234c192faf Update protoc-gen-micro 2020-04-15 11:39:12 +01:00
Ben Toogood
ea29920afb Add Priority to auth rules 2020-04-15 11:31:19 +01:00
ben-toogood
f8837bfcbd
Merge branch 'master' into registry-namespace 2020-04-14 15:37:44 +01:00
268651df18
regenerate all proto based files (#1531)
Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org>
2020-04-14 16:25:09 +03:00
Ben Toogood
e17825474f Add context options to the runtime 2020-04-14 12:32:59 +01:00
Ben Toogood
0c75a0306b Merge master into registry-namespace 2020-04-14 09:15:13 +01:00
Ben Toogood
d61d30ef66 Inject Namespace into Context 2020-04-14 09:14:07 +01:00
Asim Aslam
29cccd0b4a
minor tweak add log line to proxy and basic auth provider by default (#1513) 2020-04-09 14:10:17 +01:00
Ben Toogood
4362a885eb Refactor Namespace Resolver 2020-04-07 16:24:51 +01:00
Ben Toogood
3df87510a1 Add namespace 2020-04-07 12:46:44 +01:00
Ben Toogood
ce23ab36cb Improve Err Handling 2020-04-02 18:41:06 +01:00
Ben Toogood
4999f6dfd4 Namespace requests coming via api & web 2020-04-02 17:01:06 +01:00
Ben Toogood
9de69529ce Fix token tests 2020-04-01 17:29:17 +01:00
Ben Toogood
c766679687 Fix typo 2020-04-01 17:22:01 +01:00
Ben Toogood
df8c0bb5e1 Auth Generate, make secret optional 2020-04-01 17:20:02 +01:00
Ben Toogood
d577c32563 Add back auth.PrivateKey 2020-04-01 17:17:40 +01:00
Ben Toogood
365dfe9df5 Code => State 2020-04-01 17:11:46 +01:00
Ben Toogood
ae15793fc3 Support oauth codes 2020-04-01 15:36:22 +01:00
Ben Toogood
525ab094c8 Remove LoginOptions 2020-04-01 14:42:11 +01:00
Ben Toogood
26cb6bf5b9 Remove Legacy JWT fields 2020-04-01 14:27:56 +01:00
Ben Toogood
9cbbd71855 Remove default login 2020-04-01 14:26:24 +01:00
Ben Toogood
8e4d9e1702 Further Refactoring 2020-04-01 14:25:00 +01:00
Ben Toogood
82bc3cbf8d Update interface to add provider and make secret optional 2020-03-31 19:01:43 +01:00
Ben Toogood
cffb0a1eae Remove ContextWithToken 2020-03-31 18:34:31 +01:00
Ben Toogood
134bc1c68a Implement new interface 2020-03-31 18:17:01 +01:00
Ben Toogood
8dbb5153f4 Tweak Auth Interface 2020-03-31 17:01:51 +01:00
Ben Toogood
d659e435c6 Service => Service Auth 2020-03-31 12:44:34 +01:00
Asim Aslam
1222d076f2
There can be only one! (#1445)
* There can be only one

* fix proto?
2020-03-31 10:18:50 +01:00
ben-toogood
76ade7efd9
Auth - Swap Refresh to Token and change secrets to be strings, not tokens (#1444)
* Refresh => Token

* Secret is no longer a token

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-31 10:06:13 +01:00
c706ebe3fb
auth proto: provide help to protoc-gen-go (#1442)
Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org>
2020-03-31 00:35:11 +03:00
9e6db79860
regenerate all proto (#1440)
* regenerate all proto

Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org>

* regenerate from proto

Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org>

* regenerate from proto

Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org>
2020-03-30 21:58:32 +01:00
756b346672
auth/service: move all proto files to single dir (#1439)
Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org>
2020-03-30 18:23:00 +03:00
ben-toogood
4db2f5e79d
Add Namespace to Auth (#1438)
Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-30 09:51:37 +01:00
ben-toogood
6723d17b22
Default auth, return account secret on Inspect (#1430)
Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-27 09:54:29 +00:00
ben-toogood
47c7181d41
Default Auth: Add blank secret to account to prevent nil errors (#1429)
* Remove debug auth logs

* Default auth, return account secret on Inspect

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-27 09:46:17 +00:00
ben-toogood
1a53307a78
Remove debug auth logs (#1426)
Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-26 19:00:24 +00:00
ben-toogood
4648fd0d09
Auth debugging (#1423)
* More auth debugging

* More auth debugging

* Increase auth debugging

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-26 17:55:35 +00:00
ben-toogood
c905df3be6
Log auth verify requests (#1422)
* More auth debugging

* More auth debugging

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-26 17:35:28 +00:00
ben-toogood
00e7804f96
Auth - Add debugging to loading rules (#1420)
* Fix auth multi-rule edgecase

* Add logging to auth rules

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-26 16:30:31 +00:00
ben-toogood
42b6bf5bbf
Fix auth multi-rule edgecase (#1418)
Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-26 15:52:48 +00:00
ben-toogood
844c456839
Refactor Auth Service Protos, Add Access Rules (#1411)
* Refactor auth/service into two protos

* Accounts Proto

* Store Prefixes

* Misc

* Tweak Protos

Co-authored-by: Ben Toogood <ben@micro.mu>
Co-authored-by: Asim Aslam <asim@aslam.me>
2020-03-26 13:12:43 +00:00
ben-toogood
378d03eb66
Tidying up auth (#1410)
* Don't clear auth rules if request fails

* Add jitter to auth service loading rules

* Remove unused error from ContextWithToken result

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-25 18:34:13 +00:00
ben-toogood
56af826230
Update auth to pass seconds and not nanoseconds (#1409)
Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-25 17:03:45 +00:00
ben-toogood
511ebd8ec2
Fix Token Expiry Bug (#1408)
Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-25 14:40:37 +00:00
ben-toogood
1057ef6acb
Add ContextWithToken (#1407)
* Add ContextWithToken

* Tidying up BearerScheme

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-25 11:20:53 +00:00
ben-toogood
84b4eb5404
Fix missing loop (#1398)
* WithRoles variadic args

* Load Rules

* Timer => Ticker

* Add missing for loop in auth service

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-24 14:16:57 +00:00
ben-toogood
fd664f4392
Auth load rules (#1397)
* WithRoles variadic args

* Load Rules

* Timer => Ticker

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-24 13:48:37 +00:00
ben-toogood
86272a3064
WithRoles variadic args (#1395)
Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-24 10:18:34 +00:00
ben-toogood
c1978265ab
Auth Wildcard Endpoints (#1394)
* Auth Wildcard Endpoints

* Fix joinkey bug, improve tests

* Change joinKey

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-24 09:39:33 +00:00
ben-toogood
e0e77f3983
Updated auth interface (#1384)
* Updated  auth interface

* Add Rule

* Remove Rule

* Return token from Renew

* Renew => Refresh

* Implement Tokens & Default Auth Implementation

* Change default auth to noop

* Change default auth to noop

* Move token.Token to auth.Token

* Remove Token from Account

* Auth service implementation

* Decode JWT locally

* Cookie for secret

* Move string to bottom of interface definition

* Depricate auth_exclude

* Update auth wrappers

* Update go.sum

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-23 16:19:30 +00:00
ben-toogood
8a41d369f2
Auth JWT ID Fix (#1359)
* Auth JWT ID Fix

* Remove unused ID in jwt claims

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-17 16:59:57 +00:00
ben-toogood
20ce61da5a
Oauth google fixes (#1330)
* Fix Auth Headers

* Tweak Oauth to work for Google

Co-authored-by: Ben Toogood <ben@micro.mu>
Co-authored-by: Asim Aslam <asim@aslam.me>
2020-03-12 13:11:35 +00:00
mlboy
1a4f608ed1
add: auth add generate options Expiry for set token expires (#1319)
Co-authored-by: mlboy <ml3@meitu.com>
Co-authored-by: Asim Aslam <asim@aslam.me>
2020-03-09 17:16:31 +00:00
ben-toogood
b344171c80
URL Encode Provider.Endpoint() (#1317)
Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-09 10:21:49 +00:00
ben-toogood
9a7a65f05e
Auth Provider (#1309)
* auth provider mock interface

* Auth Provider Options

* Implement API Server Auth Package

* Add weh utils

* Add Login URL

* Auth Provider Options

* Add auth provider scope and setting token in cookie

* Remove auth_login_url flag

Co-authored-by: Asim Aslam <asim@aslam.me>
Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-07 11:06:57 +00:00
ben-toogood
6a9001bdb1
Set auth account in context (#1293) 2020-03-04 09:54:52 +00:00
Asim Aslam
e21ed3a183
gen account on base32 decode failure (#1269) 2020-02-27 16:11:05 +00:00
Asim Aslam
d651b16acd
generate pseudo accounts (#1264)
* generate pseudo accounts

* when you think you're being clever

* return garbage pseudo account when no token
2020-02-26 13:42:32 +00:00
Asim Aslam
6aaaf54275
add MICRO_AUTH_TOKEN, parse token in wrapper, preload config and othe… (#1261)
* add MICRO_AUTH_TOKEN, parse token in wrapper, preload config and other things

* fix wrapper panic
2020-02-25 22:15:44 +00:00
ben-toogood
ffdf986aac
Refactor auth: add token and store implementations (#1230)
* Refactor auth: add token and memory implementations

* Fix typo

* Remove memory auth (implemented already by the store implementation), revert default to noop

* Add grpc header

* Global Config

* config/global => util/config

* Rename package to remove confict

* Tweak

* Improve Error Handling
2020-02-24 15:07:27 +00:00
ben-toogood
36bcd3bd82
Improve JWT Package Errors (#1206)
Co-authored-by: Asim Aslam <asim@aslam.me>
2020-02-19 09:51:43 +01:00
58598d0fe0
fixes for safe conversation and avoid panics (#1213)
* fixes for safe convertation

Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org>

* fix client publish panic

If broker connect returns error we dont check it status and use
it later to publish message, mostly this is unexpected because
broker connection failed and we cant use it.
Also proposed solution have benefit - we flag connection status
only when we have succeseful broker connection

Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org>

* api/handler/broker: fix possible broker publish panic

Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org>
2020-02-18 23:05:38 +00:00
Asim Aslam
9696efde02
reorder auth interface (#1204) 2020-02-16 19:36:45 +00:00
Eric
cbe8b7dd09
Removed redundant spaces (#1196) 2020-02-14 10:32:02 +03:00
ben-toogood
4401c12e6c Auth Wrapper (#1174)
* Auth Wrapper

* Tweak cmd flag

* auth_excludes => auth_exclude

* Make Auth.Excludes variadic

* Use metadata.Get (passes through http and http2 it will go through various case formats)

* fix auth wrapper auth.Auth interface initialisation

Co-authored-by: Asim Aslam <asim@aslam.me>
2020-02-10 08:26:28 +00:00
ben-toogood
1b9cabd654
Update Micro Auth Protocol Buffer to use V2 (#1155) 2020-02-03 08:26:57 +00:00
ben-toogood
d621548120
Auth (#1147)
Implement the Auth interface, with JWT and service implementations.

* Update Auth Interface

* Define Auth Service Implementation

* Support Service Auth

* Add Auth Service Proto

* Remove erronious files

* Implement Auth Service Package

* Update Auth Interface

* Update Auth Interface. Add Validate, remove Add/Remove roles

* Make Revoke interface more explicit

* Refactor serializing and deserializing service accounts

* Fix srv name & update interface to be more explicit

* Require jwt public key for auth

* Rename Variables (Resource.ID => Resource.Name & ServiceAccount => Account)

* Implement JWT Auth Package

* Remove parent, add ID

* Update auth imports to v2. Add String() to auth interface
2020-02-03 08:16:02 +00:00
Asim Aslam
7c21a1b92a go fmt 2019-12-18 15:06:02 +00:00
Asim Aslam
ebae497a72 use service rather than resource 2019-12-17 21:37:20 +00:00
Asim Aslam
515014fbeb update with resource 2019-12-17 21:27:05 +00:00
Asim Aslam
7013e7467f Undefined time 2019-11-25 09:33:30 +00:00
Asim Aslam
dbc537007d First interface for auth 2019-11-25 09:30:26 +00:00