144 Commits

Author SHA1 Message Date
ben-toogood
76ade7efd9
Auth - Swap Refresh to Token and change secrets to be strings, not tokens (#1444)
* Refresh => Token

* Secret is no longer a token

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-31 10:06:13 +01:00
c706ebe3fb
auth proto: provide help to protoc-gen-go (#1442)
Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org>
2020-03-31 00:35:11 +03:00
9e6db79860
regenerate all proto (#1440)
* regenerate all proto

Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org>

* regenerate from proto

Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org>

* regenerate from proto

Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org>
2020-03-30 21:58:32 +01:00
756b346672
auth/service: move all proto files to single dir (#1439)
Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org>
2020-03-30 18:23:00 +03:00
ben-toogood
4db2f5e79d
Add Namespace to Auth (#1438)
Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-30 09:51:37 +01:00
ben-toogood
6723d17b22
Default auth, return account secret on Inspect (#1430)
Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-27 09:54:29 +00:00
ben-toogood
47c7181d41
Default Auth: Add blank secret to account to prevent nil errors (#1429)
* Remove debug auth logs

* Default auth, return account secret on Inspect

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-27 09:46:17 +00:00
ben-toogood
1a53307a78
Remove debug auth logs (#1426)
Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-26 19:00:24 +00:00
ben-toogood
4648fd0d09
Auth debugging (#1423)
* More auth debugging

* More auth debugging

* Increase auth debugging

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-26 17:55:35 +00:00
ben-toogood
c905df3be6
Log auth verify requests (#1422)
* More auth debugging

* More auth debugging

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-26 17:35:28 +00:00
ben-toogood
00e7804f96
Auth - Add debugging to loading rules (#1420)
* Fix auth multi-rule edgecase

* Add logging to auth rules

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-26 16:30:31 +00:00
ben-toogood
42b6bf5bbf
Fix auth multi-rule edgecase (#1418)
Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-26 15:52:48 +00:00
ben-toogood
844c456839
Refactor Auth Service Protos, Add Access Rules (#1411)
* Refactor auth/service into two protos

* Accounts Proto

* Store Prefixes

* Misc

* Tweak Protos

Co-authored-by: Ben Toogood <ben@micro.mu>
Co-authored-by: Asim Aslam <asim@aslam.me>
2020-03-26 13:12:43 +00:00
ben-toogood
378d03eb66
Tidying up auth (#1410)
* Don't clear auth rules if request fails

* Add jitter to auth service loading rules

* Remove unused error from ContextWithToken result

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-25 18:34:13 +00:00
ben-toogood
56af826230
Update auth to pass seconds and not nanoseconds (#1409)
Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-25 17:03:45 +00:00
ben-toogood
511ebd8ec2
Fix Token Expiry Bug (#1408)
Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-25 14:40:37 +00:00
ben-toogood
1057ef6acb
Add ContextWithToken (#1407)
* Add ContextWithToken

* Tidying up BearerScheme

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-25 11:20:53 +00:00
ben-toogood
84b4eb5404
Fix missing loop (#1398)
* WithRoles variadic args

* Load Rules

* Timer => Ticker

* Add missing for loop in auth service

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-24 14:16:57 +00:00
ben-toogood
fd664f4392
Auth load rules (#1397)
* WithRoles variadic args

* Load Rules

* Timer => Ticker

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-24 13:48:37 +00:00
ben-toogood
86272a3064
WithRoles variadic args (#1395)
Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-24 10:18:34 +00:00
ben-toogood
c1978265ab
Auth Wildcard Endpoints (#1394)
* Auth Wildcard Endpoints

* Fix joinkey bug, improve tests

* Change joinKey

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-24 09:39:33 +00:00
ben-toogood
e0e77f3983
Updated auth interface (#1384)
* Updated  auth interface

* Add Rule

* Remove Rule

* Return token from Renew

* Renew => Refresh

* Implement Tokens & Default Auth Implementation

* Change default auth to noop

* Change default auth to noop

* Move token.Token to auth.Token

* Remove Token from Account

* Auth service implementation

* Decode JWT locally

* Cookie for secret

* Move string to bottom of interface definition

* Depricate auth_exclude

* Update auth wrappers

* Update go.sum

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-23 16:19:30 +00:00
ben-toogood
8a41d369f2
Auth JWT ID Fix (#1359)
* Auth JWT ID Fix

* Remove unused ID in jwt claims

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-17 16:59:57 +00:00
ben-toogood
20ce61da5a
Oauth google fixes (#1330)
* Fix Auth Headers

* Tweak Oauth to work for Google

Co-authored-by: Ben Toogood <ben@micro.mu>
Co-authored-by: Asim Aslam <asim@aslam.me>
2020-03-12 13:11:35 +00:00
mlboy
1a4f608ed1
add: auth add generate options Expiry for set token expires (#1319)
Co-authored-by: mlboy <ml3@meitu.com>
Co-authored-by: Asim Aslam <asim@aslam.me>
2020-03-09 17:16:31 +00:00
ben-toogood
b344171c80
URL Encode Provider.Endpoint() (#1317)
Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-09 10:21:49 +00:00
ben-toogood
9a7a65f05e
Auth Provider (#1309)
* auth provider mock interface

* Auth Provider Options

* Implement API Server Auth Package

* Add weh utils

* Add Login URL

* Auth Provider Options

* Add auth provider scope and setting token in cookie

* Remove auth_login_url flag

Co-authored-by: Asim Aslam <asim@aslam.me>
Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-07 11:06:57 +00:00
ben-toogood
6a9001bdb1
Set auth account in context (#1293) 2020-03-04 09:54:52 +00:00
Asim Aslam
e21ed3a183
gen account on base32 decode failure (#1269) 2020-02-27 16:11:05 +00:00
Asim Aslam
d651b16acd
generate pseudo accounts (#1264)
* generate pseudo accounts

* when you think you're being clever

* return garbage pseudo account when no token
2020-02-26 13:42:32 +00:00
Asim Aslam
6aaaf54275
add MICRO_AUTH_TOKEN, parse token in wrapper, preload config and othe… (#1261)
* add MICRO_AUTH_TOKEN, parse token in wrapper, preload config and other things

* fix wrapper panic
2020-02-25 22:15:44 +00:00
ben-toogood
ffdf986aac
Refactor auth: add token and store implementations (#1230)
* Refactor auth: add token and memory implementations

* Fix typo

* Remove memory auth (implemented already by the store implementation), revert default to noop

* Add grpc header

* Global Config

* config/global => util/config

* Rename package to remove confict

* Tweak

* Improve Error Handling
2020-02-24 15:07:27 +00:00
ben-toogood
36bcd3bd82
Improve JWT Package Errors (#1206)
Co-authored-by: Asim Aslam <asim@aslam.me>
2020-02-19 09:51:43 +01:00
58598d0fe0
fixes for safe conversation and avoid panics (#1213)
* fixes for safe convertation

Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org>

* fix client publish panic

If broker connect returns error we dont check it status and use
it later to publish message, mostly this is unexpected because
broker connection failed and we cant use it.
Also proposed solution have benefit - we flag connection status
only when we have succeseful broker connection

Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org>

* api/handler/broker: fix possible broker publish panic

Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org>
2020-02-18 23:05:38 +00:00
Asim Aslam
9696efde02
reorder auth interface (#1204) 2020-02-16 19:36:45 +00:00
Eric
cbe8b7dd09
Removed redundant spaces (#1196) 2020-02-14 10:32:02 +03:00
ben-toogood
4401c12e6c Auth Wrapper (#1174)
* Auth Wrapper

* Tweak cmd flag

* auth_excludes => auth_exclude

* Make Auth.Excludes variadic

* Use metadata.Get (passes through http and http2 it will go through various case formats)

* fix auth wrapper auth.Auth interface initialisation

Co-authored-by: Asim Aslam <asim@aslam.me>
2020-02-10 08:26:28 +00:00
ben-toogood
1b9cabd654
Update Micro Auth Protocol Buffer to use V2 (#1155) 2020-02-03 08:26:57 +00:00
ben-toogood
d621548120
Auth (#1147)
Implement the Auth interface, with JWT and service implementations.

* Update Auth Interface

* Define Auth Service Implementation

* Support Service Auth

* Add Auth Service Proto

* Remove erronious files

* Implement Auth Service Package

* Update Auth Interface

* Update Auth Interface. Add Validate, remove Add/Remove roles

* Make Revoke interface more explicit

* Refactor serializing and deserializing service accounts

* Fix srv name & update interface to be more explicit

* Require jwt public key for auth

* Rename Variables (Resource.ID => Resource.Name & ServiceAccount => Account)

* Implement JWT Auth Package

* Remove parent, add ID

* Update auth imports to v2. Add String() to auth interface
2020-02-03 08:16:02 +00:00
Asim Aslam
7c21a1b92a go fmt 2019-12-18 15:06:02 +00:00
Asim Aslam
ebae497a72 use service rather than resource 2019-12-17 21:37:20 +00:00
Asim Aslam
515014fbeb update with resource 2019-12-17 21:27:05 +00:00
Asim Aslam
7013e7467f Undefined time 2019-11-25 09:33:30 +00:00
Asim Aslam
dbc537007d First interface for auth 2019-11-25 09:30:26 +00:00