e0e77f3983
* Updated auth interface * Add Rule * Remove Rule * Return token from Renew * Renew => Refresh * Implement Tokens & Default Auth Implementation * Change default auth to noop * Change default auth to noop * Move token.Token to auth.Token * Remove Token from Account * Auth service implementation * Decode JWT locally * Cookie for secret * Move string to bottom of interface definition * Depricate auth_exclude * Update auth wrappers * Update go.sum Co-authored-by: Ben Toogood <ben@micro.mu>
144 lines
2.8 KiB
Go
144 lines
2.8 KiB
Go
package auth
|
|
|
|
import (
|
|
"time"
|
|
|
|
"github.com/micro/go-micro/v2/auth/provider"
|
|
"github.com/micro/go-micro/v2/store"
|
|
)
|
|
|
|
type Options struct {
|
|
// Token is an auth token
|
|
Token string
|
|
// Public key base64 encoded
|
|
PublicKey string
|
|
// Private key base64 encoded
|
|
PrivateKey string
|
|
// Provider is an auth provider
|
|
Provider provider.Provider
|
|
// LoginURL is the relative url path where a user can login
|
|
LoginURL string
|
|
// Store to back auth
|
|
Store store.Store
|
|
}
|
|
|
|
type Option func(o *Options)
|
|
|
|
// Store to back auth
|
|
func Store(s store.Store) Option {
|
|
return func(o *Options) {
|
|
o.Store = s
|
|
}
|
|
}
|
|
|
|
// PublicKey is the JWT public key
|
|
func PublicKey(key string) Option {
|
|
return func(o *Options) {
|
|
o.PublicKey = key
|
|
}
|
|
}
|
|
|
|
// PrivateKey is the JWT private key
|
|
func PrivateKey(key string) Option {
|
|
return func(o *Options) {
|
|
o.PrivateKey = key
|
|
}
|
|
}
|
|
|
|
// ServiceToken sets an auth token
|
|
func ServiceToken(t string) Option {
|
|
return func(o *Options) {
|
|
o.Token = t
|
|
}
|
|
}
|
|
|
|
// Provider set the auth provider
|
|
func Provider(p provider.Provider) Option {
|
|
return func(o *Options) {
|
|
o.Provider = p
|
|
}
|
|
}
|
|
|
|
// LoginURL sets the auth LoginURL
|
|
func LoginURL(url string) Option {
|
|
return func(o *Options) {
|
|
o.LoginURL = url
|
|
}
|
|
}
|
|
|
|
type GenerateOptions struct {
|
|
// Metadata associated with the account
|
|
Metadata map[string]string
|
|
// Roles/scopes associated with the account
|
|
Roles []string
|
|
// SecretExpiry is the time the secret should live for
|
|
SecretExpiry time.Duration
|
|
}
|
|
|
|
type GenerateOption func(o *GenerateOptions)
|
|
|
|
// WithMetadata for the generated account
|
|
func WithMetadata(md map[string]string) GenerateOption {
|
|
return func(o *GenerateOptions) {
|
|
o.Metadata = md
|
|
}
|
|
}
|
|
|
|
// WithRoles for the generated account
|
|
func WithRoles(rs []string) GenerateOption {
|
|
return func(o *GenerateOptions) {
|
|
o.Roles = rs
|
|
}
|
|
}
|
|
|
|
// WithSecretExpiry for the generated account's secret expires
|
|
func WithSecretExpiry(ex time.Duration) GenerateOption {
|
|
return func(o *GenerateOptions) {
|
|
o.SecretExpiry = ex
|
|
}
|
|
}
|
|
|
|
// NewGenerateOptions from a slice of options
|
|
func NewGenerateOptions(opts ...GenerateOption) GenerateOptions {
|
|
var options GenerateOptions
|
|
for _, o := range opts {
|
|
o(&options)
|
|
}
|
|
|
|
// set defualt expiry of secret
|
|
if options.SecretExpiry == 0 {
|
|
options.SecretExpiry = time.Hour * 24 * 7
|
|
}
|
|
|
|
return options
|
|
}
|
|
|
|
type RefreshOptions struct {
|
|
// TokenExpiry is the time the token should live for
|
|
TokenExpiry time.Duration
|
|
}
|
|
|
|
type RefreshOption func(o *RefreshOptions)
|
|
|
|
// WithTokenExpiry for the token
|
|
func WithTokenExpiry(ex time.Duration) RefreshOption {
|
|
return func(o *RefreshOptions) {
|
|
o.TokenExpiry = ex
|
|
}
|
|
}
|
|
|
|
// NewRefreshOptions from a slice of options
|
|
func NewRefreshOptions(opts ...RefreshOption) RefreshOptions {
|
|
var options RefreshOptions
|
|
for _, o := range opts {
|
|
o(&options)
|
|
}
|
|
|
|
// set defualt expiry of token
|
|
if options.TokenExpiry == 0 {
|
|
options.TokenExpiry = time.Minute
|
|
}
|
|
|
|
return options
|
|
}
|