Acasă Explorează Ajutor
Autentificare
Craft
/
Api
2
0
Bifurcare 0
Fisiere Probleme 0 Trageți solicitările 0 Wiki
Răsfoiți Sursa

middleware

- make token parser independent
Alexey Kim 9 luni în urmă
părinte
2d440d8480
comite
43c6f69c48
5 a modificat fișierele cu 57 adăugiri și 10 ștergeri
Vizualizare divizată Arată Statisticile Diff
  1. 4 4
      config/config.go
  2. 5 0
      go.mod
  3. 18 1
      go.sum
  4. 1 1
      graph/auth
  5. 29 4
      middleware/jwt.go

+ 4 - 4
config/config.go
Vizualizați fișierul 

@@ -6,8 +6,8 @@ import (
 
 )
 
 
 type Configuration struct {
 
-	Timeout   int    `yaml:"timeout"`
 
-	SecretKey string `yaml:"secret-key"`
 
+	Timeout int    `yaml:"timeout"`
 
+	Issuer  string `yaml:"issuer"`
 
 }
 
 
 func (c Configuration) Invalidate() error {
 
@@ -15,8 +15,8 @@ func (c Configuration) Invalidate() error {
 
 		c.Timeout = 30
 
 	}
 
 
-	if c.SecretKey == "" {
 
-		return fmt.Errorf("`secret-key` must not be an empty string")
 
+	if c.Issuer == "" {
 
+		return fmt.Errorf("`issuer` must not be an empty string")
 
 	}
 
 
 	return Invalidate(c)

+ 5 - 0
go.mod
Vizualizați fișierul 

@@ -3,6 +3,7 @@ module beejay.kim/craft/api
 
 go 1.20
 
 
 require (
 
+	github.com/Nerzal/gocloak/v13 v13.8.0
 
 	github.com/gofrs/uuid v4.4.0+incompatible
 
 	github.com/golang-jwt/jwt/v4 v4.5.0
 
 	github.com/labstack/echo-jwt/v4 v4.2.0
 
@@ -13,12 +14,16 @@ require (
 
 
 require (
 
 	github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect
 
+	github.com/go-resty/resty/v2 v2.7.0 // indirect
 
 	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
 
 	github.com/golang-jwt/jwt/v5 v5.0.0 // indirect
 
 	github.com/labstack/gommon v0.4.0 // indirect
 
 	github.com/mattn/go-colorable v0.1.13 // indirect
 
 	github.com/mattn/go-isatty v0.0.19 // indirect
 
+	github.com/opentracing/opentracing-go v1.2.0 // indirect
 
+	github.com/pkg/errors v0.9.1 // indirect
 
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 
+	github.com/segmentio/ksuid v1.0.4 // indirect
 
 	github.com/valyala/bytebufferpool v1.0.0 // indirect
 
 	github.com/valyala/fasttemplate v1.2.2 // indirect
 
 	github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect

+ 18 - 1
go.sum
Vizualizați fișierul 

@@ -1,8 +1,12 @@
 
+github.com/Nerzal/gocloak/v13 v13.8.0 h1:7s9cK8X3vy8OIic+pG4POE9vGy02tSHkMhvWXv0P2m8=
 
+github.com/Nerzal/gocloak/v13 v13.8.0/go.mod h1:rRBtEdh5N0+JlZZEsrfZcB2sRMZWbgSxI2EIv9jpJp4=
 
 github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w=
 
 github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 
+github.com/go-resty/resty/v2 v2.7.0 h1:me+K9p3uhSmXtrBZ4k9jcEAfJmuC8IivWHwaLZwPrFY=
 
+github.com/go-resty/resty/v2 v2.7.0/go.mod h1:9PWDzw47qPphMRFfhsyk0NnSgvluHcljSMVIq3w7q0I=
 
 github.com/gofrs/uuid v4.4.0+incompatible h1:3qXRTX8/NbyulANqlc0lchS1gqAVxRgsuW1YrTJupqA=
 
 github.com/gofrs/uuid v4.4.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
 
 github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
 
@@ -24,13 +28,20 @@ github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27k
 
 github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
 
 github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA=
 
 github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
 
+github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs=
 
+github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc=
 
+github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 
+github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 
 github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
 
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 
+github.com/segmentio/ksuid v1.0.4 h1:sBo2BdShXjmcugAMwjugoGUdUV0pcxY5mW4xKRn3v4c=
 
+github.com/segmentio/ksuid v1.0.4/go.mod h1:/XUiZBD3kVx5SmUOl55voK5yeAbBNNIed+2O73XgrPE=
 
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 
-github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
 
+github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8=
 
 github.com/urfave/cli/v2 v2.25.7 h1:VAzn5oq403l5pHjc4OhD54+XGO9cdKVL/7lDjF+iKUs=
 
 github.com/urfave/cli/v2 v2.25.7/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ=
 
 github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
 
@@ -42,8 +53,11 @@ github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 h1:bAn7/zixMGCfxrRT
 
 github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8=
 
 golang.org/x/crypto v0.12.0 h1:tFM/ta59kqch6LlvYnPa0yx5a83cL2nHflFhYKvv9Yk=
 
 golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw=
 
+golang.org/x/net v0.0.0-20211029224645-99673261e6eb/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 
 golang.org/x/net v0.14.0 h1:BONx9s002vGdD9umnlX1Po8vOZmrgH34qlHcD1MfK14=
 
 golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI=
 
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 
+golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 
 golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 
 golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 
 golang.org/x/sys v0.0.0-20211103235746-7861aae1554b/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 
@@ -51,10 +65,13 @@ golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBc
 
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 
 golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM=
 
 golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 
+golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 
 golang.org/x/text v0.12.0 h1:k+n5B8goJNdU7hSvEtMUz3d1Q6D/XW4COJSJR6fN0mc=
 
 golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 
 golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4=
 
 golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

+ 1 - 1
graph/auth
Vizualizați fișierul 

@@ -1 +1 @@
 
-Subproject commit 6080a307172162794c12e0b178e29530f5de9b44
 
+Subproject commit c0d59bd5d6342db0d37c6f8968f51e91a14a6e2f

+ 29 - 4
middleware/jwt.go
Vizualizați fișierul 

@@ -3,21 +3,46 @@ package middleware
 
 import (
 
 	"context"
 
 	"fmt"
 
+	"github.com/Nerzal/gocloak/v13"
 
+	"github.com/gofrs/uuid"
 
 	"github.com/golang-jwt/jwt/v4"
 
 	echojwt "github.com/labstack/echo-jwt/v4"
 
 	"github.com/labstack/echo/v4"
 
 )
 
 
-func Jwt(parser func(c echo.Context, auth string) (interface{}, error)) echo.MiddlewareFunc {
 
+func Jwt(issuer string) echo.MiddlewareFunc {
 
 	var (
 
 		sKeyJwtToken = fmt.Sprintf("%s", keyJwtToken)
 
-		cfg          = echojwt.Config{
 
+		cli          = gocloak.NewClient(issuer)
 
+
 
+		cfg = echojwt.Config{
 
 			ContinueOnIgnoredError: true,
 
 			ErrorHandler: func(c echo.Context, err error) error {
 
 				return nil
 
 			},
 
-			ContextKey:     sKeyJwtToken,
 
-			ParseTokenFunc: parser,
 
+			ContextKey: sKeyJwtToken,
 
+			ParseTokenFunc: func(c echo.Context, auth string) (interface{}, error) {
 
+				var (
 
+					ctx       = c.Request().Context()
 
+					projectId uuid.UUID
 
+					token     *jwt.Token
 
+					err       error
 
+				)
 
+
 
+				if projectId, err = GetInstanceId(ctx); err != nil || projectId == uuid.Nil {
 
+					return nil, fmt.Errorf("missing or malformed instance id")
 
+				}
 
+
 
+				if token, _, err = cli.DecodeAccessToken(ctx, auth, projectId.String()); err != nil {
 
+					return nil, err
 
+				}
 
+
 
+				if !token.Valid {
 
+					return nil, fmt.Errorf("invalid access token")
 
+				}
 
+
 
+				return token, err
 
+			},
 
 			SuccessHandler: func(ctx echo.Context) {
 
 				value := context.WithValue(ctx.Request().Context(), keyJwtToken, ctx.Get(sKeyJwtToken))
 
 				ctx.SetRequest(ctx.Request().WithContext(value))