2
0

resolver_impl.go 2.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106
  1. package graphql
  2. import (
  3. "context"
  4. "fmt"
  5. "github.com/Nerzal/gocloak/v12"
  6. "github.com/golang-jwt/jwt/v4"
  7. "github.com/gshopify/service-wrapper/auth"
  8. "github.com/gshopify/service-wrapper/config"
  9. "gshopper.com/gshopify/customer/graphql/generated"
  10. m "gshopper.com/gshopify/customer/model"
  11. "time"
  12. )
  13. type Resolver struct {
  14. conf *auth.Config
  15. client *gocloak.GoCloak
  16. }
  17. func NewResolver() (*Resolver, error) {
  18. r := &Resolver{
  19. conf: auth.New(),
  20. }
  21. if err := config.Instance().Load(context.Background(), r.conf); err != nil {
  22. return nil, err
  23. }
  24. r.client = gocloak.NewClient(r.conf.Endpoint, gocloak.SetLegacyWildFlySupport())
  25. return r, nil
  26. }
  27. func (r *Resolver) decodeAccessToken(ctx context.Context, t string) (*jwt.Token, *m.Claims, error) {
  28. if t == "" {
  29. return nil, nil, fmt.Errorf("could not decode accessToken: Token is empty")
  30. }
  31. token, claim, err := r.client.DecodeAccessToken(ctx, t, r.conf.Cli.Realm)
  32. if err != nil {
  33. return nil, nil, err
  34. }
  35. if !token.Valid {
  36. return nil, nil, fmt.Errorf("could not decode accessToken: Token is NOT valid")
  37. }
  38. claims := &m.Claims{}
  39. if err = claims.Unmarshall(*claim); err != nil {
  40. return nil, nil, err
  41. }
  42. return token, claims, nil
  43. }
  44. func (r *Resolver) customer(ctx context.Context, uid string) (*generated.Customer, error) {
  45. var (
  46. admin *gocloak.JWT
  47. user *gocloak.User
  48. err error
  49. )
  50. admin, err = r.conf.Admin.Token(r.client, ctx)
  51. if err != nil {
  52. return nil, err
  53. }
  54. user, err = r.client.GetUserByID(ctx, admin.AccessToken, r.conf.Cli.Realm, uid)
  55. if err != nil {
  56. return nil, err
  57. }
  58. return User2Customer(user), nil
  59. }
  60. func (r *Resolver) saveSession(ctx context.Context, token *gocloak.JWT) error {
  61. return auth.SessionManager().PutToken(
  62. ctx,
  63. token.SessionState,
  64. token.RefreshToken,
  65. time.Duration(token.RefreshExpiresIn)*time.Second)
  66. }
  67. func (r *Resolver) setPassword(ctx context.Context, uid, password string, shouldValidate bool) error {
  68. if shouldValidate {
  69. o := generated.CustomerCreateInput{Password: password}
  70. if err := o.ValidatePassword(minPasswordEntropy); err != nil {
  71. return fmt.Errorf(err.Message)
  72. }
  73. }
  74. admin, err := r.conf.Admin.Token(r.client, ctx)
  75. if err != nil {
  76. return err
  77. }
  78. return r.client.SetPassword(ctx, admin.AccessToken, uid, r.conf.Cli.Realm, password, false)
  79. }
  80. // Mutation returns generated.MutationResolver implementation.
  81. func (r *Resolver) Mutation() generated.MutationResolver { return &mutationResolver{r} }
  82. // Query returns generated.QueryResolver implementation.
  83. func (r *Resolver) Query() generated.QueryResolver { return &queryResolver{r} }
  84. type mutationResolver struct{ *Resolver }
  85. type queryResolver struct{ *Resolver }