mirror of
https://github.com/mainflux/mainflux.git
synced 2025-04-26 13:48:53 +08:00
47217cb5b9
* remove owner id Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * move authz into authn and merge into new service Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add groups Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add groups Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add groups endpoints Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add group type Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * adding mocks, some renaming, refactor Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * update proto Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * adding mocks, some renaming, refactor Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix linter err,and comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * undo renaming, add interface for authn and authz Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * renam some variables Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * renaming Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove extra slashes from comment Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolving small remarks Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com>
114 lines
1.9 KiB
Go
114 lines
1.9 KiB
Go
// Copyright (c) Mainflux
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
package grpc
|
|
|
|
import (
|
|
"github.com/mainflux/mainflux/auth"
|
|
)
|
|
|
|
type identityReq struct {
|
|
token string
|
|
kind uint32
|
|
}
|
|
|
|
func (req identityReq) validate() error {
|
|
if req.token == "" {
|
|
return auth.ErrMalformedEntity
|
|
}
|
|
if req.kind != auth.UserKey &&
|
|
req.kind != auth.APIKey &&
|
|
req.kind != auth.RecoveryKey {
|
|
return auth.ErrMalformedEntity
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
type issueReq struct {
|
|
id string
|
|
email string
|
|
keyType uint32
|
|
}
|
|
|
|
func (req issueReq) validate() error {
|
|
if req.email == "" {
|
|
return auth.ErrUnauthorizedAccess
|
|
}
|
|
if req.keyType != auth.UserKey &&
|
|
req.keyType != auth.APIKey &&
|
|
req.keyType != auth.RecoveryKey {
|
|
return auth.ErrMalformedEntity
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
type assignReq struct {
|
|
token string
|
|
groupID string
|
|
memberID string
|
|
}
|
|
|
|
func (req assignReq) validate() error {
|
|
if req.token == "" {
|
|
return auth.ErrUnauthorizedAccess
|
|
}
|
|
if req.groupID == "" || req.memberID == "" {
|
|
return auth.ErrMalformedEntity
|
|
}
|
|
return nil
|
|
}
|
|
|
|
type membersReq struct {
|
|
token string
|
|
groupID string
|
|
offset uint64
|
|
limit uint64
|
|
typ string
|
|
}
|
|
|
|
func (req membersReq) validate() error {
|
|
if req.token == "" {
|
|
return auth.ErrUnauthorizedAccess
|
|
}
|
|
if req.groupID == "" {
|
|
return auth.ErrMalformedEntity
|
|
}
|
|
if req.typ == "" {
|
|
return auth.ErrMalformedEntity
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// authReq represents authorization request. It contains:
|
|
// 1. subject - an action invoker
|
|
// 2. object - an entity over which action will be executed
|
|
// 3. action - type of action that will be executed (read/write)
|
|
type authReq struct {
|
|
token string
|
|
Sub string
|
|
Obj string
|
|
Act string
|
|
}
|
|
|
|
func (req authReq) validate() error {
|
|
if req.token == "" {
|
|
return auth.ErrMalformedEntity
|
|
}
|
|
|
|
if req.Sub == "" {
|
|
return auth.ErrMalformedEntity
|
|
}
|
|
|
|
if req.Obj == "" {
|
|
return auth.ErrMalformedEntity
|
|
}
|
|
|
|
if req.Act == "" {
|
|
return auth.ErrMalformedEntity
|
|
}
|
|
|
|
return nil
|
|
}
|