mirror of
https://github.com/mainflux/mainflux.git
synced 2025-05-01 13:48:56 +08:00
9f37927dec
* Add inital Auth implementation Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Extract IssuedAt on transport layer Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Add token type Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Fix Auth service URL in Things service Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Add User Keys revocation check Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Update tests Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Remove unused tracing methods Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Fix Key retrival and parsing Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Remove unused code Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Increase test coverage Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Fix compose files Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Fix typos Simplify tests. Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Fix typos and remove useless comments Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Rename Auth to Authn Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Rename database.go to tracin.go A new name (`tracing.go`) describes better the purpose of the file. Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Increase test coverage Fix typo. Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Increase test coverage Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Remove token from Users service Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Fix identify login keys Rename token parsing method. Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Extract tokenizer to interface Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Remove pointer time Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Use pointer for expiration time in response Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Use uppercase N Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Remove unnecessary email check Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Cleanup unused code and env vars Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Rename tokenizer field Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Use slices and named fields in test cases Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Update AuthN keys naming Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Remove package-lock.json changes Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Remove Secret from issuing request Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>
88 lines
2.5 KiB
Go
88 lines
2.5 KiB
Go
// Copyright (c) Mainflux
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
package grpc
|
|
|
|
import (
|
|
kitot "github.com/go-kit/kit/tracing/opentracing"
|
|
kitgrpc "github.com/go-kit/kit/transport/grpc"
|
|
mainflux "github.com/mainflux/mainflux"
|
|
"github.com/mainflux/mainflux/authn"
|
|
opentracing "github.com/opentracing/opentracing-go"
|
|
"golang.org/x/net/context"
|
|
"google.golang.org/grpc/codes"
|
|
"google.golang.org/grpc/status"
|
|
)
|
|
|
|
var _ mainflux.AuthNServiceServer = (*grpcServer)(nil)
|
|
|
|
type grpcServer struct {
|
|
issue kitgrpc.Handler
|
|
identify kitgrpc.Handler
|
|
}
|
|
|
|
// NewServer returns new AuthnServiceServer instance.
|
|
func NewServer(tracer opentracing.Tracer, svc authn.Service) mainflux.AuthNServiceServer {
|
|
return &grpcServer{
|
|
issue: kitgrpc.NewServer(
|
|
kitot.TraceServer(tracer, "issue")(issueEndpoint(svc)),
|
|
decodeIssueRequest,
|
|
encodeIssueResponse,
|
|
),
|
|
identify: kitgrpc.NewServer(
|
|
kitot.TraceServer(tracer, "identify")(identifyEndpoint(svc)),
|
|
decodeIdentifyRequest,
|
|
encodeIdentifyResponse,
|
|
),
|
|
}
|
|
}
|
|
|
|
func (s *grpcServer) Issue(ctx context.Context, req *mainflux.IssueReq) (*mainflux.Token, error) {
|
|
_, res, err := s.issue.ServeGRPC(ctx, req)
|
|
if err != nil {
|
|
return nil, encodeError(err)
|
|
}
|
|
return res.(*mainflux.Token), nil
|
|
}
|
|
|
|
func (s *grpcServer) Identify(ctx context.Context, token *mainflux.Token) (*mainflux.UserID, error) {
|
|
_, res, err := s.identify.ServeGRPC(ctx, token)
|
|
if err != nil {
|
|
return nil, encodeError(err)
|
|
}
|
|
return res.(*mainflux.UserID), nil
|
|
}
|
|
|
|
func decodeIssueRequest(_ context.Context, grpcReq interface{}) (interface{}, error) {
|
|
req := grpcReq.(*mainflux.IssueReq)
|
|
return issueReq{issuer: req.GetIssuer(), keyType: req.GetType()}, nil
|
|
}
|
|
|
|
func encodeIssueResponse(_ context.Context, grpcRes interface{}) (interface{}, error) {
|
|
res := grpcRes.(identityRes)
|
|
return &mainflux.Token{Value: res.id}, encodeError(res.err)
|
|
}
|
|
|
|
func decodeIdentifyRequest(_ context.Context, grpcReq interface{}) (interface{}, error) {
|
|
req := grpcReq.(*mainflux.Token)
|
|
return identityReq{token: req.GetValue()}, nil
|
|
}
|
|
|
|
func encodeIdentifyResponse(_ context.Context, grpcRes interface{}) (interface{}, error) {
|
|
res := grpcRes.(identityRes)
|
|
return &mainflux.UserID{Value: res.id}, encodeError(res.err)
|
|
}
|
|
|
|
func encodeError(err error) error {
|
|
switch err {
|
|
case nil:
|
|
return nil
|
|
case authn.ErrMalformedEntity:
|
|
return status.Error(codes.InvalidArgument, "received invalid token request")
|
|
case authn.ErrUnauthorizedAccess, authn.ErrKeyExpired:
|
|
return status.Error(codes.Unauthenticated, err.Error())
|
|
default:
|
|
return status.Error(codes.Internal, "internal server error")
|
|
}
|
|
}
|