From 3b0cbbb6c9edca2117ac7862ef2e38d53b72505a Mon Sep 17 00:00:00 2001 From: LittleSheep Date: Tue, 20 Feb 2024 21:46:15 +0800 Subject: [PATCH] :sparkles: Grpc APIs --- pkg/cmd/main.go | 8 + pkg/grpc/proto/auth.pb.go | 363 +++++++++++++++++++++++++++++++ pkg/grpc/proto/auth.proto | 29 +++ pkg/grpc/proto/auth_grpc.pb.go | 109 ++++++++++ pkg/grpc/proto/notify.pb.go | 344 +++++++++++++++++++++++++++++ pkg/grpc/proto/notify.proto | 28 +++ pkg/grpc/proto/notify_grpc.pb.go | 109 ++++++++++ pkg/grpc/server.go | 81 +++++++ pkg/server/auth_middleware.go | 37 +--- pkg/services/auth.go | 37 ++++ settings.toml | 1 + 11 files changed, 1118 insertions(+), 28 deletions(-) create mode 100644 pkg/grpc/proto/auth.pb.go create mode 100644 pkg/grpc/proto/auth.proto create mode 100644 pkg/grpc/proto/auth_grpc.pb.go create mode 100644 pkg/grpc/proto/notify.pb.go create mode 100644 pkg/grpc/proto/notify.proto create mode 100644 pkg/grpc/proto/notify_grpc.pb.go create mode 100644 pkg/grpc/server.go create mode 100644 pkg/services/auth.go diff --git a/pkg/cmd/main.go b/pkg/cmd/main.go index 34bfa4c..7dc9e97 100644 --- a/pkg/cmd/main.go +++ b/pkg/cmd/main.go @@ -2,6 +2,7 @@ package main import ( "code.smartsheep.studio/hydrogen/identity/pkg/external" + "code.smartsheep.studio/hydrogen/identity/pkg/grpc" "code.smartsheep.studio/hydrogen/identity/pkg/server" "code.smartsheep.studio/hydrogen/identity/pkg/services" "github.com/robfig/cron/v3" @@ -52,6 +53,13 @@ func main() { server.NewServer() go server.Listen() + // Grpc Server + go func() { + if err := grpc.StartGrpc(); err != nil { + log.Fatal().Err(err).Msg("An message occurred when starting grpc server.") + } + }() + // Configure timed tasks quartz := cron.New(cron.WithLogger(cron.VerbosePrintfLogger(&log.Logger))) quartz.AddFunc("@every 60m", func() { diff --git a/pkg/grpc/proto/auth.pb.go b/pkg/grpc/proto/auth.pb.go new file mode 100644 index 0000000..81f97e7 --- /dev/null +++ b/pkg/grpc/proto/auth.pb.go @@ -0,0 +1,363 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.32.0 +// protoc v4.25.3 +// source: auth.proto + +package proto + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +type Userinfo struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + Nick string `protobuf:"bytes,2,opt,name=nick,proto3" json:"nick,omitempty"` + Email string `protobuf:"bytes,3,opt,name=email,proto3" json:"email,omitempty"` + Avatar string `protobuf:"bytes,4,opt,name=avatar,proto3" json:"avatar,omitempty"` + Description *string `protobuf:"bytes,5,opt,name=description,proto3,oneof" json:"description,omitempty"` +} + +func (x *Userinfo) Reset() { + *x = Userinfo{} + if protoimpl.UnsafeEnabled { + mi := &file_auth_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Userinfo) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Userinfo) ProtoMessage() {} + +func (x *Userinfo) ProtoReflect() protoreflect.Message { + mi := &file_auth_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Userinfo.ProtoReflect.Descriptor instead. +func (*Userinfo) Descriptor() ([]byte, []int) { + return file_auth_proto_rawDescGZIP(), []int{0} +} + +func (x *Userinfo) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +func (x *Userinfo) GetNick() string { + if x != nil { + return x.Nick + } + return "" +} + +func (x *Userinfo) GetEmail() string { + if x != nil { + return x.Email + } + return "" +} + +func (x *Userinfo) GetAvatar() string { + if x != nil { + return x.Avatar + } + return "" +} + +func (x *Userinfo) GetDescription() string { + if x != nil && x.Description != nil { + return *x.Description + } + return "" +} + +type AuthRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + AccessToken string `protobuf:"bytes,1,opt,name=access_token,json=accessToken,proto3" json:"access_token,omitempty"` + RefreshToken *string `protobuf:"bytes,2,opt,name=refresh_token,json=refreshToken,proto3,oneof" json:"refresh_token,omitempty"` +} + +func (x *AuthRequest) Reset() { + *x = AuthRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_auth_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *AuthRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AuthRequest) ProtoMessage() {} + +func (x *AuthRequest) ProtoReflect() protoreflect.Message { + mi := &file_auth_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AuthRequest.ProtoReflect.Descriptor instead. +func (*AuthRequest) Descriptor() ([]byte, []int) { + return file_auth_proto_rawDescGZIP(), []int{1} +} + +func (x *AuthRequest) GetAccessToken() string { + if x != nil { + return x.AccessToken + } + return "" +} + +func (x *AuthRequest) GetRefreshToken() string { + if x != nil && x.RefreshToken != nil { + return *x.RefreshToken + } + return "" +} + +type AuthReply struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + IsValid bool `protobuf:"varint,1,opt,name=is_valid,json=isValid,proto3" json:"is_valid,omitempty"` + AccessToken *string `protobuf:"bytes,2,opt,name=access_token,json=accessToken,proto3,oneof" json:"access_token,omitempty"` + RefreshToken *string `protobuf:"bytes,3,opt,name=refresh_token,json=refreshToken,proto3,oneof" json:"refresh_token,omitempty"` + Userinfo *Userinfo `protobuf:"bytes,4,opt,name=userinfo,proto3,oneof" json:"userinfo,omitempty"` +} + +func (x *AuthReply) Reset() { + *x = AuthReply{} + if protoimpl.UnsafeEnabled { + mi := &file_auth_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *AuthReply) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AuthReply) ProtoMessage() {} + +func (x *AuthReply) ProtoReflect() protoreflect.Message { + mi := &file_auth_proto_msgTypes[2] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AuthReply.ProtoReflect.Descriptor instead. +func (*AuthReply) Descriptor() ([]byte, []int) { + return file_auth_proto_rawDescGZIP(), []int{2} +} + +func (x *AuthReply) GetIsValid() bool { + if x != nil { + return x.IsValid + } + return false +} + +func (x *AuthReply) GetAccessToken() string { + if x != nil && x.AccessToken != nil { + return *x.AccessToken + } + return "" +} + +func (x *AuthReply) GetRefreshToken() string { + if x != nil && x.RefreshToken != nil { + return *x.RefreshToken + } + return "" +} + +func (x *AuthReply) GetUserinfo() *Userinfo { + if x != nil { + return x.Userinfo + } + return nil +} + +var File_auth_proto protoreflect.FileDescriptor + +var file_auth_proto_rawDesc = []byte{ + 0x0a, 0x0a, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x05, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x22, 0x97, 0x01, 0x0a, 0x08, 0x55, 0x73, 0x65, 0x72, 0x69, 0x6e, 0x66, 0x6f, + 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, + 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x69, 0x63, 0x6b, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x04, 0x6e, 0x69, 0x63, 0x6b, 0x12, 0x14, 0x0a, 0x05, 0x65, 0x6d, 0x61, 0x69, + 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x12, 0x16, + 0x0a, 0x06, 0x61, 0x76, 0x61, 0x74, 0x61, 0x72, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, + 0x61, 0x76, 0x61, 0x74, 0x61, 0x72, 0x12, 0x25, 0x0a, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, + 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x0b, 0x64, + 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x88, 0x01, 0x01, 0x42, 0x0e, 0x0a, + 0x0c, 0x5f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x6c, 0x0a, + 0x0b, 0x41, 0x75, 0x74, 0x68, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x21, 0x0a, 0x0c, + 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x0b, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, + 0x28, 0x0a, 0x0d, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x0c, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, + 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x88, 0x01, 0x01, 0x42, 0x10, 0x0a, 0x0e, 0x5f, 0x72, 0x65, + 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0xda, 0x01, 0x0a, 0x09, + 0x41, 0x75, 0x74, 0x68, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x19, 0x0a, 0x08, 0x69, 0x73, 0x5f, + 0x76, 0x61, 0x6c, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x07, 0x69, 0x73, 0x56, + 0x61, 0x6c, 0x69, 0x64, 0x12, 0x26, 0x0a, 0x0c, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x74, + 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x0b, 0x61, 0x63, + 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x88, 0x01, 0x01, 0x12, 0x28, 0x0a, 0x0d, + 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x03, 0x20, + 0x01, 0x28, 0x09, 0x48, 0x01, 0x52, 0x0c, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x54, 0x6f, + 0x6b, 0x65, 0x6e, 0x88, 0x01, 0x01, 0x12, 0x30, 0x0a, 0x08, 0x75, 0x73, 0x65, 0x72, 0x69, 0x6e, + 0x66, 0x6f, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0f, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x2e, 0x55, 0x73, 0x65, 0x72, 0x69, 0x6e, 0x66, 0x6f, 0x48, 0x02, 0x52, 0x08, 0x75, 0x73, 0x65, + 0x72, 0x69, 0x6e, 0x66, 0x6f, 0x88, 0x01, 0x01, 0x42, 0x0f, 0x0a, 0x0d, 0x5f, 0x61, 0x63, 0x63, + 0x65, 0x73, 0x73, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x42, 0x10, 0x0a, 0x0e, 0x5f, 0x72, 0x65, + 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x42, 0x0b, 0x0a, 0x09, 0x5f, + 0x75, 0x73, 0x65, 0x72, 0x69, 0x6e, 0x66, 0x6f, 0x32, 0x3e, 0x0a, 0x04, 0x41, 0x75, 0x74, 0x68, + 0x12, 0x36, 0x0a, 0x0c, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, + 0x12, 0x12, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x1a, 0x10, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x41, 0x75, 0x74, + 0x68, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x42, 0x09, 0x5a, 0x07, 0x2e, 0x3b, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_auth_proto_rawDescOnce sync.Once + file_auth_proto_rawDescData = file_auth_proto_rawDesc +) + +func file_auth_proto_rawDescGZIP() []byte { + file_auth_proto_rawDescOnce.Do(func() { + file_auth_proto_rawDescData = protoimpl.X.CompressGZIP(file_auth_proto_rawDescData) + }) + return file_auth_proto_rawDescData +} + +var file_auth_proto_msgTypes = make([]protoimpl.MessageInfo, 3) +var file_auth_proto_goTypes = []interface{}{ + (*Userinfo)(nil), // 0: proto.Userinfo + (*AuthRequest)(nil), // 1: proto.AuthRequest + (*AuthReply)(nil), // 2: proto.AuthReply +} +var file_auth_proto_depIdxs = []int32{ + 0, // 0: proto.AuthReply.userinfo:type_name -> proto.Userinfo + 1, // 1: proto.Auth.Authenticate:input_type -> proto.AuthRequest + 2, // 2: proto.Auth.Authenticate:output_type -> proto.AuthReply + 2, // [2:3] is the sub-list for method output_type + 1, // [1:2] is the sub-list for method input_type + 1, // [1:1] is the sub-list for extension type_name + 1, // [1:1] is the sub-list for extension extendee + 0, // [0:1] is the sub-list for field type_name +} + +func init() { file_auth_proto_init() } +func file_auth_proto_init() { + if File_auth_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_auth_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Userinfo); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_auth_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*AuthRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_auth_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*AuthReply); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + file_auth_proto_msgTypes[0].OneofWrappers = []interface{}{} + file_auth_proto_msgTypes[1].OneofWrappers = []interface{}{} + file_auth_proto_msgTypes[2].OneofWrappers = []interface{}{} + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_auth_proto_rawDesc, + NumEnums: 0, + NumMessages: 3, + NumExtensions: 0, + NumServices: 1, + }, + GoTypes: file_auth_proto_goTypes, + DependencyIndexes: file_auth_proto_depIdxs, + MessageInfos: file_auth_proto_msgTypes, + }.Build() + File_auth_proto = out.File + file_auth_proto_rawDesc = nil + file_auth_proto_goTypes = nil + file_auth_proto_depIdxs = nil +} diff --git a/pkg/grpc/proto/auth.proto b/pkg/grpc/proto/auth.proto new file mode 100644 index 0000000..c707a5d --- /dev/null +++ b/pkg/grpc/proto/auth.proto @@ -0,0 +1,29 @@ +syntax = "proto3"; + +option go_package = ".;proto"; + +package proto; + +service Auth { + rpc Authenticate(AuthRequest) returns (AuthReply) {} +} + +message Userinfo { + string name = 1; + string nick = 2; + string email = 3; + string avatar = 4; + optional string description = 5; +} + +message AuthRequest { + string access_token = 1; + optional string refresh_token = 2; +} + +message AuthReply { + bool is_valid = 1; + optional string access_token = 2; + optional string refresh_token = 3; + optional Userinfo userinfo = 4; +} \ No newline at end of file diff --git a/pkg/grpc/proto/auth_grpc.pb.go b/pkg/grpc/proto/auth_grpc.pb.go new file mode 100644 index 0000000..3df2f5d --- /dev/null +++ b/pkg/grpc/proto/auth_grpc.pb.go @@ -0,0 +1,109 @@ +// Code generated by protoc-gen-go-grpc. DO NOT EDIT. +// versions: +// - protoc-gen-go-grpc v1.3.0 +// - protoc v4.25.3 +// source: auth.proto + +package proto + +import ( + context "context" + grpc "google.golang.org/grpc" + codes "google.golang.org/grpc/codes" + status "google.golang.org/grpc/status" +) + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the grpc package it is being compiled against. +// Requires gRPC-Go v1.32.0 or later. +const _ = grpc.SupportPackageIsVersion7 + +const ( + Auth_Authenticate_FullMethodName = "/proto.Auth/Authenticate" +) + +// AuthClient is the client API for Auth service. +// +// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. +type AuthClient interface { + Authenticate(ctx context.Context, in *AuthRequest, opts ...grpc.CallOption) (*AuthReply, error) +} + +type authClient struct { + cc grpc.ClientConnInterface +} + +func NewAuthClient(cc grpc.ClientConnInterface) AuthClient { + return &authClient{cc} +} + +func (c *authClient) Authenticate(ctx context.Context, in *AuthRequest, opts ...grpc.CallOption) (*AuthReply, error) { + out := new(AuthReply) + err := c.cc.Invoke(ctx, Auth_Authenticate_FullMethodName, in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +// AuthServer is the server API for Auth service. +// All implementations must embed UnimplementedAuthServer +// for forward compatibility +type AuthServer interface { + Authenticate(context.Context, *AuthRequest) (*AuthReply, error) + mustEmbedUnimplementedAuthServer() +} + +// UnimplementedAuthServer must be embedded to have forward compatible implementations. +type UnimplementedAuthServer struct { +} + +func (UnimplementedAuthServer) Authenticate(context.Context, *AuthRequest) (*AuthReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method Authenticate not implemented") +} +func (UnimplementedAuthServer) mustEmbedUnimplementedAuthServer() {} + +// UnsafeAuthServer may be embedded to opt out of forward compatibility for this service. +// Use of this interface is not recommended, as added methods to AuthServer will +// result in compilation errors. +type UnsafeAuthServer interface { + mustEmbedUnimplementedAuthServer() +} + +func RegisterAuthServer(s grpc.ServiceRegistrar, srv AuthServer) { + s.RegisterService(&Auth_ServiceDesc, srv) +} + +func _Auth_Authenticate_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(AuthRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthServer).Authenticate(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: Auth_Authenticate_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthServer).Authenticate(ctx, req.(*AuthRequest)) + } + return interceptor(ctx, in, info, handler) +} + +// Auth_ServiceDesc is the grpc.ServiceDesc for Auth service. +// It's only intended for direct use with grpc.RegisterService, +// and not to be introspected or modified (even as a copy) +var Auth_ServiceDesc = grpc.ServiceDesc{ + ServiceName: "proto.Auth", + HandlerType: (*AuthServer)(nil), + Methods: []grpc.MethodDesc{ + { + MethodName: "Authenticate", + Handler: _Auth_Authenticate_Handler, + }, + }, + Streams: []grpc.StreamDesc{}, + Metadata: "auth.proto", +} diff --git a/pkg/grpc/proto/notify.pb.go b/pkg/grpc/proto/notify.pb.go new file mode 100644 index 0000000..5012d4e --- /dev/null +++ b/pkg/grpc/proto/notify.pb.go @@ -0,0 +1,344 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.32.0 +// protoc v4.25.3 +// source: notify.proto + +package proto + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +type NotifyLink struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Label string `protobuf:"bytes,1,opt,name=label,proto3" json:"label,omitempty"` + Url string `protobuf:"bytes,2,opt,name=url,proto3" json:"url,omitempty"` +} + +func (x *NotifyLink) Reset() { + *x = NotifyLink{} + if protoimpl.UnsafeEnabled { + mi := &file_notify_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *NotifyLink) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*NotifyLink) ProtoMessage() {} + +func (x *NotifyLink) ProtoReflect() protoreflect.Message { + mi := &file_notify_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use NotifyLink.ProtoReflect.Descriptor instead. +func (*NotifyLink) Descriptor() ([]byte, []int) { + return file_notify_proto_rawDescGZIP(), []int{0} +} + +func (x *NotifyLink) GetLabel() string { + if x != nil { + return x.Label + } + return "" +} + +func (x *NotifyLink) GetUrl() string { + if x != nil { + return x.Url + } + return "" +} + +type NotifyRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Subject string `protobuf:"bytes,1,opt,name=subject,proto3" json:"subject,omitempty"` + Content string `protobuf:"bytes,2,opt,name=content,proto3" json:"content,omitempty"` + Links []*NotifyLink `protobuf:"bytes,3,rep,name=links,proto3" json:"links,omitempty"` + IsImportant bool `protobuf:"varint,4,opt,name=is_important,json=isImportant,proto3" json:"is_important,omitempty"` + RecipientId uint64 `protobuf:"varint,5,opt,name=recipient_id,json=recipientId,proto3" json:"recipient_id,omitempty"` + ClientId string `protobuf:"bytes,6,opt,name=client_id,json=clientId,proto3" json:"client_id,omitempty"` + ClientSecret string `protobuf:"bytes,7,opt,name=client_secret,json=clientSecret,proto3" json:"client_secret,omitempty"` +} + +func (x *NotifyRequest) Reset() { + *x = NotifyRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_notify_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *NotifyRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*NotifyRequest) ProtoMessage() {} + +func (x *NotifyRequest) ProtoReflect() protoreflect.Message { + mi := &file_notify_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use NotifyRequest.ProtoReflect.Descriptor instead. +func (*NotifyRequest) Descriptor() ([]byte, []int) { + return file_notify_proto_rawDescGZIP(), []int{1} +} + +func (x *NotifyRequest) GetSubject() string { + if x != nil { + return x.Subject + } + return "" +} + +func (x *NotifyRequest) GetContent() string { + if x != nil { + return x.Content + } + return "" +} + +func (x *NotifyRequest) GetLinks() []*NotifyLink { + if x != nil { + return x.Links + } + return nil +} + +func (x *NotifyRequest) GetIsImportant() bool { + if x != nil { + return x.IsImportant + } + return false +} + +func (x *NotifyRequest) GetRecipientId() uint64 { + if x != nil { + return x.RecipientId + } + return 0 +} + +func (x *NotifyRequest) GetClientId() string { + if x != nil { + return x.ClientId + } + return "" +} + +func (x *NotifyRequest) GetClientSecret() string { + if x != nil { + return x.ClientSecret + } + return "" +} + +type NotifyReply struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + IsSent bool `protobuf:"varint,1,opt,name=is_sent,json=isSent,proto3" json:"is_sent,omitempty"` +} + +func (x *NotifyReply) Reset() { + *x = NotifyReply{} + if protoimpl.UnsafeEnabled { + mi := &file_notify_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *NotifyReply) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*NotifyReply) ProtoMessage() {} + +func (x *NotifyReply) ProtoReflect() protoreflect.Message { + mi := &file_notify_proto_msgTypes[2] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use NotifyReply.ProtoReflect.Descriptor instead. +func (*NotifyReply) Descriptor() ([]byte, []int) { + return file_notify_proto_rawDescGZIP(), []int{2} +} + +func (x *NotifyReply) GetIsSent() bool { + if x != nil { + return x.IsSent + } + return false +} + +var File_notify_proto protoreflect.FileDescriptor + +var file_notify_proto_rawDesc = []byte{ + 0x0a, 0x0c, 0x6e, 0x6f, 0x74, 0x69, 0x66, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x05, + 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x34, 0x0a, 0x0a, 0x4e, 0x6f, 0x74, 0x69, 0x66, 0x79, 0x4c, + 0x69, 0x6e, 0x6b, 0x12, 0x14, 0x0a, 0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x12, 0x10, 0x0a, 0x03, 0x75, 0x72, 0x6c, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x75, 0x72, 0x6c, 0x22, 0xf4, 0x01, 0x0a, 0x0d, + 0x4e, 0x6f, 0x74, 0x69, 0x66, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x18, 0x0a, + 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, + 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x12, 0x18, 0x0a, 0x07, 0x63, 0x6f, 0x6e, 0x74, 0x65, + 0x6e, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, + 0x74, 0x12, 0x27, 0x0a, 0x05, 0x6c, 0x69, 0x6e, 0x6b, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, + 0x32, 0x11, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x4e, 0x6f, 0x74, 0x69, 0x66, 0x79, 0x4c, + 0x69, 0x6e, 0x6b, 0x52, 0x05, 0x6c, 0x69, 0x6e, 0x6b, 0x73, 0x12, 0x21, 0x0a, 0x0c, 0x69, 0x73, + 0x5f, 0x69, 0x6d, 0x70, 0x6f, 0x72, 0x74, 0x61, 0x6e, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, + 0x52, 0x0b, 0x69, 0x73, 0x49, 0x6d, 0x70, 0x6f, 0x72, 0x74, 0x61, 0x6e, 0x74, 0x12, 0x21, 0x0a, + 0x0c, 0x72, 0x65, 0x63, 0x69, 0x70, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x05, 0x20, + 0x01, 0x28, 0x04, 0x52, 0x0b, 0x72, 0x65, 0x63, 0x69, 0x70, 0x69, 0x65, 0x6e, 0x74, 0x49, 0x64, + 0x12, 0x1b, 0x0a, 0x09, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x06, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x08, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x49, 0x64, 0x12, 0x23, 0x0a, + 0x0d, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x18, 0x07, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x65, 0x63, 0x72, + 0x65, 0x74, 0x22, 0x26, 0x0a, 0x0b, 0x4e, 0x6f, 0x74, 0x69, 0x66, 0x79, 0x52, 0x65, 0x70, 0x6c, + 0x79, 0x12, 0x17, 0x0a, 0x07, 0x69, 0x73, 0x5f, 0x73, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x08, 0x52, 0x06, 0x69, 0x73, 0x53, 0x65, 0x6e, 0x74, 0x32, 0x42, 0x0a, 0x06, 0x4e, 0x6f, + 0x74, 0x69, 0x66, 0x79, 0x12, 0x38, 0x0a, 0x0a, 0x4e, 0x6f, 0x74, 0x69, 0x66, 0x79, 0x55, 0x73, + 0x65, 0x72, 0x12, 0x14, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x4e, 0x6f, 0x74, 0x69, 0x66, + 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x12, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x2e, 0x4e, 0x6f, 0x74, 0x69, 0x66, 0x79, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x42, 0x09, + 0x5a, 0x07, 0x2e, 0x3b, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x33, +} + +var ( + file_notify_proto_rawDescOnce sync.Once + file_notify_proto_rawDescData = file_notify_proto_rawDesc +) + +func file_notify_proto_rawDescGZIP() []byte { + file_notify_proto_rawDescOnce.Do(func() { + file_notify_proto_rawDescData = protoimpl.X.CompressGZIP(file_notify_proto_rawDescData) + }) + return file_notify_proto_rawDescData +} + +var file_notify_proto_msgTypes = make([]protoimpl.MessageInfo, 3) +var file_notify_proto_goTypes = []interface{}{ + (*NotifyLink)(nil), // 0: proto.NotifyLink + (*NotifyRequest)(nil), // 1: proto.NotifyRequest + (*NotifyReply)(nil), // 2: proto.NotifyReply +} +var file_notify_proto_depIdxs = []int32{ + 0, // 0: proto.NotifyRequest.links:type_name -> proto.NotifyLink + 1, // 1: proto.Notify.NotifyUser:input_type -> proto.NotifyRequest + 2, // 2: proto.Notify.NotifyUser:output_type -> proto.NotifyReply + 2, // [2:3] is the sub-list for method output_type + 1, // [1:2] is the sub-list for method input_type + 1, // [1:1] is the sub-list for extension type_name + 1, // [1:1] is the sub-list for extension extendee + 0, // [0:1] is the sub-list for field type_name +} + +func init() { file_notify_proto_init() } +func file_notify_proto_init() { + if File_notify_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_notify_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*NotifyLink); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_notify_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*NotifyRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_notify_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*NotifyReply); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_notify_proto_rawDesc, + NumEnums: 0, + NumMessages: 3, + NumExtensions: 0, + NumServices: 1, + }, + GoTypes: file_notify_proto_goTypes, + DependencyIndexes: file_notify_proto_depIdxs, + MessageInfos: file_notify_proto_msgTypes, + }.Build() + File_notify_proto = out.File + file_notify_proto_rawDesc = nil + file_notify_proto_goTypes = nil + file_notify_proto_depIdxs = nil +} diff --git a/pkg/grpc/proto/notify.proto b/pkg/grpc/proto/notify.proto new file mode 100644 index 0000000..f3cd7a2 --- /dev/null +++ b/pkg/grpc/proto/notify.proto @@ -0,0 +1,28 @@ +syntax = "proto3"; + +option go_package = ".;proto"; + +package proto; + +service Notify { + rpc NotifyUser(NotifyRequest) returns (NotifyReply) {} +} + +message NotifyLink { + string label = 1; + string url = 2; +} + +message NotifyRequest { + string subject = 1; + string content = 2; + repeated NotifyLink links = 3; + bool is_important = 4; + uint64 recipient_id = 5; + string client_id = 6; + string client_secret = 7; +} + +message NotifyReply { + bool is_sent = 1; +} \ No newline at end of file diff --git a/pkg/grpc/proto/notify_grpc.pb.go b/pkg/grpc/proto/notify_grpc.pb.go new file mode 100644 index 0000000..f7ce530 --- /dev/null +++ b/pkg/grpc/proto/notify_grpc.pb.go @@ -0,0 +1,109 @@ +// Code generated by protoc-gen-go-grpc. DO NOT EDIT. +// versions: +// - protoc-gen-go-grpc v1.3.0 +// - protoc v4.25.3 +// source: notify.proto + +package proto + +import ( + context "context" + grpc "google.golang.org/grpc" + codes "google.golang.org/grpc/codes" + status "google.golang.org/grpc/status" +) + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the grpc package it is being compiled against. +// Requires gRPC-Go v1.32.0 or later. +const _ = grpc.SupportPackageIsVersion7 + +const ( + Notify_NotifyUser_FullMethodName = "/proto.Notify/NotifyUser" +) + +// NotifyClient is the client API for Notify service. +// +// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. +type NotifyClient interface { + NotifyUser(ctx context.Context, in *NotifyRequest, opts ...grpc.CallOption) (*NotifyReply, error) +} + +type notifyClient struct { + cc grpc.ClientConnInterface +} + +func NewNotifyClient(cc grpc.ClientConnInterface) NotifyClient { + return ¬ifyClient{cc} +} + +func (c *notifyClient) NotifyUser(ctx context.Context, in *NotifyRequest, opts ...grpc.CallOption) (*NotifyReply, error) { + out := new(NotifyReply) + err := c.cc.Invoke(ctx, Notify_NotifyUser_FullMethodName, in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +// NotifyServer is the server API for Notify service. +// All implementations must embed UnimplementedNotifyServer +// for forward compatibility +type NotifyServer interface { + NotifyUser(context.Context, *NotifyRequest) (*NotifyReply, error) + mustEmbedUnimplementedNotifyServer() +} + +// UnimplementedNotifyServer must be embedded to have forward compatible implementations. +type UnimplementedNotifyServer struct { +} + +func (UnimplementedNotifyServer) NotifyUser(context.Context, *NotifyRequest) (*NotifyReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method NotifyUser not implemented") +} +func (UnimplementedNotifyServer) mustEmbedUnimplementedNotifyServer() {} + +// UnsafeNotifyServer may be embedded to opt out of forward compatibility for this service. +// Use of this interface is not recommended, as added methods to NotifyServer will +// result in compilation errors. +type UnsafeNotifyServer interface { + mustEmbedUnimplementedNotifyServer() +} + +func RegisterNotifyServer(s grpc.ServiceRegistrar, srv NotifyServer) { + s.RegisterService(&Notify_ServiceDesc, srv) +} + +func _Notify_NotifyUser_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(NotifyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(NotifyServer).NotifyUser(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: Notify_NotifyUser_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(NotifyServer).NotifyUser(ctx, req.(*NotifyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +// Notify_ServiceDesc is the grpc.ServiceDesc for Notify service. +// It's only intended for direct use with grpc.RegisterService, +// and not to be introspected or modified (even as a copy) +var Notify_ServiceDesc = grpc.ServiceDesc{ + ServiceName: "proto.Notify", + HandlerType: (*NotifyServer)(nil), + Methods: []grpc.MethodDesc{ + { + MethodName: "NotifyUser", + Handler: _Notify_NotifyUser_Handler, + }, + }, + Streams: []grpc.StreamDesc{}, + Metadata: "notify.proto", +} diff --git a/pkg/grpc/server.go b/pkg/grpc/server.go new file mode 100644 index 0000000..3f2c1fa --- /dev/null +++ b/pkg/grpc/server.go @@ -0,0 +1,81 @@ +package grpc + +import ( + "code.smartsheep.studio/hydrogen/identity/pkg/grpc/proto" + "code.smartsheep.studio/hydrogen/identity/pkg/models" + "code.smartsheep.studio/hydrogen/identity/pkg/services" + "context" + "github.com/samber/lo" + "github.com/spf13/viper" + "google.golang.org/grpc" + "google.golang.org/grpc/reflection" + "net" +) + +type Server struct { + proto.UnimplementedAuthServer + proto.UnimplementedNotifyServer +} + +func (v *Server) Authenticate(_ context.Context, in *proto.AuthRequest) (*proto.AuthReply, error) { + user, atk, rtk, err := services.Authenticate(in.GetAccessToken(), in.GetRefreshToken(), 0) + if err != nil { + return &proto.AuthReply{ + IsValid: false, + }, nil + } else { + return &proto.AuthReply{ + IsValid: true, + AccessToken: &atk, + RefreshToken: &rtk, + Userinfo: &proto.Userinfo{ + Name: user.Name, + Nick: user.Nick, + Avatar: user.Avatar, + Email: user.GetPrimaryEmail().Content, + Description: nil, + }, + }, nil + } +} + +func (v *Server) NotifyUser(_ context.Context, in *proto.NotifyRequest) (*proto.NotifyReply, error) { + client, err := services.GetThirdClientWithSecret(in.GetClientId(), in.GetClientSecret()) + if err != nil { + return nil, err + } + + var user models.Account + if user, err = services.GetAccount(uint(in.GetRecipientId())); err != nil { + return nil, err + } + + links := lo.Map(in.GetLinks(), func(item *proto.NotifyLink, index int) models.NotificationLink { + return models.NotificationLink{ + Label: item.Label, + Url: item.Url, + } + }) + + if err := services.NewNotification(client, user, in.Subject, in.Content, links, in.IsImportant); err != nil { + return nil, err + } + + return &proto.NotifyReply{IsSent: true}, nil +} + +func StartGrpc() error { + listen, err := net.Listen("tcp", viper.GetString("grpc_bind")) + if err != nil { + return err + } + + server := grpc.NewServer() + + proto.RegisterAuthServer(server, &Server{}) + proto.RegisterNotifyServer(server, &Server{}) + + reflection.Register(server) + + return server.Serve(listen) +} diff --git a/pkg/server/auth_middleware.go b/pkg/server/auth_middleware.go index 3ae13b1..b23a327 100644 --- a/pkg/server/auth_middleware.go +++ b/pkg/server/auth_middleware.go @@ -21,7 +21,7 @@ func authMiddleware(c *fiber.Ctx) error { c.Locals("token", token) if err := authFunc(c); err != nil { - fmt.Println(err) + fmt.Println("Watch out!", err) return err } @@ -40,33 +40,14 @@ func authFunc(c *fiber.Ctx, overrides ...string) error { } } - claims, err := security.DecodeJwt(token) - if err != nil { - rtk := c.Cookies(security.CookieRefreshKey) - if len(rtk) > 0 && len(overrides) < 1 { - // Auto refresh and retry - access, refresh, err := security.RefreshToken(rtk) - if err == nil { - security.SetJwtCookieSet(c, access, refresh) - return authFunc(c, access) - } + rtk := c.Cookies(security.CookieRefreshKey) + if user, atk, rtk, err := services.Authenticate(token, rtk, 0); err == nil { + if atk != token { + security.SetJwtCookieSet(c, atk, rtk) } - return fiber.NewError(fiber.StatusUnauthorized, fmt.Sprintf("invalid auth key: %v", err)) + c.Locals("principal", user) + return nil + } else { + return err } - - session, err := services.LookupSessionWithToken(claims.ID) - if err != nil { - return fiber.NewError(fiber.StatusUnauthorized, fmt.Sprintf("invalid auth session: %v", err)) - } else if err := session.IsAvailable(); err != nil { - return fiber.NewError(fiber.StatusUnauthorized, fmt.Sprintf("unavailable auth session: %v", err)) - } - - user, err := services.GetAccount(session.AccountID) - if err != nil { - return fiber.NewError(fiber.StatusUnauthorized, fmt.Sprintf("invalid account: %v", err)) - } - - c.Locals("principal", user) - - return nil } diff --git a/pkg/services/auth.go b/pkg/services/auth.go new file mode 100644 index 0000000..f08afa7 --- /dev/null +++ b/pkg/services/auth.go @@ -0,0 +1,37 @@ +package services + +import ( + "code.smartsheep.studio/hydrogen/identity/pkg/models" + "code.smartsheep.studio/hydrogen/identity/pkg/security" + "fmt" + "github.com/gofiber/fiber/v2" +) + +func Authenticate(access, refresh string, depth int) (models.Account, string, string, error) { + var user models.Account + claims, err := security.DecodeJwt(access) + if err != nil { + if len(refresh) > 0 && depth < 1 { + // Auto refresh and retry + access, refresh, err := security.RefreshToken(refresh) + if err == nil { + return Authenticate(access, refresh, depth+1) + } + } + return user, access, refresh, fiber.NewError(fiber.StatusUnauthorized, fmt.Sprintf("invalid auth key: %v", err)) + } + + session, err := LookupSessionWithToken(claims.ID) + if err != nil { + return user, access, refresh, fiber.NewError(fiber.StatusUnauthorized, fmt.Sprintf("invalid auth session: %v", err)) + } else if err := session.IsAvailable(); err != nil { + return user, access, refresh, fiber.NewError(fiber.StatusUnauthorized, fmt.Sprintf("unavailable auth session: %v", err)) + } + + user, err = GetAccount(session.AccountID) + if err != nil { + return user, access, refresh, fiber.NewError(fiber.StatusUnauthorized, fmt.Sprintf("invalid account: %v", err)) + } + + return user, access, refresh, nil +} diff --git a/settings.toml b/settings.toml index 18582ba..838c216 100644 --- a/settings.toml +++ b/settings.toml @@ -4,6 +4,7 @@ name = "Goatpass" maintainer = "SmartSheep Studio" bind = "0.0.0.0:8444" +grpc_bind = "0.0.0.0:7444" domain = "id.smartsheep.studio" secret = "LtTjzAGFLshwXhN4ZD4nG5KlMv1MWcsvfv03TSZYnT1VhiAnLIZFTnHUwR0XhGgi"