From 89c0f26103dff28ec95ae17f6a7d518f9a7be077 Mon Sep 17 00:00:00 2001 From: Andrey Melnikov Date: Mon, 16 Nov 2020 10:46:44 -0800 Subject: [PATCH] Revert "feat: remove is valid token endpoint" This reverts commit 466a417e608226b812626d52d6c25c18427805c3. Also marks the IsValidToken endpoint as deprecated --- api/api.swagger.json | 57 +++++++ api/auth.pb.go | 363 ++++++++++++++++++++++++++++++++---------- api/auth.pb.gw.go | 78 +++++++++ api/auth.proto | 19 +++ server/auth/auth.go | 38 +++++ server/auth_server.go | 32 ++++ 6 files changed, 507 insertions(+), 80 deletions(-) diff --git a/api/api.swagger.json b/api/api.swagger.json index 6aaa415..f6008de 100644 --- a/api/api.swagger.json +++ b/api/api.swagger.json @@ -87,6 +87,38 @@ "security": [] } }, + "/apis/v1beta1/auth/token": { + "post": { + "operationId": "IsValidToken", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/IsValidTokenResponse" + } + }, + "default": { + "description": "An unexpected error response", + "schema": { + "$ref": "#/definitions/grpc.gateway.runtime.Error" + } + } + }, + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/IsValidTokenRequest" + } + } + ], + "tags": [ + "AuthService" + ] + } + }, "/apis/v1beta1/config": { "get": { "operationId": "GetConfig", @@ -3041,6 +3073,31 @@ } } }, + "IsValidTokenRequest": { + "type": "object", + "properties": { + "username": { + "type": "string" + }, + "token": { + "type": "string" + } + } + }, + "IsValidTokenResponse": { + "type": "object", + "properties": { + "domain": { + "type": "string" + }, + "token": { + "type": "string" + }, + "username": { + "type": "string" + } + } + }, "KeyValue": { "type": "object", "properties": { diff --git a/api/auth.pb.go b/api/auth.pb.go index 50b4a7f..e44bf1c 100644 --- a/api/auth.pb.go +++ b/api/auth.pb.go @@ -31,6 +31,124 @@ const ( // of the legacy proto package is being used. const _ = proto.ProtoPackageIsVersion4 +type IsValidTokenRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Username string `protobuf:"bytes,1,opt,name=username,proto3" json:"username,omitempty"` + Token string `protobuf:"bytes,2,opt,name=token,proto3" json:"token,omitempty"` +} + +func (x *IsValidTokenRequest) Reset() { + *x = IsValidTokenRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_auth_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *IsValidTokenRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*IsValidTokenRequest) ProtoMessage() {} + +func (x *IsValidTokenRequest) ProtoReflect() protoreflect.Message { + mi := &file_auth_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use IsValidTokenRequest.ProtoReflect.Descriptor instead. +func (*IsValidTokenRequest) Descriptor() ([]byte, []int) { + return file_auth_proto_rawDescGZIP(), []int{0} +} + +func (x *IsValidTokenRequest) GetUsername() string { + if x != nil { + return x.Username + } + return "" +} + +func (x *IsValidTokenRequest) GetToken() string { + if x != nil { + return x.Token + } + return "" +} + +type IsValidTokenResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Domain string `protobuf:"bytes,1,opt,name=domain,proto3" json:"domain,omitempty"` + Token string `protobuf:"bytes,2,opt,name=token,proto3" json:"token,omitempty"` + Username string `protobuf:"bytes,3,opt,name=username,proto3" json:"username,omitempty"` +} + +func (x *IsValidTokenResponse) Reset() { + *x = IsValidTokenResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_auth_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *IsValidTokenResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*IsValidTokenResponse) ProtoMessage() {} + +func (x *IsValidTokenResponse) ProtoReflect() protoreflect.Message { + mi := &file_auth_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use IsValidTokenResponse.ProtoReflect.Descriptor instead. +func (*IsValidTokenResponse) Descriptor() ([]byte, []int) { + return file_auth_proto_rawDescGZIP(), []int{1} +} + +func (x *IsValidTokenResponse) GetDomain() string { + if x != nil { + return x.Domain + } + return "" +} + +func (x *IsValidTokenResponse) GetToken() string { + if x != nil { + return x.Token + } + return "" +} + +func (x *IsValidTokenResponse) GetUsername() string { + if x != nil { + return x.Username + } + return "" +} + type IsAuthorized struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -46,7 +164,7 @@ type IsAuthorized struct { func (x *IsAuthorized) Reset() { *x = IsAuthorized{} if protoimpl.UnsafeEnabled { - mi := &file_auth_proto_msgTypes[0] + mi := &file_auth_proto_msgTypes[2] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -59,7 +177,7 @@ func (x *IsAuthorized) String() string { func (*IsAuthorized) ProtoMessage() {} func (x *IsAuthorized) ProtoReflect() protoreflect.Message { - mi := &file_auth_proto_msgTypes[0] + mi := &file_auth_proto_msgTypes[2] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -72,7 +190,7 @@ func (x *IsAuthorized) ProtoReflect() protoreflect.Message { // Deprecated: Use IsAuthorized.ProtoReflect.Descriptor instead. func (*IsAuthorized) Descriptor() ([]byte, []int) { - return file_auth_proto_rawDescGZIP(), []int{0} + return file_auth_proto_rawDescGZIP(), []int{2} } func (x *IsAuthorized) GetNamespace() string { @@ -121,7 +239,7 @@ type IsAuthorizedRequest struct { func (x *IsAuthorizedRequest) Reset() { *x = IsAuthorizedRequest{} if protoimpl.UnsafeEnabled { - mi := &file_auth_proto_msgTypes[1] + mi := &file_auth_proto_msgTypes[3] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -134,7 +252,7 @@ func (x *IsAuthorizedRequest) String() string { func (*IsAuthorizedRequest) ProtoMessage() {} func (x *IsAuthorizedRequest) ProtoReflect() protoreflect.Message { - mi := &file_auth_proto_msgTypes[1] + mi := &file_auth_proto_msgTypes[3] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -147,7 +265,7 @@ func (x *IsAuthorizedRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use IsAuthorizedRequest.ProtoReflect.Descriptor instead. func (*IsAuthorizedRequest) Descriptor() ([]byte, []int) { - return file_auth_proto_rawDescGZIP(), []int{1} + return file_auth_proto_rawDescGZIP(), []int{3} } func (x *IsAuthorizedRequest) GetIsAuthorized() *IsAuthorized { @@ -168,7 +286,7 @@ type IsAuthorizedResponse struct { func (x *IsAuthorizedResponse) Reset() { *x = IsAuthorizedResponse{} if protoimpl.UnsafeEnabled { - mi := &file_auth_proto_msgTypes[2] + mi := &file_auth_proto_msgTypes[4] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -181,7 +299,7 @@ func (x *IsAuthorizedResponse) String() string { func (*IsAuthorizedResponse) ProtoMessage() {} func (x *IsAuthorizedResponse) ProtoReflect() protoreflect.Message { - mi := &file_auth_proto_msgTypes[2] + mi := &file_auth_proto_msgTypes[4] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -194,7 +312,7 @@ func (x *IsAuthorizedResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use IsAuthorizedResponse.ProtoReflect.Descriptor instead. func (*IsAuthorizedResponse) Descriptor() ([]byte, []int) { - return file_auth_proto_rawDescGZIP(), []int{2} + return file_auth_proto_rawDescGZIP(), []int{4} } func (x *IsAuthorizedResponse) GetAuthorized() bool { @@ -216,7 +334,7 @@ type GetAccessTokenRequest struct { func (x *GetAccessTokenRequest) Reset() { *x = GetAccessTokenRequest{} if protoimpl.UnsafeEnabled { - mi := &file_auth_proto_msgTypes[3] + mi := &file_auth_proto_msgTypes[5] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -229,7 +347,7 @@ func (x *GetAccessTokenRequest) String() string { func (*GetAccessTokenRequest) ProtoMessage() {} func (x *GetAccessTokenRequest) ProtoReflect() protoreflect.Message { - mi := &file_auth_proto_msgTypes[3] + mi := &file_auth_proto_msgTypes[5] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -242,7 +360,7 @@ func (x *GetAccessTokenRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use GetAccessTokenRequest.ProtoReflect.Descriptor instead. func (*GetAccessTokenRequest) Descriptor() ([]byte, []int) { - return file_auth_proto_rawDescGZIP(), []int{3} + return file_auth_proto_rawDescGZIP(), []int{5} } func (x *GetAccessTokenRequest) GetUsername() string { @@ -272,7 +390,7 @@ type GetAccessTokenResponse struct { func (x *GetAccessTokenResponse) Reset() { *x = GetAccessTokenResponse{} if protoimpl.UnsafeEnabled { - mi := &file_auth_proto_msgTypes[4] + mi := &file_auth_proto_msgTypes[6] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -285,7 +403,7 @@ func (x *GetAccessTokenResponse) String() string { func (*GetAccessTokenResponse) ProtoMessage() {} func (x *GetAccessTokenResponse) ProtoReflect() protoreflect.Message { - mi := &file_auth_proto_msgTypes[4] + mi := &file_auth_proto_msgTypes[6] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -298,7 +416,7 @@ func (x *GetAccessTokenResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use GetAccessTokenResponse.ProtoReflect.Descriptor instead. func (*GetAccessTokenResponse) Descriptor() ([]byte, []int) { - return file_auth_proto_rawDescGZIP(), []int{4} + return file_auth_proto_rawDescGZIP(), []int{6} } func (x *GetAccessTokenResponse) GetDomain() string { @@ -330,53 +448,71 @@ var file_auth_proto_rawDesc = []byte{ 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2c, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x2d, 0x67, 0x65, 0x6e, 0x2d, 0x73, 0x77, 0x61, 0x67, 0x67, 0x65, 0x72, 0x2f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, - 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x96, 0x01, - 0x0a, 0x0c, 0x49, 0x73, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x12, 0x1c, - 0x0a, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x12, 0x0a, 0x04, - 0x76, 0x65, 0x72, 0x62, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x76, 0x65, 0x72, 0x62, - 0x12, 0x14, 0x0a, 0x05, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x05, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, - 0x63, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, - 0x63, 0x65, 0x12, 0x22, 0x0a, 0x0c, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x4e, 0x61, - 0x6d, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, - 0x63, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x22, 0x4c, 0x0a, 0x13, 0x49, 0x73, 0x41, 0x75, 0x74, 0x68, - 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x35, 0x0a, - 0x0c, 0x69, 0x73, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x18, 0x01, 0x20, - 0x01, 0x28, 0x0b, 0x32, 0x11, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x49, 0x73, 0x41, 0x75, 0x74, 0x68, - 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x52, 0x0c, 0x69, 0x73, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, - 0x69, 0x7a, 0x65, 0x64, 0x22, 0x36, 0x0a, 0x14, 0x49, 0x73, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, - 0x69, 0x7a, 0x65, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x1e, 0x0a, 0x0a, - 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, - 0x52, 0x0a, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x22, 0x49, 0x0a, 0x15, - 0x47, 0x65, 0x74, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, - 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x75, 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, - 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x75, 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, - 0x65, 0x12, 0x14, 0x0a, 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x6e, 0x0a, 0x16, 0x47, 0x65, 0x74, 0x41, 0x63, - 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, - 0x65, 0x12, 0x16, 0x0a, 0x06, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x06, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x12, 0x20, 0x0a, 0x0b, 0x61, 0x63, 0x63, - 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, - 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x1a, 0x0a, 0x08, 0x75, - 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x75, - 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, 0x32, 0xfc, 0x01, 0x0a, 0x0b, 0x41, 0x75, 0x74, 0x68, - 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x7e, 0x0a, 0x0e, 0x47, 0x65, 0x74, 0x41, 0x63, - 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x1a, 0x2e, 0x61, 0x70, 0x69, 0x2e, - 0x47, 0x65, 0x74, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, - 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1b, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x47, 0x65, 0x74, 0x41, - 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, - 0x73, 0x65, 0x22, 0x33, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x28, 0x22, 0x23, 0x2f, 0x61, 0x70, 0x69, - 0x73, 0x2f, 0x76, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x67, - 0x65, 0x74, 0x5f, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x3a, - 0x01, 0x2a, 0x92, 0x41, 0x02, 0x62, 0x00, 0x12, 0x6d, 0x0a, 0x0c, 0x49, 0x73, 0x41, 0x75, 0x74, - 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x12, 0x18, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x49, 0x73, - 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, - 0x74, 0x1a, 0x19, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x49, 0x73, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, - 0x69, 0x7a, 0x65, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x28, 0x82, 0xd3, - 0xe4, 0x93, 0x02, 0x22, 0x22, 0x12, 0x2f, 0x61, 0x70, 0x69, 0x73, 0x2f, 0x76, 0x31, 0x62, 0x65, - 0x74, 0x61, 0x31, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x3a, 0x0c, 0x69, 0x73, 0x41, 0x75, 0x74, 0x68, - 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x47, 0x0a, + 0x13, 0x49, 0x73, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x75, 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x75, 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, + 0x12, 0x14, 0x0a, 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x60, 0x0a, 0x14, 0x49, 0x73, 0x56, 0x61, 0x6c, 0x69, + 0x64, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x16, + 0x0a, 0x06, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, + 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x12, 0x14, 0x0a, 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x1a, 0x0a, 0x08, + 0x75, 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, + 0x75, 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0x96, 0x01, 0x0a, 0x0c, 0x49, 0x73, 0x41, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x61, 0x6d, + 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6e, 0x61, + 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x76, 0x65, 0x72, 0x62, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x76, 0x65, 0x72, 0x62, 0x12, 0x14, 0x0a, 0x05, 0x67, + 0x72, 0x6f, 0x75, 0x70, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x67, 0x72, 0x6f, 0x75, + 0x70, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x04, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x22, 0x0a, + 0x0c, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x05, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x0c, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x4e, 0x61, 0x6d, + 0x65, 0x22, 0x4c, 0x0a, 0x13, 0x49, 0x73, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, + 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x35, 0x0a, 0x0c, 0x69, 0x73, 0x41, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x11, + 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x49, 0x73, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, + 0x64, 0x52, 0x0c, 0x69, 0x73, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x22, + 0x36, 0x0a, 0x14, 0x49, 0x73, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x52, + 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x1e, 0x0a, 0x0a, 0x61, 0x75, 0x74, 0x68, 0x6f, + 0x72, 0x69, 0x7a, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, 0x61, 0x75, 0x74, + 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x22, 0x49, 0x0a, 0x15, 0x47, 0x65, 0x74, 0x41, 0x63, + 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x12, 0x1a, 0x0a, 0x08, 0x75, 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x08, 0x75, 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x14, 0x0a, 0x05, + 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x74, 0x6f, 0x6b, + 0x65, 0x6e, 0x22, 0x6e, 0x0a, 0x16, 0x47, 0x65, 0x74, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, + 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x16, 0x0a, 0x06, + 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x64, 0x6f, + 0x6d, 0x61, 0x69, 0x6e, 0x12, 0x20, 0x0a, 0x0b, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, + 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x61, 0x63, 0x63, 0x65, 0x73, + 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x1a, 0x0a, 0x08, 0x75, 0x73, 0x65, 0x72, 0x6e, 0x61, + 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x75, 0x73, 0x65, 0x72, 0x6e, 0x61, + 0x6d, 0x65, 0x32, 0xe9, 0x02, 0x0a, 0x0b, 0x41, 0x75, 0x74, 0x68, 0x53, 0x65, 0x72, 0x76, 0x69, + 0x63, 0x65, 0x12, 0x6b, 0x0a, 0x0c, 0x49, 0x73, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x54, 0x6f, 0x6b, + 0x65, 0x6e, 0x12, 0x18, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x49, 0x73, 0x56, 0x61, 0x6c, 0x69, 0x64, + 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x19, 0x2e, 0x61, + 0x70, 0x69, 0x2e, 0x49, 0x73, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, + 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x26, 0x88, 0x02, 0x01, 0x82, 0xd3, 0xe4, 0x93, + 0x02, 0x1d, 0x22, 0x18, 0x2f, 0x61, 0x70, 0x69, 0x73, 0x2f, 0x76, 0x31, 0x62, 0x65, 0x74, 0x61, + 0x31, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x3a, 0x01, 0x2a, 0x12, + 0x7e, 0x0a, 0x0e, 0x47, 0x65, 0x74, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, + 0x6e, 0x12, 0x1a, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x47, 0x65, 0x74, 0x41, 0x63, 0x63, 0x65, 0x73, + 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1b, 0x2e, + 0x61, 0x70, 0x69, 0x2e, 0x47, 0x65, 0x74, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, + 0x65, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x33, 0x82, 0xd3, 0xe4, 0x93, + 0x02, 0x28, 0x22, 0x23, 0x2f, 0x61, 0x70, 0x69, 0x73, 0x2f, 0x76, 0x31, 0x62, 0x65, 0x74, 0x61, + 0x31, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x67, 0x65, 0x74, 0x5f, 0x61, 0x63, 0x63, 0x65, 0x73, + 0x73, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x3a, 0x01, 0x2a, 0x92, 0x41, 0x02, 0x62, 0x00, 0x12, + 0x6d, 0x0a, 0x0c, 0x49, 0x73, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x12, + 0x18, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x49, 0x73, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, + 0x65, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x19, 0x2e, 0x61, 0x70, 0x69, 0x2e, + 0x49, 0x73, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x52, 0x65, 0x73, 0x70, + 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x28, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x22, 0x22, 0x12, 0x2f, 0x61, + 0x70, 0x69, 0x73, 0x2f, 0x76, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0x2f, 0x61, 0x75, 0x74, 0x68, + 0x3a, 0x0c, 0x69, 0x73, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x62, 0x06, + 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -391,22 +527,26 @@ func file_auth_proto_rawDescGZIP() []byte { return file_auth_proto_rawDescData } -var file_auth_proto_msgTypes = make([]protoimpl.MessageInfo, 5) +var file_auth_proto_msgTypes = make([]protoimpl.MessageInfo, 7) var file_auth_proto_goTypes = []interface{}{ - (*IsAuthorized)(nil), // 0: api.IsAuthorized - (*IsAuthorizedRequest)(nil), // 1: api.IsAuthorizedRequest - (*IsAuthorizedResponse)(nil), // 2: api.IsAuthorizedResponse - (*GetAccessTokenRequest)(nil), // 3: api.GetAccessTokenRequest - (*GetAccessTokenResponse)(nil), // 4: api.GetAccessTokenResponse + (*IsValidTokenRequest)(nil), // 0: api.IsValidTokenRequest + (*IsValidTokenResponse)(nil), // 1: api.IsValidTokenResponse + (*IsAuthorized)(nil), // 2: api.IsAuthorized + (*IsAuthorizedRequest)(nil), // 3: api.IsAuthorizedRequest + (*IsAuthorizedResponse)(nil), // 4: api.IsAuthorizedResponse + (*GetAccessTokenRequest)(nil), // 5: api.GetAccessTokenRequest + (*GetAccessTokenResponse)(nil), // 6: api.GetAccessTokenResponse } var file_auth_proto_depIdxs = []int32{ - 0, // 0: api.IsAuthorizedRequest.isAuthorized:type_name -> api.IsAuthorized - 3, // 1: api.AuthService.GetAccessToken:input_type -> api.GetAccessTokenRequest - 1, // 2: api.AuthService.IsAuthorized:input_type -> api.IsAuthorizedRequest - 4, // 3: api.AuthService.GetAccessToken:output_type -> api.GetAccessTokenResponse - 2, // 4: api.AuthService.IsAuthorized:output_type -> api.IsAuthorizedResponse - 3, // [3:5] is the sub-list for method output_type - 1, // [1:3] is the sub-list for method input_type + 2, // 0: api.IsAuthorizedRequest.isAuthorized:type_name -> api.IsAuthorized + 0, // 1: api.AuthService.IsValidToken:input_type -> api.IsValidTokenRequest + 5, // 2: api.AuthService.GetAccessToken:input_type -> api.GetAccessTokenRequest + 3, // 3: api.AuthService.IsAuthorized:input_type -> api.IsAuthorizedRequest + 1, // 4: api.AuthService.IsValidToken:output_type -> api.IsValidTokenResponse + 6, // 5: api.AuthService.GetAccessToken:output_type -> api.GetAccessTokenResponse + 4, // 6: api.AuthService.IsAuthorized:output_type -> api.IsAuthorizedResponse + 4, // [4:7] is the sub-list for method output_type + 1, // [1:4] is the sub-list for method input_type 1, // [1:1] is the sub-list for extension type_name 1, // [1:1] is the sub-list for extension extendee 0, // [0:1] is the sub-list for field type_name @@ -419,7 +559,7 @@ func file_auth_proto_init() { } if !protoimpl.UnsafeEnabled { file_auth_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*IsAuthorized); i { + switch v := v.(*IsValidTokenRequest); i { case 0: return &v.state case 1: @@ -431,7 +571,7 @@ func file_auth_proto_init() { } } file_auth_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*IsAuthorizedRequest); i { + switch v := v.(*IsValidTokenResponse); i { case 0: return &v.state case 1: @@ -443,7 +583,7 @@ func file_auth_proto_init() { } } file_auth_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*IsAuthorizedResponse); i { + switch v := v.(*IsAuthorized); i { case 0: return &v.state case 1: @@ -455,7 +595,7 @@ func file_auth_proto_init() { } } file_auth_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*GetAccessTokenRequest); i { + switch v := v.(*IsAuthorizedRequest); i { case 0: return &v.state case 1: @@ -467,6 +607,30 @@ func file_auth_proto_init() { } } file_auth_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*IsAuthorizedResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_auth_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*GetAccessTokenRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_auth_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} { switch v := v.(*GetAccessTokenResponse); i { case 0: return &v.state @@ -485,7 +649,7 @@ func file_auth_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: file_auth_proto_rawDesc, NumEnums: 0, - NumMessages: 5, + NumMessages: 7, NumExtensions: 0, NumServices: 1, }, @@ -511,6 +675,8 @@ const _ = grpc.SupportPackageIsVersion6 // // For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream. type AuthServiceClient interface { + // Deprecated: Do not use. + IsValidToken(ctx context.Context, in *IsValidTokenRequest, opts ...grpc.CallOption) (*IsValidTokenResponse, error) GetAccessToken(ctx context.Context, in *GetAccessTokenRequest, opts ...grpc.CallOption) (*GetAccessTokenResponse, error) IsAuthorized(ctx context.Context, in *IsAuthorizedRequest, opts ...grpc.CallOption) (*IsAuthorizedResponse, error) } @@ -523,6 +689,16 @@ func NewAuthServiceClient(cc grpc.ClientConnInterface) AuthServiceClient { return &authServiceClient{cc} } +// Deprecated: Do not use. +func (c *authServiceClient) IsValidToken(ctx context.Context, in *IsValidTokenRequest, opts ...grpc.CallOption) (*IsValidTokenResponse, error) { + out := new(IsValidTokenResponse) + err := c.cc.Invoke(ctx, "/api.AuthService/IsValidToken", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + func (c *authServiceClient) GetAccessToken(ctx context.Context, in *GetAccessTokenRequest, opts ...grpc.CallOption) (*GetAccessTokenResponse, error) { out := new(GetAccessTokenResponse) err := c.cc.Invoke(ctx, "/api.AuthService/GetAccessToken", in, out, opts...) @@ -543,6 +719,8 @@ func (c *authServiceClient) IsAuthorized(ctx context.Context, in *IsAuthorizedRe // AuthServiceServer is the server API for AuthService service. type AuthServiceServer interface { + // Deprecated: Do not use. + IsValidToken(context.Context, *IsValidTokenRequest) (*IsValidTokenResponse, error) GetAccessToken(context.Context, *GetAccessTokenRequest) (*GetAccessTokenResponse, error) IsAuthorized(context.Context, *IsAuthorizedRequest) (*IsAuthorizedResponse, error) } @@ -551,6 +729,9 @@ type AuthServiceServer interface { type UnimplementedAuthServiceServer struct { } +func (*UnimplementedAuthServiceServer) IsValidToken(context.Context, *IsValidTokenRequest) (*IsValidTokenResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method IsValidToken not implemented") +} func (*UnimplementedAuthServiceServer) GetAccessToken(context.Context, *GetAccessTokenRequest) (*GetAccessTokenResponse, error) { return nil, status.Errorf(codes.Unimplemented, "method GetAccessToken not implemented") } @@ -562,6 +743,24 @@ func RegisterAuthServiceServer(s *grpc.Server, srv AuthServiceServer) { s.RegisterService(&_AuthService_serviceDesc, srv) } +func _AuthService_IsValidToken_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(IsValidTokenRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthServiceServer).IsValidToken(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/api.AuthService/IsValidToken", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthServiceServer).IsValidToken(ctx, req.(*IsValidTokenRequest)) + } + return interceptor(ctx, in, info, handler) +} + func _AuthService_GetAccessToken_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { in := new(GetAccessTokenRequest) if err := dec(in); err != nil { @@ -602,6 +801,10 @@ var _AuthService_serviceDesc = grpc.ServiceDesc{ ServiceName: "api.AuthService", HandlerType: (*AuthServiceServer)(nil), Methods: []grpc.MethodDesc{ + { + MethodName: "IsValidToken", + Handler: _AuthService_IsValidToken_Handler, + }, { MethodName: "GetAccessToken", Handler: _AuthService_GetAccessToken_Handler, diff --git a/api/auth.pb.gw.go b/api/auth.pb.gw.go index 6edbbf6..89648a7 100644 --- a/api/auth.pb.gw.go +++ b/api/auth.pb.gw.go @@ -31,6 +31,40 @@ var _ = runtime.String var _ = utilities.NewDoubleArray var _ = descriptor.ForMessage +func request_AuthService_IsValidToken_0(ctx context.Context, marshaler runtime.Marshaler, client AuthServiceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) { + var protoReq IsValidTokenRequest + var metadata runtime.ServerMetadata + + newReader, berr := utilities.IOReaderFactory(req.Body) + if berr != nil { + return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", berr) + } + if err := marshaler.NewDecoder(newReader()).Decode(&protoReq); err != nil && err != io.EOF { + return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err) + } + + msg, err := client.IsValidToken(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD)) + return msg, metadata, err + +} + +func local_request_AuthService_IsValidToken_0(ctx context.Context, marshaler runtime.Marshaler, server AuthServiceServer, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) { + var protoReq IsValidTokenRequest + var metadata runtime.ServerMetadata + + newReader, berr := utilities.IOReaderFactory(req.Body) + if berr != nil { + return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", berr) + } + if err := marshaler.NewDecoder(newReader()).Decode(&protoReq); err != nil && err != io.EOF { + return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err) + } + + msg, err := server.IsValidToken(ctx, &protoReq) + return msg, metadata, err + +} + func request_AuthService_GetAccessToken_0(ctx context.Context, marshaler runtime.Marshaler, client AuthServiceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) { var protoReq GetAccessTokenRequest var metadata runtime.ServerMetadata @@ -104,6 +138,26 @@ func local_request_AuthService_IsAuthorized_0(ctx context.Context, marshaler run // StreamingRPC :currently unsupported pending https://github.com/grpc/grpc-go/issues/906. func RegisterAuthServiceHandlerServer(ctx context.Context, mux *runtime.ServeMux, server AuthServiceServer) error { + mux.Handle("POST", pattern_AuthService_IsValidToken_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) { + ctx, cancel := context.WithCancel(req.Context()) + defer cancel() + inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) + rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req) + if err != nil { + runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + return + } + resp, md, err := local_request_AuthService_IsValidToken_0(rctx, inboundMarshaler, server, req, pathParams) + ctx = runtime.NewServerMetadataContext(ctx, md) + if err != nil { + runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + return + } + + forward_AuthService_IsValidToken_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + + }) + mux.Handle("POST", pattern_AuthService_GetAccessToken_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) { ctx, cancel := context.WithCancel(req.Context()) defer cancel() @@ -185,6 +239,26 @@ func RegisterAuthServiceHandler(ctx context.Context, mux *runtime.ServeMux, conn // "AuthServiceClient" to call the correct interceptors. func RegisterAuthServiceHandlerClient(ctx context.Context, mux *runtime.ServeMux, client AuthServiceClient) error { + mux.Handle("POST", pattern_AuthService_IsValidToken_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) { + ctx, cancel := context.WithCancel(req.Context()) + defer cancel() + inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) + rctx, err := runtime.AnnotateContext(ctx, mux, req) + if err != nil { + runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + return + } + resp, md, err := request_AuthService_IsValidToken_0(rctx, inboundMarshaler, client, req, pathParams) + ctx = runtime.NewServerMetadataContext(ctx, md) + if err != nil { + runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + return + } + + forward_AuthService_IsValidToken_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + + }) + mux.Handle("POST", pattern_AuthService_GetAccessToken_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) { ctx, cancel := context.WithCancel(req.Context()) defer cancel() @@ -229,12 +303,16 @@ func RegisterAuthServiceHandlerClient(ctx context.Context, mux *runtime.ServeMux } var ( + pattern_AuthService_IsValidToken_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2, 2, 3}, []string{"apis", "v1beta1", "auth", "token"}, "", runtime.AssumeColonVerbOpt(true))) + pattern_AuthService_GetAccessToken_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2, 2, 3}, []string{"apis", "v1beta1", "auth", "get_access_token"}, "", runtime.AssumeColonVerbOpt(true))) pattern_AuthService_IsAuthorized_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2}, []string{"apis", "v1beta1", "auth"}, "", runtime.AssumeColonVerbOpt(true))) ) var ( + forward_AuthService_IsValidToken_0 = runtime.ForwardResponseMessage + forward_AuthService_GetAccessToken_0 = runtime.ForwardResponseMessage forward_AuthService_IsAuthorized_0 = runtime.ForwardResponseMessage diff --git a/api/auth.proto b/api/auth.proto index f1b633d..32ddd91 100644 --- a/api/auth.proto +++ b/api/auth.proto @@ -6,6 +6,14 @@ import "google/api/annotations.proto"; import "protoc-gen-swagger/options/annotations.proto"; service AuthService { + rpc IsValidToken(IsValidTokenRequest) returns (IsValidTokenResponse) { + option (google.api.http) = { + post: "/apis/v1beta1/auth/token" + body: "*" + }; + option deprecated = true; + } + rpc GetAccessToken(GetAccessTokenRequest) returns (GetAccessTokenResponse) { option (google.api.http) = { post: "/apis/v1beta1/auth/get_access_token" @@ -25,6 +33,17 @@ service AuthService { } } +message IsValidTokenRequest { + string username = 1; + string token = 2; +} + +message IsValidTokenResponse { + string domain = 1; + string token = 2; + string username = 3; +} + message IsAuthorized { string namespace = 1; string verb = 2; diff --git a/server/auth/auth.go b/server/auth/auth.go index cedaadf..7ba02a3 100644 --- a/server/auth/auth.go +++ b/server/auth/auth.go @@ -204,7 +204,45 @@ func UnaryInterceptor(kubeConfig *v1.Config, db *v1.DB, sysConfig v1.SystemConfi return handler(ctx, req) } + if info.FullMethod == "/api.AuthService/IsValidToken" { + md, ok := metadata.FromIncomingContext(ctx) + if !ok { + return resp, errors.New("unable to get metadata from incoming context") + } + tokenRequest, ok := req.(*api.IsValidTokenRequest) + if !ok { + return resp, errors.New("invalid request object for GetAccessTokenRequest") + } + getAccessTokenRequest := &api.GetAccessTokenRequest{ + Username: tokenRequest.Username, + Token: tokenRequest.Token, + } + + defaultClient, err := v1.GetDefaultClientWithDB(db) + if err != nil { + return nil, err + } + + rawToken, err := verifyLogin(defaultClient, getAccessTokenRequest) + if err != nil { + return nil, err + } + + sysConfig, err := defaultClient.GetSystemConfig() + if err != nil { + return nil, err + } + + md.Set("authorization", "Bearer "+rawToken) + + ctx, err = getClient(ctx, kubeConfig, db, sysConfig) + if err != nil { + ctx = nil + } + + return handler(ctx, req) + } if info.FullMethod == "/api.AuthService/IsAuthorized" { md, ok := metadata.FromIncomingContext(ctx) if !ok { diff --git a/server/auth_server.go b/server/auth_server.go index 0478790..70ddca9 100644 --- a/server/auth_server.go +++ b/server/auth_server.go @@ -81,6 +81,38 @@ func (a *AuthServer) GetAccessToken(ctx context.Context, req *api.GetAccessToken return } +// IsValidToken returns the appropriate token information given an md5 version of the token +// Deprecated: Use GetAccessToken instead +func (a *AuthServer) IsValidToken(ctx context.Context, req *api.IsValidTokenRequest) (res *api.IsValidTokenResponse, err error) { + if ctx == nil { + return nil, status.Error(codes.Unauthenticated, "unauthenticated") + } + + client := getClient(ctx) + err = a.isValidToken(err, client) + if err != nil { + return nil, err + } + + config, err := client.GetSystemConfig() + if err != nil { + return + } + + domain := config.Domain() + if domain == nil { + return nil, fmt.Errorf("domain is not set") + } + + res = &api.IsValidTokenResponse{ + Domain: *domain, + Token: client.Token, + Username: req.Username, + } + + return +} + func (a *AuthServer) isValidToken(err error, client *v1.Client) error { namespaces, err := client.ListOnepanelEnabledNamespaces() if err != nil {