-
Notifications
You must be signed in to change notification settings - Fork 0
/
token.go
50 lines (44 loc) · 1.53 KB
/
token.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
package services
import (
"context"
"encoding/json"
"github.com/PumpkinSeed/heimdall/internal/errors"
"github.com/PumpkinSeed/heimdall/internal/structs"
"github.com/PumpkinSeed/heimdall/pkg/crypto/unseal"
"github.com/PumpkinSeed/heimdall/pkg/token"
)
const msgInvalidRootTokenID = "invalid root token id"
type TokenCreate struct {
state *unseal.Unseal
tokenStore *token.TokenStore
}
func NewTokenCreate(u *unseal.Unseal) TokenCreate {
return TokenCreate{
state: u,
tokenStore: token.NewTokenStore(u),
}
}
func (t TokenCreate) Handler(ctx context.Context, req structs.SocketRequest) (structs.SocketResponse, error) {
if status := t.state.Status(); !status.Unsealed {
return structs.SocketResponse{}, errors.New("heimdall is still sealed", errors.CodeApiSocketTokenHandlerSealed)
}
var token token.Request
if err := json.Unmarshal(req.Data, &token); err != nil {
return structs.SocketResponse{}, errors.Wrap(err, "token request unmarshal error", errors.CodeApiSocketTokenHandlerUnmarshal)
}
if rootTokenValid, err := t.tokenStore.CheckToken(ctx, token.RootTokenID); err != nil {
return structs.SocketResponse{}, err
} else if !rootTokenValid {
return structs.SocketResponse{
Data: []byte(msgInvalidRootTokenID),
}, nil
}
rootToken, err := t.tokenStore.GenRootToken(ctx, token.ID)
data, err := json.Marshal(rootToken)
if err != nil {
return structs.SocketResponse{}, errors.Wrap(err, "token request marshal error", errors.CodeApiSocketTokenHandlerMarshal)
}
return structs.SocketResponse{
Data: data,
}, nil
}