This repository has been archived by the owner on Dec 14, 2021. It is now read-only.
/
auth.go
69 lines (59 loc) · 2.08 KB
/
auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
// Copyright © 2017 The Things Network
// Use of this source code is governed by the MIT license that can be found in the LICENSE file.
package auth
import (
"github.com/TheThingsNetwork/go-utils/grpc/ttnctx"
"golang.org/x/net/context"
"google.golang.org/grpc"
)
const tokenKey = "token"
// TokenCredentials RPC Credentials
type TokenCredentials struct {
allowInsecure bool
token string
tokenFunc func(id string) string
tokenFuncKey string
}
// WithInsecure returns a copy of the TokenCredentials, allowing insecure transport
func (c *TokenCredentials) WithInsecure() *TokenCredentials {
return &TokenCredentials{token: c.token, tokenFunc: c.tokenFunc, allowInsecure: true}
}
// WithStaticToken injects a static token on each request
func WithStaticToken(token string) *TokenCredentials {
return &TokenCredentials{
token: token,
}
}
// WithTokenFunc returns TokenCredentials that execute the tokenFunc on each request
// The value of v sent to the tokenFunk is the MD value of the supplied k
func WithTokenFunc(k string, tokenFunc func(v string) string) *TokenCredentials {
return &TokenCredentials{
tokenFunc: tokenFunc,
tokenFuncKey: k,
}
}
// RequireTransportSecurity implements credentials.PerRPCCredentials
func (c *TokenCredentials) RequireTransportSecurity() bool { return !c.allowInsecure }
// GetRequestMetadata implements credentials.PerRPCCredentials
func (c *TokenCredentials) GetRequestMetadata(ctx context.Context, uri ...string) (map[string]string, error) {
md := ttnctx.MetadataFromOutgoingContext(ctx)
token, _ := ttnctx.TokenFromMetadata(md)
if token != "" {
return map[string]string{tokenKey: token}, nil
}
if c.tokenFunc != nil {
var k string
if v, ok := md[c.tokenFuncKey]; ok && len(v) > 0 {
k = v[0]
}
return map[string]string{tokenKey: c.tokenFunc(k)}, nil
}
if c.token != "" {
return map[string]string{tokenKey: c.token}, nil
}
return map[string]string{tokenKey: ""}, nil
}
// DialOption returns a DialOption for the TokenCredentials
func (c *TokenCredentials) DialOption() grpc.DialOption {
return grpc.WithPerRPCCredentials(c)
}