/
auth_token.go
67 lines (60 loc) · 2.3 KB
/
auth_token.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
package middlewares
import (
"context"
"github.com/crawlab-team/crawlab-core/constants"
"github.com/crawlab-team/crawlab-core/errors"
"github.com/crawlab-team/crawlab-core/interfaces"
"github.com/grpc-ecosystem/go-grpc-middleware/auth"
"google.golang.org/grpc"
"google.golang.org/grpc/metadata"
)
func GetAuthTokenFunc(nodeCfgSvc interfaces.NodeConfigService) grpc_auth.AuthFunc {
return func(ctx context.Context) (ctx2 context.Context, err error) {
// authentication (token verification)
md, ok := metadata.FromIncomingContext(ctx)
if !ok {
return nil, errors.ErrorGrpcUnauthorized
}
// auth key from incoming context
res, ok := md[constants.GrpcHeaderAuthorization]
if !ok {
return ctx, errors.ErrorGrpcUnauthorized
}
if len(res) != 1 {
return ctx, errors.ErrorGrpcUnauthorized
}
authKey := res[0]
// validate
svrAuthKey := nodeCfgSvc.GetAuthKey()
if authKey != svrAuthKey {
return ctx, errors.ErrorGrpcUnauthorized
}
return ctx, nil
}
}
func GetAuthTokenUnaryChainInterceptor(nodeCfgSvc interfaces.NodeConfigService) grpc.UnaryClientInterceptor {
// set auth key
md := metadata.Pairs(constants.GrpcHeaderAuthorization, nodeCfgSvc.GetAuthKey())
//header := metadata.MD{}
//header[constants.GrpcHeaderAuthorization] = []string{nodeCfgSvc.GetAuthKey()}
return func(ctx context.Context, method string, req, reply interface{}, cc *grpc.ClientConn, invoker grpc.UnaryInvoker, opts ...grpc.CallOption) error {
ctx = metadata.NewOutgoingContext(context.Background(), md)
//opts = append(opts, grpc.Header(&header))
return invoker(ctx, method, req, reply, cc, opts...)
}
}
func GetAuthTokenStreamChainInterceptor(nodeCfgSvc interfaces.NodeConfigService) grpc.StreamClientInterceptor {
// set auth key
md := metadata.Pairs(constants.GrpcHeaderAuthorization, nodeCfgSvc.GetAuthKey())
//header := metadata.MD{}
//header[constants.GrpcHeaderAuthorization] = []string{nodeCfgSvc.GetAuthKey()}
return func(ctx context.Context, desc *grpc.StreamDesc, cc *grpc.ClientConn, method string, streamer grpc.Streamer, opts ...grpc.CallOption) (grpc.ClientStream, error) {
ctx = metadata.NewOutgoingContext(context.Background(), md)
//opts = append(opts, grpc.Header(&header))
s, err := streamer(ctx, desc, cc, method, opts...)
if err != nil {
return nil, err
}
return s, nil
}
}