-
Notifications
You must be signed in to change notification settings - Fork 415
/
server.go
90 lines (78 loc) · 3.01 KB
/
server.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
/*
* Copyright 2018- The Pixie Authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* SPDX-License-Identifier: Apache-2.0
*/
package controllers
import (
"context"
"github.com/gofrs/uuid"
"px.dev/pixie/src/cloud/auth/authenv"
)
// APIKeyMgr is the internal interface for managing API keys.
type APIKeyMgr interface {
FetchOrgUserIDUsingAPIKey(ctx context.Context, key string) (uuid.UUID, uuid.UUID, error)
}
// UserInfo contains all the info about a user. It's not tied to any specific AuthProvider.
type UserInfo struct {
// The following fields are from the AuthProvider.
Email string
EmailVerified bool
FirstName string
LastName string
Name string
Picture string
// IdentityProvider is the name of the provider that the User used to Login. This is distinct
// from AuthProviders - there might be many IdentityProviders that a single AuthProvider implements. Ie
// google-oauth and github might both be IdentityProviders for Auth0.
IdentityProvider string
// AuthProviderID is the ID assigned to the user internal to the AuthProvider.
AuthProviderID string
// HostedDomain is the name of an org that a user belongs to according to the IdentityProvider.
// If empty, the IdentityProvider does not consider the user as part of an org.
HostedDomain string
}
// CreateInviteLinkResponse contaions the InviteLink and any accompanying information.
type CreateInviteLinkResponse struct {
InviteLink string
}
// CreateIdentityResponse contains relevant information about the Identity that was created.
type CreateIdentityResponse struct {
IdentityProvider string
AuthProviderID string
}
// AuthProvider interfaces the service we use for auth.
type AuthProvider interface {
// GetUserInfoFromAccessToken fetches and returns the UserInfo for the given access token.
GetUserInfoFromAccessToken(accessToken string) (*UserInfo, error)
// CreateInviteLinkForIdentity creates an invite link for the specific user, identified by the AuthProviderID.
CreateInviteLink(authProviderID string) (*CreateInviteLinkResponse, error)
// CreateIdentity will create an identity for the corresponding email.
CreateIdentity(email string) (*CreateIdentityResponse, error)
}
// Server defines an gRPC server type.
type Server struct {
env authenv.AuthEnv
a AuthProvider
apiKeyMgr APIKeyMgr
}
// NewServer creates GRPC handlers.
func NewServer(env authenv.AuthEnv, a AuthProvider, apiKeyMgr APIKeyMgr) (*Server, error) {
return &Server{
env: env,
a: a,
apiKeyMgr: apiKeyMgr,
}, nil
}