zitadel/internal/api/authz/context.go

package authz

import (
	"context"

	"github.com/caos/logging"
)

type key int

const (
	permissionsKey key = 1
	dataKey        key = 2
)

type CtxData struct {
	UserID            string
	OrgID             string
	ProjectID         string
	AgentID           string
	PreferredLanguage string
}

func (ctxData CtxData) IsZero() bool {
	return ctxData.UserID == "" || ctxData.OrgID == ""
}

type Grants []*Grant

type Grant struct {
	OrgID string
	Roles []string
}

func VerifyTokenAndWriteCtxData(ctx context.Context, token, orgID string, t *TokenVerifier, method string) (_ context.Context, err error) {
	userID, clientID, agentID, err := verifyAccessToken(ctx, token, t, method)
	if err != nil {
		return nil, err
	}
	projectID, err := t.GetProjectIDByClientID(ctx, clientID)
	logging.LogWithFields("AUTH-GfAoV", "clientID", clientID).OnError(err).Warn("could not read projectid by clientid")
	return context.WithValue(ctx, dataKey, CtxData{UserID: userID, OrgID: orgID, ProjectID: projectID, AgentID: agentID}), nil
}

func SetCtxData(ctx context.Context, ctxData CtxData) context.Context {
	return context.WithValue(ctx, dataKey, ctxData)
}

func GetCtxData(ctx context.Context) CtxData {
	ctxData, _ := ctx.Value(dataKey).(CtxData)
	return ctxData
}

func GetPermissionsFromCtx(ctx context.Context) []string {
	ctxPermission, _ := ctx.Value(permissionsKey).([]string)
	return ctxPermission
}
feat: port reduction (#323) * move mgmt pkg * begin package restructure * rename auth package to authz * begin start api * move auth * move admin * fix merge * configs and interceptors * interceptor * revert generate-grpc.sh * some cleanups * console * move console * fix tests and merging * js linting * merge * merging and configs * change k8s base to current ports * fixes * cleanup * regenerate proto * remove unnecessary whitespace * missing param * go mod tidy * fix merging * move login pkg * cleanup * move api pkgs again * fix pkg naming * fix generate-static.sh for login * update workflow * fixes * logging * remove duplicate * comment for optional gateway interfaces * regenerate protos * fix proto imports for grpc web * protos * grpc web generate * grpc web generate * fix changes * add translation interceptor * fix merging * regenerate mgmt proto 2020-07-08 11:56:37 +00:00			`package authz`

			`import (`
			`"context"`

			`"github.com/caos/logging"`
			`)`

			`type key int`

			`const (`
			`permissionsKey key = 1`
			`dataKey key = 2`
			`)`

			`type CtxData struct {`
			`UserID string`
			`OrgID string`
			`ProjectID string`
			`AgentID string`
			`PreferredLanguage string`
			`}`

			`func (ctxData CtxData) IsZero() bool {`
			`return ctxData.UserID == "" \|\| ctxData.OrgID == ""`
			`}`

			`type Grants []*Grant`

			`type Grant struct {`
			`OrgID string`
			`Roles []string`
			`}`

			`func VerifyTokenAndWriteCtxData(ctx context.Context, token, orgID string, t *TokenVerifier, method string) (_ context.Context, err error) {`
			`userID, clientID, agentID, err := verifyAccessToken(ctx, token, t, method)`
			`if err != nil {`
			`return nil, err`
			`}`
			`projectID, err := t.GetProjectIDByClientID(ctx, clientID)`
			`logging.LogWithFields("AUTH-GfAoV", "clientID", clientID).OnError(err).Warn("could not read projectid by clientid")`
			`return context.WithValue(ctx, dataKey, CtxData{UserID: userID, OrgID: orgID, ProjectID: projectID, AgentID: agentID}), nil`
			`}`

			`func SetCtxData(ctx context.Context, ctxData CtxData) context.Context {`
			`return context.WithValue(ctx, dataKey, ctxData)`
			`}`

			`func GetCtxData(ctx context.Context) CtxData {`
			`ctxData, _ := ctx.Value(dataKey).(CtxData)`
			`return ctxData`
			`}`

			`func GetPermissionsFromCtx(ctx context.Context) []string {`
			`ctxPermission, _ := ctx.Value(permissionsKey).([]string)`
			`return ctxPermission`
			`}`