zitadel/internal/api/auth/context.go

package auth

import (
	"context"

	"github.com/caos/logging"
)

type key int

var (
	permissionsKey key
	dataKey        key
)

type CtxData struct {
	UserID    string
	OrgID     string
	ProjectID string
	AgentID   string
}

func (ctxData CtxData) IsZero() bool {
	return ctxData.UserID == "" || ctxData.OrgID == ""
}

type Grants []*Grant

type Grant struct {
	OrgID string
	Roles []string
}

type TokenVerifier interface {
	VerifyAccessToken(ctx context.Context, token string) (string, string, string, error)
	ResolveGrants(ctx context.Context, sub, orgID string) ([]*Grant, error)
	GetProjectIDByClientID(ctx context.Context, clientID string) (string, error)
}

func VerifyTokenAndWriteCtxData(ctx context.Context, token, orgID string, t TokenVerifier) (_ context.Context, err error) {
	userID, clientID, agentID, err := verifyAccessToken(ctx, token, t)
	if err != nil {
		return nil, err
	}

	projectID, err := t.GetProjectIDByClientID(ctx, clientID)
	logging.LogWithFields("AUTH-GfAoV", "clientID", clientID).OnError(err).Warn("could not read projectid by clientid")

	return context.WithValue(ctx, dataKey, CtxData{UserID: userID, OrgID: orgID, ProjectID: projectID, AgentID: agentID}), nil
}

func GetCtxData(ctx context.Context) CtxData {
	ctxData, _ := ctx.Value(dataKey).(CtxData)
	return ctxData
}

func GetPermissionsFromCtx(ctx context.Context) []string {
	ctxPermission, _ := ctx.Value(permissionsKey).([]string)
	return ctxPermission
}
feat: add some api packages 2020-03-23 07:01:59 +01:00			`package auth`

			`import (`
			`"context"`

			`"github.com/caos/logging"`
			`)`

change context keys and fix tests 2020-03-30 11:52:08 +02:00			`type key int`

			`var (`
			`permissionsKey key`
			`dataKey key`
			`)`
feat: add some api packages 2020-03-23 07:01:59 +01:00
			`type CtxData struct {`
			`UserID string`
			`OrgID string`
			`ProjectID string`
			`AgentID string`
			`}`

			`func (ctxData CtxData) IsZero() bool {`
			`return ctxData.UserID == "" \|\| ctxData.OrgID == ""`
			`}`

			`type Grants []*Grant`

			`type Grant struct {`
			`OrgID string`
			`Roles []string`
			`}`

			`type TokenVerifier interface {`
			`VerifyAccessToken(ctx context.Context, token string) (string, string, string, error)`
			`ResolveGrants(ctx context.Context, sub, orgID string) ([]*Grant, error)`
			`GetProjectIDByClientID(ctx context.Context, clientID string) (string, error)`
			`}`

			`func VerifyTokenAndWriteCtxData(ctx context.Context, token, orgID string, t TokenVerifier) (_ context.Context, err error) {`
			`userID, clientID, agentID, err := verifyAccessToken(ctx, token, t)`
			`if err != nil {`
			`return nil, err`
			`}`

			`projectID, err := t.GetProjectIDByClientID(ctx, clientID)`
			`logging.LogWithFields("AUTH-GfAoV", "clientID", clientID).OnError(err).Warn("could not read projectid by clientid")`

change context keys and fix tests 2020-03-30 11:52:08 +02:00			`return context.WithValue(ctx, dataKey, CtxData{UserID: userID, OrgID: orgID, ProjectID: projectID, AgentID: agentID}), nil`
feat: add some api packages 2020-03-23 07:01:59 +01:00			`}`

			`func GetCtxData(ctx context.Context) CtxData {`
change context keys and fix tests 2020-03-30 11:52:08 +02:00			`ctxData, _ := ctx.Value(dataKey).(CtxData)`
remove pointer on ctxData 2020-03-30 10:06:48 +02:00			`return ctxData`
feat: add some api packages 2020-03-23 07:01:59 +01:00			`}`

			`func GetPermissionsFromCtx(ctx context.Context) []string {`
change context keys and fix tests 2020-03-30 11:52:08 +02:00			`ctxPermission, _ := ctx.Value(permissionsKey).([]string)`
remove pointer on ctxData 2020-03-30 10:06:48 +02:00			`return ctxPermission`
feat: add some api packages 2020-03-23 07:01:59 +01:00			`}`