zitadel/internal/api/grpc/server/middleware/auth_interceptor.go

package middleware

import (
	"context"

	"google.golang.org/grpc"
	"google.golang.org/grpc/codes"
	"google.golang.org/grpc/status"

	"github.com/caos/zitadel/internal/api"
	"github.com/caos/zitadel/internal/api/auth"
	grpc_util "github.com/caos/zitadel/internal/api/grpc"
)

func AuthorizationInterceptor(verifier auth.TokenVerifier, authConfig *auth.Config, authMethods auth.MethodMapping) func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {
	return func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {
		authOpt, needsToken := authMethods[info.FullMethod]
		if !needsToken {
			return handler(ctx, req)
		}

		authToken := grpc_util.GetAuthorizationHeader(ctx)
		if authToken == "" {
			return nil, status.Error(codes.Unauthenticated, "auth header missing")
		}

		orgID := grpc_util.GetHeader(ctx, api.ZitadelOrgID)

		ctx, err := auth.CheckUserAuthorization(ctx, req, authToken, orgID, verifier, authConfig, authOpt)
		if err != nil {
			return nil, err
		}

		return handler(ctx, req)
	}
}
add tracing and refactor some api pkgs 2020-03-24 13:15:01 +00:00			`package middleware`
feat: add some api packages 2020-03-23 06:01:59 +00:00
			`import (`
			`"context"`

			`"google.golang.org/grpc"`
			`"google.golang.org/grpc/codes"`
			`"google.golang.org/grpc/status"`

ad i18n and renderer and move headers 2020-03-23 12:26:05 +00:00			`"github.com/caos/zitadel/internal/api"`
feat: add some api packages 2020-03-23 06:01:59 +00:00			`"github.com/caos/zitadel/internal/api/auth"`
add tracing and refactor some api pkgs 2020-03-24 13:15:01 +00:00			`grpc_util "github.com/caos/zitadel/internal/api/grpc"`
feat: add some api packages 2020-03-23 06:01:59 +00:00			`)`

			`func AuthorizationInterceptor(verifier auth.TokenVerifier, authConfig auth.Config, authMethods auth.MethodMapping) func(ctx context.Context, req interface{}, info grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {`
			`return func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {`
			`authOpt, needsToken := authMethods[info.FullMethod]`
			`if !needsToken {`
			`return handler(ctx, req)`
			`}`

add tracing and refactor some api pkgs 2020-03-24 13:15:01 +00:00			`authToken := grpc_util.GetAuthorizationHeader(ctx)`
feat: add some api packages 2020-03-23 06:01:59 +00:00			`if authToken == "" {`
			`return nil, status.Error(codes.Unauthenticated, "auth header missing")`
			`}`

add tracing and refactor some api pkgs 2020-03-24 13:15:01 +00:00			`orgID := grpc_util.GetHeader(ctx, api.ZitadelOrgID)`
feat: add some api packages 2020-03-23 06:01:59 +00:00
			`ctx, err := auth.CheckUserAuthorization(ctx, req, authToken, orgID, verifier, authConfig, authOpt)`
			`if err != nil {`
			`return nil, err`
			`}`

			`return handler(ctx, req)`
			`}`
			`}`