opensource/magistrala
1
0
Fork 0
mirror of https://github.com/absmach/magistrala.git synced 2026-06-23 04:10:28 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
a0c40ba46211548c702fe33c94fc96409113c449
magistrala/auth/api/grpc/endpoint.go
T
b1ackd0t a0c40ba462 NOISSUE - Update Copyright Notice (#39) 
* chore(license): update copyright notices

Add CI check for non go files to check that the files contain a license

Signed-off-by: Rodney Osodo <28790446+rodneyosodo@users.noreply.github.com>

* fix(ci): log failed files

When the CI fails during check for license header, log the failed file to console so that someone can check on the actual file. Also simplify the grep check to make it more human readable and understandable

Signed-off-by: Rodney Osodo <28790446+rodneyosodo@users.noreply.github.com>

---------

Signed-off-by: Rodney Osodo <28790446+rodneyosodo@users.noreply.github.com>
2023-11-17 12:37:30 +01:00

329 lines
8.7 KiB
Go
Raw Blame History

// Copyright (c) Abstract Machines
// SPDX-License-Identifier: Apache-2.0
package grpc
import (
"context"
"github.com/absmach/magistrala/auth"
"github.com/go-kit/kit/endpoint"
)
func issueEndpoint(svc auth.Service) endpoint.Endpoint {
return func(ctx context.Context, request interface{}) (interface{}, error) {
req := request.(issueReq)
if err := req.validate(); err != nil {
return issueRes{}, err
}
key := auth.Key{
Type: req.keyType,
User: req.userID,
Domain: req.domainID,
}
tkn, err := svc.Issue(ctx, "", key)
if err != nil {
return issueRes{}, err
}
ret := issueRes{
accessToken: tkn.AccessToken,
refreshToken: tkn.RefreshToken,
accessType: tkn.AccessType,
}
return ret, nil
}
}
func refreshEndpoint(svc auth.Service) endpoint.Endpoint {
return func(ctx context.Context, request interface{}) (interface{}, error) {
req := request.(refreshReq)
if err := req.validate(); err != nil {
return issueRes{}, err
}
key := auth.Key{Domain: req.domainID, Type: auth.RefreshKey}
tkn, err := svc.Issue(ctx, req.refreshToken, key)
if err != nil {
return issueRes{}, err
}
ret := issueRes{
accessToken: tkn.AccessToken,
refreshToken: tkn.RefreshToken,
accessType: tkn.AccessType,
}
return ret, nil
}
}
func identifyEndpoint(svc auth.Service) endpoint.Endpoint {
return func(ctx context.Context, request interface{}) (interface{}, error) {
req := request.(identityReq)
if err := req.validate(); err != nil {
return identityRes{}, err
}
key, err := svc.Identify(ctx, req.token)
if err != nil {
return identityRes{}, err
}
return identityRes{id: key.Subject, userID: key.User, domainID: key.Domain}, nil
}
}
func authorizeEndpoint(svc auth.Service) endpoint.Endpoint {
return func(ctx context.Context, request interface{}) (interface{}, error) {
req := request.(authReq)
if err := req.validate(); err != nil {
return authorizeRes{}, err
}
err := svc.Authorize(ctx, auth.PolicyReq{
Domain: req.Domain,
SubjectType: req.SubjectType,
SubjectKind: req.SubjectKind,
Subject: req.Subject,
Relation: req.Relation,
Permission: req.Permission,
ObjectType: req.ObjectType,
Object: req.Object,
})
if err != nil {
return authorizeRes{authorized: false}, err
}
return authorizeRes{authorized: true}, nil
}
}
func addPolicyEndpoint(svc auth.Service) endpoint.Endpoint {
return func(ctx context.Context, request interface{}) (interface{}, error) {
req := request.(policyReq)
if err := req.validate(); err != nil {
return addPolicyRes{}, err
}
err := svc.AddPolicy(ctx, auth.PolicyReq{
Domain: req.Domain,
SubjectType: req.SubjectType,
SubjectKind: req.SubjectKind,
Subject: req.Subject,
Relation: req.Relation,
Permission: req.Permission,
ObjectType: req.ObjectType,
ObjectKind: req.ObjectKind,
Object: req.Object,
})
if err != nil {
return addPolicyRes{}, err
}
return addPolicyRes{authorized: true}, err
}
}
func addPoliciesEndpoint(svc auth.Service) endpoint.Endpoint {
return func(ctx context.Context, request interface{}) (interface{}, error) {
reqs := request.(policiesReq)
if err := reqs.validate(); err != nil {
return addPoliciesRes{}, err
}
prs := []auth.PolicyReq{}
for _, req := range reqs {
prs = append(prs, auth.PolicyReq{
Domain: req.Domain,
SubjectType: req.SubjectType,
SubjectKind: req.SubjectKind,
Subject: req.Subject,
Relation: req.Relation,
Permission: req.Permission,
ObjectType: req.ObjectType,
ObjectKind: req.ObjectKind,
Object: req.Object,
})
}
if err := svc.AddPolicies(ctx, prs); err != nil {
return addPoliciesRes{}, err
}
return addPoliciesRes{authorized: true}, nil
}
}
func deletePolicyEndpoint(svc auth.Service) endpoint.Endpoint {
return func(ctx context.Context, request interface{}) (interface{}, error) {
req := request.(policyReq)
if err := req.validate(); err != nil {
return deletePolicyRes{}, err
}
err := svc.DeletePolicy(ctx, auth.PolicyReq{
Domain: req.Domain,
SubjectKind: req.SubjectKind,
SubjectType: req.SubjectType,
Subject: req.Subject,
Relation: req.Relation,
Permission: req.Permission,
ObjectType: req.ObjectType,
ObjectKind: req.ObjectKind,
Object: req.Object,
})
if err != nil {
return deletePolicyRes{}, err
}
return deletePolicyRes{deleted: true}, nil
}
}
func deletePoliciesEndpoint(svc auth.Service) endpoint.Endpoint {
return func(ctx context.Context, request interface{}) (interface{}, error) {
reqs := request.(policiesReq)
if err := reqs.validate(); err != nil {
return deletePoliciesRes{}, err
}
prs := []auth.PolicyReq{}
for _, req := range reqs {
prs = append(prs, auth.PolicyReq{
Domain: req.Domain,
SubjectType: req.SubjectType,
SubjectKind: req.SubjectKind,
Subject: req.Subject,
Relation: req.Relation,
Permission: req.Permission,
ObjectType: req.ObjectType,
ObjectKind: req.ObjectKind,
Object: req.Object,
})
}
if err := svc.DeletePolicies(ctx, prs); err != nil {
return deletePoliciesRes{}, err
}
return deletePoliciesRes{deleted: true}, nil
}
}
func listObjectsEndpoint(svc auth.Service) endpoint.Endpoint {
return func(ctx context.Context, request interface{}) (interface{}, error) {
req := request.(listObjectsReq)
page, err := svc.ListObjects(ctx, auth.PolicyReq{
Domain: req.Domain,
SubjectType: req.SubjectType,
Subject: req.Subject,
Relation: req.Relation,
Permission: req.Permission,
ObjectType: req.ObjectType,
Object: req.Object,
}, req.NextPageToken, req.Limit)
if err != nil {
return listObjectsRes{}, err
}
return listObjectsRes{policies: page.Policies, nextPageToken: page.NextPageToken}, nil
}
}
func listAllObjectsEndpoint(svc auth.Service) endpoint.Endpoint {
return func(ctx context.Context, request interface{}) (interface{}, error) {
req := request.(listObjectsReq)
page, err := svc.ListAllObjects(ctx, auth.PolicyReq{
Domain: req.Domain,
SubjectType: req.SubjectType,
Subject: req.Subject,
Relation: req.Relation,
Permission: req.Permission,
ObjectType: req.ObjectType,
Object: req.Object,
})
if err != nil {
return listObjectsRes{}, err
}
return listObjectsRes{policies: page.Policies, nextPageToken: page.NextPageToken}, nil
}
}
func countObjectsEndpoint(svc auth.Service) endpoint.Endpoint {
return func(ctx context.Context, request interface{}) (interface{}, error) {
req := request.(countObjectsReq)
count, err := svc.CountObjects(ctx, auth.PolicyReq{
Domain: req.Domain,
SubjectType: req.SubjectType,
Subject: req.Subject,
Relation: req.Relation,
Permission: req.Permission,
ObjectType: req.ObjectType,
Object: req.Object,
})
if err != nil {
return countObjectsRes{}, err
}
return countObjectsRes{count: count}, nil
}
}
func listSubjectsEndpoint(svc auth.Service) endpoint.Endpoint {
return func(ctx context.Context, request interface{}) (interface{}, error) {
req := request.(listSubjectsReq)
page, err := svc.ListSubjects(ctx, auth.PolicyReq{
Domain: req.Domain,
SubjectType: req.SubjectType,
Subject: req.Subject,
Relation: req.Relation,
Permission: req.Permission,
ObjectType: req.ObjectType,
Object: req.Object,
}, req.NextPageToken, req.Limit)
if err != nil {
return listSubjectsRes{}, err
}
return listSubjectsRes{policies: page.Policies, nextPageToken: page.NextPageToken}, nil
}
}
func listAllSubjectsEndpoint(svc auth.Service) endpoint.Endpoint {
return func(ctx context.Context, request interface{}) (interface{}, error) {
req := request.(listSubjectsReq)
page, err := svc.ListAllSubjects(ctx, auth.PolicyReq{
Domain: req.Domain,
SubjectType: req.SubjectType,
Subject: req.Subject,
Relation: req.Relation,
Permission: req.Permission,
ObjectType: req.ObjectType,
Object: req.Object,
})
if err != nil {
return listSubjectsRes{}, err
}
return listSubjectsRes{policies: page.Policies, nextPageToken: page.NextPageToken}, nil
}
}
func countSubjectsEndpoint(svc auth.Service) endpoint.Endpoint {
return func(ctx context.Context, request interface{}) (interface{}, error) {
req := request.(countSubjectsReq)
count, err := svc.CountSubjects(ctx, auth.PolicyReq{
Domain: req.Domain,
SubjectType: req.SubjectType,
Subject: req.Subject,
Relation: req.Relation,
Permission: req.Permission,
ObjectType: req.ObjectType,
Object: req.Object,
})
if err != nil {
return countSubjectsRes{}, err
}
return countSubjectsRes{count: count}, nil
}
}
Reference in New Issue View Git Blame Copy Permalink