Full Restruct API and Services
Signed-off-by: Asai Neko <sugar@sne.moe>
This commit is contained in:
@@ -2,7 +2,14 @@ package service_auth
|
||||
|
||||
import (
|
||||
"context"
|
||||
"net/url"
|
||||
"nixcn-cms/data"
|
||||
"nixcn-cms/internal/authcode"
|
||||
"nixcn-cms/internal/exception"
|
||||
"nixcn-cms/service/shared"
|
||||
|
||||
"github.com/google/uuid"
|
||||
"gorm.io/gorm"
|
||||
)
|
||||
|
||||
type RedirectData struct {
|
||||
@@ -23,5 +30,181 @@ type RedirectResult struct {
|
||||
}
|
||||
|
||||
func (self *AuthServiceImpl) Redirect(payload *RedirectPayload) (result *RedirectResult) {
|
||||
var err error
|
||||
|
||||
authCode, ok := authcode.VerifyAuthCode(payload.Context, payload.Data.Code)
|
||||
if !ok {
|
||||
exception := new(exception.Builder).
|
||||
SetStatus(exception.StatusUser).
|
||||
SetService(exception.ServiceAuth).
|
||||
SetEndpoint(exception.EndpointAuthServiceRedirect).
|
||||
SetType(exception.TypeSpecific).
|
||||
SetOriginal(exception.AuthRedirectTokenInvalid).
|
||||
Throw(payload.Context)
|
||||
|
||||
result = &RedirectResult{
|
||||
Common: shared.CommonResult{
|
||||
HttpCode: 403,
|
||||
Exception: exception,
|
||||
},
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
userData, err := new(data.User).
|
||||
GetByEmail(payload.Context, &authCode.Email)
|
||||
if err != nil {
|
||||
if err == gorm.ErrRecordNotFound {
|
||||
userData.UUID = uuid.New()
|
||||
userData.UserId = uuid.New()
|
||||
userData.Email = authCode.Email
|
||||
userData.Username = userData.UserId.String()
|
||||
userData.PermissionLevel = 10
|
||||
if err := userData.Create(payload.Context); err != nil {
|
||||
exception := new(exception.Builder).
|
||||
SetStatus(exception.StatusServer).
|
||||
SetService(exception.ServiceAuth).
|
||||
SetEndpoint(exception.EndpointAuthServiceRedirect).
|
||||
SetType(exception.TypeCommon).
|
||||
SetOriginal(exception.CommonErrorInternal).
|
||||
SetError(err).
|
||||
Throw(payload.Context)
|
||||
|
||||
result = &RedirectResult{
|
||||
Common: shared.CommonResult{
|
||||
HttpCode: 500,
|
||||
Exception: exception,
|
||||
},
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
} else {
|
||||
exception := new(exception.Builder).
|
||||
SetStatus(exception.StatusServer).
|
||||
SetService(exception.ServiceAuth).
|
||||
SetEndpoint(exception.EndpointAuthServiceRedirect).
|
||||
SetType(exception.TypeCommon).
|
||||
SetOriginal(exception.CommonErrorInternal).
|
||||
SetError(err).
|
||||
Throw(payload.Context)
|
||||
|
||||
result = &RedirectResult{
|
||||
Common: shared.CommonResult{
|
||||
HttpCode: 500,
|
||||
Exception: exception,
|
||||
},
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
clientData := new(data.Client)
|
||||
client, err := clientData.GetClientByClientId(payload.Context, payload.Data.ClientId)
|
||||
if err != nil {
|
||||
exception := new(exception.Builder).
|
||||
SetStatus(exception.StatusUser).
|
||||
SetService(exception.ServiceAuth).
|
||||
SetEndpoint(exception.EndpointAuthServiceRedirect).
|
||||
SetType(exception.TypeSpecific).
|
||||
SetOriginal(exception.AuthRedirectClientNotFound).
|
||||
SetError(err).
|
||||
Throw(payload.Context)
|
||||
|
||||
result = &RedirectResult{
|
||||
Common: shared.CommonResult{
|
||||
HttpCode: 400,
|
||||
Exception: exception,
|
||||
},
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
if err = client.ValidateRedirectURI(payload.Data.RedirectUri); err != nil {
|
||||
exception := new(exception.Builder).
|
||||
SetStatus(exception.StatusUser).
|
||||
SetService(exception.ServiceAuth).
|
||||
SetEndpoint(exception.EndpointAuthServiceRedirect).
|
||||
SetType(exception.TypeSpecific).
|
||||
SetOriginal(exception.AuthRedirectUriMismatch).
|
||||
SetError(err).
|
||||
Throw(payload.Context)
|
||||
|
||||
result = &RedirectResult{
|
||||
Common: shared.CommonResult{
|
||||
HttpCode: 400,
|
||||
Exception: exception,
|
||||
},
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
newCode, err := authcode.NewAuthCode(payload.Context, payload.Data.ClientId, authCode.Email)
|
||||
if err != nil {
|
||||
exception := new(exception.Builder).
|
||||
SetStatus(exception.StatusServer).
|
||||
SetService(exception.ServiceAuth).
|
||||
SetEndpoint(exception.EndpointAuthServiceRedirect).
|
||||
SetType(exception.TypeCommon).
|
||||
SetOriginal(exception.CommonErrorInternal).
|
||||
SetError(err).
|
||||
Throw(payload.Context)
|
||||
|
||||
result = &RedirectResult{
|
||||
Common: shared.CommonResult{
|
||||
HttpCode: 500,
|
||||
Exception: exception,
|
||||
},
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
targetUrl, err := url.Parse(payload.Data.RedirectUri)
|
||||
if err != nil {
|
||||
exception := new(exception.Builder).
|
||||
SetStatus(exception.StatusUser).
|
||||
SetService(exception.ServiceAuth).
|
||||
SetEndpoint(exception.EndpointAuthServiceRedirect).
|
||||
SetType(exception.TypeSpecific).
|
||||
SetOriginal(exception.AuthRedirectInvalidUri).
|
||||
SetError(err).
|
||||
Throw(payload.Context)
|
||||
|
||||
result = &RedirectResult{
|
||||
Common: shared.CommonResult{
|
||||
HttpCode: 400,
|
||||
Exception: exception,
|
||||
},
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
query := targetUrl.Query()
|
||||
query.Set("code", newCode)
|
||||
if payload.Data.State != "" {
|
||||
query.Set("state", payload.Data.State)
|
||||
}
|
||||
targetUrl.RawQuery = query.Encode()
|
||||
|
||||
result = &RedirectResult{
|
||||
Common: shared.CommonResult{
|
||||
HttpCode: 200,
|
||||
Exception: new(exception.Builder).
|
||||
SetStatus(exception.StatusSuccess).
|
||||
SetService(exception.ServiceAuth).
|
||||
SetEndpoint(exception.EndpointAuthServiceRedirect).
|
||||
SetType(exception.TypeCommon).
|
||||
SetOriginal(exception.CommonSuccess).
|
||||
Throw(payload.Context),
|
||||
},
|
||||
Data: targetUrl.String(),
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
99
service/service_auth/refresh.go
Normal file
99
service/service_auth/refresh.go
Normal file
@@ -0,0 +1,99 @@
|
||||
package service_auth
|
||||
|
||||
import (
|
||||
"context"
|
||||
"nixcn-cms/internal/authtoken"
|
||||
"nixcn-cms/internal/exception"
|
||||
"nixcn-cms/service/shared"
|
||||
|
||||
"github.com/spf13/viper"
|
||||
)
|
||||
|
||||
type RefreshData struct {
|
||||
RefreshToken string `json:"refresh_token"`
|
||||
}
|
||||
|
||||
type RefreshPayload struct {
|
||||
Context context.Context
|
||||
Data *RefreshData
|
||||
}
|
||||
|
||||
type RefreshResult struct {
|
||||
Common shared.CommonResult
|
||||
Data *TokenResponse
|
||||
}
|
||||
|
||||
func (self *AuthServiceImpl) Refresh(payload *RefreshPayload) (result *RefreshResult) {
|
||||
JwtTool := authtoken.Token{
|
||||
Application: viper.GetString("server.application"),
|
||||
}
|
||||
|
||||
// 1. Refresh Access Token
|
||||
accessToken, err := JwtTool.RefreshAccessToken(payload.Context, payload.Data.RefreshToken)
|
||||
if err != nil {
|
||||
exception := new(exception.Builder).
|
||||
SetStatus(exception.StatusUser).
|
||||
SetService(exception.ServiceAuth).
|
||||
SetEndpoint(exception.EndpointAuthServiceRefresh).
|
||||
SetType(exception.TypeSpecific).
|
||||
SetOriginal(exception.AuthRefreshInvalidToken).
|
||||
SetError(err).
|
||||
Throw(payload.Context)
|
||||
|
||||
result = &RefreshResult{
|
||||
Common: shared.CommonResult{
|
||||
HttpCode: 401,
|
||||
Exception: exception,
|
||||
},
|
||||
Data: nil,
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
// 2. Renew Refresh Token (Rotation)
|
||||
refreshToken, err := JwtTool.RenewRefreshToken(payload.Context, payload.Data.RefreshToken)
|
||||
if err != nil {
|
||||
exception := new(exception.Builder).
|
||||
SetStatus(exception.StatusServer).
|
||||
SetService(exception.ServiceAuth).
|
||||
SetEndpoint(exception.EndpointAuthServiceRefresh).
|
||||
SetType(exception.TypeSpecific).
|
||||
SetOriginal(exception.AuthRefreshRenewFailed).
|
||||
SetError(err).
|
||||
Throw(payload.Context)
|
||||
|
||||
result = &RefreshResult{
|
||||
Common: shared.CommonResult{
|
||||
HttpCode: 500,
|
||||
Exception: exception,
|
||||
},
|
||||
Data: nil,
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
// 3. Success Assignment
|
||||
exception := new(exception.Builder).
|
||||
SetStatus(exception.StatusSuccess).
|
||||
SetService(exception.ServiceAuth).
|
||||
SetEndpoint(exception.EndpointAuthServiceRefresh).
|
||||
SetType(exception.TypeCommon).
|
||||
SetOriginal(exception.CommonSuccess).
|
||||
SetError(nil).
|
||||
Throw(payload.Context)
|
||||
|
||||
result = &RefreshResult{
|
||||
Common: shared.CommonResult{
|
||||
HttpCode: 200,
|
||||
Exception: exception,
|
||||
},
|
||||
Data: &TokenResponse{
|
||||
AccessToken: accessToken,
|
||||
RefreshToken: refreshToken,
|
||||
},
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
@@ -3,6 +3,9 @@ package service_auth
|
||||
type AuthService interface {
|
||||
Exchange(*ExchangePayload) *ExchangeResult
|
||||
Magic(*MagicPayload) *MagicResult
|
||||
Redirect(*RedirectPayload) *RedirectResult
|
||||
Token(*TokenPayload) *TokenResult
|
||||
Refresh(*RefreshPayload) *RefreshResult
|
||||
}
|
||||
|
||||
type AuthServiceImpl struct{}
|
||||
|
||||
118
service/service_auth/token.go
Normal file
118
service/service_auth/token.go
Normal file
@@ -0,0 +1,118 @@
|
||||
package service_auth
|
||||
|
||||
import (
|
||||
"context"
|
||||
"nixcn-cms/data"
|
||||
"nixcn-cms/internal/authcode"
|
||||
"nixcn-cms/internal/authtoken"
|
||||
"nixcn-cms/internal/exception"
|
||||
"nixcn-cms/service/shared"
|
||||
|
||||
"github.com/spf13/viper"
|
||||
)
|
||||
|
||||
type TokenData struct {
|
||||
Code string `json:"code"`
|
||||
}
|
||||
|
||||
type TokenPayload struct {
|
||||
Context context.Context
|
||||
Data *TokenData
|
||||
}
|
||||
|
||||
type TokenResult struct {
|
||||
Common shared.CommonResult
|
||||
Data *TokenResponse
|
||||
}
|
||||
|
||||
type TokenResponse struct {
|
||||
AccessToken string `json:"access_token"`
|
||||
RefreshToken string `json:"refresh_token"`
|
||||
}
|
||||
|
||||
func (self *AuthServiceImpl) Token(payload *TokenPayload) (result *TokenResult) {
|
||||
authCode, ok := authcode.VerifyAuthCode(payload.Context, payload.Data.Code)
|
||||
if !ok {
|
||||
exception := new(exception.Builder).
|
||||
SetStatus(exception.StatusUser).
|
||||
SetService(exception.ServiceAuth).
|
||||
SetEndpoint(exception.EndpointAuthServiceToken).
|
||||
SetType(exception.TypeSpecific).
|
||||
SetOriginal(exception.AuthTokenInvalidToken).
|
||||
Throw(payload.Context)
|
||||
|
||||
result = &TokenResult{
|
||||
Common: shared.CommonResult{
|
||||
HttpCode: 403,
|
||||
Exception: exception,
|
||||
},
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
userData := new(data.User)
|
||||
user, err := userData.GetByEmail(payload.Context, &authCode.Email)
|
||||
if err != nil {
|
||||
exception := new(exception.Builder).
|
||||
SetStatus(exception.StatusServer).
|
||||
SetService(exception.ServiceAuth).
|
||||
SetEndpoint(exception.EndpointAuthServiceToken).
|
||||
SetType(exception.TypeCommon).
|
||||
SetOriginal(exception.CommonErrorInternal).
|
||||
SetError(err).
|
||||
Throw(payload.Context)
|
||||
|
||||
result = &TokenResult{
|
||||
Common: shared.CommonResult{
|
||||
HttpCode: 500,
|
||||
Exception: exception,
|
||||
},
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
JwtTool := authtoken.Token{
|
||||
Application: viper.GetString("server.application"),
|
||||
}
|
||||
accessToken, refreshToken, err := JwtTool.IssueTokens(payload.Context, authCode.ClientId, user.UserId)
|
||||
if err != nil {
|
||||
exception := new(exception.Builder).
|
||||
SetStatus(exception.StatusServer).
|
||||
SetService(exception.ServiceAuth).
|
||||
SetEndpoint(exception.EndpointAuthServiceToken).
|
||||
SetType(exception.TypeSpecific).
|
||||
SetOriginal(exception.AuthTokenGenFailed).
|
||||
SetError(err).
|
||||
Throw(payload.Context)
|
||||
|
||||
result = &TokenResult{
|
||||
Common: shared.CommonResult{
|
||||
HttpCode: 500,
|
||||
Exception: exception,
|
||||
},
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
result = &TokenResult{
|
||||
Common: shared.CommonResult{
|
||||
HttpCode: 200,
|
||||
Exception: new(exception.Builder).
|
||||
SetStatus(exception.StatusSuccess).
|
||||
SetService(exception.ServiceAuth).
|
||||
SetEndpoint(exception.EndpointAuthServiceToken).
|
||||
SetType(exception.TypeCommon).
|
||||
SetOriginal(exception.CommonSuccess).
|
||||
Throw(payload.Context),
|
||||
},
|
||||
Data: &TokenResponse{
|
||||
AccessToken: accessToken,
|
||||
RefreshToken: refreshToken,
|
||||
},
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
Reference in New Issue
Block a user