From 82a8b6029b761c829d378b5880638787ac54b299 Mon Sep 17 00:00:00 2001
From: Danil Solovyov <solovyevdanil@yandex.ru>
Date: Wed, 22 Feb 2023 22:17:58 +0500
Subject: [PATCH] added jwt_adapter from heruvym

---
 README.md                  |  6 +--
 jwt_adapter/jwt_adapter.go | 92 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 95 insertions(+), 3 deletions(-)
 create mode 100644 jwt_adapter/jwt_adapter.go

diff --git a/README.md b/README.md
index f2aa0f3..3f12369 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-# Penahub Jwt Adapter
+# Penahub Common
 
 
 
@@ -15,14 +15,14 @@ Already a pro? Just edit this README.md and make it your own. Want to make it ea
 
 ```
 cd existing_repo
-git remote add origin https://penahub.gitlab.yandexcloud.net/backend/penahub_jwt_adapter.git
+git remote add origin https://penahub.gitlab.yandexcloud.net/backend/penahub_common.git
 git branch -M main
 git push -uf origin main
 ```
 
 ## Integrate with your tools
 
-- [ ] [Set up project integrations](https://penahub.gitlab.yandexcloud.net/backend/penahub_jwt_adapter/-/settings/integrations)
+- [ ] [Set up project integrations](https://penahub.gitlab.yandexcloud.net/backend/penahub_common/-/settings/integrations)
 
 ## Collaborate with your team
 
diff --git a/jwt_adapter/jwt_adapter.go b/jwt_adapter/jwt_adapter.go
new file mode 100644
index 0000000..48e3d13
--- /dev/null
+++ b/jwt_adapter/jwt_adapter.go
@@ -0,0 +1,92 @@
+package jwt_adapter
+
+import (
+	"context"
+	"fmt"
+	"github.com/dgrijalva/jwt-go"
+	"os"
+	"time"
+)
+
+const (
+	DefaultAccessSecret = "awesomeAC"
+	DefaultHeaderKey    = "Authorization"
+)
+
+var (
+	//_            cookie.Cookie = new(JwtAdapter)
+	accessSecret = DefaultAccessSecret
+)
+
+type JwtAdapter struct {
+	jwt.StandardClaims
+}
+
+func init() {
+	aS := os.Getenv("JWT_SECRET")
+
+	if len(aS) != 0 {
+		accessSecret = aS
+	}
+}
+
+func Get(ctx context.Context) *JwtAdapter {
+	if adapter, ok := ctx.Value(DefaultHeaderKey).(*JwtAdapter); ok {
+		return adapter
+	}
+
+	return nil
+}
+
+func (receiver *JwtAdapter) SetUserID(ID string) {
+	receiver.Id = ID
+}
+
+func (receiver *JwtAdapter) GetUserID() string {
+	return receiver.Id
+}
+
+func (receiver *JwtAdapter) Validate() error {
+	if err := receiver.Valid(); err != nil {
+		return err
+	}
+
+	if !receiver.VerifyIssuer("pena-auth-service", true) {
+		return fmt.Errorf("invalid issuer")
+	}
+
+	if !receiver.VerifyAudience("pena", true) {
+		return fmt.Errorf("invalid audience")
+	}
+
+	return nil
+}
+
+func Decode(tokenString string) (*JwtAdapter, error) {
+	token, err := jwt.ParseWithClaims(tokenString, &JwtAdapter{}, func(token *jwt.Token) (interface{}, error) {
+		if _, ok := token.Method.(*jwt.SigningMethodRSA); !ok {
+			return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
+		}
+
+		return []byte(accessSecret), nil
+	})
+
+	if err != nil {
+		return nil, err
+	}
+
+	claims, ok := token.Claims.(*JwtAdapter)
+	if !ok && !token.Valid {
+		return nil, fmt.Errorf("ErrorNoValidClaims")
+	}
+
+	if err := claims.Validate(); err != nil {
+		return nil, err
+	}
+
+	return claims, nil
+}
+
+func Timestamp() int64 {
+	return time.Now().UnixNano() / int64(time.Millisecond)
+}