added jwt_adapter from heruvym

2023-02-22 22:17:58 +05:00 · 2023-02-22 22:17:58 +05:00 · 82a8b6029b
commit 82a8b6029b
parent a6953dd1df
2 changed files with 95 additions and 3 deletions
--- a/README.md
+++ b/README.md
@ -1,4 +1,4 @@
-# Penahub Jwt Adapter
+# Penahub Common



@ -15,14 +15,14 @@ Already a pro? Just edit this README.md and make it your own. Want to make it ea

 ```
 cd existing_repo
-git remote add origin https://penahub.gitlab.yandexcloud.net/backend/penahub_jwt_adapter.git
+git remote add origin https://penahub.gitlab.yandexcloud.net/backend/penahub_common.git
 git branch -M main
 git push -uf origin main
 ```

 ## Integrate with your tools

- [ ] [Set up project integrations](https://penahub.gitlab.yandexcloud.net/backend/penahub_jwt_adapter/-/settings/integrations)
+- [ ] [Set up project integrations](https://penahub.gitlab.yandexcloud.net/backend/penahub_common/-/settings/integrations)

 ## Collaborate with your team

--- a/jwt_adapter/jwt_adapter.go
+++ b/jwt_adapter/jwt_adapter.go
@ -0,0 +1,92 @@
+package jwt_adapter
+
+import (
+	"context"
+	"fmt"
+	"github.com/dgrijalva/jwt-go"
+	"os"
+	"time"
+)
+
+const (
+	DefaultAccessSecret = "awesomeAC"
+	DefaultHeaderKey    = "Authorization"
+)
+
+var (
+	//_            cookie.Cookie = new(JwtAdapter)
+	accessSecret = DefaultAccessSecret
+)
+
+type JwtAdapter struct {
+	jwt.StandardClaims
+}
+
+func init() {
+	aS := os.Getenv("JWT_SECRET")
+
+	if len(aS) != 0 {
+		accessSecret = aS
+	}
+}
+
+func Get(ctx context.Context) *JwtAdapter {
+	if adapter, ok := ctx.Value(DefaultHeaderKey).(*JwtAdapter); ok {
+		return adapter
+	}
+
+	return nil
+}
+
+func (receiver *JwtAdapter) SetUserID(ID string) {
+	receiver.Id = ID
+}
+
+func (receiver *JwtAdapter) GetUserID() string {
+	return receiver.Id
+}
+
+func (receiver *JwtAdapter) Validate() error {
+	if err := receiver.Valid(); err != nil {
+		return err
+	}
+
+	if !receiver.VerifyIssuer("pena-auth-service", true) {
+		return fmt.Errorf("invalid issuer")
+	}
+
+	if !receiver.VerifyAudience("pena", true) {
+		return fmt.Errorf("invalid audience")
+	}
+
+	return nil
+}
+
+func Decode(tokenString string) (*JwtAdapter, error) {
+	token, err := jwt.ParseWithClaims(tokenString, &JwtAdapter{}, func(token *jwt.Token) (interface{}, error) {
+		if _, ok := token.Method.(*jwt.SigningMethodRSA); !ok {
+			return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
+		}
+
+		return []byte(accessSecret), nil
+	})
+
+	if err != nil {
+		return nil, err
+	}
+
+	claims, ok := token.Claims.(*JwtAdapter)
+	if !ok && !token.Valid {
+		return nil, fmt.Errorf("ErrorNoValidClaims")
+	}
+
+	if err := claims.Validate(); err != nil {
+		return nil, err
+	}
+
+	return claims, nil
+}
+
+func Timestamp() int64 {
+	return time.Now().UnixNano() / int64(time.Millisecond)
+}