github.com/infraboard/keyauth@v0.8.1/apps/token/http/token.go (about) 1 package http 2 3 import ( 4 "fmt" 5 "net/http" 6 7 "github.com/infraboard/mcube/http/context" 8 "github.com/infraboard/mcube/http/request" 9 "github.com/infraboard/mcube/http/response" 10 11 "github.com/infraboard/keyauth/apps/token" 12 ) 13 14 const ( 15 // CodeHeaderKeyName 认证码 16 CodeHeaderKeyName = "X-Verify-Code" 17 ) 18 19 // IssueToken 颁发资源访问令牌 20 func (h *handler) IssueToken(w http.ResponseWriter, r *http.Request) { 21 req := token.NewIssueTokenRequest() 22 req.WithUserAgent(r.UserAgent()) 23 req.WithRemoteIPFromHTTP(r) 24 25 // 从Header中获取client凭证, 如果有 26 req.ClientId, req.ClientSecret, _ = r.BasicAuth() 27 req.VerifyCode = r.Header.Get(CodeHeaderKeyName) 28 if err := request.GetDataFromRequest(r, req); err != nil { 29 response.Failed(w, err) 30 return 31 } 32 33 d, err := h.service.IssueToken( 34 r.Context(), 35 req, 36 ) 37 if err != nil { 38 response.Failed(w, err) 39 return 40 } 41 42 if req.Service != "" { 43 http.Redirect(w, r, fmt.Sprintf("%s?token=%s", req.Service, d.AccessToken), http.StatusFound) 44 return 45 } 46 47 response.Success(w, d) 48 return 49 } 50 51 // IssueToken 颁发资源访问令牌 52 func (h *handler) ValidateToken(w http.ResponseWriter, r *http.Request) { 53 req := token.NewValidateTokenRequest() 54 qs := r.URL.Query() 55 56 req.AccessToken = r.Header.Get("X-OAUTH-TOKEN") 57 req.EndpointId = qs.Get("endpoint_id") 58 req.NamespaceId = qs.Get("namespace_id") 59 60 d, err := h.service.ValidateToken( 61 r.Context(), 62 req, 63 ) 64 if err != nil { 65 response.Failed(w, err) 66 return 67 } 68 69 response.Success(w, d) 70 return 71 } 72 73 // RevolkToken 撤销资源访问令牌 74 func (h *handler) RevolkToken(w http.ResponseWriter, r *http.Request) { 75 req := token.NewRevolkTokenRequest("", "") 76 req.AccessToken = r.Header.Get("X-OAUTH-TOKEN") 77 req.ClientId, req.ClientSecret, _ = r.BasicAuth() 78 79 _, err := h.service.RevolkToken( 80 r.Context(), 81 req, 82 ) 83 84 if err != nil { 85 response.Failed(w, err) 86 return 87 } 88 89 response.Success(w, "revolk ok") 90 return 91 } 92 93 // QueryToken 获取应用访问凭证 94 func (h *handler) QueryToken(w http.ResponseWriter, r *http.Request) { 95 req, err := token.NewQueryTokenRequestFromHTTP(r) 96 if err != nil { 97 response.Failed(w, err) 98 return 99 } 100 101 tkSet, err := h.service.QueryToken( 102 r.Context(), 103 req, 104 ) 105 if err != nil { 106 response.Failed(w, err) 107 return 108 } 109 110 response.Success(w, tkSet) 111 return 112 } 113 114 // QueryToken 获取应用访问凭证 115 func (h *handler) ChangeNamespace(w http.ResponseWriter, r *http.Request) { 116 ctx := context.GetContext(r) 117 tk := ctx.AuthInfo.(*token.Token) 118 119 req := token.NewChangeNamespaceRequest() 120 req.Token = tk.AccessToken 121 122 if err := request.GetDataFromRequest(r, req); err != nil { 123 response.Failed(w, err) 124 return 125 } 126 127 tkSet, err := h.service.ChangeNamespace( 128 r.Context(), 129 req, 130 ) 131 if err != nil { 132 response.Failed(w, err) 133 return 134 } 135 136 response.Success(w, tkSet) 137 return 138 } 139 140 // RevolkToken 撤销资源访问令牌 141 func (h *handler) DeleteToken(w http.ResponseWriter, r *http.Request) { 142 ctx := context.GetContext(r) 143 tk := ctx.AuthInfo.(*token.Token) 144 145 req := token.NewDeleteTokenRequest() 146 if err := request.GetDataFromRequest(r, req); err != nil { 147 response.Failed(w, err) 148 return 149 } 150 req.Domain = tk.Domain 151 req.Account = tk.Account 152 153 resp, err := h.service.DeleteToken( 154 r.Context(), 155 req, 156 ) 157 158 if err != nil { 159 response.Failed(w, err) 160 return 161 } 162 163 response.Success(w, resp) 164 return 165 }