github.com/infraboard/keyauth@v0.8.1/apps/token/request.ext.go (about)

     1  package token
     2  
     3  import (
     4  	"errors"
     5  	fmt "fmt"
     6  	"net/http"
     7  	"strings"
     8  
     9  	"github.com/go-playground/validator/v10"
    10  	"github.com/infraboard/mcube/exception"
    11  	"github.com/infraboard/mcube/http/request"
    12  )
    13  
    14  // use a single instance of Validate, it caches struct info
    15  var (
    16  	validate = validator.New()
    17  )
    18  
    19  // NewBlockTokenRequest todo
    20  func NewBlockTokenRequest(accessToken string, bt BlockType, reason string) *BlockTokenRequest {
    21  	return &BlockTokenRequest{
    22  		AccessToken: accessToken,
    23  		BlockType:   bt,
    24  		BlockReason: reason,
    25  	}
    26  }
    27  
    28  // NewDescribeTokenRequest 实例化
    29  func NewDescribeTokenRequest() *DescribeTokenRequest {
    30  	return &DescribeTokenRequest{}
    31  }
    32  
    33  // NewDescribeTokenRequestWithAccessToken 实例化
    34  func NewDescribeTokenRequestWithAccessToken(at string) *DescribeTokenRequest {
    35  	req := NewDescribeTokenRequest()
    36  	req.AccessToken = at
    37  	return req
    38  }
    39  
    40  // Validate 校验
    41  func (m *DescribeTokenRequest) Validate() error {
    42  	if err := validate.Struct(m); err != nil {
    43  		return err
    44  	}
    45  
    46  	if m.AccessToken == "" && m.RefreshToken == "" {
    47  		return errors.New("describe token request validate error, access_token and refresh_token required one")
    48  	}
    49  
    50  	return nil
    51  }
    52  
    53  // NewRevolkTokenRequest 撤销Token请求
    54  func NewRevolkTokenRequest(clientID, clientSecret string) *RevolkTokenRequest {
    55  	return &RevolkTokenRequest{
    56  		ClientId:      clientID,
    57  		ClientSecret:  clientSecret,
    58  		LogoutSession: true,
    59  	}
    60  }
    61  
    62  // NewQueryDepartmentRequestFromHTTP 列表查询请求
    63  func NewQueryTokenRequestFromHTTP(r *http.Request) (*QueryTokenRequest, error) {
    64  	req := NewQueryTokenRequest(request.NewPageRequestFromHTTP(r))
    65  
    66  	qs := r.URL.Query()
    67  	gt, err := ParseGrantTypeFromString(qs.Get("grant_type"))
    68  	if err != nil {
    69  		return nil, err
    70  	}
    71  	req.GrantType = gt
    72  	return req, err
    73  }
    74  
    75  // NewQueryTokenRequest 请求实例
    76  func NewQueryTokenRequest(page *request.PageRequest) *QueryTokenRequest {
    77  	return &QueryTokenRequest{
    78  		Page: page,
    79  	}
    80  }
    81  
    82  // Validate 校验参数
    83  func (m *ValidateTokenRequest) Validate() error {
    84  	if err := validate.Struct(m); err != nil {
    85  		return err
    86  	}
    87  
    88  	if m.AccessToken == "" && m.RefreshToken == "" {
    89  		return errors.New("access_token and refresh_token required one")
    90  	}
    91  
    92  	return nil
    93  }
    94  
    95  // NewValidateTokenRequest 实例化
    96  func NewValidateTokenRequest() *ValidateTokenRequest {
    97  	return &ValidateTokenRequest{}
    98  }
    99  
   100  // Validate 校验请求
   101  func (m *IssueTokenRequest) Validate() error {
   102  	if err := validate.Struct(m); err != nil {
   103  		return err
   104  	}
   105  
   106  	switch m.GrantType {
   107  	case GrantType_PASSWORD:
   108  		if m.Username == "" || m.Password == "" {
   109  			return fmt.Errorf("use %s grant type, username and password required", GrantType_PASSWORD)
   110  		}
   111  	case GrantType_REFRESH:
   112  		if m.AccessToken == "" {
   113  			return fmt.Errorf("use %s grant type, access_token required", GrantType_REFRESH)
   114  		}
   115  		if m.RefreshToken == "" {
   116  			return fmt.Errorf("use %s grant type, refresh_token required", GrantType_REFRESH)
   117  		}
   118  	case GrantType_ACCESS:
   119  		if m.AccessToken == "" {
   120  			return fmt.Errorf("use %s grant type, access_token required", GrantType_ACCESS)
   121  		}
   122  	case GrantType_LDAP:
   123  		if m.Username == "" || m.Password == "" {
   124  			return fmt.Errorf("use %s grant type, username and password required", GrantType_LDAP)
   125  		}
   126  	case GrantType_CLIENT:
   127  	case GrantType_AUTH_CODE:
   128  		if m.AuthCode == "" {
   129  			return fmt.Errorf("use %s grant type, code required", GrantType_AUTH_CODE)
   130  		}
   131  	case GrantType_WECHAT_WORK:
   132  		if m.State == "" || m.Service == "" {
   133  			return fmt.Errorf("use %s grant type, state required", GrantType_WECHAT_WORK)
   134  		}
   135  	default:
   136  		return fmt.Errorf("unknown grant type %s", m.GrantType)
   137  	}
   138  
   139  	return nil
   140  }
   141  
   142  // AbnormalUserCheckKey todo
   143  func (m *IssueTokenRequest) AbnormalUserCheckKey() string {
   144  	return "abnormal_" + m.Username
   145  }
   146  
   147  // WithUserAgent todo
   148  func (m *IssueTokenRequest) WithUserAgent(userAgent string) {
   149  	m.UserAgent = userAgent
   150  }
   151  
   152  // WithRemoteIPFromHTTP todo
   153  func (m *IssueTokenRequest) WithRemoteIPFromHTTP(r *http.Request) {
   154  	m.RemoteIp = request.GetRemoteIP(r)
   155  }
   156  
   157  // WithRemoteIP todo
   158  func (m *IssueTokenRequest) WithRemoteIP(ip string) {
   159  	m.RemoteIp = ip
   160  }
   161  
   162  func (m *IssueTokenRequest) IsLoginRequest() bool {
   163  	if m.GrantType.Equal(GrantType_ACCESS) {
   164  		return false
   165  	}
   166  
   167  	return true
   168  }
   169  
   170  // GetDomainNameFromAccount todo
   171  func (m *IssueTokenRequest) GetDomainNameFromAccount() string {
   172  	d := strings.Split(m.Username, "@")
   173  	if len(d) == 2 {
   174  		return d[1]
   175  	}
   176  
   177  	return ""
   178  }
   179  
   180  // NewIssueTokenRequest 默认请求
   181  func NewIssueTokenRequest() *IssueTokenRequest {
   182  	return &IssueTokenRequest{}
   183  }
   184  
   185  // NewIssueTokenByPassword todo
   186  func NewIssueTokenByPassword(clientID, clientSecret, user, pass string) *IssueTokenRequest {
   187  	return &IssueTokenRequest{
   188  		ClientId:     clientID,
   189  		ClientSecret: clientSecret,
   190  		Username:     user,
   191  		Password:     pass,
   192  		GrantType:    GrantType_PASSWORD,
   193  		RemoteIp:     "127.0.0.1",
   194  	}
   195  }
   196  
   197  // MakeDescribeTokenRequest todo
   198  func (m *ValidateTokenRequest) MakeDescribeTokenRequest() *DescribeTokenRequest {
   199  	req := NewDescribeTokenRequest()
   200  	req.AccessToken = m.AccessToken
   201  	req.RefreshToken = m.RefreshToken
   202  	return req
   203  }
   204  
   205  // Validate todo
   206  func (m *RevolkTokenRequest) Validate() error {
   207  	if err := validate.Struct(m); err != nil {
   208  		return err
   209  	}
   210  
   211  	return nil
   212  }
   213  
   214  // MakeDescribeTokenRequest todo
   215  func (m *RevolkTokenRequest) MakeDescribeTokenRequest() *DescribeTokenRequest {
   216  	req := NewDescribeTokenRequest()
   217  	req.AccessToken = m.AccessToken
   218  	req.RefreshToken = m.RefreshToken
   219  	return req
   220  }
   221  
   222  func NewDeleteTokenRequest() *DeleteTokenRequest {
   223  	return &DeleteTokenRequest{}
   224  }
   225  
   226  func (req *DeleteTokenRequest) Validate() error {
   227  	if len(req.AccessToken) == 0 {
   228  		return exception.NewBadRequest("delete access token array need")
   229  	}
   230  
   231  	return nil
   232  }
   233  
   234  func NewDeleteTokenResponse() *DeleteTokenResponse {
   235  	return &DeleteTokenResponse{}
   236  }
   237  
   238  func NewChangeNamespaceRequest() *ChangeNamespaceRequest {
   239  	return &ChangeNamespaceRequest{}
   240  }
   241  
   242  func (req *ChangeNamespaceRequest) Validate() error {
   243  	return validate.Struct(req)
   244  }