github.com/openfga/openfga@v1.5.4-rc1/internal/authn/presharedkey/presharedkey.go

github.com/openfga/openfga@v1.5.4-rc1/internal/authn/presharedkey/presharedkey.go (about)

     1  package presharedkey
     2  
     3  import (
     4  	"context"
     5  	"errors"
     6  
     7  	grpcauth "github.com/grpc-ecosystem/go-grpc-middleware/v2/interceptors/auth"
     8  
     9  	"github.com/openfga/openfga/internal/authn"
    10  )
    11  
    12  type PresharedKeyAuthenticator struct {
    13  	ValidKeys map[string]struct{}
    14  }
    15  
    16  var _ authn.Authenticator = (*PresharedKeyAuthenticator)(nil)
    17  
    18  func NewPresharedKeyAuthenticator(validKeys []string) (*PresharedKeyAuthenticator, error) {
    19  	if len(validKeys) < 1 {
    20  		return nil, errors.New("invalid auth configuration, please specify at least one key")
    21  	}
    22  	vKeys := make(map[string]struct{})
    23  	for _, k := range validKeys {
    24  		vKeys[k] = struct{}{}
    25  	}
    26  
    27  	return &PresharedKeyAuthenticator{ValidKeys: vKeys}, nil
    28  }
    29  
    30  func (pka *PresharedKeyAuthenticator) Authenticate(ctx context.Context) (*authn.AuthClaims, error) {
    31  	authHeader, err := grpcauth.AuthFromMD(ctx, "Bearer")
    32  	if err != nil {
    33  		return nil, authn.ErrMissingBearerToken
    34  	}
    35  
    36  	if _, found := pka.ValidKeys[authHeader]; found {
    37  		return &authn.AuthClaims{
    38  			Subject: "", // no user information in this auth method
    39  		}, nil
    40  	}
    41  
    42  	return nil, authn.ErrUnauthenticated
    43  }
    44  
    45  func (pka *PresharedKeyAuthenticator) Close() {}