github.com/voedger/voedger@v0.0.0-20240520144910-273e84102129/pkg/sys/authnz/impl_enrichprincipaltoken.go (about) 1 /* 2 * Copyright (c) 2020-present unTill Pro, Ltd. 3 */ 4 5 package authnz 6 7 import ( 8 "context" 9 10 "github.com/voedger/voedger/pkg/iauthnz" 11 "github.com/voedger/voedger/pkg/istructs" 12 "github.com/voedger/voedger/pkg/istructsmem" 13 payloads "github.com/voedger/voedger/pkg/itokens-payloads" 14 "github.com/voedger/voedger/pkg/state" 15 16 "golang.org/x/exp/slices" 17 ) 18 19 type enrichPrincipalTokenRR struct { 20 istructs.NullObject 21 enrichedToken string 22 } 23 24 func (r *enrichPrincipalTokenRR) AsString(string) string { 25 return r.enrichedToken 26 } 27 28 // targetApp/parentWS/q.sys.EnrichPrincipalToken 29 // basic auth, WorkspaceOwner 30 func provideExecQryEnrichPrincipalToken(atf payloads.IAppTokensFactory) istructsmem.ExecQueryClosure { 31 return func(ctx context.Context, args istructs.ExecQueryArgs, callback istructs.ExecQueryCallback) (err error) { 32 appQName := args.Workpiece.(interface{ AppQName() istructs.AppQName }).AppQName() 33 appTokens := atf.New(appQName) 34 35 principalToken, err := state.GetPrincipalTokenFromState(args.State) 36 if err != nil { 37 return err 38 } 39 40 principalPayload, err := payloads.GetPrincipalPayload(appTokens, principalToken) 41 if err != nil { 42 return err 43 } 44 45 principals := args.Workpiece.(interface{ GetPrincipals() []iauthnz.Principal }).GetPrincipals() 46 for _, prn := range principals { 47 if prn.Kind != iauthnz.PrincipalKind_Role { 48 continue 49 } 50 newRole := payloads.RoleType{ 51 WSID: prn.WSID, 52 QName: prn.QName, 53 } 54 if !slices.Contains(principalPayload.Roles, newRole) { 55 principalPayload.Roles = append(principalPayload.Roles, newRole) 56 } 57 } 58 59 enrichedToken, err := appTokens.IssueToken(DefaultPrincipalTokenExpiration, &principalPayload) 60 if err != nil { 61 return err 62 } 63 return callback(&enrichPrincipalTokenRR{enrichedToken: enrichedToken}) 64 } 65 }