2017-04-29 02:47:24 +00:00
|
|
|
package server
|
|
|
|
|
|
|
|
import (
|
2017-04-29 03:08:11 +00:00
|
|
|
proto "git.xeserv.us/xena/route/proto"
|
2017-04-29 02:47:24 +00:00
|
|
|
"github.com/Xe/ln"
|
|
|
|
"github.com/Xe/uuid"
|
2017-04-29 03:08:11 +00:00
|
|
|
"golang.org/x/net/context"
|
2017-10-01 15:06:27 +00:00
|
|
|
"golang.org/x/net/trace"
|
2017-04-29 02:47:24 +00:00
|
|
|
"google.golang.org/grpc/codes"
|
|
|
|
"google.golang.org/grpc/status"
|
|
|
|
)
|
|
|
|
|
|
|
|
// Token is the token server implementation for grpc use.
|
|
|
|
type Token struct {
|
|
|
|
*Server
|
|
|
|
}
|
|
|
|
|
|
|
|
// interface assertions
|
|
|
|
var (
|
|
|
|
_ proto.TokensServer = &Token{}
|
|
|
|
)
|
|
|
|
|
|
|
|
func (t *Token) Get(ctx context.Context, req *proto.GetTokenRequest) (*proto.Token, error) {
|
2017-10-01 15:06:27 +00:00
|
|
|
ctx, clitok, err := t.getAuth(ctx, "get single token", "token:get")
|
2017-04-29 02:47:24 +00:00
|
|
|
if err != nil {
|
2017-10-01 15:06:27 +00:00
|
|
|
return nil, handleError(ctx, clitok, err, ln.F{"action": "not authorized"})
|
2017-04-29 02:47:24 +00:00
|
|
|
}
|
|
|
|
|
2017-10-01 15:06:27 +00:00
|
|
|
tr, _ := trace.FromContext(ctx)
|
|
|
|
defer tr.Finish()
|
|
|
|
|
2017-04-29 02:47:24 +00:00
|
|
|
if req.Id == "" {
|
|
|
|
return nil, status.Errorf(codes.InvalidArgument, "must specify ID")
|
|
|
|
}
|
|
|
|
|
|
|
|
dbt, err := t.db.GetTokenID(ctx, req.Id)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
if dbt.Owner != clitok.Owner {
|
|
|
|
return nil, ErrNotAuthorized
|
|
|
|
}
|
|
|
|
|
|
|
|
return dbt.AsProto(), nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (t *Token) GetAll(ctx context.Context, req *proto.Nil) (*proto.TokenSet, error) {
|
2017-10-01 15:06:27 +00:00
|
|
|
ctx, clitok, err := t.getAuth(ctx, "get all tokens", "token:getall")
|
2017-04-29 02:47:24 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, handleError(ctx, clitok, err, ln.F{"action": "Token.GetAll_getAuth"})
|
|
|
|
}
|
|
|
|
|
2017-10-01 15:06:27 +00:00
|
|
|
tr, _ := trace.FromContext(ctx)
|
|
|
|
defer tr.Finish()
|
|
|
|
|
2017-04-29 02:47:24 +00:00
|
|
|
toks, err := t.db.GetTokensForOwner(ctx, clitok.Owner)
|
|
|
|
if err != nil {
|
|
|
|
return nil, handleError(ctx, clitok, err, ln.F{"action": "Token.GetAll_db.GetTokensForOwner"})
|
|
|
|
}
|
|
|
|
|
|
|
|
result := []*proto.Token{}
|
|
|
|
|
|
|
|
for _, tok := range toks {
|
|
|
|
result = append(result, tok.AsProto())
|
|
|
|
}
|
|
|
|
|
|
|
|
return &proto.TokenSet{
|
|
|
|
Tokens: result,
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (t *Token) Put(ctx context.Context, tok *proto.Token) (*proto.Token, error) {
|
2017-10-01 15:06:27 +00:00
|
|
|
ctx, clitok, err := t.getAuth(ctx, "put new token", "token:put")
|
2017-04-29 02:47:24 +00:00
|
|
|
if err != nil {
|
2017-10-01 15:06:27 +00:00
|
|
|
return nil, handleError(ctx, clitok, err, ln.F{"action": "not authorized"})
|
2017-04-29 02:47:24 +00:00
|
|
|
}
|
|
|
|
|
2017-10-01 15:06:27 +00:00
|
|
|
tr, _ := trace.FromContext(ctx)
|
|
|
|
defer tr.Finish()
|
|
|
|
|
2017-04-29 02:47:24 +00:00
|
|
|
dbt, err := t.db.PutToken(ctx, uuid.New(), clitok.Owner, tok.Scopes)
|
|
|
|
if err != nil {
|
2017-10-01 15:06:27 +00:00
|
|
|
return nil, handleError(ctx, clitok, err, ln.F{"action": "put token into database", "scopes": tok.Scopes})
|
2017-04-29 02:47:24 +00:00
|
|
|
}
|
|
|
|
|
2017-10-01 15:06:27 +00:00
|
|
|
ln.Log(ctx, dbt, ln.Action("new token created"))
|
|
|
|
|
2017-04-29 02:47:24 +00:00
|
|
|
return dbt.AsProto(), nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (t *Token) Delete(ctx context.Context, tok *proto.Token) (*proto.Nil, error) {
|
2017-10-01 15:06:27 +00:00
|
|
|
ctx, clitok, err := t.getAuth(ctx, "delete single token", "token:delete")
|
2017-04-29 02:47:24 +00:00
|
|
|
if err != nil {
|
2017-10-01 15:06:27 +00:00
|
|
|
return nil, handleError(ctx, clitok, err, ln.F{"action": "not authorized"})
|
2017-04-29 02:47:24 +00:00
|
|
|
}
|
|
|
|
|
2017-10-01 15:06:27 +00:00
|
|
|
tr, _ := trace.FromContext(ctx)
|
|
|
|
defer tr.Finish()
|
|
|
|
|
2017-04-29 02:47:24 +00:00
|
|
|
err = t.db.DeleteToken(ctx, tok.Id)
|
|
|
|
if err != nil {
|
2017-10-01 15:06:27 +00:00
|
|
|
return nil, handleError(ctx, clitok, err, ln.F{"action": "delete token from database", "token_id": tok.Id})
|
2017-04-29 02:47:24 +00:00
|
|
|
}
|
|
|
|
|
2017-10-01 15:06:27 +00:00
|
|
|
ln.Log(ctx, clitok, ln.Action("token deleted"), ln.F{"token_id": tok.Id})
|
|
|
|
|
2017-04-29 02:47:24 +00:00
|
|
|
return &proto.Nil{}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (t *Token) Deactivate(ctx context.Context, tok *proto.Token) (*proto.Nil, error) {
|
2017-10-01 15:06:27 +00:00
|
|
|
ctx, clitok, err := t.getAuth(ctx, "deactivate single token", "token:deactivate")
|
2017-04-29 02:47:24 +00:00
|
|
|
if err != nil {
|
2017-10-01 15:06:27 +00:00
|
|
|
return nil, handleError(ctx, clitok, err, ln.F{"action": "not authorized"})
|
2017-04-29 02:47:24 +00:00
|
|
|
}
|
|
|
|
|
2017-10-01 15:06:27 +00:00
|
|
|
tr, _ := trace.FromContext(ctx)
|
|
|
|
defer tr.Finish()
|
|
|
|
|
2017-04-29 02:47:24 +00:00
|
|
|
err = t.db.DeactivateToken(ctx, tok.Id)
|
|
|
|
if err != nil {
|
2017-10-01 15:06:27 +00:00
|
|
|
return nil, handleError(ctx, clitok, err, ln.F{"action": "deactivate token in database", "token_id": tok.Id})
|
2017-04-29 02:47:24 +00:00
|
|
|
}
|
|
|
|
|
2017-10-01 15:06:27 +00:00
|
|
|
ln.Log(ctx, clitok, ln.Action("deactivated token"), ln.F{"token_id": tok.Id})
|
|
|
|
|
2017-04-29 02:47:24 +00:00
|
|
|
return &proto.Nil{}, nil
|
|
|
|
}
|