0x1d
04022b835e
- Add VerifyPassword RPC to Identity Service - Added to proto file and generated code - Implemented in Identity Service gRPC server - Added to Identity Service client interface and gRPC client - Complete RefreshToken implementation - Store refresh tokens in database using RefreshToken entity - Validate refresh tokens with expiration checking - Revoke refresh tokens on logout and token rotation - Integrate Authz Service for role retrieval - Added AuthzServiceClient to Auth Service - Get user roles during login and token refresh - Gracefully handle Authz Service failures - Require JWT secret in configuration - Removed default secret fallback - Service fails to start if JWT secret is not configured - Fix Consul health checks for Docker - Services now register with Docker service names (e.g., audit-service) - Allows Consul (in Docker) to reach services via Docker DNS - Health checks use gRPC service names instead of localhost This completes all TODOs in auth_service_fx.go and fixes the Consul health check failures in Docker environments.
248 lines
10 KiB
Go
248 lines
10 KiB
Go
// Code generated by protoc-gen-go-grpc. DO NOT EDIT.
|
|
// versions:
|
|
// - protoc-gen-go-grpc v1.5.1
|
|
// - protoc v6.30.2
|
|
// source: authz.proto
|
|
|
|
package authzv1
|
|
|
|
import (
|
|
context "context"
|
|
grpc "google.golang.org/grpc"
|
|
codes "google.golang.org/grpc/codes"
|
|
status "google.golang.org/grpc/status"
|
|
)
|
|
|
|
// This is a compile-time assertion to ensure that this generated file
|
|
// is compatible with the grpc package it is being compiled against.
|
|
// Requires gRPC-Go v1.64.0 or later.
|
|
const _ = grpc.SupportPackageIsVersion9
|
|
|
|
const (
|
|
AuthzService_Authorize_FullMethodName = "/authz.v1.AuthzService/Authorize"
|
|
AuthzService_HasPermission_FullMethodName = "/authz.v1.AuthzService/HasPermission"
|
|
AuthzService_GetUserPermissions_FullMethodName = "/authz.v1.AuthzService/GetUserPermissions"
|
|
AuthzService_GetUserRoles_FullMethodName = "/authz.v1.AuthzService/GetUserRoles"
|
|
)
|
|
|
|
// AuthzServiceClient is the client API for AuthzService service.
|
|
//
|
|
// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
|
|
//
|
|
// AuthzService provides authorization operations.
|
|
type AuthzServiceClient interface {
|
|
// Authorize checks if a user has a specific permission and returns an error if not.
|
|
Authorize(ctx context.Context, in *AuthorizeRequest, opts ...grpc.CallOption) (*AuthorizeResponse, error)
|
|
// HasPermission checks if a user has a specific permission.
|
|
HasPermission(ctx context.Context, in *HasPermissionRequest, opts ...grpc.CallOption) (*HasPermissionResponse, error)
|
|
// GetUserPermissions returns all permissions for a user.
|
|
GetUserPermissions(ctx context.Context, in *GetUserPermissionsRequest, opts ...grpc.CallOption) (*GetUserPermissionsResponse, error)
|
|
// GetUserRoles returns all roles for a user.
|
|
GetUserRoles(ctx context.Context, in *GetUserRolesRequest, opts ...grpc.CallOption) (*GetUserRolesResponse, error)
|
|
}
|
|
|
|
type authzServiceClient struct {
|
|
cc grpc.ClientConnInterface
|
|
}
|
|
|
|
func NewAuthzServiceClient(cc grpc.ClientConnInterface) AuthzServiceClient {
|
|
return &authzServiceClient{cc}
|
|
}
|
|
|
|
func (c *authzServiceClient) Authorize(ctx context.Context, in *AuthorizeRequest, opts ...grpc.CallOption) (*AuthorizeResponse, error) {
|
|
cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
|
|
out := new(AuthorizeResponse)
|
|
err := c.cc.Invoke(ctx, AuthzService_Authorize_FullMethodName, in, out, cOpts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
func (c *authzServiceClient) HasPermission(ctx context.Context, in *HasPermissionRequest, opts ...grpc.CallOption) (*HasPermissionResponse, error) {
|
|
cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
|
|
out := new(HasPermissionResponse)
|
|
err := c.cc.Invoke(ctx, AuthzService_HasPermission_FullMethodName, in, out, cOpts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
func (c *authzServiceClient) GetUserPermissions(ctx context.Context, in *GetUserPermissionsRequest, opts ...grpc.CallOption) (*GetUserPermissionsResponse, error) {
|
|
cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
|
|
out := new(GetUserPermissionsResponse)
|
|
err := c.cc.Invoke(ctx, AuthzService_GetUserPermissions_FullMethodName, in, out, cOpts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
func (c *authzServiceClient) GetUserRoles(ctx context.Context, in *GetUserRolesRequest, opts ...grpc.CallOption) (*GetUserRolesResponse, error) {
|
|
cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
|
|
out := new(GetUserRolesResponse)
|
|
err := c.cc.Invoke(ctx, AuthzService_GetUserRoles_FullMethodName, in, out, cOpts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
// AuthzServiceServer is the server API for AuthzService service.
|
|
// All implementations must embed UnimplementedAuthzServiceServer
|
|
// for forward compatibility.
|
|
//
|
|
// AuthzService provides authorization operations.
|
|
type AuthzServiceServer interface {
|
|
// Authorize checks if a user has a specific permission and returns an error if not.
|
|
Authorize(context.Context, *AuthorizeRequest) (*AuthorizeResponse, error)
|
|
// HasPermission checks if a user has a specific permission.
|
|
HasPermission(context.Context, *HasPermissionRequest) (*HasPermissionResponse, error)
|
|
// GetUserPermissions returns all permissions for a user.
|
|
GetUserPermissions(context.Context, *GetUserPermissionsRequest) (*GetUserPermissionsResponse, error)
|
|
// GetUserRoles returns all roles for a user.
|
|
GetUserRoles(context.Context, *GetUserRolesRequest) (*GetUserRolesResponse, error)
|
|
mustEmbedUnimplementedAuthzServiceServer()
|
|
}
|
|
|
|
// UnimplementedAuthzServiceServer must be embedded to have
|
|
// forward compatible implementations.
|
|
//
|
|
// NOTE: this should be embedded by value instead of pointer to avoid a nil
|
|
// pointer dereference when methods are called.
|
|
type UnimplementedAuthzServiceServer struct{}
|
|
|
|
func (UnimplementedAuthzServiceServer) Authorize(context.Context, *AuthorizeRequest) (*AuthorizeResponse, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method Authorize not implemented")
|
|
}
|
|
func (UnimplementedAuthzServiceServer) HasPermission(context.Context, *HasPermissionRequest) (*HasPermissionResponse, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method HasPermission not implemented")
|
|
}
|
|
func (UnimplementedAuthzServiceServer) GetUserPermissions(context.Context, *GetUserPermissionsRequest) (*GetUserPermissionsResponse, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method GetUserPermissions not implemented")
|
|
}
|
|
func (UnimplementedAuthzServiceServer) GetUserRoles(context.Context, *GetUserRolesRequest) (*GetUserRolesResponse, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method GetUserRoles not implemented")
|
|
}
|
|
func (UnimplementedAuthzServiceServer) mustEmbedUnimplementedAuthzServiceServer() {}
|
|
func (UnimplementedAuthzServiceServer) testEmbeddedByValue() {}
|
|
|
|
// UnsafeAuthzServiceServer may be embedded to opt out of forward compatibility for this service.
|
|
// Use of this interface is not recommended, as added methods to AuthzServiceServer will
|
|
// result in compilation errors.
|
|
type UnsafeAuthzServiceServer interface {
|
|
mustEmbedUnimplementedAuthzServiceServer()
|
|
}
|
|
|
|
func RegisterAuthzServiceServer(s grpc.ServiceRegistrar, srv AuthzServiceServer) {
|
|
// If the following call pancis, it indicates UnimplementedAuthzServiceServer was
|
|
// embedded by pointer and is nil. This will cause panics if an
|
|
// unimplemented method is ever invoked, so we test this at initialization
|
|
// time to prevent it from happening at runtime later due to I/O.
|
|
if t, ok := srv.(interface{ testEmbeddedByValue() }); ok {
|
|
t.testEmbeddedByValue()
|
|
}
|
|
s.RegisterService(&AuthzService_ServiceDesc, srv)
|
|
}
|
|
|
|
func _AuthzService_Authorize_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(AuthorizeRequest)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(AuthzServiceServer).Authorize(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: AuthzService_Authorize_FullMethodName,
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(AuthzServiceServer).Authorize(ctx, req.(*AuthorizeRequest))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
func _AuthzService_HasPermission_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(HasPermissionRequest)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(AuthzServiceServer).HasPermission(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: AuthzService_HasPermission_FullMethodName,
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(AuthzServiceServer).HasPermission(ctx, req.(*HasPermissionRequest))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
func _AuthzService_GetUserPermissions_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(GetUserPermissionsRequest)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(AuthzServiceServer).GetUserPermissions(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: AuthzService_GetUserPermissions_FullMethodName,
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(AuthzServiceServer).GetUserPermissions(ctx, req.(*GetUserPermissionsRequest))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
func _AuthzService_GetUserRoles_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(GetUserRolesRequest)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(AuthzServiceServer).GetUserRoles(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: AuthzService_GetUserRoles_FullMethodName,
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(AuthzServiceServer).GetUserRoles(ctx, req.(*GetUserRolesRequest))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
// AuthzService_ServiceDesc is the grpc.ServiceDesc for AuthzService service.
|
|
// It's only intended for direct use with grpc.RegisterService,
|
|
// and not to be introspected or modified (even as a copy)
|
|
var AuthzService_ServiceDesc = grpc.ServiceDesc{
|
|
ServiceName: "authz.v1.AuthzService",
|
|
HandlerType: (*AuthzServiceServer)(nil),
|
|
Methods: []grpc.MethodDesc{
|
|
{
|
|
MethodName: "Authorize",
|
|
Handler: _AuthzService_Authorize_Handler,
|
|
},
|
|
{
|
|
MethodName: "HasPermission",
|
|
Handler: _AuthzService_HasPermission_Handler,
|
|
},
|
|
{
|
|
MethodName: "GetUserPermissions",
|
|
Handler: _AuthzService_GetUserPermissions_Handler,
|
|
},
|
|
{
|
|
MethodName: "GetUserRoles",
|
|
Handler: _AuthzService_GetUserRoles_Handler,
|
|
},
|
|
},
|
|
Streams: []grpc.StreamDesc{},
|
|
Metadata: "authz.proto",
|
|
}
|