add groups in claims
This commit is contained in:
parent
1722980514
commit
fd65220b91
@ -184,7 +184,7 @@ func (a HydraConnector) Login(username string, cookies ...*http.Cookie) (t *Toke
|
|||||||
now = now.Add(time.Duration(token.ExpiresIn) * time.Second)
|
now = now.Add(time.Duration(token.ExpiresIn) * time.Second)
|
||||||
unix := now.Unix()
|
unix := now.Unix()
|
||||||
|
|
||||||
c := claims.GetClaims().AddClaimsToToken(username, pp.Data[0].(*peer.Peer).Url)
|
c := claims.GetClaims().AddClaimsToToken(username, pp.Data[0].(*peer.Peer))
|
||||||
c.Session.AccessToken["exp"] = unix
|
c.Session.AccessToken["exp"] = unix
|
||||||
|
|
||||||
b, _ = json.Marshal(c)
|
b, _ = json.Marshal(c)
|
||||||
|
|||||||
@ -1,10 +1,14 @@
|
|||||||
package claims
|
package claims
|
||||||
|
|
||||||
import "oc-auth/conf"
|
import (
|
||||||
|
"oc-auth/conf"
|
||||||
|
|
||||||
|
"cloud.o-forge.io/core/oc-lib/models/peer"
|
||||||
|
)
|
||||||
|
|
||||||
// Tokenizer interface
|
// Tokenizer interface
|
||||||
type ClaimService interface {
|
type ClaimService interface {
|
||||||
AddClaimsToToken(userId string, host string) Claims
|
AddClaimsToToken(userId string, peer *peer.Peer) Claims
|
||||||
DecodeClaimsInToken(host string, method string, forward string, sessionClaims Claims, publicKey string, external bool) (bool, error)
|
DecodeClaimsInToken(host string, method string, forward string, sessionClaims Claims, publicKey string, external bool) (bool, error)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -11,6 +11,7 @@ import (
|
|||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
"cloud.o-forge.io/core/oc-lib/models/peer"
|
||||||
"cloud.o-forge.io/core/oc-lib/tools"
|
"cloud.o-forge.io/core/oc-lib/tools"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -125,7 +126,7 @@ func (h HydraClaims) DecodeClaimsInToken(host string, method string, forward str
|
|||||||
}
|
}
|
||||||
|
|
||||||
// add claims to token method of HydraTokenizer
|
// add claims to token method of HydraTokenizer
|
||||||
func (h HydraClaims) AddClaimsToToken(userId string, host string) Claims {
|
func (h HydraClaims) AddClaimsToToken(userId string, p *peer.Peer) Claims {
|
||||||
claims := Claims{}
|
claims := Claims{}
|
||||||
perms, err := perms_connectors.KetoConnector{}.GetPermissionByUser(userId, true)
|
perms, err := perms_connectors.KetoConnector{}.GetPermissionByUser(userId, true)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -140,10 +141,17 @@ func (h HydraClaims) AddClaimsToToken(userId string, host string) Claims {
|
|||||||
}
|
}
|
||||||
claims.Session.AccessToken[key] = perm.Subject
|
claims.Session.AccessToken[key] = perm.Subject
|
||||||
}
|
}
|
||||||
sign, err := h.encodeSignature(host)
|
sign, err := h.encodeSignature(p.Url)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return claims
|
return claims
|
||||||
}
|
}
|
||||||
|
claims.Session.IDToken["peer_id"] = p.UUID
|
||||||
|
// we should get group from user
|
||||||
|
groups, err := perms_connectors.KetoConnector{}.GetGroupByUser(userId)
|
||||||
|
if err != nil {
|
||||||
|
return claims
|
||||||
|
}
|
||||||
|
claims.Session.IDToken["groups"] = groups
|
||||||
claims.Session.IDToken["signature"] = sign
|
claims.Session.IDToken["signature"] = sign
|
||||||
return claims
|
return claims
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user