cool
This commit is contained in:
@ -104,11 +104,10 @@ type UserToken struct {
|
||||
|
||||
// VerifyRequest represents a token verification request
|
||||
type VerifyRequest struct {
|
||||
AppID string `json:"app_id" validate:"required"`
|
||||
Type TokenType `json:"type" validate:"required,oneof=static user"`
|
||||
UserID string `json:"user_id,omitempty"` // Required for user tokens
|
||||
Token string `json:"token" validate:"required"`
|
||||
Permissions []string `json:"permissions,omitempty"`
|
||||
AppID string `json:"app_id" validate:"required"`
|
||||
UserID string `json:"user_id,omitempty"` // Required for user tokens
|
||||
Token string `json:"token" validate:"required"`
|
||||
Permissions []string `json:"permissions,omitempty"`
|
||||
}
|
||||
|
||||
// VerifyResponse represents a token verification response
|
||||
|
||||
@ -98,7 +98,7 @@ func (h *AuthHandler) Verify(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
h.logger.Debug("Verifying token", zap.String("app_id", req.AppID), zap.String("type", string(req.Type)))
|
||||
h.logger.Debug("Verifying token", zap.String("app_id", req.AppID))
|
||||
|
||||
response, err := h.tokenService.VerifyToken(c.Request.Context(), &req)
|
||||
if err != nil {
|
||||
|
||||
@ -265,10 +265,47 @@ func (s *tokenService) GenerateUserToken(ctx context.Context, appID, userID stri
|
||||
return finalToken, nil
|
||||
}
|
||||
|
||||
// detectTokenType detects the token type based on its prefix
|
||||
func (s *tokenService) detectTokenType(token string, app *domain.Application) domain.TokenType {
|
||||
// Check for user token pattern first (UT- suffix)
|
||||
if app.TokenPrefix != "" {
|
||||
userPrefix := app.TokenPrefix + "UT-"
|
||||
if strings.HasPrefix(token, userPrefix) {
|
||||
return domain.TokenTypeUser
|
||||
}
|
||||
|
||||
staticPrefix := app.TokenPrefix + "T-"
|
||||
if strings.HasPrefix(token, staticPrefix) {
|
||||
return domain.TokenTypeStatic
|
||||
}
|
||||
}
|
||||
|
||||
// Check for custom prefix pattern in case app prefix is not set
|
||||
// Look for pattern: 2-4 uppercase letters + "UT-" or "T-"
|
||||
if len(token) >= 6 {
|
||||
dashIndex := strings.Index(token, "-")
|
||||
if dashIndex >= 3 && dashIndex <= 6 { // 2-4 chars + "T" or "UT"
|
||||
prefixPart := token[:dashIndex+1]
|
||||
if strings.HasSuffix(prefixPart, "UT-") {
|
||||
return domain.TokenTypeUser
|
||||
}
|
||||
if strings.HasSuffix(prefixPart, "T-") {
|
||||
return domain.TokenTypeStatic
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Check for default kms_ prefix
|
||||
if strings.HasPrefix(token, "kms_") {
|
||||
return domain.TokenTypeStatic // Default tokens are static
|
||||
}
|
||||
|
||||
// Default to static if pattern is unclear
|
||||
return domain.TokenTypeStatic
|
||||
}
|
||||
|
||||
// VerifyToken verifies a token and returns verification response
|
||||
func (s *tokenService) VerifyToken(ctx context.Context, req *domain.VerifyRequest) (*domain.VerifyResponse, error) {
|
||||
s.logger.Debug("Verifying token", zap.String("app_id", req.AppID), zap.String("type", string(req.Type)))
|
||||
|
||||
// Validate request
|
||||
if req.Token == "" {
|
||||
return &domain.VerifyResponse{
|
||||
@ -289,7 +326,15 @@ func (s *tokenService) VerifyToken(ctx context.Context, req *domain.VerifyReques
|
||||
}, nil
|
||||
}
|
||||
|
||||
switch req.Type {
|
||||
// Always auto-detect token type from prefix
|
||||
tokenType := s.detectTokenType(req.Token, app)
|
||||
s.logger.Debug("Auto-detected token type",
|
||||
zap.String("app_id", req.AppID),
|
||||
zap.String("detected_type", string(tokenType)))
|
||||
|
||||
s.logger.Debug("Verifying token", zap.String("app_id", req.AppID), zap.String("type", string(tokenType)))
|
||||
|
||||
switch tokenType {
|
||||
case domain.TokenTypeStatic:
|
||||
return s.verifyStaticToken(ctx, req, app)
|
||||
case domain.TokenTypeUser:
|
||||
|
||||
Reference in New Issue
Block a user