startup-starter/skybridge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cool

Browse Source
This commit is contained in:
Ryan Copley
2025-08-23 16:48:31 -04:00
parent 3e02ef57b9
commit 632473a7d8
8 changed files with 75 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
internal/services/token_service.go
View File

@ -265,10 +265,47 @@ func (s *tokenService) GenerateUserToken(ctx context.Context, appID, userID stri
return finalToken, nil
}
// detectTokenType detects the token type based on its prefix
func (s *tokenService) detectTokenType(token string, app *domain.Application) domain.TokenType {
// Check for user token pattern first (UT- suffix)
if app.TokenPrefix != "" {
userPrefix := app.TokenPrefix + "UT-"
if strings.HasPrefix(token, userPrefix) {
return domain.TokenTypeUser
}
staticPrefix := app.TokenPrefix + "T-"
if strings.HasPrefix(token, staticPrefix) {
return domain.TokenTypeStatic
}
}
// Check for custom prefix pattern in case app prefix is not set
// Look for pattern: 2-4 uppercase letters + "UT-" or "T-"
if len(token) >= 6 {
dashIndex := strings.Index(token, "-")
if dashIndex >= 3 && dashIndex <= 6 { // 2-4 chars + "T" or "UT"
prefixPart := token[:dashIndex+1]
if strings.HasSuffix(prefixPart, "UT-") {
return domain.TokenTypeUser
}
if strings.HasSuffix(prefixPart, "T-") {
return domain.TokenTypeStatic
}
}
}
// Check for default kms_ prefix
if strings.HasPrefix(token, "kms_") {
return domain.TokenTypeStatic // Default tokens are static
}
// Default to static if pattern is unclear
return domain.TokenTypeStatic
}
// VerifyToken verifies a token and returns verification response
func (s *tokenService) VerifyToken(ctx context.Context, req *domain.VerifyRequest) (*domain.VerifyResponse, error) {
s.logger.Debug("Verifying token", zap.String("app_id", req.AppID), zap.String("type", string(req.Type)))
// Validate request
if req.Token == "" {
return &domain.VerifyResponse{
@ -289,7 +326,15 @@ func (s *tokenService) VerifyToken(ctx context.Context, req *domain.VerifyReques
}, nil
}
switch req.Type {
// Always auto-detect token type from prefix
tokenType := s.detectTokenType(req.Token, app)
s.logger.Debug("Auto-detected token type",
zap.String("app_id", req.AppID),
zap.String("detected_type", string(tokenType)))
s.logger.Debug("Verifying token", zap.String("app_id", req.AppID), zap.String("type", string(tokenType)))
switch tokenType {
case domain.TokenTypeStatic:
return s.verifyStaticToken(ctx, req, app)
case domain.TokenTypeUser: