startup-starter/skybridge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

org

Browse Source
This commit is contained in:
Ryan Copley
2025-08-26 19:16:41 -04:00
parent 7ca61eb712
commit 6725529b01
113 changed files with 0 additions and 337 deletions
Download Patch File Download Diff File Expand all files Collapse all files

240
kms/internal/domain/models.go Normal file
View File

@ -0,0 +1,240 @@
package domain
import (
"time"
"github.com/google/uuid"
)
// ApplicationType represents the type of application
type ApplicationType string
const (
ApplicationTypeStatic ApplicationType = "static"
ApplicationTypeUser ApplicationType = "user"
)
// OwnerType represents the type of owner
type OwnerType string
const (
OwnerTypeIndividual OwnerType = "individual"
OwnerTypeTeam OwnerType = "team"
)
// TokenType represents the type of token
type TokenType string
const (
TokenTypeStatic TokenType = "static"
TokenTypeUser TokenType = "user"
)
// Owner represents ownership information
type Owner struct {
Type OwnerType `json:"type" validate:"required,oneof=individual team"`
Name string `json:"name" validate:"required,min=1,max=255"`
Owner string `json:"owner" validate:"required,min=1,max=255"`
}
// Application represents an application in the system
type Application struct {
AppID string `json:"app_id" validate:"required,min=1,max=255" db:"app_id"`
AppLink string `json:"app_link" validate:"required,url,max=500" db:"app_link"`
Type []ApplicationType `json:"type" validate:"required,min=1,dive,oneof=static user" db:"type"`
CallbackURL string `json:"callback_url" validate:"required,url,max=500" db:"callback_url"`
HMACKey string `json:"hmac_key" validate:"required,min=1,max=255" db:"hmac_key"`
TokenPrefix string `json:"token_prefix" validate:"omitempty,min=2,max=4,uppercase" db:"token_prefix"`
TokenRenewalDuration Duration `json:"token_renewal_duration" validate:"required,min=1" db:"token_renewal_duration"`
MaxTokenDuration Duration `json:"max_token_duration" validate:"required,min=1" db:"max_token_duration"`
Owner Owner `json:"owner" validate:"required"`
CreatedAt time.Time `json:"created_at" db:"created_at"`
UpdatedAt time.Time `json:"updated_at" db:"updated_at"`
}
// StaticToken represents a static API token
type StaticToken struct {
ID uuid.UUID `json:"id" db:"id"`
AppID string `json:"app_id" validate:"required" db:"app_id"`
Owner Owner `json:"owner" validate:"required"`
KeyHash string `json:"-" validate:"required" db:"key_hash"` // Hidden from JSON
Type string `json:"type" validate:"required,eq=hmac" db:"type"`
CreatedAt time.Time `json:"created_at" db:"created_at"`
UpdatedAt time.Time `json:"updated_at" db:"updated_at"`
}
// AvailablePermission represents a permission in the global catalog
type AvailablePermission struct {
ID uuid.UUID `json:"id" db:"id"`
Scope string `json:"scope" validate:"required,min=1,max=255" db:"scope"`
Name string `json:"name" validate:"required,min=1,max=255" db:"name"`
Description string `json:"description" validate:"required" db:"description"`
Category string `json:"category" validate:"required,min=1,max=100" db:"category"`
ParentScope *string `json:"parent_scope,omitempty" db:"parent_scope"`
IsSystem bool `json:"is_system" db:"is_system"`
CreatedAt time.Time `json:"created_at" db:"created_at"`
CreatedBy string `json:"created_by" validate:"required" db:"created_by"`
UpdatedAt time.Time `json:"updated_at" db:"updated_at"`
UpdatedBy string `json:"updated_by" validate:"required" db:"updated_by"`
}
// GrantedPermission represents a permission granted to a token
type GrantedPermission struct {
ID uuid.UUID `json:"id" db:"id"`
TokenType TokenType `json:"token_type" validate:"required,eq=static" db:"token_type"`
TokenID uuid.UUID `json:"token_id" validate:"required" db:"token_id"`
PermissionID uuid.UUID `json:"permission_id" validate:"required" db:"permission_id"`
Scope string `json:"scope" validate:"required" db:"scope"`
CreatedAt time.Time `json:"created_at" db:"created_at"`
CreatedBy string `json:"created_by" validate:"required" db:"created_by"`
Revoked bool `json:"revoked" db:"revoked"`
}
// UserToken represents a user token (JWT-based)
type UserToken struct {
AppID string `json:"app_id"`
UserID string `json:"user_id"`
Permissions []string `json:"permissions"`
IssuedAt time.Time `json:"iat"`
ExpiresAt time.Time `json:"exp"`
MaxValidAt time.Time `json:"max_valid_at"`
TokenType TokenType `json:"token_type"`
Claims map[string]string `json:"claims,omitempty"`
}
// VerifyRequest represents a token verification request
type VerifyRequest struct {
AppID string `json:"app_id" validate:"required"`
UserID string `json:"user_id,omitempty"` // Required for user tokens
Token string `json:"token" validate:"required"`
Permissions []string `json:"permissions,omitempty"`
}
// VerifyResponse represents a token verification response
type VerifyResponse struct {
Valid bool `json:"valid"`
Permitted bool `json:"permitted"`
UserID string `json:"user_id,omitempty"`
Permissions []string `json:"permissions"`
PermissionResults map[string]bool `json:"permission_results,omitempty"`
ExpiresAt *time.Time `json:"expires_at,omitempty"`
MaxValidAt *time.Time `json:"max_valid_at,omitempty"`
TokenType TokenType `json:"token_type"`
Claims map[string]string `json:"claims,omitempty"`
Error string `json:"error,omitempty"`
}
// LoginRequest represents a user login request
type LoginRequest struct {
AppID string `json:"app_id" validate:"required"`
Permissions []string `json:"permissions,omitempty"`
RedirectURI string `json:"redirect_uri,omitempty"`
}
// LoginResponse represents a user login response
type LoginResponse struct {
RedirectURL string `json:"redirect_url"`
State string `json:"state,omitempty"`
}
// RenewRequest represents a token renewal request
type RenewRequest struct {
AppID string `json:"app_id" validate:"required"`
UserID string `json:"user_id" validate:"required"`
Token string `json:"token" validate:"required"`
}
// RenewResponse represents a token renewal response
type RenewResponse struct {
Token string `json:"token"`
ExpiresAt time.Time `json:"expires_at"`
MaxValidAt time.Time `json:"max_valid_at"`
Error string `json:"error,omitempty"`
}
// CreateApplicationRequest represents a request to create a new application
type CreateApplicationRequest struct {
AppID string `json:"app_id" validate:"required,min=1,max=255"`
AppLink string `json:"app_link" validate:"required,url,max=500"`
Type []ApplicationType `json:"type" validate:"required,min=1,dive,oneof=static user"`
CallbackURL string `json:"callback_url" validate:"required,url,max=500"`
TokenPrefix string `json:"token_prefix" validate:"omitempty,min=2,max=4,uppercase"`
TokenRenewalDuration Duration `json:"token_renewal_duration" validate:"required"`
MaxTokenDuration Duration `json:"max_token_duration" validate:"required"`
Owner Owner `json:"owner" validate:"required"`
}
// UpdateApplicationRequest represents a request to update an existing application
type UpdateApplicationRequest struct {
AppLink *string `json:"app_link,omitempty" validate:"omitempty,url,max=500"`
Type *[]ApplicationType `json:"type,omitempty" validate:"omitempty,min=1,dive,oneof=static user"`
CallbackURL *string `json:"callback_url,omitempty" validate:"omitempty,url,max=500"`
HMACKey *string `json:"hmac_key,omitempty" validate:"omitempty,min=1,max=255"`
TokenPrefix *string `json:"token_prefix,omitempty" validate:"omitempty,min=2,max=4,uppercase"`
TokenRenewalDuration *Duration `json:"token_renewal_duration,omitempty"`
MaxTokenDuration *Duration `json:"max_token_duration,omitempty"`
Owner *Owner `json:"owner,omitempty" validate:"omitempty"`
}
// CreateStaticTokenRequest represents a request to create a static token
type CreateStaticTokenRequest struct {
AppID string `json:"app_id" validate:"required"`
Owner Owner `json:"owner" validate:"required"`
Permissions []string `json:"permissions" validate:"required,min=1"`
}
// CreateStaticTokenResponse represents a response for creating a static token
type CreateStaticTokenResponse struct {
ID uuid.UUID `json:"id"`
Token string `json:"token"` // Only returned once during creation
Permissions []string `json:"permissions"`
CreatedAt time.Time `json:"created_at"`
}
// CreateTokenRequest represents a request to create a token
type CreateTokenRequest struct {
AppID string `json:"app_id" validate:"required"`
Type TokenType `json:"type" validate:"required,oneof=static user"`
UserID string `json:"user_id,omitempty"` // Required for user tokens
Permissions []string `json:"permissions,omitempty"`
ExpiresAt *time.Time `json:"expires_at,omitempty"`
Metadata map[string]string `json:"metadata,omitempty"`
}
// CreateTokenResponse represents a response for creating a token
type CreateTokenResponse struct {
Token string `json:"token"`
ExpiresAt time.Time `json:"expires_at"`
TokenType TokenType `json:"token_type"`
}
// AuthContext represents the authentication context for a request
type AuthContext struct {
UserID string `json:"user_id"`
TokenType TokenType `json:"token_type"`
Permissions []string `json:"permissions"`
Claims map[string]string `json:"claims"`
AppID string `json:"app_id"`
}
// TokenResponse represents the OAuth2 token response
type TokenResponse struct {
AccessToken string `json:"access_token"`
TokenType string `json:"token_type"`
ExpiresIn int `json:"expires_in"`
RefreshToken string `json:"refresh_token,omitempty"`
IDToken string `json:"id_token,omitempty"`
Scope string `json:"scope,omitempty"`
}
// UserInfo represents user information from the OAuth2/OIDC provider
type UserInfo struct {
Sub string `json:"sub"`
Email string `json:"email"`
EmailVerified bool `json:"email_verified"`
Name string `json:"name"`
GivenName string `json:"given_name"`
FamilyName string `json:"family_name"`
Picture string `json:"picture"`
PreferredUsername string `json:"preferred_username"`
}