v1
This commit is contained in:
@ -3,23 +3,30 @@ package services
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
"go.uber.org/zap"
|
||||
|
||||
"github.com/kms/api-key-service/internal/auth"
|
||||
"github.com/kms/api-key-service/internal/config"
|
||||
"github.com/kms/api-key-service/internal/domain"
|
||||
"github.com/kms/api-key-service/internal/errors"
|
||||
)
|
||||
|
||||
// authenticationService implements the AuthenticationService interface
|
||||
type authenticationService struct {
|
||||
config config.ConfigProvider
|
||||
logger *zap.Logger
|
||||
config config.ConfigProvider
|
||||
logger *zap.Logger
|
||||
jwtManager *auth.JWTManager
|
||||
}
|
||||
|
||||
// NewAuthenticationService creates a new authentication service
|
||||
func NewAuthenticationService(config config.ConfigProvider, logger *zap.Logger) AuthenticationService {
|
||||
jwtManager := auth.NewJWTManager(config, logger)
|
||||
return &authenticationService{
|
||||
config: config,
|
||||
logger: logger,
|
||||
config: config,
|
||||
logger: logger,
|
||||
jwtManager: jwtManager,
|
||||
}
|
||||
}
|
||||
|
||||
@ -63,3 +70,78 @@ func (s *authenticationService) GetUserClaims(ctx context.Context, userID string
|
||||
|
||||
return claims, nil
|
||||
}
|
||||
|
||||
// ValidateJWTToken validates a JWT token and returns claims
|
||||
func (s *authenticationService) ValidateJWTToken(ctx context.Context, tokenString string) (*domain.AuthContext, error) {
|
||||
s.logger.Debug("Validating JWT token")
|
||||
|
||||
// Validate the token using JWT manager
|
||||
claims, err := s.jwtManager.ValidateToken(tokenString)
|
||||
if err != nil {
|
||||
s.logger.Warn("JWT token validation failed", zap.Error(err))
|
||||
return nil, err
|
||||
}
|
||||
|
||||
// Check if token is revoked
|
||||
revoked, err := s.jwtManager.IsTokenRevoked(tokenString)
|
||||
if err != nil {
|
||||
s.logger.Error("Failed to check token revocation status", zap.Error(err))
|
||||
return nil, errors.NewInternalError("Failed to validate token").WithInternal(err)
|
||||
}
|
||||
|
||||
if revoked {
|
||||
s.logger.Warn("JWT token is revoked", zap.String("user_id", claims.UserID))
|
||||
return nil, errors.NewAuthenticationError("Token has been revoked")
|
||||
}
|
||||
|
||||
// Convert JWT claims to AuthContext
|
||||
authContext := &domain.AuthContext{
|
||||
UserID: claims.UserID,
|
||||
TokenType: claims.TokenType,
|
||||
Permissions: claims.Permissions,
|
||||
Claims: claims.Claims,
|
||||
AppID: claims.AppID,
|
||||
}
|
||||
|
||||
s.logger.Debug("JWT token validated successfully",
|
||||
zap.String("user_id", claims.UserID),
|
||||
zap.String("app_id", claims.AppID))
|
||||
|
||||
return authContext, nil
|
||||
}
|
||||
|
||||
// GenerateJWTToken generates a new JWT token for a user
|
||||
func (s *authenticationService) GenerateJWTToken(ctx context.Context, userToken *domain.UserToken) (string, error) {
|
||||
s.logger.Debug("Generating JWT token",
|
||||
zap.String("user_id", userToken.UserID),
|
||||
zap.String("app_id", userToken.AppID))
|
||||
|
||||
// Generate the token using JWT manager
|
||||
tokenString, err := s.jwtManager.GenerateToken(userToken)
|
||||
if err != nil {
|
||||
s.logger.Error("Failed to generate JWT token", zap.Error(err))
|
||||
return "", err
|
||||
}
|
||||
|
||||
s.logger.Debug("JWT token generated successfully",
|
||||
zap.String("user_id", userToken.UserID),
|
||||
zap.String("app_id", userToken.AppID))
|
||||
|
||||
return tokenString, nil
|
||||
}
|
||||
|
||||
// RefreshJWTToken refreshes an existing JWT token
|
||||
func (s *authenticationService) RefreshJWTToken(ctx context.Context, tokenString string, newExpiration time.Time) (string, error) {
|
||||
s.logger.Debug("Refreshing JWT token")
|
||||
|
||||
// Refresh the token using JWT manager
|
||||
newTokenString, err := s.jwtManager.RefreshToken(tokenString, newExpiration)
|
||||
if err != nil {
|
||||
s.logger.Error("Failed to refresh JWT token", zap.Error(err))
|
||||
return "", err
|
||||
}
|
||||
|
||||
s.logger.Debug("JWT token refreshed successfully")
|
||||
|
||||
return newTokenString, nil
|
||||
}
|
||||
|
||||
@ -2,6 +2,7 @@ package services
|
||||
|
||||
import (
|
||||
"context"
|
||||
"time"
|
||||
|
||||
"github.com/google/uuid"
|
||||
"github.com/kms/api-key-service/internal/domain"
|
||||
@ -56,4 +57,13 @@ type AuthenticationService interface {
|
||||
|
||||
// GetUserClaims retrieves user claims
|
||||
GetUserClaims(ctx context.Context, userID string) (map[string]string, error)
|
||||
|
||||
// ValidateJWTToken validates a JWT token and returns claims
|
||||
ValidateJWTToken(ctx context.Context, tokenString string) (*domain.AuthContext, error)
|
||||
|
||||
// GenerateJWTToken generates a new JWT token for a user
|
||||
GenerateJWTToken(ctx context.Context, userToken *domain.UserToken) (string, error)
|
||||
|
||||
// RefreshJWTToken refreshes an existing JWT token
|
||||
RefreshJWTToken(ctx context.Context, tokenString string, newExpiration time.Time) (string, error)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user