go17/devcloud-mini/mcenter/permisson/README.md

# 给接入用户中心的服务提供的SDK 中间件

```go
import (
    permission "gitlab.com/go-course-project/go17/devcloud-mini/mcenter/permisson"
	"github.com/infraboard/modules/iam/apps/endpoint"
)

ws.Route(ws.GET("").To(r.QuerySecret).
    Metadata(permission.Auth(true)).
    Metadata(permission.Permission(true)).
	Metadata(endpoint.META_RESOURCE_KEY, "secret").
	Metadata(endpoint.META_ACTION_KEY, "list")
    )
```


## 中间件逻辑

把这2个部分替换为RPC 就可以给其他服务使用了

```go
// http://127.0.0.1:8020/api/mcenter/v1/token/validate
func (c *Checker) ValiateToken(ctx context.Context, in *token.ValiateTokenRequest) (*token.Token, error) {
	tk := token.NewToken()
	resp, err := resty.New().
		SetBaseURL(application.Get().InternalAddress).
		SetAuthToken(application.Get().InternalToken).
		R().
		WithContext(ctx).
		SetContentType("application/json").
		SetBody(in).
		SetResult(tk).
		Post("/api/mcenter/v1/token/validate")
	if err != nil {
		return nil, err
	}
	if resp.StatusCode()/100 != 2 {
		return nil, exception.NewUnauthorized("[%d] token校验异常: %s", resp.StatusCode(), resp.String())
	}
	return tk, nil
}
```

```go
// 查询策略列表
// /api/mcenter/v1/permission/check
func (c *Checker) ValidateEndpointPermission(ctx context.Context, in *policy.ValidateEndpointPermissionRequest) (*policy.ValidateEndpointPermissionResponse, error) {
	ins := policy.NewValidateEndpointPermissionResponse(*in)
	resp, err := resty.New().
		SetBaseURL(application.Get().InternalAddress).
		SetAuthToken(application.Get().InternalToken).
		SetDebug(false).
		R().
		WithContext(ctx).
		SetBody(in).
		SetResult(ins).
		Post("/api/mcenter/v1/permission/check")
	if err != nil {
		return nil, err
	}
	if resp.StatusCode()/100 != 2 {
		return nil, exception.NewPermissionDeny("[%d] token鉴权异常: %s", resp.StatusCode(), resp.String())
	}
	return ins, nil
}
```