2025-05-31 10:50:37 +08:00
|
|
|
|
package token
|
|
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
|
"context"
|
|
|
|
|
|
"time"
|
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
type Service interface {
|
|
|
|
|
|
// 颁发访问令牌: Login
|
|
|
|
|
|
IssueToken(context.Context, *IssueTokenRequest) (*Token, error)
|
|
|
|
|
|
// 撤销访问令牌: 令牌失效了 Logout
|
|
|
|
|
|
RevolkToken(context.Context, *RevolkTokenRequest) (*Token, error)
|
|
|
|
|
|
|
|
|
|
|
|
// 校验访问令牌:检查令牌的合法性, 是不是伪造的
|
2025-05-31 12:03:22 +08:00
|
|
|
|
ValiateToken(context.Context, *ValiateTokenRequest) (*Token, error)
|
2025-05-31 10:50:37 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 用户会给我们 用户的身份凭证,用于换取Token
|
|
|
|
|
|
type IssueTokenRequest struct {
|
|
|
|
|
|
// 端类型
|
|
|
|
|
|
Source SOURCE `json:"source"`
|
|
|
|
|
|
// 认证方式
|
|
|
|
|
|
Issuer string `json:"issuer"`
|
|
|
|
|
|
// 参数
|
|
|
|
|
|
Parameter IssueParameter `json:"parameter"`
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
type IssueParameter map[string]any
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
|
password issuer parameter
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
func (p IssueParameter) Username() string {
|
|
|
|
|
|
return GetIssueParameterValue[string](p, "username")
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func (p IssueParameter) Password() string {
|
|
|
|
|
|
return GetIssueParameterValue[string](p, "password")
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func (p IssueParameter) SetUsername(v string) {
|
|
|
|
|
|
p["username"] = v
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func (p IssueParameter) SetPassword(v string) {
|
|
|
|
|
|
p["password"] = v
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
|
private token issuer parameter
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
func (p IssueParameter) AccessToken() string {
|
|
|
|
|
|
return GetIssueParameterValue[string](p, "access_token")
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func (p IssueParameter) ExpireTTL() time.Duration {
|
|
|
|
|
|
return time.Second * time.Duration(GetIssueParameterValue[int64](p, "expired_ttl"))
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func (p IssueParameter) SetAccessToken(v string) {
|
|
|
|
|
|
p["access_token"] = v
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2025-05-31 12:03:22 +08:00
|
|
|
|
func NewRevolkTokenRequest(at, rk string) *RevolkTokenRequest {
|
|
|
|
|
|
return &RevolkTokenRequest{
|
|
|
|
|
|
AccessToken: at,
|
|
|
|
|
|
RefreshToken: rk,
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 万一的Token泄露, 不知道refresh_token,也没法推出
|
2025-05-31 10:50:37 +08:00
|
|
|
|
type RevolkTokenRequest struct {
|
2025-05-31 12:03:22 +08:00
|
|
|
|
AccessToken string `json:"access_token"`
|
|
|
|
|
|
RefreshToken string `json:"refresh_token"`
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func NewValiateTokenRequest(accessToken string) *ValiateTokenRequest {
|
|
|
|
|
|
return &ValiateTokenRequest{
|
|
|
|
|
|
AccessToken: accessToken,
|
|
|
|
|
|
}
|
2025-05-31 10:50:37 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2025-05-31 12:03:22 +08:00
|
|
|
|
type ValiateTokenRequest struct {
|
|
|
|
|
|
AccessToken string `json:"access_token"`
|
2025-05-31 10:50:37 +08:00
|
|
|
|
}
|
