This is an automated email from the ASF dual-hosted git repository. tianxiaoliang pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/servicecomb-service-center.git
The following commit(s) were added to refs/heads/master by this push: new d537c64 add sign request for kie-client (#1119) d537c64 is described below commit d537c640245d8a2e9b7197cd9b737ce3b74cfdce Author: Sphairis <56192846+sphai...@users.noreply.github.com> AuthorDate: Mon Aug 2 20:39:18 2021 +0800 add sign request for kie-client (#1119) * add sign request * change go mod * fix error * set header * set header * set header * change the context management mode * fix error Co-authored-by: SphaIris <aaalixiaopei123> --- go.mod | 2 +- go.sum | 2 + server/plugin/auth/buildin/buildin.go | 8 +++- server/resource/v1/gov_resource.go | 12 +++--- server/service/gov/config_distributor.go | 38 +++++++++--------- server/service/gov/config_distributor_test.go | 17 ++++---- server/service/gov/kie/kie_distributor.go | 58 ++++++++++++++------------- server/service/gov/mock/mock.go | 13 +++--- server/service/rbac/context.go | 18 +++++++-- server/service/rbac/token/context.go | 22 ++++++++++ 10 files changed, 120 insertions(+), 70 deletions(-) diff --git a/go.mod b/go.mod index e9c5032..761e864 100644 --- a/go.mod +++ b/go.mod @@ -20,7 +20,7 @@ require ( github.com/go-chassis/foundation v0.3.1-0.20210513015331-b54416b66bcd github.com/go-chassis/go-archaius v1.5.1 github.com/go-chassis/go-chassis/v2 v2.2.1-0.20210630123055-6b4c31c5ad02 - github.com/go-chassis/kie-client v0.1.0 + github.com/go-chassis/kie-client v0.1.1-0.20210731071824-96f1f1e47e71 github.com/golang/protobuf v1.4.3 github.com/gorilla/websocket v1.4.3-0.20210424162022-e8629af678b7 github.com/hashicorp/serf v0.8.3 diff --git a/go.sum b/go.sum index d426eef..5ba8ac0 100644 --- a/go.sum +++ b/go.sum @@ -253,6 +253,8 @@ github.com/go-chassis/go-restful-swagger20 v1.0.3/go.mod h1:eW62fYuzlNFDvIacB6AV github.com/go-chassis/kie-client v0.0.0-20201210060018-938c7680a9ab/go.mod h1:UTdbtyN5ge/v9DmQzdVRxQP7z51Q4z6hyl+W6ZpUHFM= github.com/go-chassis/kie-client v0.1.0 h1:7iY0jVDVn6anT2Gh8CriViRqvyQOy9tUBUflVEkFZE4= github.com/go-chassis/kie-client v0.1.0/go.mod h1:UTdbtyN5ge/v9DmQzdVRxQP7z51Q4z6hyl+W6ZpUHFM= +github.com/go-chassis/kie-client v0.1.1-0.20210731071824-96f1f1e47e71 h1:3ZRlumK36aVzLzHVp9Y7RsEYK0qMwX/enD7xU6ntj78= +github.com/go-chassis/kie-client v0.1.1-0.20210731071824-96f1f1e47e71/go.mod h1:UTdbtyN5ge/v9DmQzdVRxQP7z51Q4z6hyl+W6ZpUHFM= github.com/go-chassis/openlog v1.1.2 h1:LgGfwwOhpU8c6URV6ADpaRBPVY7Ph1C28jCQ6zzQawQ= github.com/go-chassis/openlog v1.1.2/go.mod h1:+eYCADVxWyJkwsFMUBrMxyQlNqW+UUsCxvR2LrYZUaA= github.com/go-chassis/sc-client v0.6.1-0.20210615014358-a45e9090c751 h1:hpWN/MZBMsnJqXdMkW7v0wsC+4rYulPsBFMrHCmZMQc= diff --git a/server/plugin/auth/buildin/buildin.go b/server/plugin/auth/buildin/buildin.go index 4cf21da..6161d0c 100644 --- a/server/plugin/auth/buildin/buildin.go +++ b/server/plugin/auth/buildin/buildin.go @@ -31,6 +31,7 @@ import ( authHandler "github.com/apache/servicecomb-service-center/server/handler/auth" "github.com/apache/servicecomb-service-center/server/plugin/auth" rbacsvc "github.com/apache/servicecomb-service-center/server/service/rbac" + "github.com/apache/servicecomb-service-center/server/service/rbac/token" rbacmodel "github.com/go-chassis/cari/rbac" "github.com/go-chassis/go-chassis/v2/security/authr" "github.com/go-chassis/go-chassis/v2/server/restful" @@ -150,7 +151,12 @@ func (ba *TokenAuthenticator) VerifyToken(req *http.Request) (interface{}, error } to := s[1] - return authr.Authenticate(req.Context(), to) + claims, err := authr.Authenticate(req.Context(), to) + if err != nil { + return nil, err + } + token.WithRequest(req, to) + return claims, nil } //this method decouple business code and perm checks diff --git a/server/resource/v1/gov_resource.go b/server/resource/v1/gov_resource.go index 4c26c48..7caca8d 100644 --- a/server/resource/v1/gov_resource.go +++ b/server/resource/v1/gov_resource.go @@ -69,7 +69,7 @@ func (t *Governance) Create(w http.ResponseWriter, r *http.Request) { rest.WriteError(w, discovery.ErrInvalidParams, err.Error()) return } - id, err := gov.Create(kind, project, p) + id, err := gov.Create(r.Context(), kind, project, p) if err != nil { if _, ok := err.(*kie.ErrIllegalItem); ok { log.Error("", err) @@ -108,7 +108,7 @@ func (t *Governance) Put(w http.ResponseWriter, r *http.Request) { return } log.Info(fmt.Sprintf("update %v", &p)) - err = gov.Update(kind, id, project, p) + err = gov.Update(r.Context(), kind, id, project, p) if err != nil { if _, ok := err.(*kie.ErrIllegalItem); ok { log.Error("", err) @@ -131,9 +131,9 @@ func (t *Governance) ListOrDisPlay(w http.ResponseWriter, r *http.Request) { var body []byte var err error if kind == DisplayKey { - body, err = gov.Display(project, app, environment) + body, err = gov.Display(r.Context(), project, app, environment) } else { - body, err = gov.List(kind, project, app, environment) + body, err = gov.List(r.Context(), kind, project, app, environment) } if err != nil { processError(w, err, "list gov err") @@ -148,7 +148,7 @@ func (t *Governance) Get(w http.ResponseWriter, r *http.Request) { kind := query.Get(KindKey) id := query.Get(IDKey) project := query.Get(ProjectKey) - body, err := gov.Get(kind, id, project) + body, err := gov.Get(r.Context(), kind, id, project) if err != nil { processError(w, err, "get gov err") return @@ -162,7 +162,7 @@ func (t *Governance) Delete(w http.ResponseWriter, r *http.Request) { kind := query.Get(KindKey) id := query.Get(IDKey) project := query.Get(ProjectKey) - err := gov.Delete(kind, id, project) + err := gov.Delete(r.Context(), kind, id, project) if err != nil { processError(w, err, "delete gov err") return diff --git a/server/service/gov/config_distributor.go b/server/service/gov/config_distributor.go index d8b7063..08a2502 100644 --- a/server/service/gov/config_distributor.go +++ b/server/service/gov/config_distributor.go @@ -18,6 +18,8 @@ package gov import ( + "context" + model "github.com/apache/servicecomb-service-center/pkg/gov" "github.com/apache/servicecomb-service-center/pkg/log" "github.com/apache/servicecomb-service-center/server/config" @@ -39,12 +41,12 @@ var distributorPlugins = map[string]NewDistributors{} //or service mesh system like istio, linkerd. //ConfigDistributor will convert standard servicecomb gov config to concrete spec, that data plane can recognize. type ConfigDistributor interface { - Create(kind, project string, policy *model.Policy) ([]byte, error) - Update(kind, id, project string, p *model.Policy) error - Delete(kind, id, project string) error - Display(project, app, env string) ([]byte, error) - List(kind, project, app, env string) ([]byte, error) - Get(kind, id, project string) ([]byte, error) + Create(ctx context.Context, kind, project string, policy *model.Policy) ([]byte, error) + Update(ctx context.Context, kind, id, project string, p *model.Policy) error + Delete(ctx context.Context, kind, id, project string) error + Display(ctx context.Context, project, app, env string) ([]byte, error) + List(ctx context.Context, kind, project, app, env string) ([]byte, error) + Get(ctx context.Context, kind, id, project string) ([]byte, error) Type() string Name() string } @@ -74,44 +76,44 @@ func Init() error { return nil } -func Create(kind, project string, spec *model.Policy) ([]byte, error) { +func Create(ctx context.Context, kind, project string, spec *model.Policy) ([]byte, error) { for _, cd := range distributors { - return cd.Create(kind, project, spec) + return cd.Create(ctx, kind, project, spec) } return nil, nil } -func List(kind, project, app, env string) ([]byte, error) { +func List(ctx context.Context, kind, project, app, env string) ([]byte, error) { for _, cd := range distributors { - return cd.List(kind, project, app, env) + return cd.List(ctx, kind, project, app, env) } return nil, nil } -func Display(project, app, env string) ([]byte, error) { +func Display(ctx context.Context, project, app, env string) ([]byte, error) { for _, cd := range distributors { - return cd.Display(project, app, env) + return cd.Display(ctx, project, app, env) } return nil, nil } -func Get(kind, id, project string) ([]byte, error) { +func Get(ctx context.Context, kind, id, project string) ([]byte, error) { for _, cd := range distributors { - return cd.Get(kind, id, project) + return cd.Get(ctx, kind, id, project) } return nil, nil } -func Delete(kind, id, project string) error { +func Delete(ctx context.Context, kind, id, project string) error { for _, cd := range distributors { - return cd.Delete(kind, id, project) + return cd.Delete(ctx, kind, id, project) } return nil } -func Update(kind, id, project string, p *model.Policy) error { +func Update(ctx context.Context, kind, id, project string, p *model.Policy) error { for _, cd := range distributors { - return cd.Update(kind, id, project, p) + return cd.Update(ctx, kind, id, project, p) } return nil } diff --git a/server/service/gov/config_distributor_test.go b/server/service/gov/config_distributor_test.go index f783a02..e8d5f30 100644 --- a/server/service/gov/config_distributor_test.go +++ b/server/service/gov/config_distributor_test.go @@ -18,6 +18,7 @@ package gov_test import ( + "context" "encoding/json" "testing" @@ -53,7 +54,7 @@ func init() { } func TestCreate(t *testing.T) { - res, err := svc.Create(MockKind, Project, &gov.Policy{ + res, err := svc.Create(context.TODO(), MockKind, Project, &gov.Policy{ GovernancePolicy: &gov.GovernancePolicy{ Name: "Traffic2adminAPI", Selector: &gov.Selector{ @@ -69,7 +70,7 @@ func TestCreate(t *testing.T) { } func TestUpdate(t *testing.T) { - err := svc.Update(MockKind, id, Project, &gov.Policy{ + err := svc.Update(context.TODO(), MockKind, id, Project, &gov.Policy{ GovernancePolicy: &gov.GovernancePolicy{ Name: "Traffic2adminAPI", Selector: &gov.Selector{ @@ -83,7 +84,7 @@ func TestUpdate(t *testing.T) { } func TestDisplay(t *testing.T) { - res, err := svc.Create(MatchGroup, Project, &gov.Policy{ + res, err := svc.Create(context.TODO(), MatchGroup, Project, &gov.Policy{ GovernancePolicy: &gov.GovernancePolicy{ Name: "Traffic2adminAPI", Selector: &gov.Selector{ @@ -95,7 +96,7 @@ func TestDisplay(t *testing.T) { id = string(res) assert.NoError(t, err) policies := &[]*gov.DisplayData{} - res, err = svc.Display(Project, MockApp, MockEnv) + res, err = svc.Display(context.TODO(), Project, MockApp, MockEnv) assert.NoError(t, err) err = json.Unmarshal(res, policies) assert.NoError(t, err) @@ -104,7 +105,7 @@ func TestDisplay(t *testing.T) { func TestList(t *testing.T) { policies := &[]*gov.Policy{} - res, err := svc.List(MockKind, Project, MockApp, MockEnv) + res, err := svc.List(context.TODO(), MockKind, Project, MockApp, MockEnv) assert.NoError(t, err) err = json.Unmarshal(res, policies) assert.NoError(t, err) @@ -113,7 +114,7 @@ func TestList(t *testing.T) { func TestGet(t *testing.T) { policy := &gov.Policy{} - res, err := svc.Get(MockKind, id, Project) + res, err := svc.Get(context.TODO(), MockKind, id, Project) assert.NoError(t, err) err = json.Unmarshal(res, policy) assert.NoError(t, err) @@ -121,8 +122,8 @@ func TestGet(t *testing.T) { } func TestDelete(t *testing.T) { - err := svc.Delete(MockKind, id, Project) + err := svc.Delete(context.TODO(), MockKind, id, Project) assert.NoError(t, err) - res, _ := svc.Get(MockKind, id, Project) + res, _ := svc.Get(context.TODO(), MockKind, id, Project) assert.Nil(t, res) } diff --git a/server/service/gov/kie/kie_distributor.go b/server/service/gov/kie/kie_distributor.go index d501e29..88e5a43 100644 --- a/server/service/gov/kie/kie_distributor.go +++ b/server/service/gov/kie/kie_distributor.go @@ -28,12 +28,13 @@ import ( "strings" "time" - "github.com/apache/servicecomb-service-center/pkg/log" - "github.com/apache/servicecomb-service-center/pkg/gov" + "github.com/apache/servicecomb-service-center/pkg/log" "github.com/apache/servicecomb-service-center/server/config" svc "github.com/apache/servicecomb-service-center/server/service/gov" + rbacsvc "github.com/apache/servicecomb-service-center/server/service/rbac" "github.com/ghodss/yaml" + "github.com/go-chassis/foundation/httpclient" "github.com/go-chassis/kie-client" ) @@ -61,9 +62,9 @@ var PolicyNames = []string{"retry", "rateLimiting", "circuitBreaker", "bulkhead" var rule = Validator{} -func (d *Distributor) Create(kind, project string, p *gov.Policy) ([]byte, error) { +func (d *Distributor) Create(ctx context.Context, kind, project string, p *gov.Policy) ([]byte, error) { if kind == KindMatchGroup { - err := d.generateID(project, p) + err := d.generateID(ctx, project, p) if err != nil { return nil, err } @@ -87,7 +88,7 @@ func (d *Distributor) Create(kind, project string, p *gov.Policy) ([]byte, error ValueType: TypeText, Labels: map[string]string{KeyApp: p.Selector.App, KeyEnvironment: p.Selector.Environment}, } - res, err := d.client.Create(context.TODO(), kv, kie.WithProject(project)) + res, err := d.client.Create(ctx, kv, kie.WithProject(project)) if err != nil { log.Error("kie create failed", err) return nil, err @@ -95,7 +96,7 @@ func (d *Distributor) Create(kind, project string, p *gov.Policy) ([]byte, error return []byte(res.ID), nil } -func (d *Distributor) Update(kind, id, project string, p *gov.Policy) error { +func (d *Distributor) Update(ctx context.Context, kind, id, project string, p *gov.Policy) error { err := rule.Validate(kind, p.Spec) if err != nil { return err @@ -112,7 +113,7 @@ func (d *Distributor) Update(kind, id, project string, p *gov.Policy) error { Value: string(yamlByte), Status: p.Status, } - _, err = d.client.Put(context.TODO(), kv, kie.WithProject(project)) + _, err = d.client.Put(ctx, kv, kie.WithProject(project)) if err != nil { log.Error("kie update failed", err) return err @@ -120,13 +121,13 @@ func (d *Distributor) Update(kind, id, project string, p *gov.Policy) error { return nil } -func (d *Distributor) Delete(kind, id, project string) error { +func (d *Distributor) Delete(ctx context.Context, kind, id, project string) error { if kind == KindMatchGroup { // should remove all policies of this group - return d.DeleteMatchGroup(id, project) + return d.DeleteMatchGroup(ctx, id, project) } - err := d.client.Delete(context.TODO(), id, kie.WithProject(project)) + err := d.client.Delete(ctx, id, kie.WithProject(project)) if err != nil { log.Error("kie delete failed", err) return err @@ -134,8 +135,8 @@ func (d *Distributor) Delete(kind, id, project string) error { return nil } -func (d *Distributor) DeleteMatchGroup(id string, project string) error { - policy, err := d.getPolicy(KindMatchGroup, id, project) +func (d *Distributor) DeleteMatchGroup(ctx context.Context, id string, project string) error { + policy, err := d.getPolicy(ctx, KindMatchGroup, id, project) if err != nil { log.Error("kie get failed", err) return err @@ -150,7 +151,7 @@ func (d *Distributor) DeleteMatchGroup(id string, project string) error { kie.WithRevision(0), kie.WithGetProject(project), } - idList, _, err := d.client.List(context.TODO(), ops...) + idList, _, err := d.client.List(ctx, ops...) if err != nil { log.Error("kie list failed", err) return err @@ -163,7 +164,7 @@ func (d *Distributor) DeleteMatchGroup(id string, project string) error { return nil } - err = d.client.Delete(context.TODO(), ids[:len(ids)-1], kie.WithProject(project)) + err = d.client.Delete(ctx, ids[:len(ids)-1], kie.WithProject(project)) if err != nil { log.Error("kie list failed", err) return err @@ -171,14 +172,14 @@ func (d *Distributor) DeleteMatchGroup(id string, project string) error { return nil } -func (d *Distributor) Display(project, app, env string) ([]byte, error) { - list, _, err := d.listDataByKind(KindMatchGroup, project, app, env) +func (d *Distributor) Display(ctx context.Context, project, app, env string) ([]byte, error) { + list, _, err := d.listDataByKind(ctx, KindMatchGroup, project, app, env) if err != nil { return nil, err } policyMap := make(map[string]*gov.Policy) for _, kind := range PolicyNames { - policies, _, err := d.listDataByKind(kind, project, app, env) + policies, _, err := d.listDataByKind(ctx, kind, project, app, env) if err != nil { continue } @@ -226,8 +227,8 @@ func setAliasIfEmpty(spec map[string]interface{}, name string) { } } -func (d *Distributor) List(kind, project, app, env string) ([]byte, error) { - list, _, err := d.listDataByKind(kind, project, app, env) +func (d *Distributor) List(ctx context.Context, kind, project, app, env string) ([]byte, error) { + list, _, err := d.listDataByKind(ctx, kind, project, app, env) if err != nil { return nil, err } @@ -244,8 +245,8 @@ func (d *Distributor) List(kind, project, app, env string) ([]byte, error) { return b, nil } -func (d *Distributor) Get(kind, id, project string) ([]byte, error) { - policy, err := d.getPolicy(kind, id, project) +func (d *Distributor) Get(ctx context.Context, kind, id, project string) ([]byte, error) { + policy, err := d.getPolicy(ctx, kind, id, project) if err != nil { return nil, err } @@ -253,8 +254,8 @@ func (d *Distributor) Get(kind, id, project string) ([]byte, error) { return b, nil } -func (d *Distributor) getPolicy(kind string, id string, project string) (*gov.Policy, error) { - kv, err := d.client.Get(context.TODO(), id, kie.WithGetProject(project)) +func (d *Distributor) getPolicy(ctx context.Context, kind string, id string, project string) (*gov.Policy, error) { + kv, err := d.client.Get(ctx, id, kie.WithGetProject(project)) if err != nil { return nil, err } @@ -276,6 +277,9 @@ func initClient(endpoint string) *kie.Client { client, err := kie.NewClient( kie.Config{Endpoint: endpoint, DefaultLabels: map[string]string{}, + HTTPOptions: &httpclient.Options{ + SignRequest: rbacsvc.SignRequest, + }, }) if err != nil { log.Fatal("init kie client failed, err: %s", err) @@ -309,7 +313,7 @@ func toSnake(name string) string { return buffer.String() } -func (d *Distributor) listDataByKind(kind, project, app, env string) (*kie.KVResponse, int, error) { +func (d *Distributor) listDataByKind(ctx context.Context, kind, project, app, env string) (*kie.KVResponse, int, error) { ops := []kie.GetOption{ kie.WithKey("beginWith(" + toGovKeyPrefix(kind) + ")"), kie.WithRevision(0), @@ -325,15 +329,15 @@ func (d *Distributor) listDataByKind(kind, project, app, env string) (*kie.KVRes if len(labels) > 0 { ops = append(ops, kie.WithLabels(labels)) } - return d.client.List(context.TODO(), ops...) + return d.client.List(ctx, ops...) } -func (d *Distributor) generateID(project string, p *gov.Policy) error { +func (d *Distributor) generateID(ctx context.Context, project string, p *gov.Policy) error { if p.Name != "" { return nil } kind := KindMatchGroup - list, _, err := d.listDataByKind(kind, project, p.Selector.App, p.Selector.Environment) + list, _, err := d.listDataByKind(ctx, kind, project, p.Selector.App, p.Selector.Environment) if err != nil { return err } diff --git a/server/service/gov/mock/mock.go b/server/service/gov/mock/mock.go index c98349a..1414087 100644 --- a/server/service/gov/mock/mock.go +++ b/server/service/gov/mock/mock.go @@ -18,6 +18,7 @@ package mock import ( + "context" "encoding/json" "fmt" "log" @@ -38,7 +39,7 @@ const MatchGroup = "match-group" var PolicyNames = []string{"retry", "rateLimiting", "circuitBreaker", "bulkhead"} -func (d *Distributor) Create(kind, project string, p *gov.Policy) ([]byte, error) { +func (d *Distributor) Create(ctx context.Context, kind, project string, p *gov.Policy) ([]byte, error) { p.ID = uuid.NewV4().String() p.Kind = kind log.Println(fmt.Sprintf("create %v", &p)) @@ -46,7 +47,7 @@ func (d *Distributor) Create(kind, project string, p *gov.Policy) ([]byte, error return []byte(p.ID), nil } -func (d *Distributor) Update(kind, id, project string, p *gov.Policy) error { +func (d *Distributor) Update(ctx context.Context, kind, id, project string, p *gov.Policy) error { if d.lbPolicies[id] == nil { return fmt.Errorf("id not exsit") } @@ -57,12 +58,12 @@ func (d *Distributor) Update(kind, id, project string, p *gov.Policy) error { return nil } -func (d *Distributor) Delete(kind, id, project string) error { +func (d *Distributor) Delete(ctx context.Context, kind, id, project string) error { delete(d.lbPolicies, id) return nil } -func (d *Distributor) Display(project, app, env string) ([]byte, error) { +func (d *Distributor) Display(ctx context.Context, project, app, env string) ([]byte, error) { list := make([]*gov.Policy, 0) for _, g := range d.lbPolicies { if checkPolicy(g, MatchGroup, app, env) { @@ -91,7 +92,7 @@ func (d *Distributor) Display(project, app, env string) ([]byte, error) { b, _ := json.MarshalIndent(r, "", " ") return b, nil } -func (d *Distributor) List(kind, project, app, env string) ([]byte, error) { +func (d *Distributor) List(ctx context.Context, kind, project, app, env string) ([]byte, error) { r := make([]*gov.Policy, 0, len(d.lbPolicies)) for _, g := range d.lbPolicies { if checkPolicy(g, kind, app, env) { @@ -106,7 +107,7 @@ func checkPolicy(g *gov.Policy, kind, app, env string) bool { return g.Kind == kind && g.Selector != nil && g.Selector.App == app && g.Selector.Environment == env } -func (d *Distributor) Get(kind, id, project string) ([]byte, error) { +func (d *Distributor) Get(ctx context.Context, kind, id, project string) ([]byte, error) { r := d.lbPolicies[id] if r == nil { return nil, nil diff --git a/server/service/rbac/context.go b/server/service/rbac/context.go index 500fc25..1d2e8bf 100644 --- a/server/service/rbac/context.go +++ b/server/service/rbac/context.go @@ -20,13 +20,16 @@ package rbac import ( "context" "errors" - - rbacmodel "github.com/go-chassis/cari/rbac" + "net/http" "github.com/apache/servicecomb-service-center/pkg/util" + "github.com/apache/servicecomb-service-center/server/service/rbac/token" + rbacmodel "github.com/go-chassis/cari/rbac" ) -const CtxRequestClaims util.CtxKey = "_request_claims" +const ( + CtxRequestClaims util.CtxKey = "_request_claims" +) func UserFromContext(ctx context.Context) string { m, ok := ctx.Value(CtxRequestClaims).(map[string]interface{}) @@ -47,3 +50,12 @@ func AccountFromContext(ctx context.Context) (*rbacmodel.Account, error) { } return rbacmodel.GetAccount(m) } + +func SignRequest(req *http.Request) error { + auth := token.FromContext(req.Context()) + if auth == "" { + return errors.New("request unauthorized") + } + req.Header.Set("Authorization", auth) + return nil +} diff --git a/server/service/rbac/token/context.go b/server/service/rbac/token/context.go new file mode 100644 index 0000000..decabe4 --- /dev/null +++ b/server/service/rbac/token/context.go @@ -0,0 +1,22 @@ +package token + +import ( + "context" + "net/http" + + "github.com/apache/servicecomb-service-center/pkg/util" +) + +const CtxRequestToken util.CtxKey = "_request_token" + +func WithRequest(req *http.Request, token string) *http.Request { + return util.SetRequestContext(req, CtxRequestToken, token) +} + +func FromContext(ctx context.Context) string { + token, ok := ctx.Value(CtxRequestToken).(string) + if !ok { + return "" + } + return token +}