refactor: optimize codes

go.mod

@@ -8,8 +8,10 @@ require (
 	github.com/appleboy/gin-jwt/v2 v2.6.4
 	github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d
 	github.com/buger/jsonparser v1.1.1
+	github.com/coreos/bbolt v1.3.2 // indirect
 	github.com/coreos/etcd v3.3.13+incompatible
 	github.com/coreos/go-systemd v0.0.0-20190620071333-e64a0ec8b42a // indirect
+	github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f // indirect
 	github.com/cpuguy83/go-md2man/v2 v2.0.0
 	github.com/dgraph-io/ristretto v0.0.3
 	github.com/dgrijalva/jwt-go/v4 v4.0.0-preview1
@@ -20,8 +22,9 @@ require (
 	github.com/gin-gonic/gin v1.6.3
 	github.com/go-playground/validator/v10 v10.4.1
 	github.com/go-redis/redis/v7 v7.4.0
-	github.com/golang/mock v1.5.0
+	github.com/golang/mock v1.6.0
 	github.com/google/uuid v1.2.0 // indirect
+	github.com/gorilla/websocket v1.4.2 // indirect
 	github.com/gosuri/uitable v0.0.4
 	github.com/grpc-ecosystem/go-grpc-middleware v1.2.2 // indirect
 	github.com/hashicorp/golang-lru v0.5.4 // indirect
@@ -31,15 +34,17 @@ require (
 	github.com/jonboulle/clockwork v0.2.0 // indirect
 	github.com/kelseyhightower/envconfig v1.4.0
 	github.com/klauspost/compress v1.11.0 // indirect
+	github.com/kr/pretty v0.2.1 // indirect
 	github.com/kr/text v0.2.0 // indirect
 	github.com/lib/pq v1.9.0 // indirect
 	github.com/likexian/host-stat-go v0.0.0-20190516151207-c9cf36dd6ce9
+	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/marmotedu/api v1.0.1
 	github.com/marmotedu/component-base v1.0.0
 	github.com/marmotedu/errors v1.0.2
 	github.com/marmotedu/marmotedu-sdk-go v1.0.2-0.20210528170801-2c91b80cb4cf
 	github.com/mattn/go-isatty v0.0.13
-	github.com/mattn/go-runewidth v0.0.12 // indirect
+	github.com/mattn/go-runewidth v0.0.13 // indirect
 	github.com/mitchellh/go-wordwrap v1.0.1
 	github.com/mitchellh/mapstructure v1.4.1
 	github.com/moby/term v0.0.0-20201216013528-df9cb8a40635
@@ -52,13 +57,13 @@ require (
 	github.com/ory/ladon v1.2.0
 	github.com/parnurzeal/gorequest v0.2.16
 	github.com/prometheus/client_golang v1.10.0
-	github.com/rivo/uniseg v0.2.0 // indirect
 	github.com/russross/blackfriday v1.6.0
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	github.com/satori/go.uuid v1.2.0
 	github.com/segmentio/kafka-go v0.4.12
 	github.com/sirupsen/logrus v1.8.1
-	github.com/spf13/cobra v1.1.3
+	github.com/spaolacci/murmur3 v1.1.0 // indirect
+	github.com/spf13/cobra v1.2.1
 	github.com/spf13/pflag v1.0.5
 	github.com/spf13/viper v1.8.1
 	github.com/stretchr/testify v1.7.0
@@ -68,12 +73,13 @@ require (
 	github.com/zsais/go-gin-prometheus v0.1.0
 	go.uber.org/zap v1.17.0
 	golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e // indirect
+	golang.org/x/net v0.0.0-20210614182718-04defd469f4e // indirect
 	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c
-	golang.org/x/sys v0.0.0-20210616094352-59db8d763f22 // indirect
-	golang.org/x/text v0.3.6 // indirect
+	golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c // indirect
 	golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba
 	golang.org/x/tools v0.1.4
 	google.golang.org/grpc v1.38.0
+	google.golang.org/protobuf v1.27.1 // indirect
 	gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f // indirect
 	gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22
 	gopkg.in/vmihailenco/msgpack.v2 v2.9.1

internal/apiserver/api/v1/policy/create.go

@@ -12,6 +12,7 @@ import (
 	"github.com/marmotedu/errors"
 
 	"github.com/marmotedu/iam/internal/pkg/code"
+	"github.com/marmotedu/iam/internal/pkg/middleware"
 	"github.com/marmotedu/iam/pkg/log"
 )
 
@@ -33,7 +34,7 @@ func (p *PolicyHandler) Create(c *gin.Context) {
 		return
 	}
 
-	r.Username = c.GetString("username")
+	r.Username = c.GetString(middleware.UsernameKey)
 
 	if err := p.srv.Policies().Create(c, &r, metav1.CreateOptions{}); err != nil {
 		core.WriteResponse(c, err, nil)

internal/apiserver/api/v1/policy/delete.go

@@ -9,14 +9,16 @@ import (
 	"github.com/marmotedu/component-base/pkg/core"
 	metav1 "github.com/marmotedu/component-base/pkg/meta/v1"
 
+	"github.com/marmotedu/iam/internal/pkg/middleware"
 	"github.com/marmotedu/iam/pkg/log"
 )
 
 // Delete deletes the policy by the policy identifier.
 func (p *PolicyHandler) Delete(c *gin.Context) {
 	log.L(c).Info("delete policy function called.")
 
-	if err := p.srv.Policies().Delete(c, c.GetString("username"), c.Param("name"), metav1.DeleteOptions{}); err != nil {
+	if err := p.srv.Policies().Delete(c, c.GetString(middleware.UsernameKey), c.Param("name"),
+		metav1.DeleteOptions{}); err != nil {
 		core.WriteResponse(c, err, nil)
 
 		return

internal/apiserver/api/v1/policy/delete_collection.go

@@ -9,14 +9,16 @@ import (
 	"github.com/marmotedu/component-base/pkg/core"
 	metav1 "github.com/marmotedu/component-base/pkg/meta/v1"
 
+	"github.com/marmotedu/iam/internal/pkg/middleware"
 	"github.com/marmotedu/iam/pkg/log"
 )
 
 // DeleteCollection delete policies by policy names.
 func (p *PolicyHandler) DeleteCollection(c *gin.Context) {
 	log.L(c).Info("batch delete policy function called.")
 
-	if err := p.srv.Policies().DeleteCollection(c, c.GetString("username"), c.QueryArray("name"), metav1.DeleteOptions{}); err != nil {
+	if err := p.srv.Policies().DeleteCollection(c, c.GetString(middleware.UsernameKey),
+		c.QueryArray("name"), metav1.DeleteOptions{}); err != nil {
 		core.WriteResponse(c, err, nil)
 
 		return

internal/apiserver/api/v1/policy/get.go

@@ -9,14 +9,15 @@ import (
 	"github.com/marmotedu/component-base/pkg/core"
 	metav1 "github.com/marmotedu/component-base/pkg/meta/v1"
 
+	"github.com/marmotedu/iam/internal/pkg/middleware"
 	"github.com/marmotedu/iam/pkg/log"
 )
 
 // Get return policy by the policy identifier.
 func (p *PolicyHandler) Get(c *gin.Context) {
 	log.L(c).Info("get policy function called.")
 
-	pol, err := p.srv.Policies().Get(c, c.GetString("username"), c.Param("name"), metav1.GetOptions{})
+	pol, err := p.srv.Policies().Get(c, c.GetString(middleware.UsernameKey), c.Param("name"), metav1.GetOptions{})
 	if err != nil {
 		core.WriteResponse(c, err, nil)
 

internal/apiserver/api/v1/policy/list.go

@@ -11,6 +11,7 @@ import (
 	"github.com/marmotedu/errors"
 
 	"github.com/marmotedu/iam/internal/pkg/code"
+	"github.com/marmotedu/iam/internal/pkg/middleware"
 	"github.com/marmotedu/iam/pkg/log"
 )
 
@@ -25,7 +26,7 @@ func (p *PolicyHandler) List(c *gin.Context) {
 		return
 	}
 
-	policies, err := p.srv.Policies().List(c, c.GetString("username"), r)
+	policies, err := p.srv.Policies().List(c, c.GetString(middleware.UsernameKey), r)
 	if err != nil {
 		core.WriteResponse(c, err, nil)
 

internal/apiserver/api/v1/policy/update.go

@@ -12,6 +12,7 @@ import (
 	"github.com/marmotedu/errors"
 
 	"github.com/marmotedu/iam/internal/pkg/code"
+	"github.com/marmotedu/iam/internal/pkg/middleware"
 	"github.com/marmotedu/iam/pkg/log"
 )
 
@@ -26,7 +27,7 @@ func (p *PolicyHandler) Update(c *gin.Context) {
 		return
 	}
 
-	pol, err := p.store.Policies().Get(c, c.GetString("username"), c.Param("name"), metav1.GetOptions{})
+	pol, err := p.store.Policies().Get(c, c.GetString(middleware.UsernameKey), c.Param("name"), metav1.GetOptions{})
 	if err != nil {
 		core.WriteResponse(c, errors.WithCode(code.ErrDatabase, err.Error()), nil)
 

internal/apiserver/api/v1/secret/create.go

@@ -13,6 +13,7 @@ import (
 	"github.com/marmotedu/errors"
 
 	"github.com/marmotedu/iam/internal/pkg/code"
+	"github.com/marmotedu/iam/internal/pkg/middleware"
 	"github.com/marmotedu/iam/pkg/log"
 )
 
@@ -36,7 +37,7 @@ func (s *SecretHandler) Create(c *gin.Context) {
 		return
 	}
 
-	username := c.GetString("username")
+	username := c.GetString(middleware.UsernameKey)
 
 	sec, err := s.store.Secrets().List(c, username, metav1.ListOptions{
 		Offset: pointer.ToInt64(0),

internal/apiserver/api/v1/secret/delete.go

@@ -9,14 +9,15 @@ import (
 	"github.com/marmotedu/component-base/pkg/core"
 	metav1 "github.com/marmotedu/component-base/pkg/meta/v1"
 
+	"github.com/marmotedu/iam/internal/pkg/middleware"
 	"github.com/marmotedu/iam/pkg/log"
 )
 
 // Delete delete a secret by the secret identifier.
 func (s *SecretHandler) Delete(c *gin.Context) {
 	log.L(c).Info("delete secret function called.")
 	opts := metav1.DeleteOptions{Unscoped: true}
-	if err := s.srv.Secrets().Delete(c, c.GetString("username"), c.Param("name"), opts); err != nil {
+	if err := s.srv.Secrets().Delete(c, c.GetString(middleware.UsernameKey), c.Param("name"), opts); err != nil {
 		core.WriteResponse(c, err, nil)
 
 		return

internal/apiserver/api/v1/secret/delete_collection.go

@@ -9,6 +9,7 @@ import (
 	"github.com/marmotedu/component-base/pkg/core"
 	metav1 "github.com/marmotedu/component-base/pkg/meta/v1"
 
+	"github.com/marmotedu/iam/internal/pkg/middleware"
 	"github.com/marmotedu/iam/pkg/log"
 )
 
@@ -18,7 +19,7 @@ func (s *SecretHandler) DeleteCollection(c *gin.Context) {
 
 	if err := s.srv.Policies().DeleteCollection(
 		c,
-		c.GetString("username"),
+		c.GetString(middleware.UsernameKey),
 		c.QueryArray("name"),
 		metav1.DeleteOptions{},
 	); err != nil {

internal/apiserver/api/v1/secret/get.go

@@ -9,14 +9,15 @@ import (
 	"github.com/marmotedu/component-base/pkg/core"
 	metav1 "github.com/marmotedu/component-base/pkg/meta/v1"
 
+	"github.com/marmotedu/iam/internal/pkg/middleware"
 	"github.com/marmotedu/iam/pkg/log"
 )
 
 // Get get an policy by the secret identifier.
 func (s *SecretHandler) Get(c *gin.Context) {
 	log.L(c).Info("get secret function called.")
 
-	secret, err := s.srv.Secrets().Get(c, c.GetString("username"), c.Param("name"), metav1.GetOptions{})
+	secret, err := s.srv.Secrets().Get(c, c.GetString(middleware.UsernameKey), c.Param("name"), metav1.GetOptions{})
 	if err != nil {
 		core.WriteResponse(c, err, nil)
 

internal/apiserver/api/v1/secret/list.go

@@ -11,6 +11,7 @@ import (
 	"github.com/marmotedu/errors"
 
 	"github.com/marmotedu/iam/internal/pkg/code"
+	"github.com/marmotedu/iam/internal/pkg/middleware"
 	"github.com/marmotedu/iam/pkg/log"
 )
 
@@ -24,7 +25,7 @@ func (s *SecretHandler) List(c *gin.Context) {
 		return
 	}
 
-	secrets, err := s.srv.Secrets().List(c, c.GetString("username"), r)
+	secrets, err := s.srv.Secrets().List(c, c.GetString(middleware.UsernameKey), r)
 	if err != nil {
 		core.WriteResponse(c, err, nil)
 

internal/apiserver/api/v1/secret/update.go

@@ -12,6 +12,7 @@ import (
 	"github.com/marmotedu/errors"
 
 	"github.com/marmotedu/iam/internal/pkg/code"
+	"github.com/marmotedu/iam/internal/pkg/middleware"
 	"github.com/marmotedu/iam/pkg/log"
 )
 
@@ -26,7 +27,7 @@ func (s *SecretHandler) Update(c *gin.Context) {
 		return
 	}
 
-	username := c.GetString("username")
+	username := c.GetString(middleware.UsernameKey)
 	name := c.Param("name")
 
 	secret, err := s.srv.Secrets().Get(c, username, name, metav1.GetOptions{})

internal/apiserver/auth.go

@@ -29,9 +29,6 @@ const (
 
 	// APIServerIssuer defines the value of jwt issuer field.
 	APIServerIssuer = "iam-apiserver"
-
-	// CtxUsername defines username context key.
-	CtxUsername = "username"
 )
 
 type loginInfo struct {
@@ -68,12 +65,14 @@ func newJWTAuth() middleware.AuthStrategy {
 		LogoutResponse: func(c *gin.Context, code int) {
 			c.JSON(http.StatusOK, nil)
 		},
-		PayloadFunc: payloadFunc(),
+		RefreshResponse: refreshResponse(),
+		PayloadFunc:     payloadFunc(),
 		IdentityHandler: func(c *gin.Context) interface{} {
 			claims := jwt.ExtractClaims(c)
 
 			return claims[jwt.IdentityKey]
 		},
+		IdentityKey:  middleware.UsernameKey,
 		Authorizator: authorizator(),
 		Unauthorized: func(c *gin.Context, code int, message string) {
 			c.JSON(code, gin.H{
@@ -165,6 +164,15 @@ func parseWithBody(c *gin.Context) (loginInfo, error) {
 	return login, nil
 }
 
+func refreshResponse() func(c *gin.Context, code int, token string, expire time.Time) {
+	return func(c *gin.Context, code int, token string, expire time.Time) {
+		c.JSON(http.StatusOK, gin.H{
+			"token":  token,
+			"expire": expire.Format(time.RFC3339),
+		})
+	}
+}
+
 func loginResponse() func(c *gin.Context, code int, token string, expire time.Time) {
 	return func(c *gin.Context, code int, token string, expire time.Time) {
 		c.JSON(http.StatusOK, gin.H{
@@ -191,10 +199,10 @@ func payloadFunc() func(data interface{}) jwt.MapClaims {
 
 func authorizator() func(data interface{}, c *gin.Context) bool {
 	return func(data interface{}, c *gin.Context) bool {
-		// add username to header
 		if v, ok := data.(string); ok {
-			// c.Request.Header.Add(log.KeyUsername, v)
-			c.Set(CtxUsername, v)
+			// c.Set(log.KeyUsername, v)
+			// c.Set(log.KeyRequestID, v)
+			log.L(c).Infof("user `%s` is authenticated.", v)
 
 			return true
 		}

internal/pkg/code/apiserver.go

@@ -24,7 +24,7 @@ const (
 	ErrSecretNotFound
 )
 
-// iam-apiserver: policy errors
+// iam-apiserver: policy errors.
 const (
 	// ErrPolicyNotFound - 404: Policy not found.
 	ErrPolicyNotFound int = iota + 110201

internal/pkg/code/authzserver.go

@@ -6,5 +6,5 @@ package code
 
 //go:generate codegen -type=int
 
-// iam-authz-server: authorize errors
+// iam-authz-server: authorize errors.
 const ()

internal/pkg/middleware/auth/basic.go

@@ -16,9 +16,6 @@ import (
 	"github.com/marmotedu/iam/internal/pkg/middleware"
 )
 
-// CtxUsername defines the key in gin context which represents the owner of the secret.
-const CtxUsername = "username"
-
 // BasicStrategy defines Basic authentication strategy.
 type BasicStrategy struct {
 	compare func(username string, password string) bool
@@ -63,7 +60,7 @@ func (b BasicStrategy) AuthFunc() gin.HandlerFunc {
 			return
 		}
 
-		c.Set(CtxUsername, pair[0])
+		c.Set(middleware.UsernameKey, pair[0])
 
 		c.Next()
 	}

internal/pkg/middleware/auth/cache.go

@@ -98,7 +98,7 @@ func (cache CacheStrategy) AuthFunc() gin.HandlerFunc {
 			return
 		}
 
-		c.Set(CtxUsername, secret.Username)
+		c.Set(middleware.UsernameKey, secret.Username)
 		c.Next()
 	}
 }