Skip to content

Commit 6ee1996

Browse files
Dot-LiuDot-Liu
committed
Fix the issue of ineffective authentication for JWT, Oauth2, AK/SK
1 parent fdac169 commit 6ee1996

File tree

4 files changed

+105
-13
lines changed

4 files changed

+105
-13
lines changed

gateway/apinto/auth/aksk.go

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
package auth
2+
3+
func init() {
4+
b := NewAKSK()
5+
Register(b.Name(), b)
6+
}
7+
8+
func NewAKSK() *AKSK {
9+
return &AKSK{}
10+
}
11+
12+
type AKSK struct {
13+
}
14+
15+
func (a *AKSK) Name() string {
16+
return "aksk"
17+
}
18+
19+
func (a *AKSK) ToPattern(cfg map[string]interface{}) interface{} {
20+
result := make(map[string]interface{})
21+
result["ak"] = cfg["ak"]
22+
result["sk"] = cfg["sk"]
23+
return result
24+
}
25+
26+
func (a *AKSK) ToConfig(cfg map[string]interface{}) interface{} {
27+
return nil
28+
}

gateway/apinto/auth/jwt.go

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,35 @@
1+
package auth
2+
3+
func init() {
4+
b := NewJWT()
5+
Register(b.Name(), b)
6+
}
7+
8+
func NewJWT() *JWT {
9+
return &JWT{}
10+
}
11+
12+
type JWT struct {
13+
}
14+
15+
func (J *JWT) Name() string {
16+
return "jwt"
17+
}
18+
19+
func (J *JWT) ToPattern(cfg map[string]interface{}) interface{} {
20+
result := make(map[string]interface{})
21+
result["username"] = cfg["user"]
22+
return result
23+
}
24+
25+
func (J *JWT) ToConfig(cfg map[string]interface{}) interface{} {
26+
result := make(map[string]interface{})
27+
result["iss"] = cfg["iss"]
28+
result["algorithm"] = cfg["algorithm"]
29+
result["secret"] = cfg["secret"]
30+
result["rsa_public_key"] = cfg["publicKey"]
31+
result["path"] = cfg["userPath"]
32+
result["claims_to_verify"] = cfg["claimsToVerify"]
33+
result["signature_is_base_64"] = cfg["signatureIsBase64"]
34+
return result
35+
}

gateway/apinto/auth/oauth2.go

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
package auth
2+
3+
func init() {
4+
b := NewOAuth2()
5+
Register(b.Name(), b)
6+
}
7+
8+
func NewOAuth2() *OAuth2 {
9+
return &OAuth2{}
10+
}
11+
12+
type OAuth2 struct {
13+
}
14+
15+
func (o *OAuth2) Name() string {
16+
return "oauth2"
17+
}
18+
func (o *OAuth2) ToPattern(cfg map[string]interface{}) interface{} {
19+
result := make(map[string]interface{})
20+
result["client_id"] = cfg["client_id"]
21+
result["client_secret"] = cfg["client_secret"]
22+
result["client_type"] = cfg["client_type"]
23+
result["hash_secret"] = cfg["hash_secret"]
24+
result["redirect_urls"] = cfg["redirect_urls"]
25+
return result
26+
}
27+
func (o *OAuth2) ToConfig(cfg map[string]interface{}) interface{} {
28+
return nil
29+
}

module/application-authorization/auth-driver/jwt/jwt.go

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -6,11 +6,11 @@ import (
66
"fmt"
77
"strconv"
88
"strings"
9-
9+
1010
auth_driver "github.com/APIParkLab/APIPark/module/application-authorization/auth-driver"
11-
11+
1212
"github.com/eolinker/go-common/utils"
13-
13+
1414
application_authorization_dto "github.com/APIParkLab/APIPark/module/application-authorization/dto"
1515
)
1616

@@ -26,12 +26,12 @@ type Config struct {
2626
Iss string `json:"iss"`
2727
Algorithm string `json:"algorithm"`
2828
Secret string `json:"secret"`
29-
PublicKey string `json:"public_key"`
29+
PublicKey string `json:"publicKey"`
3030
User string `json:"user"`
31-
UserPath string `json:"user_path"`
32-
ClaimsToVerify []string `json:"claims_to_verify"`
31+
UserPath string `json:"userPath"`
32+
ClaimsToVerify []string `json:"claimsToVerify"`
3333
Label map[string]string `json:"label"`
34-
SignatureIsBase64 bool `json:"signature_is_base64"`
34+
SignatureIsBase64 bool `json:"signatureIsBase64"`
3535
}
3636

3737
func (cfg *Config) ID() string {
@@ -46,7 +46,7 @@ func (cfg *Config) ID() string {
4646
for _, claim := range cfg.ClaimsToVerify {
4747
builder.WriteString(strings.TrimSpace(claim))
4848
}
49-
49+
5050
case "RS256", "RS384", "RS512", "ES256", "ES384", "ES512":
5151
builder.WriteString(strings.TrimSpace(cfg.Iss))
5252
builder.WriteString(strings.TrimSpace(cfg.PublicKey))
@@ -81,7 +81,7 @@ func (cfg *Config) Valid() ([]byte, error) {
8181
default:
8282
return nil, fmt.Errorf("unsupport algorithm")
8383
}
84-
84+
8585
//校验 校验字段
8686
for _, claim := range cfg.ClaimsToVerify {
8787
switch claim {
@@ -94,26 +94,26 @@ func (cfg *Config) Valid() ([]byte, error) {
9494
}
9595

9696
func (cfg *Config) Detail() []application_authorization_dto.DetailItem {
97-
97+
9898
items := []application_authorization_dto.DetailItem{
9999
{Key: "Iss", Value: cfg.Iss},
100100
{Key: "签名算法", Value: cfg.Algorithm},
101101
{Key: "用户名", Value: cfg.User},
102102
{Key: "用户名JsonPath", Value: cfg.UserPath},
103103
{Key: "校验字段", Value: strings.Join(cfg.ClaimsToVerify, ",")},
104104
}
105-
105+
106106
switch cfg.Algorithm {
107107
case "HS256", "HS384", "HS512":
108108
items = append(items, application_authorization_dto.DetailItem{Key: "Secret", Value: cfg.Secret})
109109
base64 := "false"
110110
if cfg.SignatureIsBase64 {
111111
base64 = "true"
112112
}
113-
items = append(items, application_authorization_dto.DetailItem{Key: "Secret", Value: base64})
113+
items = append(items, application_authorization_dto.DetailItem{Key: "SignatureIsBase64", Value: base64})
114114
default:
115115
items = append(items, application_authorization_dto.DetailItem{Key: "RSA公钥", Value: cfg.PublicKey})
116116
}
117-
117+
118118
return items
119119
}

0 commit comments

Comments
 (0)