devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

feat(server): add is_valid_jwt query

Browse Source
This commit is contained in:
Lakhan Samani
2022-01-24 00:32:06 +05:30
parent 7f18a3f634
commit 87b1cac979
10 changed files with 465 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
server/resolvers/is_valid_jwt.go Normal file
View File

@@ -0,0 +1,39 @@
package resolvers
import (
"context"
"fmt"
"github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/envstore"
"github.com/authorizerdev/authorizer/server/graph/model"
tokenHelper "github.com/authorizerdev/authorizer/server/token"
"github.com/authorizerdev/authorizer/server/utils"
)
// IsValidJwtResolver resolver to return if given jwt is valid
func IsValidJwtResolver(ctx context.Context, params *model.IsValidJWTQueryInput) (*model.ValidJWTResponse, error) {
claims, err := tokenHelper.VerifyJWTToken(params.Jwt)
if err != nil {
return nil, err
}
claimRoleInterface := claims[envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtRoleClaim)].([]interface{})
claimRoles := []string{}
for _, v := range claimRoleInterface {
claimRoles = append(claimRoles, v.(string))
}
if params != nil && params.Roles != nil && len(params.Roles) > 0 {
for _, v := range params.Roles {
if !utils.StringSliceContains(claimRoles, v) {
return nil, fmt.Errorf(`unauthorized`)
}
}
}
return &model.ValidJWTResponse{
Valid: true,
Message: "Valid JWT",
}, nil
}

6
server/resolvers/session.go
View File

@@ -13,7 +13,7 @@ import (
)
// SessionResolver is a resolver for session query
func SessionResolver(ctx context.Context, roles []string) (*model.AuthResponse, error) {
func SessionResolver(ctx context.Context, params *model.SessionQueryInput) (*model.AuthResponse, error) {
var res *model.AuthResponse
gc, err := utils.GinContextFromContext(ctx)
@@ -65,8 +65,8 @@ func SessionResolver(ctx context.Context, roles []string) (*model.AuthResponse,
claimRoles = append(claimRoles, v.(string))
}
if len(roles) > 0 {
for _, v := range roles {
if params != nil && params.Roles != nil && len(params.Roles) > 0 {
for _, v := range params.Roles {
if !utils.StringSliceContains(claimRoles, v) {
return res, fmt.Errorf(`unauthorized`)
}