devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

feat: add loggging to all resolvers

Browse Source
This commit is contained in:
Lakhan Samani
2022-05-24 12:42:29 +05:30
parent f5515bec28
commit d7bb10fd21
27 changed files with 350 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
server/resolvers/validate_jwt_token.go
View File

@@ -6,11 +6,13 @@ import (
"fmt"
"strings"
"github.com/golang-jwt/jwt"
log "github.com/sirupsen/logrus"
"github.com/authorizerdev/authorizer/server/graph/model"
"github.com/authorizerdev/authorizer/server/sessionstore"
"github.com/authorizerdev/authorizer/server/token"
"github.com/authorizerdev/authorizer/server/utils"
"github.com/golang-jwt/jwt"
)
// ValidateJwtTokenResolver is used to validate a jwt token without its rotation
@@ -22,11 +24,13 @@ import (
func ValidateJwtTokenResolver(ctx context.Context, params model.ValidateJWTTokenInput) (*model.ValidateJWTTokenResponse, error) {
gc, err := utils.GinContextFromContext(ctx)
if err != nil {
log.Debug("Failed to get GinContext", err)
return nil, err
}
tokenType := params.TokenType
if tokenType != "access_token" && tokenType != "refresh_token" && tokenType != "id_token" {
log.Debug("Invalid token type:", tokenType)
return nil, errors.New("invalid token type")
}
@@ -53,6 +57,7 @@ func ValidateJwtTokenResolver(ctx context.Context, params model.ValidateJWTToken
if userID != "" && nonce != "" {
claims, err = token.ParseJWTToken(params.Token, hostname, nonce, userID)
if err != nil {
log.Debug("Failed to parse jwt token", err)
return &model.ValidateJWTTokenResponse{
IsValid: false,
}, nil
@@ -60,6 +65,7 @@ func ValidateJwtTokenResolver(ctx context.Context, params model.ValidateJWTToken
} else {
claims, err = token.ParseJWTTokenWithoutNonce(params.Token, hostname)
if err != nil {
log.Debug("Failed to parse jwt token without nonce", err)
return &model.ValidateJWTTokenResponse{
IsValid: false,
}, nil
@@ -76,6 +82,7 @@ func ValidateJwtTokenResolver(ctx context.Context, params model.ValidateJWTToken
if params.Roles != nil && len(params.Roles) > 0 {
for _, v := range params.Roles {
if !utils.StringSliceContains(claimRoles, v) {
log.Debug("Token does not have required role:", v)
return nil, fmt.Errorf(`unauthorized`)
}
}