chore(infra): add gRPC layer, update protobufs, remove immediate module

- Add gRPC service modules: auth, channel, channel settings, member, permission - Update protobuf definitions and generated code - Remove immediate/ real-time module (superseded by IM service) - Update etcd discovery and registration - Update cache, error, config, and build infrastructure - Add ADR documentation - Update OpenAPI spec
2026-06-10 18:49:42 +08:00
parent 9eb77ab98b
commit 1000f8a80d
57 changed files with 22524 additions and 2703 deletions
@@ -0,0 +1,53 @@
+use tonic::{Request, Response, Status};
+
+use crate::pb::im::internal_auth_service_server::InternalAuthService as InternalAuthServiceTrait;
+use crate::pb::im::{AuthenticateRequest, AuthenticateResponse};
+use crate::service::internal_auth::InternalAuthService;
+
+pub struct InternalAuthGrpcService {
+    service: InternalAuthService,
+}
+
+impl InternalAuthGrpcService {
+    pub fn new(service: InternalAuthService) -> Self {
+        Self { service }
+    }
+}
+
+#[tonic::async_trait]
+impl InternalAuthServiceTrait for InternalAuthGrpcService {
+    async fn authenticate(
+        &self,
+        request: Request<AuthenticateRequest>,
+    ) -> Result<Response<AuthenticateResponse>, Status> {
+        let req = request.into_inner();
+
+        if req.api_key.is_empty() {
+            return Ok(Response::new(AuthenticateResponse {
+                authenticated: false,
+                service_name: String::new(),
+                service_id: String::new(),
+                scopes: vec![],
+                expires_at: 0,
+            }));
+        }
+
+        match self.service.verify_api_key(&req.api_key).await {
+            Ok(Some(identity)) => Ok(Response::new(AuthenticateResponse {
+                authenticated: true,
+                service_name: identity.service_name,
+                service_id: identity.service_id,
+                scopes: identity.scopes,
+                expires_at: identity.expires_at,
+            })),
+            Ok(None) => Ok(Response::new(AuthenticateResponse {
+                authenticated: false,
+                service_name: String::new(),
+                service_id: String::new(),
+                scopes: vec![],
+                expires_at: 0,
+            })),
+            Err(e) => Err(Status::internal(format!("auth verification failed: {e}"))),
+        }
+    }
+}