zhenyi
dbbfb747a4
- Replace InternalAuthService with TokenService using JWT tokens - Add support for token issuance, refresh, verification and revocation - Implement automatic signing key rotation with Redis storage - Add database migration checks for indexes and foreign key constraints - Update gRPC endpoints to use token-based authentication - Remove deprecated API key based authentication system - Add JSON Web Token support with HMAC-SHA256 signing - Implement refresh token handling with automatic rotation - Add token revocation by JTI and user ID - Update build configuration to include core proto files - Migrate database schema to handle token-based authentication - Add comprehensive token validation and verification logic
136 lines
4.9 KiB
Rust
136 lines
4.9 KiB
Rust
pub mod appks;
|
|
pub mod core;
|
|
pub mod email;
|
|
pub mod im;
|
|
pub mod repo;
|
|
|
|
use serde::{Deserialize, Serialize};
|
|
use tonic::transport::{Channel, Endpoint};
|
|
|
|
#[derive(Clone, PartialEq, Eq, Hash, prost::Message, Serialize, Deserialize, utoipa::ToSchema)]
|
|
pub struct Timestamp {
|
|
#[prost(int64, tag = "1")]
|
|
pub seconds: i64,
|
|
#[prost(int32, tag = "2")]
|
|
pub nanos: i32,
|
|
}
|
|
|
|
impl From<prost_types::Timestamp> for Timestamp {
|
|
fn from(t: prost_types::Timestamp) -> Self {
|
|
Self {
|
|
seconds: t.seconds,
|
|
nanos: t.nanos,
|
|
}
|
|
}
|
|
}
|
|
|
|
impl From<Timestamp> for prost_types::Timestamp {
|
|
fn from(t: Timestamp) -> Self {
|
|
Self {
|
|
seconds: t.seconds,
|
|
nanos: t.nanos,
|
|
}
|
|
}
|
|
}
|
|
|
|
#[derive(Clone)]
|
|
pub struct RepoClient {
|
|
pub repository: repo::repository_service_client::RepositoryServiceClient<Channel>,
|
|
pub commit: repo::commit_service_client::CommitServiceClient<Channel>,
|
|
pub branch: repo::branch_service_client::BranchServiceClient<Channel>,
|
|
pub tag: repo::tag_service_client::TagServiceClient<Channel>,
|
|
pub tree: repo::tree_service_client::TreeServiceClient<Channel>,
|
|
pub diff: repo::diff_service_client::DiffServiceClient<Channel>,
|
|
pub merge: repo::merge_service_client::MergeServiceClient<Channel>,
|
|
pub blame: repo::blame_service_client::BlameServiceClient<Channel>,
|
|
pub archive: repo::archive_service_client::ArchiveServiceClient<Channel>,
|
|
pub pack: repo::pack_service_client::PackServiceClient<Channel>,
|
|
pub ref_: repo::ref_service_client::RefServiceClient<Channel>,
|
|
pub remote: repo::remote_service_client::RemoteServiceClient<Channel>,
|
|
}
|
|
|
|
impl RepoClient {
|
|
pub async fn connect(addr: impl Into<String>) -> Result<Self, Box<dyn std::error::Error>> {
|
|
let channel = Endpoint::from_shared(addr.into())?.connect().await?;
|
|
Ok(Self::new(channel))
|
|
}
|
|
|
|
pub fn lazy_connect(addr: impl Into<String>) -> Result<Self, Box<dyn std::error::Error>> {
|
|
let channel = Endpoint::from_shared(addr.into())?.connect_lazy();
|
|
Ok(Self::new(channel))
|
|
}
|
|
|
|
pub fn new(channel: Channel) -> Self {
|
|
Self {
|
|
repository: repo::repository_service_client::RepositoryServiceClient::new(
|
|
channel.clone(),
|
|
),
|
|
commit: repo::commit_service_client::CommitServiceClient::new(channel.clone()),
|
|
branch: repo::branch_service_client::BranchServiceClient::new(channel.clone()),
|
|
tag: repo::tag_service_client::TagServiceClient::new(channel.clone()),
|
|
tree: repo::tree_service_client::TreeServiceClient::new(channel.clone()),
|
|
diff: repo::diff_service_client::DiffServiceClient::new(channel.clone()),
|
|
merge: repo::merge_service_client::MergeServiceClient::new(channel.clone()),
|
|
blame: repo::blame_service_client::BlameServiceClient::new(channel.clone()),
|
|
archive: repo::archive_service_client::ArchiveServiceClient::new(channel.clone()),
|
|
pack: repo::pack_service_client::PackServiceClient::new(channel.clone()),
|
|
ref_: repo::ref_service_client::RefServiceClient::new(channel.clone()),
|
|
remote: repo::remote_service_client::RemoteServiceClient::new(channel),
|
|
}
|
|
}
|
|
}
|
|
|
|
#[derive(Clone)]
|
|
pub struct EmailClient {
|
|
inner: email::email_service_client::EmailServiceClient<Channel>,
|
|
}
|
|
|
|
impl EmailClient {
|
|
pub async fn connect(addr: impl Into<String>) -> Result<Self, Box<dyn std::error::Error>> {
|
|
let channel = Endpoint::from_shared(addr.into())?.connect().await?;
|
|
Ok(Self::new(channel))
|
|
}
|
|
|
|
pub fn lazy_connect(addr: impl Into<String>) -> Result<Self, Box<dyn std::error::Error>> {
|
|
let channel = Endpoint::from_shared(addr.into())?.connect_lazy();
|
|
Ok(Self::new(channel))
|
|
}
|
|
|
|
pub fn new(channel: Channel) -> Self {
|
|
Self {
|
|
inner: email::email_service_client::EmailServiceClient::new(channel),
|
|
}
|
|
}
|
|
}
|
|
|
|
impl std::ops::Deref for EmailClient {
|
|
type Target = email::email_service_client::EmailServiceClient<Channel>;
|
|
|
|
fn deref(&self) -> &Self::Target {
|
|
&self.inner
|
|
}
|
|
}
|
|
|
|
impl std::ops::DerefMut for EmailClient {
|
|
fn deref_mut(&mut self) -> &mut Self::Target {
|
|
&mut self.inner
|
|
}
|
|
}
|
|
|
|
// Section: Appks gRPC server traits
|
|
//
|
|
// Core services (package appks.core.v1) live in pb::core::
|
|
// - TokenService (JWT issue/refresh/revoke/verify, signing key distribution)
|
|
//
|
|
// App services (package appks.v1) live in pb::appks::
|
|
// - RepoService
|
|
//
|
|
// IM services (package appks.im.v1) live in pb::im::
|
|
// - ChannelService, MemberService, PermissionService
|
|
// - ChannelRoleService, ChannelInvitationService, ChannelWebhookService
|
|
// - ChannelSlashCommandService, ChannelRepoLinkService, ImIntegrationService
|
|
// - CustomEmojiService, ForumTagService, VoiceService, StageService
|
|
// - ChannelAuditService
|
|
//
|
|
// Implementations are in grpc/ and wired into the tonic server in grpc/mod.rs.
|