Commit bad7655
Changed files (14)
bin/api
@@ -18,7 +18,7 @@ end
lib_path = Pathname.new(__FILE__).parent.parent.join('lib').realpath.to_s
$LOAD_PATH.unshift(lib_path) unless $LOAD_PATH.include?(lib_path)
-require 'ability_services_pb'
+require 'authx'
GRPC.logger = Logger.new($stderr, level: :debug)
$scheme = ENV.fetch("SCHEME", "http")
@@ -79,8 +79,8 @@ class API
def authorized?(request, permission)
# TODO:: Check the JWT for the appropriate claim
# Connect to the Authz RPC endpoint Ability.allowed?(subject, permission, resource)
- client = ::Authx::Ability::Stub.new('localhost:50051', :this_channel_is_insecure) # TODO:: memorize client
- reply = client.allowed(::Authx::AllowRequest.new(subject: "", permission: permission, resource: ""))
+ client = ::Authx::Rpc::Ability::Stub.new('localhost:50051', :this_channel_is_insecure) # TODO:: memorize client
+ reply = client.allowed(::Authx::Rpc::AllowRequest.new(subject: "", permission: permission, resource: ""))
puts "***" * 10
puts reply.inspect
puts "***" * 10
bin/idp
@@ -13,6 +13,11 @@ gemfile do
gem "webrick", "~> 1.0"
end
+lib_path = Pathname.new(__FILE__).parent.parent.join('lib').realpath.to_s
+$LOAD_PATH.unshift(lib_path) unless $LOAD_PATH.include?(lib_path)
+
+require 'authx'
+
$scheme = ENV.fetch("SCHEME", "http")
$port = ENV.fetch("PORT", 8282).to_i
$host = ENV.fetch("HOST", "localhost:#{$port}")
bin/rpc
@@ -11,7 +11,7 @@ gemfile do
gem "logger", "~> 1.0"
end
-lib_path = Pathname.new(__FILE__).parent.parent.join('lib').realpath.to_s
+lib_path = Pathname.new(__FILE__).parent.parent.join('lib/authx/rpc').realpath.to_s
$LOAD_PATH.unshift(lib_path) unless $LOAD_PATH.include?(lib_path)
require 'ability_services_pb'
@@ -22,12 +22,12 @@ class ProjectPolicy < DeclarativePolicy::Base
rule { owner }.enable :create_project
end
-class AbilityHandler < ::Authx::Ability::Service
+class AbilityHandler < ::Authx::Rpc::Ability::Service
def allowed(request, _call)
puts [request, _call].inspect
GRPC.logger.info([request, _call].inspect)
- ::Authx::AllowReply.new(result: true)
+ ::Authx::Rpc::AllowReply.new(result: true)
# TODO:: entrypoint to declarative policies
# AllowReply.new(result: policy_for(request).can?(request.permission))
end
lib/authx/rpc/ability_pb.rb
@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+# Generated by the protocol buffer compiler. DO NOT EDIT!
+# source: ability.proto
+
+require 'google/protobuf'
+
+
+descriptor_data = "\n\rability.proto\x12\tauthx.rpc\"E\n\x0c\x41llowRequest\x12\x0f\n\x07subject\x18\x01 \x01(\t\x12\x12\n\npermission\x18\x02 \x01(\t\x12\x10\n\x08resource\x18\x03 \x01(\t\"\x1c\n\nAllowReply\x12\x0e\n\x06result\x18\x01 \x01(\x08\x32\x46\n\x07\x41\x62ility\x12;\n\x07\x41llowed\x12\x17.authx.rpc.AllowRequest\x1a\x15.authx.rpc.AllowReply\"\x00\x62\x06proto3"
+
+pool = Google::Protobuf::DescriptorPool.generated_pool
+pool.add_serialized_file(descriptor_data)
+
+module Authx
+ module Rpc
+ AllowRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authx.rpc.AllowRequest").msgclass
+ AllowReply = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authx.rpc.AllowReply").msgclass
+ end
+end
lib/authx/rpc/ability_services_pb.rb
@@ -0,0 +1,24 @@
+# Generated by the protocol buffer compiler. DO NOT EDIT!
+# Source: ability.proto for package 'authx.rpc'
+
+require 'grpc'
+require 'ability_pb'
+
+module Authx
+ module Rpc
+ module Ability
+ class Service
+
+ include ::GRPC::GenericService
+
+ self.marshal_class_method = :encode
+ self.unmarshal_class_method = :decode
+ self.service_name = 'authx.rpc.Ability'
+
+ rpc :Allowed, ::Authx::Rpc::AllowRequest, ::Authx::Rpc::AllowReply
+ end
+
+ Stub = Service.rpc_stub_class
+ end
+ end
+end
lib/authx/rpc/ability_twirp.rb
@@ -0,0 +1,17 @@
+# Code generated by protoc-gen-twirp_ruby 1.11.0, DO NOT EDIT.
+require 'twirp'
+require_relative 'ability_pb.rb'
+
+module Authx
+ module Rpc
+ class AbilityService < ::Twirp::Service
+ package 'authx.rpc'
+ service 'Ability'
+ rpc :Allowed, AllowRequest, AllowReply, :ruby_method => :allowed
+ end
+
+ class AbilityClient < ::Twirp::Client
+ client_for AbilityService
+ end
+ end
+end
lib/authx/rpc.rb
@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+require "authx/rpc/ability_pb"
+require "authx/rpc/ability_twirp"
lib/ability_pb.rb
@@ -1,16 +0,0 @@
-# frozen_string_literal: true
-# Generated by the protocol buffer compiler. DO NOT EDIT!
-# source: ability.proto
-
-require 'google/protobuf'
-
-
-descriptor_data = "\n\rability.proto\x12\x05\x61uthx\"E\n\x0c\x41llowRequest\x12\x0f\n\x07subject\x18\x01 \x01(\t\x12\x12\n\npermission\x18\x02 \x01(\t\x12\x10\n\x08resource\x18\x03 \x01(\t\"\x1c\n\nAllowReply\x12\x0e\n\x06result\x18\x01 \x01(\x08\x32>\n\x07\x41\x62ility\x12\x33\n\x07\x41llowed\x12\x13.authx.AllowRequest\x1a\x11.authx.AllowReply\"\x00\x62\x06proto3"
-
-pool = Google::Protobuf::DescriptorPool.generated_pool
-pool.add_serialized_file(descriptor_data)
-
-module Authx
- AllowRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authx.AllowRequest").msgclass
- AllowReply = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authx.AllowReply").msgclass
-end
lib/ability_services_pb.rb
@@ -1,22 +0,0 @@
-# Generated by the protocol buffer compiler. DO NOT EDIT!
-# Source: ability.proto for package 'authx'
-
-require 'grpc'
-require 'ability_pb'
-
-module Authx
- module Ability
- class Service
-
- include ::GRPC::GenericService
-
- self.marshal_class_method = :encode
- self.unmarshal_class_method = :decode
- self.service_name = 'authx.Ability'
-
- rpc :Allowed, ::Authx::AllowRequest, ::Authx::AllowReply
- end
-
- Stub = Service.rpc_stub_class
- end
-end
lib/ability_twirp.rb
@@ -1,15 +0,0 @@
-# Code generated by protoc-gen-twirp_ruby 1.11.0, DO NOT EDIT.
-require 'twirp'
-require_relative 'ability_pb.rb'
-
-module Authx
- class AbilityService < ::Twirp::Service
- package 'authx'
- service 'Ability'
- rpc :Allowed, AllowRequest, AllowReply, :ruby_method => :allowed
- end
-
- class AbilityClient < ::Twirp::Client
- client_for AbilityService
- end
-end
lib/authx.rb
@@ -0,0 +1,3 @@
+# frozen_string_literal: true
+
+require "authx/rpc"
protos/ability.proto
@@ -1,6 +1,6 @@
syntax = "proto3";
-package authx;
+package authx.rpc;
service Ability {
rpc Allowed (AllowRequest) returns (AllowReply) {}
callback
@@ -0,0 +1,8 @@
+{
+ "code": "a796c703-6b6f-4c27-b8a9-a1a462c2513a",
+ "state": "example",
+ "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI5OGRkNjljMi04NTZmLTQ5NzUtYWEwNi00MmZlODVlZDA2NGIiLCJpYXQiOjE3NDEyODYwNDN9.e30=",
+ "token_type": "Bearer",
+ "expires_in": 3600,
+ "refresh_token": "5f3ddb28457e4272eee6945d611406dcccb3d0223536e3db5466cb8217893ccf"
+}
\ No newline at end of file
magefile.go
@@ -57,8 +57,7 @@ func Api() error {
}
// Run the gRPC Server
-func Rpc(ctx context.Context) error {
- mg.CtxDeps(ctx, Protos)
+func Rpc() error {
env := map[string]string{
"PORT": "50051",
"HOST": "localhost",
@@ -79,13 +78,14 @@ func Browser() error {
// Generate gRPC from protocal buffers
func Protos() error {
files := x.Must(filepath.Glob("./protos/*.proto"))
+ outDir := "lib/authx/rpc"
for _, file := range files {
var err error
if err = sh.RunV(
"protoc",
"--proto_path=./protos",
- "--ruby_out=lib",
- "--twirp_ruby_out=lib",
+ "--ruby_out="+outDir,
+ "--twirp_ruby_out="+outDir,
file,
); err != nil {
return err
@@ -93,8 +93,8 @@ func Protos() error {
if err = sh.RunV(
"grpc_tools_ruby_protoc",
"--proto_path=./protos",
- "--ruby_out=lib",
- "--grpc_out=lib",
+ "--ruby_out="+outDir,
+ "--grpc_out="+outDir,
file,
); err != nil {
return err