|
@@ -176,7 +176,7 @@ func NewAuthWrapper(service micro.Service) server.HandlerWrapper {
|
|
|
// Fetch metadata from context (request headers).
|
|
|
md, b := metadata.FromContext(ctx)
|
|
|
if !b {
|
|
|
- return errorcode.Unauthorized("authorization service", common.ErrorMessage[common.UnauthorizedErrorCode])
|
|
|
+ return errorcode.Unauthorized("kubernetes service", common.ErrorMessage[common.UnauthorizedErrorCode])
|
|
|
// errors.New("no metadata found")
|
|
|
}
|
|
|
|
|
@@ -191,7 +191,7 @@ func NewAuthWrapper(service micro.Service) server.HandlerWrapper {
|
|
|
|
|
|
if !ok || !strings.HasPrefix(authHeader, auth.BearerScheme) {
|
|
|
logrus.Error("no auth token provided")
|
|
|
- return errorcode.Unauthorized("authorization service", common.ErrorMessage[common.UnauthorizedErrorCode])
|
|
|
+ return errorcode.Unauthorized("kubernetes service", common.ErrorMessage[common.UnauthorizedErrorCode])
|
|
|
}
|
|
|
|
|
|
// Extract auth token.
|
|
@@ -203,13 +203,13 @@ func NewAuthWrapper(service micro.Service) server.HandlerWrapper {
|
|
|
acc, err := a.Inspect(token)
|
|
|
fmt.Println("acc", acc)
|
|
|
if err != nil {
|
|
|
- return errorcode.Unauthorized("authorization service", common.ErrorMessage[common.TokenInvalidErrorCode])
|
|
|
+ return errorcode.Unauthorized("kubernetes service", common.ErrorMessage[common.TokenInvalidErrorCode])
|
|
|
}
|
|
|
|
|
|
// 校验redis 存储数据
|
|
|
blacklisted, err := authutil.JWTAuthService.IsBlacklisted(token)
|
|
|
if err == nil && blacklisted {
|
|
|
- return errorcode.Unauthorized("authorization service", common.ErrorMessage[common.ExpiredLonInAgainErrorCode])
|
|
|
+ return errorcode.Unauthorized("kubernetes service", common.ErrorMessage[common.ExpiredLonInAgainErrorCode])
|
|
|
}
|
|
|
|
|
|
// Create resource for current endpoint from request headers.
|
|
@@ -221,7 +221,7 @@ func NewAuthWrapper(service micro.Service) server.HandlerWrapper {
|
|
|
fmt.Println("acc.Scopes", acc.Scopes)
|
|
|
// Verify if account has access. 验证帐户是否具有访问权限。
|
|
|
if err = Verify(authutil.JWTAuthService.GetRuleItems(), acc, ¤tResource); err != nil {
|
|
|
- return errorcode.Unauthorized("authorization service", common.ErrorMessage[common.NoAccessErrorCode])
|
|
|
+ return errorcode.Unauthorized("kubernetes service", common.ErrorMessage[common.NoAccessErrorCode])
|
|
|
}
|
|
|
// 验证通过后记录操作日志x
|
|
|
logrus.Infof("User %s is performing operation %s body %v", acc.ID, req.Endpoint(), req.Body())
|