-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathclaims.go
146 lines (122 loc) · 3.34 KB
/
claims.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
package clccam
import (
"fmt"
"os"
"time"
humanize "github.com/dustin/go-humanize"
"github.com/grrtrr/clccam/logger"
"github.com/olekukonko/tablewriter"
uuid "github.com/satori/go.uuid"
)
// Claims contains a subset of the fields contained in a CAM OAuth Bearer Token payload.
type Claims struct {
/*
* 1) Fields common to both types of token:
*/
// Token Type: one of "user" or "service"
Type string `json:"type"`
// Unix expiration time/date
Exp int64 `json:"exp"`
// Unix time/date of issuing the token.
Iat int64 `json:"iat"`
// Unique token ID
Jti uuid.UUID `json:"jti"`
/*
* 2) Fields specific to 'user' type tokens:
*/
// The unique CAM username
Subject string `json:"sub,omitempty"`
// Name field (seems to be internal for full name)
Name string `json:"name,omitempty"`
// Organization name (e.g. "centurylink")
Organization string `json:"organization,omitempty"`
/*
* 2) Fields specific to 'service' type tokens:
*/
// Instance Id (e.g. "i-z48wub")
InstanceId string `json:"instance,omitempty"`
// Service Id (e.g. "eb-1cm83")
ServiceId string `json:"service,omitempty"`
// Machine Id (e.g. "cms1-eb-e775t-1")
MachineId string `json:"machine,omitempty"`
}
// Expired returns true if @c is already expired.
func (c *Claims) Expired() bool {
return !c.IsPermanent() && time.Since(c.Expires()) > 0
}
// IsPermanent returns true if @c has a zero expiry date.
func (c *Claims) IsPermanent() bool {
return c.Exp == 0
}
// Expires returns the expiration time.
func (c *Claims) Expires() time.Time {
if c == nil || c.Exp == 0 {
return time.Time{} // ensure that Expires().IsZero() returns true
}
return time.Unix(c.Exp, 0)
}
// Issued returns the issue time
func (c *Claims) Issued() time.Time {
if c == nil {
return time.Time{}
}
return time.Unix(c.Iat, 0)
}
func (c Claims) String() string {
var s string
switch c.Type {
case "user":
s = fmt.Sprintf("CAM user token for %q (%s at %s)", c.Subject, c.Name, c.Organization)
case "service":
s = fmt.Sprintf("CAM token for service %s on %s/%s", c.ServiceId, c.InstanceId, c.MachineId)
default:
s = fmt.Sprintf("CAM %s token", c.Type)
}
if exp := c.Expires(); c.IsPermanent() {
s = "Permanent " + s
} else {
if c.Expired() {
s += fmt.Sprintf(", expired %s", humanize.Time(exp))
} else {
s += fmt.Sprintf(", expires %s", humanize.Time(exp))
}
}
return s
}
// DumpToStdout prints a representation of @cl to stdout.
func (c Claims) DumpToStdout() {
const timeFmt = `Mon Jan _2 15:04:05 MST 2006`
var (
table = tablewriter.NewWriter(os.Stdout)
exp = time.Unix(c.Exp, 0).Format(timeFmt)
)
if c.IsPermanent() {
exp = "never (permanent token)"
}
table.SetAutoFormatHeaders(false)
table.SetAutoWrapText(false)
table.SetHeader([]string{"Field", "Token Value"})
table.AppendBulk([][]string{
[]string{"exp", exp},
[]string{"iat", time.Unix(c.Iat, 0).Format(timeFmt)},
[]string{"jti", c.Jti.String()},
})
switch c.Type {
case "user":
table.AppendBulk([][]string{
[]string{"sub", c.Subject},
[]string{"name", c.Name},
[]string{"organization", c.Organization},
})
case "service":
table.AppendBulk([][]string{
[]string{"instance", c.InstanceId},
[]string{"machine", c.MachineId},
[]string{"service", c.ServiceId},
})
default:
logger.Fatalf("unexpected token type %q", c.Type)
}
fmt.Printf("%s:\n", c)
table.Render()
}