Merge pull request #155 from askuy/feature/ssoexpirein

support redis parent access expiration option
gotomicro · Nov 13, 2021 · 3bd9cb6 · 3bd9cb6
2 parents 4c9fee5 + f7984a1
commit 3bd9cb6
Show file tree

Hide file tree

Showing 4 changed files with 15 additions and 11 deletions.
diff --git a/eoauth2/storage/redisstorage/config.go b/eoauth2/storage/redisstorage/config.go
@@ -11,6 +11,8 @@ import (
 )
 
 type config struct {
+	parentAccessExpiration int64 // 父亲节点token
+
 	/*
 		    hashmap
 			key: sso:uid:{uid}
@@ -49,6 +51,7 @@ func defaultConfig() *config {
 		uidMapParentTokenKey:      "sso:uid:%d", // uid map parent token type
 		parentTokenMapSubTokenKey: "sso:ptk:%s", //  parent token map
 		subTokenMapParentTokenKey: "sso:stk:%s", // sub token map parent token
+		parentAccessExpiration:    24 * 3600,
 	}
 }
 
@@ -178,7 +181,6 @@ func (p *parentToken) create(ctx context.Context, pToken dto.Token, userInfo *dt
 	return nil
 }
 
-
 func (p *parentToken) renew(ctx context.Context, pToken dto.Token) error {
 	tokenStr, err := pToken.Marshal()
 	if err != nil {
@@ -193,8 +195,6 @@ func (p *parentToken) renew(ctx context.Context, pToken dto.Token) error {
 	return nil
 }
 
-
-
 func (p *parentToken) delete(ctx context.Context, pToken string) error {
 	_, err := p.redis.Del(ctx, p.getKey(pToken))
 	if err != nil {

diff --git a/eoauth2/storage/redisstorage/storage.go b/eoauth2/storage/redisstorage/storage.go
@@ -25,7 +25,7 @@ type Storage struct {
 	config      *config
 }
 
-// NewStorage returns a new mysql Storage instance.
+// NewStorage returns a new redis Storage instance.
 func NewStorage(db *egorm.Component, redis *eredis.Component, logger *elog.Component, options ...Option) *Storage {
 	container := &Storage{
 		db:     db,
@@ -251,7 +251,7 @@ func (s *Storage) SaveAccess(ctx context.Context, data *server.AccessData) (err
 	err = s.tokenServer.createToken(ctx, data.Client.GetId(), dto.Token{
 		Token:     data.AccessToken,
 		AuthAt:    time.Now().Unix(),
-		ExpiresIn: DefaultTokenExpireIn,
+		ExpiresIn: s.config.parentAccessExpiration,
 	}, pToken.Token)
 	if err != nil {
 		tx.Rollback()

diff --git a/eoauth2/storage/redisstorage/storage_option.go b/eoauth2/storage/redisstorage/storage_option.go
@@ -19,3 +19,9 @@ func WithSubTokenMapParentTokenKey(key string) Option {
 		c.config.subTokenMapParentTokenKey = key
 	}
 }
+
+func WithParentAccessExpiration(key int64) Option {
+	return func(c *Storage) {
+		c.config.parentAccessExpiration = key
+	}
+}
diff --git a/eoauth2/storage/redisstorage/token.go b/eoauth2/storage/redisstorage/token.go
@@ -14,8 +14,6 @@ import (
 )
 
 const (
-	DefaultTokenExpireIn = 24 * 60 * 60
-
 	tokenRefreshLockPrefix = "ssoTokenRefreshLock:%s"
 	newTokenKeyPrefix      = "ssoNewToken:%s"
 )
@@ -25,10 +23,12 @@ type tokenServer struct {
 	uidMapParentToken *uidMapParentToken
 	parentToken       *parentToken
 	subToken          *subToken
+	config            *config
 }
 
 func initTokenServer(config *config, redis *eredis.Component) *tokenServer {
 	return &tokenServer{
+		config:            config,
 		redis:             redis,
 		uidMapParentToken: newUidMapParentToken(config, redis),
 		parentToken:       newParentToken(config, redis),
@@ -50,15 +50,13 @@ func (t *tokenServer) createParentToken(ctx context.Context, pToken dto.Token, u
 
 func (t *tokenServer) renewParentToken(ctx context.Context, pToken dto.Token) (err error) {
 	// 1 设置uid 到 parent token关系
-	err = t.parentToken.renew(ctx,pToken)
+	err = t.parentToken.renew(ctx, pToken)
 	if err != nil {
 		return fmt.Errorf("token.createParentToken: create token map failed, err:%w", err)
 	}
 	return nil
 }
 
-
-
 func (t *tokenServer) createToken(ctx context.Context, clientId string, token dto.Token, pToken string) (err error) {
 	err = t.parentToken.setToken(ctx, pToken, clientId, token)
 	if err != nil {
@@ -132,7 +130,7 @@ func (t *tokenServer) refreshToken(ctx context.Context, clientId string, pToken
 	}
 	// re-generate token
 	{
-		genNewToken = dto.NewToken(DefaultTokenExpireIn)
+		genNewToken = dto.NewToken(t.config.parentAccessExpiration)
 		tk = &genNewToken
 		err = t.createToken(ctx, clientId, genNewToken, pToken)
 		if err != nil {