generate/protobuf/permission.proto

@@ -118,7 +118,7 @@ message Tokens{
 // 跟 Token 相關的大小事，這次只回應錯誤，以及結果，不統一規範
 // 錯誤碼應該在 Biz GW 在做回應，另外我這邊取名字比較通用，
 // access_token -> token , refresh_token -> one_time_token
-service Token_Service {
+service TokenService {
   // NewToken 建立一個新的 Token，例如：AccessToken
   rpc NewToken(AuthorizationReq) returns(TokenResp);
   // RefreshToken 更新目前的token 以及裡面包含的一次性 Token

go.mod

@@ -0,0 +1,88 @@
+module ark-permission
+
+go 1.22.3
+
+require (
+	github.com/zeromicro/go-zero v1.7.0
+	google.golang.org/grpc v1.65.0
+	google.golang.org/protobuf v1.34.2
+)
+
+require (
+	github.com/beorn7/perks v1.0.1 // indirect
+	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
+	github.com/cespare/xxhash/v2 v2.3.0 // indirect
+	github.com/coreos/go-semver v0.3.1 // indirect
+	github.com/coreos/go-systemd/v22 v22.5.0 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
+	github.com/emicklei/go-restful/v3 v3.11.0 // indirect
+	github.com/fatih/color v1.17.0 // indirect
+	github.com/go-logr/logr v1.4.2 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
+	github.com/go-openapi/jsonpointer v0.19.6 // indirect
+	github.com/go-openapi/jsonreference v0.20.2 // indirect
+	github.com/go-openapi/swag v0.22.4 // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/golang/mock v1.6.0 // indirect
+	github.com/golang/protobuf v1.5.4 // indirect
+	github.com/google/gnostic-models v0.6.8 // indirect
+	github.com/google/go-cmp v0.6.0 // indirect
+	github.com/google/gofuzz v1.2.0 // indirect
+	github.com/google/uuid v1.6.0 // indirect
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 // indirect
+	github.com/josharian/intern v1.0.0 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/mailru/easyjson v0.7.7 // indirect
+	github.com/mattn/go-colorable v0.1.13 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/openzipkin/zipkin-go v0.4.3 // indirect
+	github.com/pelletier/go-toml/v2 v2.2.2 // indirect
+	github.com/prometheus/client_golang v1.19.1 // indirect
+	github.com/prometheus/client_model v0.5.0 // indirect
+	github.com/prometheus/common v0.48.0 // indirect
+	github.com/prometheus/procfs v0.12.0 // indirect
+	github.com/redis/go-redis/v9 v9.6.1 // indirect
+	github.com/spaolacci/murmur3 v1.1.0 // indirect
+	go.etcd.io/etcd/api/v3 v3.5.15 // indirect
+	go.etcd.io/etcd/client/pkg/v3 v3.5.15 // indirect
+	go.etcd.io/etcd/client/v3 v3.5.15 // indirect
+	go.opentelemetry.io/otel v1.24.0 // indirect
+	go.opentelemetry.io/otel/exporters/jaeger v1.17.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.24.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.24.0 // indirect
+	go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.24.0 // indirect
+	go.opentelemetry.io/otel/exporters/zipkin v1.24.0 // indirect
+	go.opentelemetry.io/otel/metric v1.24.0 // indirect
+	go.opentelemetry.io/otel/sdk v1.24.0 // indirect
+	go.opentelemetry.io/otel/trace v1.24.0 // indirect
+	go.opentelemetry.io/proto/otlp v1.3.1 // indirect
+	go.uber.org/atomic v1.10.0 // indirect
+	go.uber.org/automaxprocs v1.5.3 // indirect
+	go.uber.org/multierr v1.9.0 // indirect
+	go.uber.org/zap v1.24.0 // indirect
+	golang.org/x/net v0.27.0 // indirect
+	golang.org/x/oauth2 v0.20.0 // indirect
+	golang.org/x/sys v0.22.0 // indirect
+	golang.org/x/term v0.22.0 // indirect
+	golang.org/x/text v0.16.0 // indirect
+	golang.org/x/time v0.5.0 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20240711142825-46eb208f015d // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240701130421-f6361c86f094 // indirect
+	gopkg.in/inf.v0 v0.9.1 // indirect
+	gopkg.in/yaml.v2 v2.4.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+	k8s.io/api v0.29.3 // indirect
+	k8s.io/apimachinery v0.29.4 // indirect
+	k8s.io/client-go v0.29.3 // indirect
+	k8s.io/klog/v2 v2.110.1 // indirect
+	k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect
+	k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect
+	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
+	sigs.k8s.io/yaml v1.3.0 // indirect
+)

internal/config/config.go

@@ -0,0 +1,7 @@
+package config
+
+import "github.com/zeromicro/go-zero/zrpc"
+
+type Config struct {
+	zrpc.RpcServerConf
+}

internal/logic/cancel_one_time_token_logic.go

@@ -0,0 +1,31 @@
+package logic
+
+import (
+	"context"
+
+	"ark-permission/gen_result/pb/permission"
+	"ark-permission/internal/svc"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type CancelOneTimeTokenLogic struct {
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+	logx.Logger
+}
+
+func NewCancelOneTimeTokenLogic(ctx context.Context, svcCtx *svc.ServiceContext) *CancelOneTimeTokenLogic {
+	return &CancelOneTimeTokenLogic{
+		ctx:    ctx,
+		svcCtx: svcCtx,
+		Logger: logx.WithContext(ctx),
+	}
+}
+
+// CancelOneTimeToken 取消一次性使用
+func (l *CancelOneTimeTokenLogic) CancelOneTimeToken(in *permission.CreateOneTimeTokenReq) (*permission.CreateOneTimeTokenResp, error) {
+	// todo: add your logic here and delete this line
+
+	return &permission.CreateOneTimeTokenResp{}, nil
+}

internal/logic/cancel_token_by_device_i_d_logic.go

@@ -0,0 +1,31 @@
+package logic
+
+import (
+	"context"
+
+	"ark-permission/gen_result/pb/permission"
+	"ark-permission/internal/svc"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type CancelTokenByDeviceIDLogic struct {
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+	logx.Logger
+}
+
+func NewCancelTokenByDeviceIDLogic(ctx context.Context, svcCtx *svc.ServiceContext) *CancelTokenByDeviceIDLogic {
+	return &CancelTokenByDeviceIDLogic{
+		ctx:    ctx,
+		svcCtx: svcCtx,
+		Logger: logx.WithContext(ctx),
+	}
+}
+
+// CancelTokenByDeviceID 取消 Token
+func (l *CancelTokenByDeviceIDLogic) CancelTokenByDeviceID(in *permission.DoTokenByDeviceIDReq) (*permission.OKResp, error) {
+	// todo: add your logic here and delete this line
+
+	return &permission.OKResp{}, nil
+}

internal/logic/cancel_token_by_u_i_d_logic.go

@@ -0,0 +1,31 @@
+package logic
+
+import (
+	"context"
+
+	"ark-permission/gen_result/pb/permission"
+	"ark-permission/internal/svc"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type CancelTokenByUIDLogic struct {
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+	logx.Logger
+}
+
+func NewCancelTokenByUIDLogic(ctx context.Context, svcCtx *svc.ServiceContext) *CancelTokenByUIDLogic {
+	return &CancelTokenByUIDLogic{
+		ctx:    ctx,
+		svcCtx: svcCtx,
+		Logger: logx.WithContext(ctx),
+	}
+}
+
+// CancelTokenByUID 取消 Token (取消這個用戶從不同 Device 登入的所有 Token)，也包含他裡面的 One Time Toke
+func (l *CancelTokenByUIDLogic) CancelTokenByUID(in *permission.DoTokenByUIDReq) (*permission.OKResp, error) {
+	// todo: add your logic here and delete this line
+
+	return &permission.OKResp{}, nil
+}

internal/logic/cancel_token_logic.go

@@ -0,0 +1,31 @@
+package logic
+
+import (
+	"context"
+
+	"ark-permission/gen_result/pb/permission"
+	"ark-permission/internal/svc"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type CancelTokenLogic struct {
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+	logx.Logger
+}
+
+func NewCancelTokenLogic(ctx context.Context, svcCtx *svc.ServiceContext) *CancelTokenLogic {
+	return &CancelTokenLogic{
+		ctx:    ctx,
+		svcCtx: svcCtx,
+		Logger: logx.WithContext(ctx),
+	}
+}
+
+// CancelToken 取消 Token，也包含他裡面的 One Time Toke
+func (l *CancelTokenLogic) CancelToken(in *permission.CancelTokenReq) (*permission.OKResp, error) {
+	// todo: add your logic here and delete this line
+
+	return &permission.OKResp{}, nil
+}

internal/logic/get_user_tokens_by_device_i_d_logic.go

@@ -0,0 +1,31 @@
+package logic
+
+import (
+	"context"
+
+	"ark-permission/gen_result/pb/permission"
+	"ark-permission/internal/svc"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type GetUserTokensByDeviceIDLogic struct {
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+	logx.Logger
+}
+
+func NewGetUserTokensByDeviceIDLogic(ctx context.Context, svcCtx *svc.ServiceContext) *GetUserTokensByDeviceIDLogic {
+	return &GetUserTokensByDeviceIDLogic{
+		ctx:    ctx,
+		svcCtx: svcCtx,
+		Logger: logx.WithContext(ctx),
+	}
+}
+
+// GetUserTokensByDeviceIDs 取得目前所對應的 DeviceID 所存在的 Tokens
+func (l *GetUserTokensByDeviceIDLogic) GetUserTokensByDeviceID(in *permission.DoTokenByDeviceIDReq) (*permission.Tokens, error) {
+	// todo: add your logic here and delete this line
+
+	return &permission.Tokens{}, nil
+}

internal/logic/get_user_tokens_by_u_i_d_logic.go

@@ -0,0 +1,31 @@
+package logic
+
+import (
+	"context"
+
+	"ark-permission/gen_result/pb/permission"
+	"ark-permission/internal/svc"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type GetUserTokensByUIDLogic struct {
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+	logx.Logger
+}
+
+func NewGetUserTokensByUIDLogic(ctx context.Context, svcCtx *svc.ServiceContext) *GetUserTokensByUIDLogic {
+	return &GetUserTokensByUIDLogic{
+		ctx:    ctx,
+		svcCtx: svcCtx,
+		Logger: logx.WithContext(ctx),
+	}
+}
+
+// GetUserTokensByUID 取得目前所對應的 UID 所存在的 Tokens
+func (l *GetUserTokensByUIDLogic) GetUserTokensByUID(in *permission.DoTokenByUIDReq) (*permission.Tokens, error) {
+	// todo: add your logic here and delete this line
+
+	return &permission.Tokens{}, nil
+}

internal/logic/new_one_time_token_logic.go

@@ -0,0 +1,31 @@
+package logic
+
+import (
+	"context"
+
+	"ark-permission/gen_result/pb/permission"
+	"ark-permission/internal/svc"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type NewOneTimeTokenLogic struct {
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+	logx.Logger
+}
+
+func NewNewOneTimeTokenLogic(ctx context.Context, svcCtx *svc.ServiceContext) *NewOneTimeTokenLogic {
+	return &NewOneTimeTokenLogic{
+		ctx:    ctx,
+		svcCtx: svcCtx,
+		Logger: logx.WithContext(ctx),
+	}
+}
+
+// NewOneTimeToken 建立一次性使用，例如：RefreshToken
+func (l *NewOneTimeTokenLogic) NewOneTimeToken(in *permission.CreateOneTimeTokenReq) (*permission.CreateOneTimeTokenResp, error) {
+	// todo: add your logic here and delete this line
+
+	return &permission.CreateOneTimeTokenResp{}, nil
+}

internal/logic/new_token_logic.go

@@ -0,0 +1,31 @@
+package logic
+
+import (
+	"context"
+
+	"ark-permission/gen_result/pb/permission"
+	"ark-permission/internal/svc"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type NewTokenLogic struct {
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+	logx.Logger
+}
+
+func NewNewTokenLogic(ctx context.Context, svcCtx *svc.ServiceContext) *NewTokenLogic {
+	return &NewTokenLogic{
+		ctx:    ctx,
+		svcCtx: svcCtx,
+		Logger: logx.WithContext(ctx),
+	}
+}
+
+// NewToken 建立一個新的 Token，例如：AccessToken
+func (l *NewTokenLogic) NewToken(in *permission.AuthorizationReq) (*permission.TokenResp, error) {
+	// todo: add your logic here and delete this line
+
+	return &permission.TokenResp{}, nil
+}

internal/logic/refresh_token_logic.go

@@ -0,0 +1,31 @@
+package logic
+
+import (
+	"context"
+
+	"ark-permission/gen_result/pb/permission"
+	"ark-permission/internal/svc"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type RefreshTokenLogic struct {
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+	logx.Logger
+}
+
+func NewRefreshTokenLogic(ctx context.Context, svcCtx *svc.ServiceContext) *RefreshTokenLogic {
+	return &RefreshTokenLogic{
+		ctx:    ctx,
+		svcCtx: svcCtx,
+		Logger: logx.WithContext(ctx),
+	}
+}
+
+// RefreshToken 更新目前的token 以及裡面包含的一次性 Token
+func (l *RefreshTokenLogic) RefreshToken(in *permission.RefreshTokenReq) (*permission.RefreshTokenResp, error) {
+	// todo: add your logic here and delete this line
+
+	return &permission.RefreshTokenResp{}, nil
+}

internal/logic/validation_token_logic.go

@@ -0,0 +1,31 @@
+package logic
+
+import (
+	"context"
+
+	"ark-permission/gen_result/pb/permission"
+	"ark-permission/internal/svc"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type ValidationTokenLogic struct {
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+	logx.Logger
+}
+
+func NewValidationTokenLogic(ctx context.Context, svcCtx *svc.ServiceContext) *ValidationTokenLogic {
+	return &ValidationTokenLogic{
+		ctx:    ctx,
+		svcCtx: svcCtx,
+		Logger: logx.WithContext(ctx),
+	}
+}
+
+// ValidationToken 驗證這個 Token 有沒有效
+func (l *ValidationTokenLogic) ValidationToken(in *permission.ValidationTokenReq) (*permission.ValidationTokenResp, error) {
+	// todo: add your logic here and delete this line
+
+	return &permission.ValidationTokenResp{}, nil
+}

internal/server/token_service_server.go

@@ -0,0 +1,83 @@
+// Code generated by goctl. DO NOT EDIT.
+// Source: permission.proto
+
+package server
+
+import (
+	"context"
+
+	"ark-permission/gen_result/pb/permission"
+	"ark-permission/internal/logic"
+	"ark-permission/internal/svc"
+)
+
+type TokenServiceServer struct {
+	svcCtx *svc.ServiceContext
+	permission.UnimplementedTokenServiceServer
+}
+
+func NewTokenServiceServer(svcCtx *svc.ServiceContext) *TokenServiceServer {
+	return &TokenServiceServer{
+		svcCtx: svcCtx,
+	}
+}
+
+// NewToken 建立一個新的 Token，例如：AccessToken
+func (s *TokenServiceServer) NewToken(ctx context.Context, in *permission.AuthorizationReq) (*permission.TokenResp, error) {
+	l := logic.NewNewTokenLogic(ctx, s.svcCtx)
+	return l.NewToken(in)
+}
+
+// RefreshToken 更新目前的token 以及裡面包含的一次性 Token
+func (s *TokenServiceServer) RefreshToken(ctx context.Context, in *permission.RefreshTokenReq) (*permission.RefreshTokenResp, error) {
+	l := logic.NewRefreshTokenLogic(ctx, s.svcCtx)
+	return l.RefreshToken(in)
+}
+
+// CancelToken 取消 Token，也包含他裡面的 One Time Toke
+func (s *TokenServiceServer) CancelToken(ctx context.Context, in *permission.CancelTokenReq) (*permission.OKResp, error) {
+	l := logic.NewCancelTokenLogic(ctx, s.svcCtx)
+	return l.CancelToken(in)
+}
+
+// CancelTokenByUID 取消 Token (取消這個用戶從不同 Device 登入的所有 Token)，也包含他裡面的 One Time Toke
+func (s *TokenServiceServer) CancelTokenByUID(ctx context.Context, in *permission.DoTokenByUIDReq) (*permission.OKResp, error) {
+	l := logic.NewCancelTokenByUIDLogic(ctx, s.svcCtx)
+	return l.CancelTokenByUID(in)
+}
+
+// CancelTokenByDeviceID 取消 Token
+func (s *TokenServiceServer) CancelTokenByDeviceID(ctx context.Context, in *permission.DoTokenByDeviceIDReq) (*permission.OKResp, error) {
+	l := logic.NewCancelTokenByDeviceIDLogic(ctx, s.svcCtx)
+	return l.CancelTokenByDeviceID(in)
+}
+
+// ValidationToken 驗證這個 Token 有沒有效
+func (s *TokenServiceServer) ValidationToken(ctx context.Context, in *permission.ValidationTokenReq) (*permission.ValidationTokenResp, error) {
+	l := logic.NewValidationTokenLogic(ctx, s.svcCtx)
+	return l.ValidationToken(in)
+}
+
+// GetUserTokensByDeviceIDs 取得目前所對應的 DeviceID 所存在的 Tokens
+func (s *TokenServiceServer) GetUserTokensByDeviceID(ctx context.Context, in *permission.DoTokenByDeviceIDReq) (*permission.Tokens, error) {
+	l := logic.NewGetUserTokensByDeviceIDLogic(ctx, s.svcCtx)
+	return l.GetUserTokensByDeviceID(in)
+}
+
+// GetUserTokensByUID 取得目前所對應的 UID 所存在的 Tokens
+func (s *TokenServiceServer) GetUserTokensByUID(ctx context.Context, in *permission.DoTokenByUIDReq) (*permission.Tokens, error) {
+	l := logic.NewGetUserTokensByUIDLogic(ctx, s.svcCtx)
+	return l.GetUserTokensByUID(in)
+}
+
+// NewOneTimeToken 建立一次性使用，例如：RefreshToken
+func (s *TokenServiceServer) NewOneTimeToken(ctx context.Context, in *permission.CreateOneTimeTokenReq) (*permission.CreateOneTimeTokenResp, error) {
+	l := logic.NewNewOneTimeTokenLogic(ctx, s.svcCtx)
+	return l.NewOneTimeToken(in)
+}
+
+// CancelOneTimeToken 取消一次性使用
+func (s *TokenServiceServer) CancelOneTimeToken(ctx context.Context, in *permission.CreateOneTimeTokenReq) (*permission.CreateOneTimeTokenResp, error) {
+	l := logic.NewCancelOneTimeTokenLogic(ctx, s.svcCtx)
+	return l.CancelOneTimeToken(in)
+}

internal/svc/service_context.go

@@ -0,0 +1,13 @@
+package svc
+
+import "ark-permission/internal/config"
+
+type ServiceContext struct {
+	Config config.Config
+}
+
+func NewServiceContext(c config.Config) *ServiceContext {
+	return &ServiceContext{
+		Config: c,
+	}
+}

permission.go

@@ -0,0 +1,39 @@
+package main
+
+import (
+	"flag"
+	"fmt"
+
+	"ark-permission/gen_result/pb/permission"
+	"ark-permission/internal/config"
+	"ark-permission/internal/server"
+	"ark-permission/internal/svc"
+
+	"github.com/zeromicro/go-zero/core/conf"
+	"github.com/zeromicro/go-zero/core/service"
+	"github.com/zeromicro/go-zero/zrpc"
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/reflection"
+)
+
+var configFile = flag.String("f", "etc/permission.yaml", "the config file")
+
+func main() {
+	flag.Parse()
+
+	var c config.Config
+	conf.MustLoad(*configFile, &c)
+	ctx := svc.NewServiceContext(c)
+
+	s := zrpc.MustNewServer(c.RpcServerConf, func(grpcServer *grpc.Server) {
+		permission.RegisterTokenServiceServer(grpcServer, server.NewTokenServiceServer(ctx))
+
+		if c.Mode == service.DevMode || c.Mode == service.TestMode {
+			reflection.Register(grpcServer)
+		}
+	})
+	defer s.Stop()
+
+	fmt.Printf("Starting rpc server at %s...\n", c.ListenOn)
+	s.Start()
+}

tokenservice/token_service.go

@@ -0,0 +1,123 @@
+// Code generated by goctl. DO NOT EDIT.
+// Source: permission.proto
+
+package tokenservice
+
+import (
+	"context"
+
+	"ark-permission/gen_result/pb/permission"
+
+	"github.com/zeromicro/go-zero/zrpc"
+	"google.golang.org/grpc"
+)
+
+type (
+	AuthorizationReq       = permission.AuthorizationReq
+	CancelTokenReq         = permission.CancelTokenReq
+	CreateOneTimeTokenReq  = permission.CreateOneTimeTokenReq
+	CreateOneTimeTokenResp = permission.CreateOneTimeTokenResp
+	DoTokenByDeviceIDReq   = permission.DoTokenByDeviceIDReq
+	DoTokenByUIDReq        = permission.DoTokenByUIDReq
+	OKResp                 = permission.OKResp
+	RefreshTokenReq        = permission.RefreshTokenReq
+	RefreshTokenResp       = permission.RefreshTokenResp
+	Token                  = permission.Token
+	TokenResp              = permission.TokenResp
+	Tokens                 = permission.Tokens
+	ValidationTokenReq     = permission.ValidationTokenReq
+	ValidationTokenResp    = permission.ValidationTokenResp
+
+	TokenService interface {
+		// NewToken 建立一個新的 Token，例如：AccessToken
+		NewToken(ctx context.Context, in *AuthorizationReq, opts ...grpc.CallOption) (*TokenResp, error)
+		// RefreshToken 更新目前的token 以及裡面包含的一次性 Token
+		RefreshToken(ctx context.Context, in *RefreshTokenReq, opts ...grpc.CallOption) (*RefreshTokenResp, error)
+		// CancelToken 取消 Token，也包含他裡面的 One Time Toke
+		CancelToken(ctx context.Context, in *CancelTokenReq, opts ...grpc.CallOption) (*OKResp, error)
+		// CancelTokenByUID 取消 Token (取消這個用戶從不同 Device 登入的所有 Token)，也包含他裡面的 One Time Toke
+		CancelTokenByUID(ctx context.Context, in *DoTokenByUIDReq, opts ...grpc.CallOption) (*OKResp, error)
+		// CancelTokenByDeviceID 取消 Token
+		CancelTokenByDeviceID(ctx context.Context, in *DoTokenByDeviceIDReq, opts ...grpc.CallOption) (*OKResp, error)
+		// ValidationToken 驗證這個 Token 有沒有效
+		ValidationToken(ctx context.Context, in *ValidationTokenReq, opts ...grpc.CallOption) (*ValidationTokenResp, error)
+		// GetUserTokensByDeviceIDs 取得目前所對應的 DeviceID 所存在的 Tokens
+		GetUserTokensByDeviceID(ctx context.Context, in *DoTokenByDeviceIDReq, opts ...grpc.CallOption) (*Tokens, error)
+		// GetUserTokensByUID 取得目前所對應的 UID 所存在的 Tokens
+		GetUserTokensByUID(ctx context.Context, in *DoTokenByUIDReq, opts ...grpc.CallOption) (*Tokens, error)
+		// NewOneTimeToken 建立一次性使用，例如：RefreshToken
+		NewOneTimeToken(ctx context.Context, in *CreateOneTimeTokenReq, opts ...grpc.CallOption) (*CreateOneTimeTokenResp, error)
+		// CancelOneTimeToken 取消一次性使用
+		CancelOneTimeToken(ctx context.Context, in *CreateOneTimeTokenReq, opts ...grpc.CallOption) (*CreateOneTimeTokenResp, error)
+	}
+
+	defaultTokenService struct {
+		cli zrpc.Client
+	}
+)
+
+func NewTokenService(cli zrpc.Client) TokenService {
+	return &defaultTokenService{
+		cli: cli,
+	}
+}
+
+// NewToken 建立一個新的 Token，例如：AccessToken
+func (m *defaultTokenService) NewToken(ctx context.Context, in *AuthorizationReq, opts ...grpc.CallOption) (*TokenResp, error) {
+	client := permission.NewTokenServiceClient(m.cli.Conn())
+	return client.NewToken(ctx, in, opts...)
+}
+
+// RefreshToken 更新目前的token 以及裡面包含的一次性 Token
+func (m *defaultTokenService) RefreshToken(ctx context.Context, in *RefreshTokenReq, opts ...grpc.CallOption) (*RefreshTokenResp, error) {
+	client := permission.NewTokenServiceClient(m.cli.Conn())
+	return client.RefreshToken(ctx, in, opts...)
+}
+
+// CancelToken 取消 Token，也包含他裡面的 One Time Toke
+func (m *defaultTokenService) CancelToken(ctx context.Context, in *CancelTokenReq, opts ...grpc.CallOption) (*OKResp, error) {
+	client := permission.NewTokenServiceClient(m.cli.Conn())
+	return client.CancelToken(ctx, in, opts...)
+}
+
+// CancelTokenByUID 取消 Token (取消這個用戶從不同 Device 登入的所有 Token)，也包含他裡面的 One Time Toke
+func (m *defaultTokenService) CancelTokenByUID(ctx context.Context, in *DoTokenByUIDReq, opts ...grpc.CallOption) (*OKResp, error) {
+	client := permission.NewTokenServiceClient(m.cli.Conn())
+	return client.CancelTokenByUID(ctx, in, opts...)
+}
+
+// CancelTokenByDeviceID 取消 Token
+func (m *defaultTokenService) CancelTokenByDeviceID(ctx context.Context, in *DoTokenByDeviceIDReq, opts ...grpc.CallOption) (*OKResp, error) {
+	client := permission.NewTokenServiceClient(m.cli.Conn())
+	return client.CancelTokenByDeviceID(ctx, in, opts...)
+}
+
+// ValidationToken 驗證這個 Token 有沒有效
+func (m *defaultTokenService) ValidationToken(ctx context.Context, in *ValidationTokenReq, opts ...grpc.CallOption) (*ValidationTokenResp, error) {
+	client := permission.NewTokenServiceClient(m.cli.Conn())
+	return client.ValidationToken(ctx, in, opts...)
+}
+
+// GetUserTokensByDeviceIDs 取得目前所對應的 DeviceID 所存在的 Tokens
+func (m *defaultTokenService) GetUserTokensByDeviceID(ctx context.Context, in *DoTokenByDeviceIDReq, opts ...grpc.CallOption) (*Tokens, error) {
+	client := permission.NewTokenServiceClient(m.cli.Conn())
+	return client.GetUserTokensByDeviceID(ctx, in, opts...)
+}
+
+// GetUserTokensByUID 取得目前所對應的 UID 所存在的 Tokens
+func (m *defaultTokenService) GetUserTokensByUID(ctx context.Context, in *DoTokenByUIDReq, opts ...grpc.CallOption) (*Tokens, error) {
+	client := permission.NewTokenServiceClient(m.cli.Conn())
+	return client.GetUserTokensByUID(ctx, in, opts...)
+}
+
+// NewOneTimeToken 建立一次性使用，例如：RefreshToken
+func (m *defaultTokenService) NewOneTimeToken(ctx context.Context, in *CreateOneTimeTokenReq, opts ...grpc.CallOption) (*CreateOneTimeTokenResp, error) {
+	client := permission.NewTokenServiceClient(m.cli.Conn())
+	return client.NewOneTimeToken(ctx, in, opts...)
+}
+
+// CancelOneTimeToken 取消一次性使用
+func (m *defaultTokenService) CancelOneTimeToken(ctx context.Context, in *CreateOneTimeTokenReq, opts ...grpc.CallOption) (*CreateOneTimeTokenResp, error) {
+	client := permission.NewTokenServiceClient(m.cli.Conn())
+	return client.CancelOneTimeToken(ctx, in, opts...)
+}