package tokenservicelogic import ( "app-cloudep-permission-server/internal/domain" ers "code.30cm.net/digimon/library-go/errors" "context" "app-cloudep-permission-server/gen_result/pb/permission" "app-cloudep-permission-server/internal/svc" "github.com/zeromicro/go-zero/core/logx" ) type RefreshTokenLogic struct { ctx context.Context svcCtx *svc.ServiceContext logx.Logger } func NewRefreshTokenLogic(ctx context.Context, svcCtx *svc.ServiceContext) *RefreshTokenLogic { return &RefreshTokenLogic{ ctx: ctx, svcCtx: svcCtx, Logger: logx.WithContext(ctx), } } type refreshReq struct { RefreshToken string `json:"grant_type" validate:"required"` DeviceID string `json:"device_id" validate:"required"` Scope string `json:"scope" validate:"required"` } // RefreshToken 更新目前的token 以及裡面包含的一次性 Token func (l *RefreshTokenLogic) RefreshToken(in *permission.RefreshTokenReq) (*permission.RefreshTokenResp, error) { // 驗證所需 if err := l.svcCtx.Validate.ValidateAll(&refreshReq{ RefreshToken: in.GetToken(), Scope: in.GetScope(), DeviceID: in.GetDeviceId(), }); err != nil { return nil, ers.InvalidFormat(err.Error()) } // step 1 拿看看有沒有這個 refresh token token, err := l.svcCtx.TokenRedisRepo.GetAccessTokenByByOneTimeToken(l.ctx, in.Token) if err != nil { logx.WithCallerSkip(1).WithFields( logx.Field("func", "TokenRedisRepo.GetByRefresh"), logx.Field("req", in), ).Error(err.Error()) return nil, err } // 取得 Data c, err := parseClaims(token.AccessToken, l.svcCtx.Config.Token.Secret, false) if err != nil { logx.WithCallerSkip(1).WithFields( logx.Field("func", "parseClaims"), logx.Field("token", token), ).Error(err.Error()) return nil, err } // step 2 建立新 token nt, err := newToken(authorizationReq{ GrantType: domain.ClientCredentials, Scope: in.GetScope(), DeviceID: in.GetDeviceId(), Data: c, Expires: int(in.GetExpires()), IsRefreshToken: true, }, l.svcCtx.Config) if err != nil { logx.WithCallerSkip(1).WithFields( logx.Field("func", "newToken"), logx.Field("req", in), ).Error(err.Error()) return nil, err } // 刪除掉舊的 token err = l.svcCtx.TokenRedisRepo.Delete(l.ctx, token) if err != nil { logx.WithCallerSkip(1).WithFields( logx.Field("func", "TokenRedisRepo.Delete"), logx.Field("req", token), ).Error(err.Error()) return nil, err } err = l.svcCtx.TokenRedisRepo.Create(l.ctx, *nt) if err != nil { logx.WithCallerSkip(1).WithFields( logx.Field("func", "TokenRedisRepo.Create"), logx.Field("token", token), ).Error(err.Error()) return nil, err } return &permission.RefreshTokenResp{ Token: nt.AccessToken, OneTimeToken: nt.RefreshToken, ExpiresIn: int64(nt.ExpiresIn), TokenType: domain.TokenTypeBearer, }, nil }