62 lines
1.6 KiB
Go
62 lines
1.6 KiB
Go
package member
|
||
|
||
import (
|
||
"biz-member-gateway/internal/domain"
|
||
"biz-member-gateway/internal/svc"
|
||
"biz-member-gateway/internal/types"
|
||
"context"
|
||
|
||
"code.30cm.net/digimon/app-cloudep-permission-server/pkg/domain/token"
|
||
"code.30cm.net/digimon/library-go/errs"
|
||
"code.30cm.net/digimon/proto-all/pkg/permission"
|
||
|
||
"github.com/zeromicro/go-zero/core/logx"
|
||
)
|
||
|
||
type RefreshAccessTokenLogic struct {
|
||
logx.Logger
|
||
ctx context.Context
|
||
svcCtx *svc.ServiceContext
|
||
}
|
||
|
||
// NewRefreshAccessTokenLogic 更新 Access Token
|
||
func NewRefreshAccessTokenLogic(ctx context.Context, svcCtx *svc.ServiceContext) *RefreshAccessTokenLogic {
|
||
return &RefreshAccessTokenLogic{
|
||
Logger: logx.WithContext(ctx),
|
||
ctx: ctx,
|
||
svcCtx: svcCtx,
|
||
}
|
||
}
|
||
|
||
func (l *RefreshAccessTokenLogic) RefreshAccessToken(req *types.UpdateTokenReq) (*types.LoginTokenResp, error) {
|
||
data, err := l.svcCtx.TokenRPC.GetSystemClaimByAccessToken(l.ctx, &permission.GetSystemClaimReq{
|
||
AccessToken: req.Token,
|
||
IsExpired: false,
|
||
})
|
||
if err != nil {
|
||
return nil, err
|
||
}
|
||
|
||
uid := data.Data[token.UID.String()]
|
||
if uid != req.UID {
|
||
return nil, errs.Forbidden("failed to verify token user")
|
||
}
|
||
|
||
t, err := l.svcCtx.TokenRPC.RefreshToken(l.ctx, &permission.RefreshTokenReq{
|
||
Token: req.RefreshToken,
|
||
Scope: data.Data[token.Scope.String()],
|
||
Expires: 0, // 指定到期的時間,不給會交由底層給(token repo)
|
||
DeviceId: data.Data[token.Device.String()],
|
||
})
|
||
if err != nil {
|
||
return nil, err
|
||
}
|
||
|
||
return &types.LoginTokenResp{
|
||
UID: req.UID,
|
||
AccessToken: t.Token,
|
||
RefreshToken: t.OneTimeToken,
|
||
TokenType: domain.TokenTypeBearer,
|
||
}, nil
|
||
}
|