From 87036c6733b47126056d0cc72dc4011c8c7775cb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ren=C3=A9=20Jochum?= <rene@jochum.dev>
Date: Sun, 25 Sep 2022 21:45:07 +0200
Subject: [PATCH] Register RouterClientService.Routes within the client handler

---
 cmd/microrouterd/handler/handler.go |  1 -
 handler.go                          | 16 ++++++++++++++++
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/cmd/microrouterd/handler/handler.go b/cmd/microrouterd/handler/handler.go
index f652048..2d05071 100644
--- a/cmd/microrouterd/handler/handler.go
+++ b/cmd/microrouterd/handler/handler.go
@@ -225,7 +225,6 @@ func (h *Handler) Init(r *components.Registry, engine *gin.Engine, refreshSecond
 		endpointroles.WithLogrus(logruscomponent.MustReg(h.cReg).Logger()),
 	)
 	authVerifier.AddRules(
-		endpointroles.RouterRule,
 		endpointroles.NewRule(
 			endpointroles.Endpoint(routerserverpb.RouterServerService.Routes),
 			endpointroles.RolesAllow(auth2.RolesServiceAndAdmin),
diff --git a/handler.go b/handler.go
index 294ce6d..b59e242 100644
--- a/handler.go
+++ b/handler.go
@@ -8,7 +8,10 @@ import (
 	"github.com/urfave/cli/v2"
 	"go-micro.dev/v4/server"
 	"google.golang.org/protobuf/types/known/emptypb"
+	"jochum.dev/jo-micro/auth2"
+	"jochum.dev/jo-micro/auth2/plugins/verifier/endpointroles"
 	"jochum.dev/jo-micro/components"
+	"jochum.dev/jo-micro/logruscomponent"
 	"jochum.dev/jo-micro/router/internal/proto/routerclientpb"
 	"jochum.dev/jo-micro/router/internal/util"
 )
@@ -50,6 +53,19 @@ func (h *Handler) Init(r *components.Registry, cli *cli.Context) error {
 
 	h.routerURI = cli.String(fmt.Sprintf("%s_router_basepath", strings.ToLower(r.FlagPrefix())))
 
+	if _, err := r.Get(auth2.ClientAuthName); err != nil {
+		authVerifier := endpointroles.NewVerifier(
+			endpointroles.WithLogrus(logruscomponent.MustReg(r).Logger()),
+		)
+		authVerifier.AddRules(
+			endpointroles.NewRule(
+				endpointroles.Endpoint(routerclientpb.RouterClientService.Routes),
+				endpointroles.RolesAllow([]string{auth2.ROLE_SERVICE}),
+			),
+		)
+		auth2.ClientAuthMustReg(r).Plugin().AddVerifier(authVerifier)
+	}
+
 	h.RegisterWithServer(r.Service().Server())
 
 	h.initialized = true