Rename env vars MICRO_AUTH2_ -> AUTH2_
continuous-integration/drone/tag Build is passing Details

main v0.4.5
René Jochum 1 year ago
parent 3a923a8c18
commit b732cadc9b
Signed by: jochum
GPG Key ID: F7D906F5E51E8E5E

@ -34,24 +34,24 @@ MICRO_BROKER_ADDRESS=nats:4222
## Auth Server
# 1 hour
MICRO_AUTH2_JWT_ACCESS_EXPIRY=3600
AUTH2_JWT_ACCESS_EXPIRY=3600
# 86400*14
MICRO_AUTH2_JWT_REFRESH_EXPIRY=1209600
AUTH2_JWT_REFRESH_EXPIRY=1209600
## Log
LOG_LEVEL=debug
## Database
MICRO_AUTH2_DATABASE_DEBUG=true
MICRO_AUTH2_DATABASE_URL="postgres://postgres:RedactedPostgresPassword@postgresd:5432/auth?sslmode=disable"
MICRO_AUTH2_MIGRATIONS_DIR="./cmd/microauth2sqld/migrations"
AUTH2_DATABASE_DEBUG=true
AUTH2_DATABASE_URL="postgres://postgres:RedactedPostgresPassword@postgresd:5432/auth?sslmode=disable"
AUTH2_MIGRATIONS_DIR="./cmd/microauth2sqld/migrations"
## JWT
MICRO_AUTH2_JWT_AUDIENCE="https://lobby.wz2100.net,https://wz2100.net"
AUTH2_JWT_AUDIENCE="https://lobby.wz2100.net,https://wz2100.net"
# go.micro.auth Ed25519 JWT keys in PEM - generated using '/tmp/go-build3574312808/b001/exe/microauth2sqld --auth2_generate_keys'
MICRO_AUTH2_JWT_PRIV_KEY="LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1DNENBUUF3QlFZREsyVndCQ0lFSUcwQkt3elV6bnRMQXR2K1Ztb0xsYVV5ZlJBdm04SVpiY2dUMC9BZGdyekIKLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo="
MICRO_AUTH2_JWT_PUB_KEY="LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUNvd0JRWURLMlZ3QXlFQXB6V0Q5T29iWUUrMEYxbnI0MWlKL0VITC9veDZDT1NTeGlwZjh6c21IQlU9Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo="
MICRO_AUTH2_JWT_REFRESH_PRIV_KEY="LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1DNENBUUF3QlFZREsyVndCQ0lFSUJTVE1YTDVvUGxXWFg1azl6akpvWVVFdTJYWndkbjBvVWJRdjd6eHJIa3YKLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo="
MICRO_AUTH2_JWT_REFRESH_PUB_KEY="LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUNvd0JRWURLMlZ3QXlFQVRaWG4xWkt1Z3puTGVQdHNHUFFhbTVVS2d3K0ZCMGxudUxZYllQUnRxb1k9Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo="
AUTH2_JWT_PRIV_KEY="LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1DNENBUUF3QlFZREsyVndCQ0lFSUcwQkt3elV6bnRMQXR2K1Ztb0xsYVV5ZlJBdm04SVpiY2dUMC9BZGdyekIKLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo="
AUTH2_JWT_PUB_KEY="LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUNvd0JRWURLMlZ3QXlFQXB6V0Q5T29iWUUrMEYxbnI0MWlKL0VITC9veDZDT1NTeGlwZjh6c21IQlU9Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo="
AUTH2_JWT_REFRESH_PRIV_KEY="LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1DNENBUUF3QlFZREsyVndCQ0lFSUJTVE1YTDVvUGxXWFg1azl6akpvWVVFdTJYWndkbjBvVWJRdjd6eHJIa3YKLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo="
AUTH2_JWT_REFRESH_PUB_KEY="LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUNvd0JRWURLMlZ3QXlFQVRaWG4xWkt1Z3puTGVQdHNHUFFhbTVVS2d3K0ZCMGxudUxZYllQUnRxb1k9Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo="

@ -27,7 +27,7 @@ tasks:
volume:
run: "once"
cmds:
- podman volume inspect jo-micro_auth2_go 1>/dev/null 2>&1 || podman volume create jo-micro_auth2_go
- podman volume inspect jo-AUTH2_go 1>/dev/null 2>&1 || podman volume create jo-AUTH2_go
builder:
desc: Run something in the builder container for example "task builder -- go get -u ./..."
@ -39,7 +39,7 @@ tasks:
{{.DOCKER_ORG_JO_MICRO}}/builder:latest {{.CLI_ARGS}}
vars:
VOLUME_PATH:
sh: podman volume inspect jo-micro_auth2_go --format "{{"{{"}}.Mountpoint{{"}}"}}"
sh: podman volume inspect jo-AUTH2_go --format "{{"{{"}}.Mountpoint{{"}}"}}"
BUILD_MOUNT_FOLDER_INT:
sh: realpath {{.BUILD_MOUNT_FOLDER}}
preconditions:
@ -77,7 +77,7 @@ tasks:
.
vars:
VOLUME_PATH:
sh: podman volume inspect jo-micro_auth2_go --format "{{"{{"}}.Mountpoint{{"}}"}}"
sh: podman volume inspect jo-AUTH2_go --format "{{"{{"}}.Mountpoint{{"}}"}}"
BUILD_MOUNT_FOLDER_INT:
sh: realpath {{.BUILD_MOUNT_FOLDER}}
@ -115,7 +115,7 @@ tasks:
rm:
desc: Remove all persistent data
cmds:
- podman volume rm jo-micro_auth2_go || exit 0
- podman volume rm jo-AUTH2_go || exit 0
- podman image rm {{.DOCKER_ORG_JO_MICRO}}/auth2-sql:latest || exit 0
- rm -rf $PWD/.task

@ -31,7 +31,7 @@ import (
)
var (
ErrorNoKeys = errors.New("config MICRO_AUTH2_JWT_*_KEY or MICRO_AUTH2_JWT_REFRESH_*_KEY not given")
ErrorNoKeys = errors.New("config AUTH2_JWT_*_KEY or AUTH2_JWT_REFRESH_*_KEY not given")
)
func generateEd25519PEMKeyPair() (string, string, error) {
@ -117,7 +117,7 @@ func main() {
&cli.StringFlag{
Name: "auth2_sqld_router_basepath",
Usage: "Router basepath",
EnvVars: []string{"MICRO_AUTH2_SQLD_ROUTER_BASEPATH"},
EnvVars: []string{"AUTH2_SQLD_ROUTER_BASEPATH"},
Value: "auth",
},
@ -126,41 +126,41 @@ func main() {
&cli.StringFlag{
Name: "auth2_jwt_pub_key",
Usage: "Public access key PEM base64 encoded",
EnvVars: []string{"MICRO_AUTH2_JWT_PUB_KEY"},
EnvVars: []string{"AUTH2_JWT_PUB_KEY"},
},
&cli.StringFlag{
Name: "auth2_jwt_priv_key",
Usage: "Private access key PEM base64 encoded",
EnvVars: []string{"MICRO_AUTH2_JWT_PRIV_KEY"},
EnvVars: []string{"AUTH2_JWT_PRIV_KEY"},
},
&cli.StringFlag{
Name: "auth2_jwt_refresh_pub_key",
Usage: "Public refresh key PEM base64 encoded",
EnvVars: []string{"MICRO_AUTH2_JWT_REFRESH_PUB_KEY"},
EnvVars: []string{"AUTH2_JWT_REFRESH_PUB_KEY"},
},
&cli.StringFlag{
Name: "auth2_jwt_refresh_priv_key",
Usage: "Private refresh key PEM base64 encoded",
EnvVars: []string{"MICRO_AUTH2_JWT_REFRESH_PRIV_KEY"},
EnvVars: []string{"AUTH2_JWT_REFRESH_PRIV_KEY"},
},
// Token
&cli.Int64Flag{
Name: "auth2_jwt_refresh_expiry",
Usage: "Expire the refreshtoken after x seconds, default is one day",
EnvVars: []string{"MICRO_AUTH2_JWT_REFRESH_EXPIRY"},
EnvVars: []string{"AUTH2_JWT_REFRESH_EXPIRY"},
Value: 86400,
},
&cli.Int64Flag{
Name: "auth2_jwt_access_expiry",
Usage: "Expire the accesstoken after x seconds, default is 15 minutes",
EnvVars: []string{"MICRO_AUTH2_JWT_ACCESS_EXPIRY"},
EnvVars: []string{"AUTH2_JWT_ACCESS_EXPIRY"},
Value: 900,
},
&cli.StringSliceFlag{
Name: "auth2_jwt_audience",
Usage: "Add and expect this JWT audience",
EnvVars: []string{"MICRO_AUTH2_JWT_AUDIENCES"},
EnvVars: []string{"AUTH2_JWT_AUDIENCES"},
},
}
@ -231,10 +231,10 @@ func main() {
}
fmt.Printf("# go.micro.auth %s JWT keys in PEM - generated using '%s %s'\n", c.String("auth2_generate_format"), absPath, strings.Join(os.Args[1:len(os.Args)], " "))
fmt.Printf("MICRO_AUTH2_JWT_PRIV_KEY=\"%s\"\n", aPrivKey)
fmt.Printf("MICRO_AUTH2_JWT_PUB_KEY=\"%s\"\n", aPubKey)
fmt.Printf("MICRO_AUTH2_JWT_REFRESH_PRIV_KEY=\"%s\"\n", rPrivKey)
fmt.Printf("MICRO_AUTH2_JWT_REFRESH_PUB_KEY=\"%s\"\n", rPubKey)
fmt.Printf("AUTH2_JWT_PRIV_KEY=\"%s\"\n", aPrivKey)
fmt.Printf("AUTH2_JWT_PUB_KEY=\"%s\"\n", aPubKey)
fmt.Printf("AUTH2_JWT_REFRESH_PRIV_KEY=\"%s\"\n", rPrivKey)
fmt.Printf("AUTH2_JWT_REFRESH_PUB_KEY=\"%s\"\n", rPubKey)
os.Exit(0)
}
@ -295,17 +295,17 @@ func main() {
// Check the other handler cli arguments
if c.Int64("auth2_jwt_access_expiry") < 1 {
err := errors.New("MICRO_AUTH2_JWT_ACCESS_EXPIRY must be great than 0")
err := errors.New("AUTH2_JWT_ACCESS_EXPIRY must be great than 0")
logger.Fatal(err)
return err
}
if c.Int64("auth2_jwt_refresh_expiry") < 1 {
err := errors.New("MICRO_AUTH2_JWT_REFRESH_EXPIRY must be great than 0")
err := errors.New("AUTH2_JWT_REFRESH_EXPIRY must be great than 0")
logger.Fatal(err)
return err
}
if c.StringSlice("auth2_jwt_audience") == nil {
err := errors.New("MICRO_AUTH2_JWT_AUDIENCES must be given")
err := errors.New("AUTH2_JWT_AUDIENCES must be given")
logger.Fatal(err)
return err
}

@ -90,7 +90,7 @@ func (r *AuthRegistry[T]) Flags(c *components.Registry) []cli.Flag {
&cli.StringFlag{
Name: fmt.Sprintf("auth2_%s", r.kind),
Usage: fmt.Sprintf("Auth %s Plugin to use", r.kind),
EnvVars: []string{fmt.Sprintf("MICRO_AUTH2_%s", strings.ToUpper(r.kind))},
EnvVars: []string{fmt.Sprintf("AUTH2_%s", strings.ToUpper(r.kind))},
Value: "noop",
},
}
@ -116,7 +116,7 @@ func (r *AuthRegistry[T]) Init(c *components.Registry, cli *cli.Context) error {
plugin := cli.String(fmt.Sprintf("auth2_%s", r.kind))
m, ok := r.plugins[plugin]
if !ok {
return fmt.Errorf("unknown MICRO_AUTH2_%s plugin '%s'", strings.ToUpper(r.kind), plugin)
return fmt.Errorf("unknown AUTH2_%s plugin '%s'", strings.ToUpper(r.kind), plugin)
}
r.plugin = m

@ -42,17 +42,17 @@ services:
restart: ${DOCKER_RESTART}
image: ${DOCKER_ORG_JO_MICRO}/auth2-sql:latest
environment:
- MICRO_AUTH2_CLIENT=jwt
- MICRO_AUTH2_DATABASE_DEBUG=${MICRO_AUTH2_DATABASE_DEBUG}
- MICRO_AUTH2_DATABASE_URL=${MICRO_AUTH2_DATABASE_URL}
- MICRO_AUTH2_JWT_ACCESS_EXPIRY=${MICRO_AUTH2_JWT_ACCESS_EXPIRY}
- MICRO_AUTH2_JWT_AUDIENCES=${MICRO_AUTH2_JWT_AUDIENCES}
- MICRO_AUTH2_JWT_PRIV_KEY=${MICRO_AUTH2_JWT_PRIV_KEY}
- MICRO_AUTH2_JWT_PUB_KEY=${MICRO_AUTH2_JWT_PUB_KEY}
- MICRO_AUTH2_JWT_REFRESH_EXPIRY=${MICRO_AUTH2_JWT_REFRESH_EXPIRY}
- MICRO_AUTH2_JWT_REFRESH_PRIV_KEY=${MICRO_AUTH2_JWT_REFRESH_PRIV_KEY}
- MICRO_AUTH2_JWT_REFRESH_PUB_KEY=${MICRO_AUTH2_JWT_REFRESH_PUB_KEY}
- MICRO_AUTH2_LOG_LEVEL=${LOG_LEVEL}
- AUTH2_CLIENT=jwt
- AUTH2_DATABASE_DEBUG=${AUTH2_DATABASE_DEBUG}
- AUTH2_DATABASE_URL=${AUTH2_DATABASE_URL}
- AUTH2_JWT_ACCESS_EXPIRY=${AUTH2_JWT_ACCESS_EXPIRY}
- AUTH2_JWT_AUDIENCES=${AUTH2_JWT_AUDIENCES}
- AUTH2_JWT_PRIV_KEY=${AUTH2_JWT_PRIV_KEY}
- AUTH2_JWT_PUB_KEY=${AUTH2_JWT_PUB_KEY}
- AUTH2_JWT_REFRESH_EXPIRY=${AUTH2_JWT_REFRESH_EXPIRY}
- AUTH2_JWT_REFRESH_PRIV_KEY=${AUTH2_JWT_REFRESH_PRIV_KEY}
- AUTH2_JWT_REFRESH_PUB_KEY=${AUTH2_JWT_REFRESH_PUB_KEY}
- AUTH2_LOG_LEVEL=${LOG_LEVEL}
- MICRO_TRANSPORT=${MICRO_TRANSPORT}
- MICRO_REGISTRY=${MICRO_REGISTRY}
- MICRO_REGISTRY_ADDRESS=${MICRO_REGISTRY_ADDRESS}
@ -69,11 +69,11 @@ services:
restart: ${DOCKER_RESTART}
image: ${DOCKER_ORG_JO_MICRO}/router:latest
environment:
- MICRO_AUTH2_CLIENT=jwt
- MICRO_AUTH2_ROUTER=jwt
- MICRO_AUTH2_JWT_AUDIENCES=${MICRO_AUTH2_JWT_AUDIENCES}
- MICRO_AUTH2_JWT_PRIV_KEY=${MICRO_AUTH2_JWT_PRIV_KEY}
- MICRO_AUTH2_JWT_PUB_KEY=${MICRO_AUTH2_JWT_PUB_KEY}
- AUTH2_CLIENT=jwt
- AUTH2_ROUTER=jwt
- AUTH2_JWT_AUDIENCES=${AUTH2_JWT_AUDIENCES}
- AUTH2_JWT_PRIV_KEY=${AUTH2_JWT_PRIV_KEY}
- AUTH2_JWT_PUB_KEY=${AUTH2_JWT_PUB_KEY}
- MICRO_TRANSPORT=${MICRO_TRANSPORT}
- MICRO_REGISTRY=${MICRO_REGISTRY}
- MICRO_REGISTRY_ADDRESS=${MICRO_REGISTRY_ADDRESS}

@ -44,15 +44,15 @@ func (p *jwtPlugin) Flags(r *components.Registry) []cli.Flag {
&cli.StringFlag{
Name: "auth2_jwt_pub_key",
Usage: "Public key PEM base64 encoded for access keys",
EnvVars: []string{"MICRO_AUTH2_JWT_PUB_KEY"},
EnvVars: []string{"AUTH2_JWT_PUB_KEY"},
}, &cli.StringFlag{
Name: "auth2_jwt_priv_key",
Usage: "Private key PEM base64 encoded for access keys",
EnvVars: []string{"MICRO_AUTH2_JWT_PRIV_KEY"},
EnvVars: []string{"AUTH2_JWT_PRIV_KEY"},
}, &cli.StringSliceFlag{
Name: "auth2_jwt_audience",
Usage: "Add and expect this JWT audience",
EnvVars: []string{"MICRO_AUTH2_JWT_AUDIENCES"},
EnvVars: []string{"AUTH2_JWT_AUDIENCES"},
},
}
}
@ -63,7 +63,7 @@ func (p *jwtPlugin) Init(r *components.Registry, cli *cli.Context) error {
}
if cli.StringSlice("auth2_jwt_audience") == nil {
return errors.New("MICRO_AUTH2_JWT_AUDIENCES must be given")
return errors.New("AUTH2_JWT_AUDIENCES must be given")
}
pub, priv, err := sjwt.DecodeKeyPair(cli.String("auth2_jwt_pub_key"), cli.String("auth2_jwt_priv_key"))

@ -38,7 +38,7 @@ func (p *jwtPlugin) Flags(r *components.Registry) []cli.Flag {
&cli.StringFlag{
Name: "auth2_jwt_pub_key",
Usage: "Public key PEM base64 encoded",
EnvVars: []string{"MICRO_AUTH2_JWT_PUB_KEY"},
EnvVars: []string{"AUTH2_JWT_PUB_KEY"},
},
}
}

Loading…
Cancel
Save