NOISSUE - Invitation Service Auth Helper (absmach#28)

* feat(auth): Add invitationkey Add InvitationKey to auth key types and set expiration duration * feat(auth): Add support for InvitationKey in Identify function This commit adds support for the InvitationKey type in the Identify function of the auth service. Now, when the key type is either RecoveryKey, AccessKey, or InvitationKey, the key's subject will be returned. This allows for identifying users with an invitation key. Signed-off-by: Rodney Osodo <28790446+rodneyosodo@users.noreply.github.com> --------- Signed-off-by: Rodney Osodo <28790446+rodneyosodo@users.noreply.github.com>
arvindh123 · Nov 14, 2023 · 41176e8 · 41176e8
1 parent 4b5f06b
commit 41176e8
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 6 deletions.
diff --git a/auth/api/grpc/requests.go b/auth/api/grpc/requests.go
@@ -28,7 +28,8 @@ type issueReq struct {
 func (req issueReq) validate() error {
 	if req.keyType != auth.AccessKey &&
 		req.keyType != auth.APIKey &&
-		req.keyType != auth.RecoveryKey {
+		req.keyType != auth.RecoveryKey &&
+		req.keyType != auth.InvitationKey {
 		return apiutil.ErrInvalidAuthKey
 	}
 

diff --git a/auth/keys.go b/auth/keys.go
@@ -39,6 +39,8 @@ const (
 	RecoveryKey
 	// APIKey enables the one to act on behalf of the user.
 	APIKey
+	// InvitationKey is a key for inviting new users.
+	InvitationKey
 )
 
 func (kt KeyType) String() string {

diff --git a/auth/service.go b/auth/service.go
@@ -13,10 +13,12 @@ import (
 )
 
 const (
-	recoveryDuration = 5 * time.Minute
-	thingsKind       = "things"
-	channelsKind     = "channels"
-	usersKind        = "users"
+	recoveryDuration   = 5 * time.Minute
+	invitationDuration = 24 * time.Hour
+
+	thingsKind   = "things"
+	channelsKind = "channels"
+	usersKind    = "users"
 
 	thingType   = "thing"
 	channelType = "channel"
@@ -124,6 +126,8 @@ func (svc service) Issue(ctx context.Context, token string, key Key) (Token, err
 		return svc.refreshKey(ctx, token, key)
 	case RecoveryKey:
 		return svc.tmpKey(recoveryDuration, key)
+	case InvitationKey:
+		return svc.tmpKey(invitationDuration, key)
 	default:
 		return svc.accessKey(key)
 	}
@@ -160,7 +164,7 @@ func (svc service) Identify(ctx context.Context, token string) (string, error) {
 	}
 
 	switch key.Type {
-	case RecoveryKey, AccessKey:
+	case RecoveryKey, AccessKey, InvitationKey:
 		return key.Subject, nil
 	case APIKey:
 		_, err := svc.keys.Retrieve(ctx, key.Issuer, key.ID)
@@ -312,6 +316,7 @@ func (svc service) CountSubjects(ctx context.Context, pr PolicyReq) (int, error)
 }
 
 func (svc service) tmpKey(duration time.Duration, key Key) (Token, error) {
+	key.ExpiresAt = time.Now().Add(duration)
 	value, err := svc.tokenizer.Issue(key)
 	if err != nil {
 		return Token{}, errors.Wrap(errIssueTmp, err)