migrate tokens

Author: BeryJu

pkg/roles/api/auth/api_tokens.go

@@ -62,12 +62,11 @@ type APITokensPutOutput struct {
 
 func (ap *AuthProvider) APITokensPut() usecase.Interactor {
 	u := usecase.NewInteractor(func(ctx context.Context, input APITokensPutInput, output *APITokensPutOutput) error {
-		token := &Token{
+		token := &types.Token{
 			Key:      base64.RawStdEncoding.EncodeToString(securecookie.GenerateRandomKey(64)),
 			Username: input.Username,
-			ap:       ap,
 		}
-		err := token.put(ctx)
+		err := ap.putToken(token, ctx)
 		if err != nil {
 			return status.Wrap(err, status.Internal)
 		}

pkg/roles/api/auth/api_tokens_test.go

@@ -20,14 +20,14 @@ func TestAPITokensGet(t *testing.T) {
 	defer role.Stop()
 	prov := auth.NewAuthProvider(role, inst)
 
-	tests.PanicIfError(inst.KV().Put(
+	tests.PanicIfError(inst.KV().PutObj(
 		ctx,
 		inst.KV().Key(
 			types.KeyRole,
 			types.KeyTokens,
 			tests.RandomString(),
 		).String(),
-		tests.MustJSON(auth.Token{}),
+		&types.Token{},
 	))
 
 	var output auth.APITokensGetOutput
@@ -58,7 +58,7 @@ func TestAPITokensPut(t *testing.T) {
 			types.KeyTokens,
 			output.Key,
 		),
-		auth.Token{
+		&types.Token{
 			Username: name,
 		},
 	)
@@ -75,14 +75,14 @@ func TestAPITokensDelete(t *testing.T) {
 
 	name := tests.RandomString()
 
-	tests.PanicIfError(inst.KV().Put(
+	tests.PanicIfError(inst.KV().PutObj(
 		ctx,
 		inst.KV().Key(
 			types.KeyRole,
 			types.KeyTokens,
 			name,
 		).String(),
-		tests.MustJSON(auth.Token{}),
+		&types.Token{},
 	))
 
 	assert.NoError(t, prov.APITokensDelete().Interact(ctx, auth.APITokensDeleteInput{

pkg/roles/api/auth/first_start.go

@@ -7,6 +7,7 @@ import (
 
 	"beryju.io/gravity/pkg/extconfig"
 	"beryju.io/gravity/pkg/roles"
+	"beryju.io/gravity/pkg/roles/api/types"
 	"github.com/gorilla/securecookie"
 	"go.uber.org/zap"
 )
@@ -36,12 +37,11 @@ func (ap *AuthProvider) FirstStart(ev *roles.Event) {
 
 	token := os.Getenv("ADMIN_TOKEN")
 	if token != "" {
-		t := Token{
+		t := &types.Token{
 			Key:      token,
 			Username: username,
-			ap:       ap,
 		}
-		err := t.put(ev.Context)
+		err := ap.putToken(t, ev.Context)
 		if err != nil {
 			ap.log.Warn("failed to create bootstrap token", zap.Error(err))
 			return

pkg/roles/api/auth/token.go

@@ -2,7 +2,6 @@ package auth
 
 import (
 	"context"
-	"encoding/json"
 	"strings"
 
 	"beryju.io/gravity/pkg/roles/api/types"
@@ -15,39 +14,26 @@ const (
 	BearerType          = "bearer"
 )
 
-type Token struct {
-	ap  *AuthProvider
-	Key string `json:"-"`
-
-	Username string `json:"username"`
-}
-
-func (token *Token) put(ctx context.Context, opts ...clientv3.OpOption) error {
-	raw, err := json.Marshal(&token)
-	if err != nil {
-		return err
-	}
-	fullKey := token.ap.inst.KV().Key(
+func (ap *AuthProvider) putToken(t *types.Token, ctx context.Context, opts ...clientv3.OpOption) error {
+	fullKey := ap.inst.KV().Key(
 		types.KeyRole,
 		types.KeyTokens,
-		token.Key,
+		t.Key,
 	).String()
-	_, err = token.ap.inst.KV().Put(ctx, fullKey, string(raw), opts...)
+	_, err := ap.inst.KV().PutObj(ctx, fullKey, t, opts...)
 	return err
 }
 
-func (ap *AuthProvider) tokenFromKV(raw *mvccpb.KeyValue) (*Token, error) {
-	token := &Token{
-		ap: ap,
-	}
+func (ap *AuthProvider) tokenFromKV(raw *mvccpb.KeyValue) (*types.Token, error) {
+	token := &types.Token{}
 	prefix := ap.inst.KV().Key(
 		types.KeyRole,
 		types.KeyTokens,
 	).Prefix(true).String()
-	token.Key = strings.TrimPrefix(string(raw.Key), prefix)
-	err := json.Unmarshal(raw.Value, &token)
+	err := ap.inst.KV().Unmarshal(raw.Value, &token)
 	if err != nil {
 		return token, err
 	}
+	token.Key = strings.TrimPrefix(string(raw.Key), prefix)
 	return token, nil
 }

pkg/roles/api/role_migrations.go

@@ -2,7 +2,6 @@ package api
 
 import (
 	"context"
-	"encoding/json"
 	"net/http"
 	"strings"
 
@@ -30,15 +29,15 @@ func (r *Role) RegisterMigrations() {
 					shouldIntercept := res != nil && len(res.Kvs) > 0 && strings.HasPrefix(key, userPrefix)
 					// If we're fetching a user, intercept the response
 					if shouldIntercept {
-						u := map[string]interface{}{}
-						err := json.Unmarshal(res.Kvs[0].Value, &u)
+						u := map[string]any{}
+						err := r.i.KV().Unmarshal(res.Kvs[0].Value, &u)
 						if err != nil {
 							return res, nil
 						}
 						if _, set := u["permissions"]; !set {
 							u["permissions"] = defaultPerms
 						}
-						v, err := json.Marshal(u)
+						v, err := r.i.KV().Marshal(u)
 						if err != nil {
 							return res, nil
 						}

pkg/roles/api/types/role_api_token.pb.go

@@ -0,0 +1,8 @@
+syntax = "proto3";
+
+option go_package = "pkg/roles/api/types";
+
+message Token {
+    string key = 1;
+    string username = 2;
+}