Cutlery/Kyoo
1
0
Fork 0
mirror of https://github.com/zoriya/Kyoo.git synced 2026-02-25 12:40:03 -05:00
Code Issues Packages Projects Releases Wiki Activity

auth: echo v5 update

Browse Source
This commit is contained in:
Arlan Lloyd 2026-02-21 06:25:27 +00:00
parent cbc3388ba9
commit ba9a5d29f6
10 changed files with 95 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
auth/apikey.go
View File

@ -13,7 +13,7 @@ import (
"github.com/google/uuid"
"github.com/jackc/pgerrcode"
"github.com/jackc/pgx/v5"
"github.com/labstack/echo/v4"
"github.com/labstack/echo/v5"
"github.com/zoriya/kyoo/keibi/dbc"
)
@ -59,7 +59,7 @@ func MapDbKey(key *dbc.Apikey) ApiKeyWToken {
// @Failure 409 {object} KError "Duplicated api key"
// @Failure 422 {object} KError "Invalid create body"
// @Router /keys [post]
func (h *Handler) CreateApiKey(c echo.Context) error {
func (h *Handler) CreateApiKey(c *echo.Context) error {
ctx := c.Request().Context()
err := CheckPermissions(c, []string{"apikeys.write"})
if err != nil {
@ -123,7 +123,7 @@ func (h *Handler) CreateApiKey(c echo.Context) error {
// @Failure 404 {object} KError "Invalid id"
// @Failure 422 {object} KError "Invalid id format"
// @Router /keys [delete]
func (h *Handler) DeleteApiKey(c echo.Context) error {
func (h *Handler) DeleteApiKey(c *echo.Context) error {
ctx := c.Request().Context()
err := CheckPermissions(c, []string{"apikeys.write"})
if err != nil {
@ -152,7 +152,7 @@ func (h *Handler) DeleteApiKey(c echo.Context) error {
// @Security Jwt[apikeys.read]
// @Success 200 {object} Page[ApiKey]
// @Router /keys [get]
func (h *Handler) ListApiKey(c echo.Context) error {
func (h *Handler) ListApiKey(c *echo.Context) error {
ctx := c.Request().Context()
err := CheckPermissions(c, []string{"apikeys.read"})
if err != nil {

22
auth/go.mod
View File

@ -1,6 +1,6 @@
module github.com/zoriya/kyoo/keibi
go 1.24.0
go 1.25.0
toolchain go1.26.0
@ -10,13 +10,13 @@ require (
github.com/golang-jwt/jwt/v5 v5.3.1
github.com/google/uuid v1.6.0
github.com/jackc/pgx/v5 v5.8.0
github.com/labstack/echo-jwt/v4 v4.4.0
github.com/labstack/echo/v4 v4.15.0
github.com/labstack/echo-jwt/v5 v5.0.1
github.com/labstack/echo-opentelemetry v0.0.1
github.com/labstack/echo/v5 v5.0.4
github.com/lestrrat-go/jwx/v3 v3.0.13
github.com/swaggo/echo-swagger v1.4.1
github.com/swaggo/echo-swagger v1.5.0
github.com/swaggo/swag v1.16.6
go.opentelemetry.io/contrib/bridges/otelslog v0.15.0
go.opentelemetry.io/contrib/instrumentation/github.com/labstack/echo/otelecho v0.65.0
go.opentelemetry.io/otel v1.40.0
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.16.0
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.16.0
@ -48,8 +48,12 @@ require (
github.com/lestrrat-go/httpcc v1.0.1 // indirect
github.com/lestrrat-go/httprc/v3 v3.0.3 // indirect
github.com/lestrrat-go/option/v2 v2.0.0 // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/segmentio/asm v1.2.1 // indirect
github.com/sv-tools/openapi v0.2.1 // indirect
github.com/swaggo/swag/v2 v2.0.0-rc4 // indirect
go.opentelemetry.io/auto/sdk v1.2.1 // indirect
go.opentelemetry.io/contrib/propagators/b3 v1.40.0 // indirect
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.40.0 // indirect
go.opentelemetry.io/proto/otlp v1.9.0 // indirect
go.yaml.in/yaml/v3 v3.0.4 // indirect
@ -58,12 +62,13 @@ require (
google.golang.org/genproto/googleapis/rpc v0.0.0-20260128011058-8636f8732409 // indirect
google.golang.org/grpc v1.78.0 // indirect
google.golang.org/protobuf v1.36.11 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
sigs.k8s.io/yaml v1.3.0 // indirect
)
require (
github.com/KyleBanks/depth v1.2.1 // indirect
github.com/gabriel-vasile/mimetype v1.4.12 // indirect
github.com/ghodss/yaml v1.0.0 // indirect
github.com/go-openapi/jsonpointer v0.22.4 // indirect
github.com/go-openapi/jsonreference v0.21.4 // indirect
github.com/go-openapi/spec v0.22.3 // indirect
@ -75,13 +80,8 @@ require (
github.com/jackc/pgpassfile v1.0.0 // indirect
github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect
github.com/jackc/puddle/v2 v2.2.2 // indirect
github.com/labstack/gommon v0.4.2 // indirect
github.com/leodido/go-urn v1.4.0 // indirect
github.com/mattn/go-colorable v0.1.14 // indirect
github.com/mattn/go-isatty v0.0.20 // indirect
github.com/swaggo/files/v2 v2.0.2 // indirect
github.com/valyala/bytebufferpool v1.0.0 // indirect
github.com/valyala/fasttemplate v1.2.2 // indirect
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.40.0
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.40.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.40.0

38
auth/go.sum
View File

@ -15,6 +15,7 @@ github.com/containerd/errdefs v1.0.0/go.mod h1:+YBYIdtsnF4Iw6nWZhJcqGSg/dwvV7tyJ
github.com/containerd/errdefs/pkg v0.3.0 h1:9IKJ06FvyNlexW690DXuQNx2KA2cUJXx151Xdx3ZPPE=
github.com/containerd/errdefs/pkg v0.3.0/go.mod h1:NJw6s9HwNuRhnjJhM7pylWwMyAkmCQvQ4GpJHEqRLVk=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 h1:NMZiJj8QnKe1LgsbDayM4UoHwbvwDRwnI3hwNaAHRnc=
@ -35,8 +36,6 @@ github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2
github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
github.com/gabriel-vasile/mimetype v1.4.12 h1:e9hWvmLYvtp846tLHam2o++qitpguFiYCKbn0w9jyqw=
github.com/gabriel-vasile/mimetype v1.4.12/go.mod h1:d+9Oxyo1wTzWdyVUPMmXFvp4F9tea18J8ufA774AB3s=
github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk=
github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI=
github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
@ -48,7 +47,7 @@ github.com/go-openapi/jsonreference v0.21.4 h1:24qaE2y9bx/q3uRK/qN+TDwbok1NhbSmG
github.com/go-openapi/jsonreference v0.21.4/go.mod h1:rIENPTjDbLpzQmQWCj5kKj3ZlmEh+EFVbz3RTUh30/4=
github.com/go-openapi/spec v0.22.3 h1:qRSmj6Smz2rEBxMnLRBMeBWxbbOvuOoElvSvObIgwQc=
github.com/go-openapi/spec v0.22.3/go.mod h1:iIImLODL2loCh3Vnox8TY2YWYJZjMAKYyLH2Mu8lOZs=
github.com/go-openapi/swag v0.19.15 h1:D2NRCBzS9/pEY3gP9Nl8aDqGUcPFrwG2p+CNFrLyrCM=
github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g=
github.com/go-openapi/swag/conv v0.25.4 h1:/Dd7p0LZXczgUcC/Ikm1+YqVzkEeCc9LnOWjfkpkfe4=
github.com/go-openapi/swag/conv v0.25.4/go.mod h1:3LXfie/lwoAv0NHoEuY1hjoFAYkvlqI/Bn5EQDD3PPU=
github.com/go-openapi/swag/jsonname v0.25.4 h1:bZH0+MsS03MbnwBXYhuTttMOqk+5KcQ9869Vye1bNHI=
@ -107,12 +106,12 @@ github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
github.com/labstack/echo-jwt/v4 v4.4.0 h1:nrXaEnJupfc2R4XChcLRDyghhMZup77F8nIzHnBK19U=
github.com/labstack/echo-jwt/v4 v4.4.0/go.mod h1:kYXWgWms9iFqI3ldR+HAEj/Zfg5rZtR7ePOgktG4Hjg=
github.com/labstack/echo/v4 v4.15.0 h1:hoRTKWcnR5STXZFe9BmYun9AMTNeSbjHi2vtDuADJ24=
github.com/labstack/echo/v4 v4.15.0/go.mod h1:xmw1clThob0BSVRX1CRQkGQ/vjwcpOMjQZSZa9fKA/c=
github.com/labstack/gommon v0.4.2 h1:F8qTUNXgG1+6WQmqoUWnz8WiEU60mXVVw0P4ht1WRA0=
github.com/labstack/gommon v0.4.2/go.mod h1:QlUFxVM+SNXhDL/Z7YhocGIBYOiwB0mXm1+1bAPHPyU=
github.com/labstack/echo-jwt/v5 v5.0.1 h1:uIpCHCiDPN3jA8Jb47i4EViToUl1uypMiPvVAAgKpIw=
github.com/labstack/echo-jwt/v5 v5.0.1/go.mod h1:kcHmJPzrVSEJa1FRheVoi9EJrBLLUqr1ntlil6uPe1Q=
github.com/labstack/echo-opentelemetry v0.0.1 h1:lsB8F41SY0/SIJC4JFwjh1+8a8IXebYCqwep/dfxw8g=
github.com/labstack/echo-opentelemetry v0.0.1/go.mod h1:kBwoqFuXPxpM9fxbs++asMsI42uOufQjuYJut3qqg6w=
github.com/labstack/echo/v5 v5.0.4 h1:ll3I/O8BifjMztj9dD1vx/peZQv8cR2CTUdQK6QxGGc=
github.com/labstack/echo/v5 v5.0.4/go.mod h1:SyvlSdObGjRXeQfCCXW/sybkZdOOQZBmpKF0bvALaeo=
github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ=
github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI=
github.com/lestrrat-go/blackmagic v1.0.4 h1:IwQibdnf8l2KoO+qC3uT4OaTWsW7tuRQXy9TRN9QanA=
@ -131,10 +130,6 @@ github.com/lestrrat-go/option/v2 v2.0.0 h1:XxrcaJESE1fokHy3FpaQ/cXW8ZsIdWcdFzzLO
github.com/lestrrat-go/option/v2 v2.0.0/go.mod h1:oSySsmzMoR0iRzCDCaUfsCzxQHUEuhOViQObyy7S6Vg=
github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHPsaIE=
github.com/mattn/go-colorable v0.1.14/go.mod h1:6LmQG8QLFO4G5z1gPvYEzlUgJ2wF+stgPZH1UqBm1s8=
github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0=
github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo=
github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0=
@ -160,25 +155,23 @@ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
github.com/swaggo/echo-swagger v1.4.1 h1:Yf0uPaJWp1uRtDloZALyLnvdBeoEL5Kc7DtnjzO/TUk=
github.com/swaggo/echo-swagger v1.4.1/go.mod h1:C8bSi+9yH2FLZsnhqMZLIZddpUxZdBYuNHbtaS1Hljc=
github.com/sv-tools/openapi v0.2.1 h1:ES1tMQMJFGibWndMagvdoo34T1Vllxr1Nlm5wz6b1aA=
github.com/sv-tools/openapi v0.2.1/go.mod h1:k5VuZamTw1HuiS9p2Wl5YIDWzYnHG6/FgPOSFXLAhGg=
github.com/swaggo/echo-swagger v1.5.0 h1:nkHxOaBy0SkbJMtMeXZC64KHSa0mJdZFQhVqwEcMres=
github.com/swaggo/echo-swagger v1.5.0/go.mod h1:TzO363X1ZG/MSbjrG2IX6m65Yd3/zpqh5KM6lPctAhk=
github.com/swaggo/files/v2 v2.0.2 h1:Bq4tgS/yxLB/3nwOMcul5oLEUKa877Ykgz3CJMVbQKU=
github.com/swaggo/files/v2 v2.0.2/go.mod h1:TVqetIzZsO9OhHX1Am9sRf9LdrFZqoK49N37KON/jr0=
github.com/swaggo/swag v1.16.6 h1:qBNcx53ZaX+M5dxVyTrgQ0PJ/ACK+NzhwcbieTt+9yI=
github.com/swaggo/swag v1.16.6/go.mod h1:ngP2etMK5a0P3QBizic5MEwpRmluJZPHjXcMoj4Xesg=
github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
github.com/swaggo/swag/v2 v2.0.0-rc4 h1:SZ8cK68gcV6cslwrJMIOqPkJELRwq4gmjvk77MrvHvY=
github.com/swaggo/swag/v2 v2.0.0-rc4/go.mod h1:Ow7Y8gF16BTCDn8YxZbyKn8FkMLRUHekv1kROJZpbvE=
github.com/valyala/fastjson v1.6.7 h1:ZE4tRy0CIkh+qDc5McjatheGX2czdn8slQjomexVpBM=
github.com/valyala/fastjson v1.6.7/go.mod h1:CLCAqky6SMuOcxStkYQvblddUtoRxhYMGLrsQns1aXY=
github.com/valyala/fasttemplate v1.2.2 h1:lxLXG0uE3Qnshl9QyaK6XJxMXlQZELvChBOCmQD0Loo=
github.com/valyala/fasttemplate v1.2.2/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ=
github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ64=
go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y=
go.opentelemetry.io/contrib/bridges/otelslog v0.15.0 h1:yOYhGNPZseueTTvWp5iBD3/CthrmvayUXYEX862dDi4=
go.opentelemetry.io/contrib/bridges/otelslog v0.15.0/go.mod h1:CvaNVqIfcybc+7xqZNubbE+26K6P7AKZF/l0lE2kdCk=
go.opentelemetry.io/contrib/instrumentation/github.com/labstack/echo/otelecho v0.65.0 h1:pPQ0G8ql6v+OTo65t28jcm7QWrJTw1Jr5JESzEagtNE=
go.opentelemetry.io/contrib/instrumentation/github.com/labstack/echo/otelecho v0.65.0/go.mod h1:vQwiruxeni575TCQ/OOJa4Rew7qIvmiLCyoWc/D51Gs=
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 h1:F7Jx+6hwnZ41NSFTO5q4LYDtJRXBf2PD0rNBkeB/lus=
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0/go.mod h1:UHB22Z8QsdRDrnAtX4PntOl36ajSxcdUMt1sF7Y6E7Q=
go.opentelemetry.io/contrib/propagators/b3 v1.40.0 h1:xariChe8OOVF3rNlfzGFgQc61npQmXhzZj/i82mxMfg=
@ -246,7 +239,6 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ=
@ -291,3 +283,5 @@ gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo=
sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8=

8
auth/jwt.go
View File

@ -9,7 +9,7 @@ import (
"time"
"github.com/golang-jwt/jwt/v5"
"github.com/labstack/echo/v4"
"github.com/labstack/echo/v5"
"github.com/lestrrat-go/jwx/v3/jwk"
)
@ -27,7 +27,7 @@ type Jwt struct {
// @Failure 403 {object} KError "Invalid session token (or expired)"
// @Header 200 {string} Authorization "Jwt (same value as the returned token)"
// @Router /jwt [get]
func (h *Handler) CreateJwt(c echo.Context) error {
func (h *Handler) CreateJwt(c *echo.Context) error {
ctx := c.Request().Context()
apikey := c.Request().Header.Get("X-Api-Key")
if apikey != "" {
@ -161,7 +161,7 @@ type JwkSet struct {
// @Produce json
// @Success 200 {object} JwkSet "OK"
// @Router /.well-known/jwks.json [get]
func (h *Handler) GetJwks(c echo.Context) error {
func (h *Handler) GetJwks(c *echo.Context) error {
key, err := jwk.Import(h.config.JwtPublicKey)
if err != nil {
return err
@ -175,7 +175,7 @@ func (h *Handler) GetJwks(c echo.Context) error {
return c.JSON(200, set)
}
func (h *Handler) GetOidcConfig(c echo.Context) error {
func (h *Handler) GetOidcConfig(c *echo.Context) error {
return c.JSON(200, struct {
JwksUri string `json:"jwks_uri"`
}{

51
auth/main.go
View File

@ -12,6 +12,7 @@ import (
"slices"
"sort"
"strings"
"time"
"github.com/zoriya/kyoo/keibi/dbc"
_ "github.com/zoriya/kyoo/keibi/docs"
@ -22,18 +23,18 @@ import (
_ "github.com/golang-migrate/migrate/v4/source/file"
"github.com/jackc/pgx/v5/pgxpool"
"github.com/jackc/pgx/v5/stdlib"
echojwt "github.com/labstack/echo-jwt/v4"
"github.com/labstack/echo/v4"
"github.com/labstack/echo/v4/middleware"
echojwt "github.com/labstack/echo-jwt/v5"
"github.com/labstack/echo/v5"
"github.com/labstack/echo/v5/middleware"
echoSwagger "github.com/swaggo/echo-swagger"
"github.com/exaring/otelpgx"
)
func ErrorHandler(err error, c echo.Context) {
// otelecho & RequestLoggerWithConfig middleware call c.Error
// otelecho docs: https://pkg.go.dev/go.opentelemetry.io/contrib/instrumentation/github.com/labstack/echo/otelecho#WithOnError
if c.Response().Committed {
// otelecho & RequestLoggerWithConfig middleware call c.Error
// otelecho docs: https://pkg.go.dev/go.opentelemetry.io/contrib/instrumentation/github.com/labstack/echo/otelecho#WithOnError
func ErrorHandler(c *echo.Context, err error) {
if resp, _ := echo.UnwrapResponse(c.Response()); resp != nil && resp.Committed {
return
}
@ -48,7 +49,7 @@ func ErrorHandler(err error, c echo.Context) {
code = http.StatusUnauthorized
}
} else {
c.Logger().Error(err)
c.Logger().Error(err.Error())
}
c.JSON(code, KError{
@ -69,13 +70,13 @@ func (v *Validator) Validate(i any) error {
return nil
}
func (h *Handler) CheckHealth(c echo.Context) error {
func (h *Handler) CheckHealth(c *echo.Context) error {
return c.JSON(200, struct {
Status string `json:"status"`
}{Status: "healthy"})
}
func (h *Handler) CheckReady(c echo.Context) error {
func (h *Handler) CheckReady(c *echo.Context) error {
_, err := h.rawDb.Exec(c.Request().Context(), "select 1")
status := "healthy"
@ -175,7 +176,7 @@ type Handler struct {
}
func (h *Handler) TokenToJwt(next echo.HandlerFunc) echo.HandlerFunc {
return func(c echo.Context) error {
return func(c *echo.Context) error {
ctx := c.Request().Context()
var jwt *string
@ -240,7 +241,7 @@ func (h *Handler) TokenToJwt(next echo.HandlerFunc) echo.HandlerFunc {
func main() {
ctx := context.Background()
logger, _, err := SetupLogger(ctx)
_, err := SetupLogger(ctx)
if err != nil {
slog.Error("logger init", "err", err)
}
@ -253,8 +254,7 @@ func main() {
defer cleanup(ctx)
e := echo.New()
e.HideBanner = true
e.Logger.SetOutput(logger)
e.Logger = slog.Default()
instrument(e)
ignorepath := []string{
@ -268,21 +268,20 @@ func main() {
// full configs https://github.com/labstack/echo/blob/master/middleware/request_logger.go
e.Use(middleware.RequestLoggerWithConfig(middleware.RequestLoggerConfig{
// declare a small set of paths to ignore
Skipper: func(c echo.Context) bool {
Skipper: func(c *echo.Context) bool {
p := c.Request().URL.Path
return slices.Contains(ignorepath, p)
},
LogStatus: true,
LogURI: true,
LogError: true,
LogHost: true,
LogMethod: true,
LogUserAgent: true,
HandleError: true, // forwards error to the global error handler, so it can decide appropriate status code
LogValuesFunc: func(c echo.Context, v middleware.RequestLoggerValues) error {
LogValuesFunc: func(c *echo.Context, v middleware.RequestLoggerValues) error {
rCtx := c.Request().Context()
if v.Error == nil {
logger.LogAttrs(rCtx, slog.LevelInfo,
slog.LogAttrs(rCtx, slog.LevelInfo,
fmt.Sprintf("%s %s%s %d", v.Method, v.Host, v.URI, v.Status),
slog.String("method", v.Method),
slog.Int("status", v.Status),
@ -291,7 +290,7 @@ func main() {
slog.String("agent", v.UserAgent),
)
} else {
logger.LogAttrs(rCtx, slog.LevelError,
slog.LogAttrs(rCtx, slog.LevelError,
fmt.Sprintf("%s %s%s %d err=%s",
v.Method, v.Host, v.URI, v.Status, v.Error.Error()),
slog.String("method", v.Method),
@ -311,7 +310,7 @@ func main() {
db, err := OpenDatabase(ctx)
if err != nil {
e.Logger.Fatal("Could not open database: ", err)
e.Logger.Error("Could not open database: ", slog.Any("err", err))
return
}
@ -321,7 +320,7 @@ func main() {
}
conf, err := LoadConfiguration(ctx, h.db)
if err != nil {
e.Logger.Fatal("Could not load configuration: ", err)
e.Logger.Error("Could not load configuration: ", slog.Any("err", err))
return
}
h.config = conf
@ -362,5 +361,13 @@ func main() {
g.GET("/swagger/*", echoSwagger.WrapHandler)
e.Logger.Fatal(e.Start(":4568"))
sc := echo.StartConfig{
Address: ":4568",
GracefulTimeout: 10 * time.Second,
HideBanner: true,
}
if err := sc.Start(ctx, e); err != nil {
e.Logger.Error("server failed", "err", err)
os.Exit(1)
}
}

17
auth/otel.go
View File

@ -7,8 +7,8 @@ import (
"os"
"strings"
"github.com/labstack/echo/v4"
"go.opentelemetry.io/contrib/instrumentation/github.com/labstack/echo/otelecho"
echootel "github.com/labstack/echo-opentelemetry"
"github.com/labstack/echo/v5"
"go.opentelemetry.io/otel"
"go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc"
"go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp"
@ -183,11 +183,14 @@ func setupOtel(ctx context.Context) (func(context.Context) error, error) {
}
func instrument(e *echo.Echo) {
e.Use(otelecho.Middleware("kyoo.auth", otelecho.WithSkipper(func(c echo.Context) bool {
return (c.Path() == "/auth/health" ||
c.Path() == "/auth/ready" ||
strings.HasPrefix(c.Path(), "/.well-known/"))
})))
e.Use(echootel.NewMiddlewareWithConfig(echootel.Config{
ServerName: "kyoo.auth",
Skipper: func(c *echo.Context) bool {
return (c.Path() == "/auth/health" ||
c.Path() == "/auth/ready" ||
strings.HasPrefix(c.Path(), "/.well-known/"))
},
}))
}
// stolen from https://github.com/exaring/otelpgx/issues/47

8
auth/sessions.go
View File

@ -11,7 +11,7 @@ import (
"github.com/golang-jwt/jwt/v5"
"github.com/google/uuid"
"github.com/jackc/pgx/v5"
"github.com/labstack/echo/v4"
"github.com/labstack/echo/v5"
"github.com/zoriya/kyoo/keibi/dbc"
)
@ -71,7 +71,7 @@ type LoginDto struct {
// @Failure 404 {object} KError "Account does not exists"
// @Failure 422 {object} KError "User does not have a password (registered via oidc, please login via oidc)"
// @Router /sessions [post]
func (h *Handler) Login(c echo.Context) error {
func (h *Handler) Login(c *echo.Context) error {
ctx := c.Request().Context()
var req LoginDto
err := c.Bind(&req)
@ -102,7 +102,7 @@ func (h *Handler) Login(c echo.Context) error {
return h.createSession(c, &user)
}
func (h *Handler) createSession(c echo.Context, user *User) error {
func (h *Handler) createSession(c *echo.Context, user *User) error {
ctx := c.Request().Context()
id := make([]byte, 64)
@ -137,7 +137,7 @@ func (h *Handler) createSession(c echo.Context, user *User) error {
// @Failure 401 {object} KError "Missing jwt token"
// @Failure 403 {object} KError "Invalid jwt token (or expired)"
// @Router /sessions/current [delete]
func (h *Handler) Logout(c echo.Context) error {
func (h *Handler) Logout(c *echo.Context) error {
ctx := c.Request().Context()
uid, err := GetCurrentUserId(c)
if err != nil {

19
auth/slog.go
View File

@ -10,18 +10,6 @@ import (
logotelglobal "go.opentelemetry.io/otel/log/global"
)
type SlogAdapter struct {
*slog.Logger
}
// add Write so SlogAdapter satisfies io.Writer (Echo's logger output)
func (a *SlogAdapter) Write(p []byte) (int, error) {
msg := strings.TrimSpace(string(p))
// Echo middleware writes request lines at INFO; use Info here.
a.Info(msg)
return len(p), nil
}
type tee struct {
a, b slog.Handler
minA slog.Level
@ -66,7 +54,7 @@ func (t *tee) WithGroup(name string) slog.Handler {
return NewTee(t.a.WithGroup(name), t.b.WithGroup(name), t.minA, t.minB)
}
func SetupLogger(ctx context.Context) (*SlogAdapter, func(context.Context) error, error) {
func SetupLogger(ctx context.Context) (func(context.Context) error, error) {
stdout := slog.NewTextHandler(os.Stdout, &slog.HandlerOptions{
ReplaceAttr: func(groups []string, a slog.Attr) slog.Attr {
// drop the default time attribute so text output has no timestamp
@ -84,11 +72,10 @@ func SetupLogger(ctx context.Context) (*SlogAdapter, func(context.Context) error
handler := NewTee(stdout, otelHandler, minStdout, minOtel)
logger := slog.New(handler)
adapter := &SlogAdapter{logger}
shutdown := func(ctx context.Context) error { return nil }
slog.SetDefault(adapter.Logger)
return adapter, shutdown, nil
slog.SetDefault(logger)
return shutdown, nil
}
func parseLogLevel(v string) slog.Level {

20
auth/users.go
View File

@ -10,7 +10,7 @@ import (
"github.com/google/uuid"
"github.com/jackc/pgerrcode"
"github.com/jackc/pgx/v5"
"github.com/labstack/echo/v4"
"github.com/labstack/echo/v5"
"github.com/zoriya/kyoo/keibi/dbc"
)
@ -93,7 +93,7 @@ func MapOidc(oidc *dbc.GetUserRow) OidcHandle {
// @Success 200 {object} Page[User]
// @Failure 422 {object} KError "Invalid after id"
// @Router /users [get]
func (h *Handler) ListUsers(c echo.Context) error {
func (h *Handler) ListUsers(c *echo.Context) error {
ctx := c.Request().Context()
err := CheckPermissions(c, []string{"users.read"})
@ -139,7 +139,7 @@ func (h *Handler) ListUsers(c echo.Context) error {
// @Failure 404 {object} KError "No user with the given id found"
// @Failure 422 {object} KError "Invalid id (not a uuid)"
// @Router /users/{id} [get]
func (h *Handler) GetUser(c echo.Context) error {
func (h *Handler) GetUser(c *echo.Context) error {
ctx := c.Request().Context()
err := CheckPermissions(c, []string{"users.read"})
if err != nil {
@ -179,7 +179,7 @@ func (h *Handler) GetUser(c echo.Context) error {
// @Failure 401 {object} KError "Missing jwt token"
// @Failure 403 {object} KError "Invalid jwt token (or expired)"
// @Router /users/me [get]
func (h *Handler) GetMe(c echo.Context) error {
func (h *Handler) GetMe(c *echo.Context) error {
ctx := c.Request().Context()
id, err := GetCurrentUserId(c)
if err != nil {
@ -217,7 +217,7 @@ func (h *Handler) GetMe(c echo.Context) error {
// @Success 409 {object} KError "Duplicated email or username"
// @Failure 422 {object} KError "Invalid register body"
// @Router /users [post]
func (h *Handler) Register(c echo.Context) error {
func (h *Handler) Register(c *echo.Context) error {
ctx := c.Request().Context()
var req RegisterDto
err := c.Bind(&req)
@ -260,7 +260,7 @@ func (h *Handler) Register(c echo.Context) error {
// @Failure 404 {object} KError "Invalid user id"
// @Failure 422 {object} KError "Invalid id format"
// @Router /users/{id} [delete]
func (h *Handler) DeleteUser(c echo.Context) error {
func (h *Handler) DeleteUser(c *echo.Context) error {
ctx := c.Request().Context()
err := CheckPermissions(c, []string{"users.delete"})
if err != nil {
@ -289,7 +289,7 @@ func (h *Handler) DeleteUser(c echo.Context) error {
// @Security Jwt
// @Success 200 {object} User
// @Router /users/me [delete]
func (h *Handler) DeleteSelf(c echo.Context) error {
func (h *Handler) DeleteSelf(c *echo.Context) error {
ctx := c.Request().Context()
uid, err := GetCurrentUserId(c)
if err != nil {
@ -316,7 +316,7 @@ func (h *Handler) DeleteSelf(c echo.Context) error {
// @Success 403 {object} KError "You can't edit a protected claim"
// @Success 422 {object} KError "Invalid body"
// @Router /users/me [patch]
func (h *Handler) EditSelf(c echo.Context) error {
func (h *Handler) EditSelf(c *echo.Context) error {
ctx := c.Request().Context()
var req EditUserDto
err := c.Bind(&req)
@ -365,7 +365,7 @@ func (h *Handler) EditSelf(c echo.Context) error {
// @Success 403 {object} KError "You don't have permissions to edit another account"
// @Success 422 {object} KError "Invalid body"
// @Router /users/{id} [patch]
func (h *Handler) EditUser(c echo.Context) error {
func (h *Handler) EditUser(c *echo.Context) error {
ctx := c.Request().Context()
err := CheckPermissions(c, []string{"users.write"})
if err != nil {
@ -412,7 +412,7 @@ func (h *Handler) EditUser(c echo.Context) error {
// @Success 204
// @Success 422 {object} KError "Invalid body"
// @Router /users/me/password [patch]
func (h *Handler) ChangePassword(c echo.Context) error {
func (h *Handler) ChangePassword(c *echo.Context) error {
ctx := c.Request().Context()
uid, err := GetCurrentUserId(c)
if err != nil {

8
auth/utils.go
View File

@ -9,10 +9,10 @@ import (
"github.com/golang-jwt/jwt/v5"
"github.com/google/uuid"
"github.com/jackc/pgx/v5/pgconn"
"github.com/labstack/echo/v4"
"github.com/labstack/echo/v5"
)
func GetCurrentUserId(c echo.Context) (uuid.UUID, error) {
func GetCurrentUserId(c *echo.Context) (uuid.UUID, error) {
user := c.Get("user").(*jwt.Token)
if user == nil {
return uuid.UUID{}, echo.NewHTTPError(401, "Unauthorized")
@ -28,7 +28,7 @@ func GetCurrentUserId(c echo.Context) (uuid.UUID, error) {
return ret, nil
}
func GetCurrentSessionId(c echo.Context) (uuid.UUID, error) {
func GetCurrentSessionId(c *echo.Context) (uuid.UUID, error) {
user := c.Get("user").(*jwt.Token)
if user == nil {
return uuid.UUID{}, echo.NewHTTPError(401, "Unauthorized")
@ -54,7 +54,7 @@ func GetCurrentSessionId(c echo.Context) (uuid.UUID, error) {
return ret, nil
}
func CheckPermissions(c echo.Context, perms []string) error {
func CheckPermissions(c *echo.Context, perms []string) error {
token, ok := c.Get("user").(*jwt.Token)
if !ok {
return echo.NewHTTPError(401, "Not logged in")