rag/internal/providers/jwks.go

package providers

import (
	"context"
	"errors"
	"github.com/MicahParks/keyfunc/v3"
	"github.com/golang-jwt/jwt/v5"
	"time"
)

var refreshRate = 1 * time.Hour

var Jwks keyfunc.Keyfunc

type JwtIDToken struct {
	Exp               int      `json:"exp"`
	Iat               int      `json:"iat"`
	AuthTime          int      `json:"auth_time"`
	Jti               string   `json:"jti"`
	Iss               string   `json:"iss"`
	Aud               string   `json:"aud"`
	Sub               string   `json:"sub"`
	Typ               string   `json:"typ"`
	Azp               string   `json:"azp"`
	SessionState      string   `json:"session_state"`
	AtHash            string   `json:"at_hash"`
	Acr               string   `json:"acr"`
	Sid               string   `json:"sid"`
	EmailVerified     bool     `json:"email_verified"`
	Name              string   `json:"name"`
	PreferredUsername string   `json:"preferred_username"`
	GivenName         string   `json:"given_name"`
	FamilyName        string   `json:"family_name"`
	Email             string   `json:"email"`
	Groups            []string `json:"groups"`
}

var (
	ErrJWKSNotInitialized = errors.New("JWKS is not initialized")
)

func InitJwksRefresh() {
	// 启动一个定时器
	go func() {
		for {
			RefreshJWKS()
			time.Sleep(refreshRate)
		}
	}()
}

func RefreshJWKS() {
	Logger.Info("Refreshing JWKS...")

	var err error

	Jwks, err = keyfunc.NewDefault([]string{Config.JWKS.Url})
	if err != nil {
		Logger.Error("Failed to create JWK Set from resource at the given URL.\nError: " + err.Error())
	}

	Logger.Info("JWKS refreshed.")
}

func ParseJWT(jwtB64 string) (*jwt.Token, error) {
	//if Jwks.Keyfunc == nil {
	//	Logger.Error(ErrJWKSNotInitialized.Error())
	//	return nil, ErrJWKSNotInitialized
	//}

	token, err := jwt.Parse(jwtB64, Jwks.Keyfunc)

	return token, err
}

func GetAuthFromCtx(ctx context.Context) *JwtIDToken {
	auth := ctx.Value("auth")

	if auth == nil {
		return nil
	}

	return auth.(*JwtIDToken)
}
Initial commit 2024-06-13 01:16:48 +00:00			`package providers`

			`import (`
			`"context"`
			`"errors"`
			`"github.com/MicahParks/keyfunc/v3"`
			`"github.com/golang-jwt/jwt/v5"`
			`"time"`
			`)`

			`var refreshRate = 1 * time.Hour`

			`var Jwks keyfunc.Keyfunc`

			`type JwtIDToken struct {`
			Exp int `json:"exp"`
			Iat int `json:"iat"`
			AuthTime int `json:"auth_time"`
			Jti string `json:"jti"`
			Iss string `json:"iss"`
			Aud string `json:"aud"`
			Sub string `json:"sub"`
			Typ string `json:"typ"`
			Azp string `json:"azp"`
			SessionState string `json:"session_state"`
			AtHash string `json:"at_hash"`
			Acr string `json:"acr"`
			Sid string `json:"sid"`
			EmailVerified bool `json:"email_verified"`
			Name string `json:"name"`
			PreferredUsername string `json:"preferred_username"`
			GivenName string `json:"given_name"`
			FamilyName string `json:"family_name"`
			Email string `json:"email"`
			Groups []string `json:"groups"`
			`}`

			`var (`
			`ErrJWKSNotInitialized = errors.New("JWKS is not initialized")`
			`)`

			`func InitJwksRefresh() {`
			`// 启动一个定时器`
			`go func() {`
			`for {`
			`RefreshJWKS()`
			`time.Sleep(refreshRate)`
			`}`
			`}()`
			`}`

			`func RefreshJWKS() {`
			`Logger.Info("Refreshing JWKS...")`

			`var err error`

			`Jwks, err = keyfunc.NewDefault([]string{Config.JWKS.Url})`
			`if err != nil {`
			`Logger.Error("Failed to create JWK Set from resource at the given URL.\nError: " + err.Error())`
			`}`

			`Logger.Info("JWKS refreshed.")`
			`}`

			`func ParseJWT(jwtB64 string) (*jwt.Token, error) {`
			`//if Jwks.Keyfunc == nil {`
			`// Logger.Error(ErrJWKSNotInitialized.Error())`
			`// return nil, ErrJWKSNotInitialized`
			`//}`

			`token, err := jwt.Parse(jwtB64, Jwks.Keyfunc)`

			`return token, err`
			`}`

			`func GetAuthFromCtx(ctx context.Context) *JwtIDToken {`
			`auth := ctx.Value("auth")`

			`if auth == nil {`
			`return nil`
			`}`

			`return auth.(*JwtIDToken)`
			`}`