From 9a8a33beac97458eaf3ec1831303e9a9bfe83851 Mon Sep 17 00:00:00 2001
From: ivamp <im@ivampiresp.com>
Date: Tue, 16 Jul 2024 01:48:05 +0800
Subject: [PATCH] =?UTF-8?q?=E6=94=B9=E8=BF=9B=20=E8=AE=A4=E8=AF=81?=
 =?UTF-8?q?=E5=92=8C=20JWKS=20=E5=88=B7=E6=96=B0=E6=9C=BA=E5=88=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 internal/logic/auth.go           |  7 ++++++
 internal/middleware/grpc/auth.go |  8 +++----
 internal/providers/jwks/init.go  | 10 ++++++++-
 internal/providers/jwks/jwks.go  |  1 -
 models/user.go                   | 38 +++++++++++++++-----------------
 5 files changed, 38 insertions(+), 26 deletions(-)

diff --git a/internal/logic/auth.go b/internal/logic/auth.go
index 2d90ce2..42b221a 100644
--- a/internal/logic/auth.go
+++ b/internal/logic/auth.go
@@ -1,6 +1,7 @@
 package logic
 
 import (
+	"context"
 	"github.com/gin-gonic/gin"
 	"github.com/mitchellh/mapstructure"
 	"go.uber.org/zap"
@@ -88,3 +89,9 @@ func GetUserId(ctx *gin.Context) string {
 	logic := AuthLogic{}
 	return logic.GinUser(ctx).Token.Sub
 }
+
+func GetUser(ctx context.Context) *models.User {
+	user := ctx.Value(consts.AuthMiddlewareKey)
+
+	return user.(*models.User)
+}
diff --git a/internal/middleware/grpc/auth.go b/internal/middleware/grpc/auth.go
index 68926d7..0c85176 100644
--- a/internal/middleware/grpc/auth.go
+++ b/internal/middleware/grpc/auth.go
@@ -19,7 +19,7 @@ func JwtAuth(ctx context.Context) (context.Context, error) {
 	}
 
 	sub := consts.AnonymousUser
-	var jwtIdToken = &models.User{}
+	var jwtIdToken = models.User{}
 
 	if config.DebugMode.Enable {
 		jwtIdToken.Token.Sub = sub
@@ -45,14 +45,14 @@ func JwtAuth(ctx context.Context) (context.Context, error) {
 
 		jwtIdToken.Valid = true
 
-		err = mapstructure.Decode(token.Claims, &jwtIdToken)
+		err = mapstructure.Decode(token.Claims, &jwtIdToken.Token)
 		if err != nil {
 			logger.Error("Failed to map token claims to JwtIDToken struct.\nError: " + err.Error())
 			return nil, err
 		}
 	}
 
-	ctx = logging.InjectFields(ctx, logging.Fields{"auth.sub", sub})
+	ctx = logging.InjectFields(ctx, logging.Fields{consts.AuthMiddlewareKey, sub})
 
-	return context.WithValue(ctx, "auth", jwtIdToken), nil
+	return context.WithValue(ctx, consts.AuthMiddlewareKey, &jwtIdToken), nil
 }
diff --git a/internal/providers/jwks/init.go b/internal/providers/jwks/init.go
index a4acaea..f7dbd33 100644
--- a/internal/providers/jwks/init.go
+++ b/internal/providers/jwks/init.go
@@ -3,10 +3,18 @@ package jwks
 import "time"
 
 func InitJwksRefresh() {
+	// 先刷新一次
+	RefreshJWKS()
+	var firstRefreshed = true
+
 	// 启动一个定时器
 	go func() {
 		for {
-			RefreshJWKS()
+			if firstRefreshed {
+				firstRefreshed = false
+			} else {
+				RefreshJWKS()
+			}
 			time.Sleep(refreshRate)
 		}
 	}()
diff --git a/internal/providers/jwks/jwks.go b/internal/providers/jwks/jwks.go
index ca811e7..479fe4a 100644
--- a/internal/providers/jwks/jwks.go
+++ b/internal/providers/jwks/jwks.go
@@ -21,7 +21,6 @@ var logger = providers.MustGet[zap.Logger]()
 var config = providers.MustGet[providers.GlobalConfig]()
 
 func RefreshJWKS() {
-
 	logger.Info("Refreshing JWKS...")
 
 	var err error
diff --git a/models/user.go b/models/user.go
index 2c86732..a70832e 100644
--- a/models/user.go
+++ b/models/user.go
@@ -1,26 +1,24 @@
 package models
 
+import "time"
+
 type UserTokenInfo struct {
-	Exp               int      `json:"exp"`
-	Iat               int      `json:"iat"`
-	AuthTime          int      `json:"auth_time"`
-	Jti               string   `json:"jti"`
-	Iss               string   `json:"iss"`
-	Aud               string   `json:"aud"`
-	Sub               string   `json:"sub"`
-	Typ               string   `json:"typ"`
-	Azp               string   `json:"azp"`
-	SessionState      string   `json:"session_state"`
-	AtHash            string   `json:"at_hash"`
-	Acr               string   `json:"acr"`
-	Sid               string   `json:"sid"`
-	EmailVerified     bool     `json:"email_verified"`
-	Name              string   `json:"name"`
-	PreferredUsername string   `json:"preferred_username"`
-	GivenName         string   `json:"given_name"`
-	FamilyName        string   `json:"family_name"`
-	Email             string   `json:"email"`
-	Groups            []string `json:"groups"`
+	Aud              string    `json:"aud"`
+	Iss              string    `json:"iss"`
+	Iat              float64   `json:"iat"`
+	Exp              float64   `json:"exp"`
+	Sub              string    `json:"sub"`
+	Scopes           []string  `json:"scopes"`
+	Id               int       `json:"id"`
+	Uuid             string    `json:"uuid"`
+	Avatar           string    `json:"avatar"`
+	Name             string    `json:"name"`
+	EmailVerified    bool      `json:"email_verified"`
+	RealNameVerified bool      `json:"real_name_verified"`
+	PhoneVerified    bool      `json:"phone_verified"`
+	Email            string    `json:"email"`
+	Phone            string    `json:"phone"`
+	CreatedAt        time.Time `json:"created_at"`
 }
 
 type User struct {