From bad76558aca0719db95f5572c7847fd971051186 Mon Sep 17 00:00:00 2001 From: mo khan Date: Thu, 6 Mar 2025 11:37:01 -0700 Subject: refactor: move protobuf rpc services to lib/authx/rpc --- bin/api | 6 +++--- bin/idp | 5 +++++ bin/rpc | 6 +++--- callback | 8 ++++++++ lib/ability_pb.rb | 16 ---------------- lib/ability_services_pb.rb | 22 ---------------------- lib/ability_twirp.rb | 15 --------------- lib/authx.rb | 3 +++ lib/authx/rpc.rb | 4 ++++ lib/authx/rpc/ability_pb.rb | 18 ++++++++++++++++++ lib/authx/rpc/ability_services_pb.rb | 24 ++++++++++++++++++++++++ lib/authx/rpc/ability_twirp.rb | 17 +++++++++++++++++ magefile.go | 12 ++++++------ protos/ability.proto | 2 +- 14 files changed, 92 insertions(+), 66 deletions(-) create mode 100644 callback delete mode 100644 lib/ability_pb.rb delete mode 100644 lib/ability_services_pb.rb delete mode 100644 lib/ability_twirp.rb create mode 100644 lib/authx.rb create mode 100644 lib/authx/rpc.rb create mode 100644 lib/authx/rpc/ability_pb.rb create mode 100644 lib/authx/rpc/ability_services_pb.rb create mode 100644 lib/authx/rpc/ability_twirp.rb diff --git a/bin/api b/bin/api index 15e63b7..1a47d14 100755 --- a/bin/api +++ b/bin/api @@ -18,7 +18,7 @@ end lib_path = Pathname.new(__FILE__).parent.parent.join('lib').realpath.to_s $LOAD_PATH.unshift(lib_path) unless $LOAD_PATH.include?(lib_path) -require 'ability_services_pb' +require 'authx' GRPC.logger = Logger.new($stderr, level: :debug) $scheme = ENV.fetch("SCHEME", "http") @@ -79,8 +79,8 @@ class API def authorized?(request, permission) # TODO:: Check the JWT for the appropriate claim # Connect to the Authz RPC endpoint Ability.allowed?(subject, permission, resource) - client = ::Authx::Ability::Stub.new('localhost:50051', :this_channel_is_insecure) # TODO:: memorize client - reply = client.allowed(::Authx::AllowRequest.new(subject: "", permission: permission, resource: "")) + client = ::Authx::Rpc::Ability::Stub.new('localhost:50051', :this_channel_is_insecure) # TODO:: memorize client + reply = client.allowed(::Authx::Rpc::AllowRequest.new(subject: "", permission: permission, resource: "")) puts "***" * 10 puts reply.inspect puts "***" * 10 diff --git a/bin/idp b/bin/idp index bc949d2..f43d495 100755 --- a/bin/idp +++ b/bin/idp @@ -13,6 +13,11 @@ gemfile do gem "webrick", "~> 1.0" end +lib_path = Pathname.new(__FILE__).parent.parent.join('lib').realpath.to_s +$LOAD_PATH.unshift(lib_path) unless $LOAD_PATH.include?(lib_path) + +require 'authx' + $scheme = ENV.fetch("SCHEME", "http") $port = ENV.fetch("PORT", 8282).to_i $host = ENV.fetch("HOST", "localhost:#{$port}") diff --git a/bin/rpc b/bin/rpc index 92c8c82..d0c1cd8 100755 --- a/bin/rpc +++ b/bin/rpc @@ -11,7 +11,7 @@ gemfile do gem "logger", "~> 1.0" end -lib_path = Pathname.new(__FILE__).parent.parent.join('lib').realpath.to_s +lib_path = Pathname.new(__FILE__).parent.parent.join('lib/authx/rpc').realpath.to_s $LOAD_PATH.unshift(lib_path) unless $LOAD_PATH.include?(lib_path) require 'ability_services_pb' @@ -22,12 +22,12 @@ class ProjectPolicy < DeclarativePolicy::Base rule { owner }.enable :create_project end -class AbilityHandler < ::Authx::Ability::Service +class AbilityHandler < ::Authx::Rpc::Ability::Service def allowed(request, _call) puts [request, _call].inspect GRPC.logger.info([request, _call].inspect) - ::Authx::AllowReply.new(result: true) + ::Authx::Rpc::AllowReply.new(result: true) # TODO:: entrypoint to declarative policies # AllowReply.new(result: policy_for(request).can?(request.permission)) end diff --git a/callback b/callback new file mode 100644 index 0000000..4942fee --- /dev/null +++ b/callback @@ -0,0 +1,8 @@ +{ + "code": "a796c703-6b6f-4c27-b8a9-a1a462c2513a", + "state": "example", + "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI5OGRkNjljMi04NTZmLTQ5NzUtYWEwNi00MmZlODVlZDA2NGIiLCJpYXQiOjE3NDEyODYwNDN9.e30=", + "token_type": "Bearer", + "expires_in": 3600, + "refresh_token": "5f3ddb28457e4272eee6945d611406dcccb3d0223536e3db5466cb8217893ccf" +} \ No newline at end of file diff --git a/lib/ability_pb.rb b/lib/ability_pb.rb deleted file mode 100644 index 5929bba..0000000 --- a/lib/ability_pb.rb +++ /dev/null @@ -1,16 +0,0 @@ -# frozen_string_literal: true -# Generated by the protocol buffer compiler. DO NOT EDIT! -# source: ability.proto - -require 'google/protobuf' - - -descriptor_data = "\n\rability.proto\x12\x05\x61uthx\"E\n\x0c\x41llowRequest\x12\x0f\n\x07subject\x18\x01 \x01(\t\x12\x12\n\npermission\x18\x02 \x01(\t\x12\x10\n\x08resource\x18\x03 \x01(\t\"\x1c\n\nAllowReply\x12\x0e\n\x06result\x18\x01 \x01(\x08\x32>\n\x07\x41\x62ility\x12\x33\n\x07\x41llowed\x12\x13.authx.AllowRequest\x1a\x11.authx.AllowReply\"\x00\x62\x06proto3" - -pool = Google::Protobuf::DescriptorPool.generated_pool -pool.add_serialized_file(descriptor_data) - -module Authx - AllowRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authx.AllowRequest").msgclass - AllowReply = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authx.AllowReply").msgclass -end diff --git a/lib/ability_services_pb.rb b/lib/ability_services_pb.rb deleted file mode 100644 index ca55ef6..0000000 --- a/lib/ability_services_pb.rb +++ /dev/null @@ -1,22 +0,0 @@ -# Generated by the protocol buffer compiler. DO NOT EDIT! -# Source: ability.proto for package 'authx' - -require 'grpc' -require 'ability_pb' - -module Authx - module Ability - class Service - - include ::GRPC::GenericService - - self.marshal_class_method = :encode - self.unmarshal_class_method = :decode - self.service_name = 'authx.Ability' - - rpc :Allowed, ::Authx::AllowRequest, ::Authx::AllowReply - end - - Stub = Service.rpc_stub_class - end -end diff --git a/lib/ability_twirp.rb b/lib/ability_twirp.rb deleted file mode 100644 index 497400e..0000000 --- a/lib/ability_twirp.rb +++ /dev/null @@ -1,15 +0,0 @@ -# Code generated by protoc-gen-twirp_ruby 1.11.0, DO NOT EDIT. -require 'twirp' -require_relative 'ability_pb.rb' - -module Authx - class AbilityService < ::Twirp::Service - package 'authx' - service 'Ability' - rpc :Allowed, AllowRequest, AllowReply, :ruby_method => :allowed - end - - class AbilityClient < ::Twirp::Client - client_for AbilityService - end -end diff --git a/lib/authx.rb b/lib/authx.rb new file mode 100644 index 0000000..81bc8ff --- /dev/null +++ b/lib/authx.rb @@ -0,0 +1,3 @@ +# frozen_string_literal: true + +require "authx/rpc" diff --git a/lib/authx/rpc.rb b/lib/authx/rpc.rb new file mode 100644 index 0000000..78edbc4 --- /dev/null +++ b/lib/authx/rpc.rb @@ -0,0 +1,4 @@ +# frozen_string_literal: true + +require "authx/rpc/ability_pb" +require "authx/rpc/ability_twirp" diff --git a/lib/authx/rpc/ability_pb.rb b/lib/authx/rpc/ability_pb.rb new file mode 100644 index 0000000..b360db2 --- /dev/null +++ b/lib/authx/rpc/ability_pb.rb @@ -0,0 +1,18 @@ +# frozen_string_literal: true +# Generated by the protocol buffer compiler. DO NOT EDIT! +# source: ability.proto + +require 'google/protobuf' + + +descriptor_data = "\n\rability.proto\x12\tauthx.rpc\"E\n\x0c\x41llowRequest\x12\x0f\n\x07subject\x18\x01 \x01(\t\x12\x12\n\npermission\x18\x02 \x01(\t\x12\x10\n\x08resource\x18\x03 \x01(\t\"\x1c\n\nAllowReply\x12\x0e\n\x06result\x18\x01 \x01(\x08\x32\x46\n\x07\x41\x62ility\x12;\n\x07\x41llowed\x12\x17.authx.rpc.AllowRequest\x1a\x15.authx.rpc.AllowReply\"\x00\x62\x06proto3" + +pool = Google::Protobuf::DescriptorPool.generated_pool +pool.add_serialized_file(descriptor_data) + +module Authx + module Rpc + AllowRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authx.rpc.AllowRequest").msgclass + AllowReply = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authx.rpc.AllowReply").msgclass + end +end diff --git a/lib/authx/rpc/ability_services_pb.rb b/lib/authx/rpc/ability_services_pb.rb new file mode 100644 index 0000000..a6c3b17 --- /dev/null +++ b/lib/authx/rpc/ability_services_pb.rb @@ -0,0 +1,24 @@ +# Generated by the protocol buffer compiler. DO NOT EDIT! +# Source: ability.proto for package 'authx.rpc' + +require 'grpc' +require 'ability_pb' + +module Authx + module Rpc + module Ability + class Service + + include ::GRPC::GenericService + + self.marshal_class_method = :encode + self.unmarshal_class_method = :decode + self.service_name = 'authx.rpc.Ability' + + rpc :Allowed, ::Authx::Rpc::AllowRequest, ::Authx::Rpc::AllowReply + end + + Stub = Service.rpc_stub_class + end + end +end diff --git a/lib/authx/rpc/ability_twirp.rb b/lib/authx/rpc/ability_twirp.rb new file mode 100644 index 0000000..120e9a9 --- /dev/null +++ b/lib/authx/rpc/ability_twirp.rb @@ -0,0 +1,17 @@ +# Code generated by protoc-gen-twirp_ruby 1.11.0, DO NOT EDIT. +require 'twirp' +require_relative 'ability_pb.rb' + +module Authx + module Rpc + class AbilityService < ::Twirp::Service + package 'authx.rpc' + service 'Ability' + rpc :Allowed, AllowRequest, AllowReply, :ruby_method => :allowed + end + + class AbilityClient < ::Twirp::Client + client_for AbilityService + end + end +end diff --git a/magefile.go b/magefile.go index 23fc4af..0e309bd 100644 --- a/magefile.go +++ b/magefile.go @@ -57,8 +57,7 @@ func Api() error { } // Run the gRPC Server -func Rpc(ctx context.Context) error { - mg.CtxDeps(ctx, Protos) +func Rpc() error { env := map[string]string{ "PORT": "50051", "HOST": "localhost", @@ -79,13 +78,14 @@ func Browser() error { // Generate gRPC from protocal buffers func Protos() error { files := x.Must(filepath.Glob("./protos/*.proto")) + outDir := "lib/authx/rpc" for _, file := range files { var err error if err = sh.RunV( "protoc", "--proto_path=./protos", - "--ruby_out=lib", - "--twirp_ruby_out=lib", + "--ruby_out="+outDir, + "--twirp_ruby_out="+outDir, file, ); err != nil { return err @@ -93,8 +93,8 @@ func Protos() error { if err = sh.RunV( "grpc_tools_ruby_protoc", "--proto_path=./protos", - "--ruby_out=lib", - "--grpc_out=lib", + "--ruby_out="+outDir, + "--grpc_out="+outDir, file, ); err != nil { return err diff --git a/protos/ability.proto b/protos/ability.proto index 5f15526..8096fa4 100644 --- a/protos/ability.proto +++ b/protos/ability.proto @@ -1,6 +1,6 @@ syntax = "proto3"; -package authx; +package authx.rpc; service Ability { rpc Allowed (AllowRequest) returns (AllowReply) {} -- cgit v1.2.3