feat: add db.sql

Dockerfile

@@ -0,0 +1,15 @@
+FROM alpine as build
+
+ADD ./build/app /app
+
+RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories \
+    && apk --no-cache add ca-certificates
+
+FROM scratch
+# copy the ca-certificate.crt from the build stage
+COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
+COPY --from=build /app /app
+
+EXPOSE 13721
+
+ENTRYPOINT ["/app"]

Makefile

@@ -1,7 +1,7 @@
 include .env
 include .env.local
 
-.PHONY: proto 
+.PHONY: build proto 
 
 run:
 	go run cmd/mp-server/main.go \
@@ -15,6 +15,13 @@ clean:
 
 all: api
 
+build:
+	CGO_ENABLED=0 GOOS="linux" GOARCH="amd64" \
+		go build -o ./build/app -ldflags="-s -w" -tags timetzdata  ./cmd/mp-server
+	upx build/app
+	docker build -t esinio/weixin:mp-auth .
+	rm build/app
+
 docker.push:
 	docker push esinio/weixin:oauth2
 

clientapi/mp/auth/clientcredential.go

@@ -5,7 +5,7 @@ import (
 )
 
 type ClientCredential struct {
-	request.Error
+	request.Error `gorm:"-"`
-	AccessToken string `json:"access_token"`
+	AccessToken   string `json:"access_token"`
-	ExpiresIn   int32  `json:"expires_in"`
+	ExpiresIn     int32  `json:"expires_in"`
 }

clientapi/mp/auth/token.go

@@ -5,10 +5,10 @@ import (
 )
 
 type Token struct {
-	request.Error
+	request.Error `gorm:"-"`
-	AccessToken  string `json:"access_token"`  //获取到的凭证
+	AccessToken   string `json:"access_token"`  //获取到的凭证
-	ExpiresIn    int32  `json:"expires_in"`    //凭证有效时间，单位：秒
+	ExpiresIn     int32  `json:"expires_in"`    //凭证有效时间，单位：秒
-	RefreshToken string `json:"refresh_token"` //有效期为30天，当失效之后，需要用户重新授
+	RefreshToken  string `json:"refresh_token"` //有效期为30天，当失效之后，需要用户重新授
-	OpenID       string `json:"openid"  gorm:"index"`
+	OpenID        string `json:"openid"  gorm:"index"`
-	Scope        string `json:"scope"`
+	Scope         string `json:"scope"`
 }

clientapi/mp/auth/userinfo.go

@@ -5,14 +5,14 @@ import (
 )
 
 type Userinfo struct {
-	request.Error
+	request.Error `gorm:"-"`
-	OpenID     string   `json:"openid" gorm:"index"`
+	OpenID        string   `json:"openid" gorm:"index"`
-	NickName   string   `json:"nickname"`
+	NickName      string   `json:"nickname"`
-	Sex        int32    `json:"sex"`
+	Sex           int32    `json:"sex"`
-	Province   string   `json:"province"`
+	Province      string   `json:"province"`
-	City       string   `json:"city"`
+	City          string   `json:"city"`
-	Country    string   `json:"country"`
+	Country       string   `json:"country"`
-	HeadImgURL string   `json:"headimgurl"`
+	HeadImgURL    string   `json:"headimgurl"`
-	Privilege  []string `json:"privilege" gorm:"type:text[]"`
+	Privilege     []string `json:"privilege" gorm:"type:text[]"`
-	UnionID    string   `json:"unionid"`
+	UnionID       string   `json:"unionid"`
 }

cmd/mp-auth-http/main.go

@@ -0,0 +1,124 @@
+package main
+
+import (
+	"encoding/json"
+	"flag"
+	"net/http"
+
+	pb "git.esin.io/lab/weixin/protobuf/clientapi/mp/auth"
+	"google.golang.org/grpc"
+	"google.golang.org/protobuf/types/known/emptypb"
+)
+
+var (
+	lisPort            string
+	authServerEndpoint string
+)
+
+func init() {
+	flag.StringVar(&lisPort, "port", "3000", "server listen port")
+	flag.StringVar(&authServerEndpoint, "auth.server", "localhost:13721", "auth grpc server endpoint")
+}
+
+func main() {
+	flag.Parse()
+
+	if err := run(); err != nil {
+		panic(err)
+	}
+}
+
+func run() error {
+	grpcDialOpts := []grpc.DialOption{
+		grpc.WithInsecure(),
+		grpc.WithBlock(),
+	}
+	grpcConn, err := grpc.Dial(authServerEndpoint, grpcDialOpts...)
+	if err != nil {
+		return err
+	}
+
+	h := NewHandler(pb.NewAuthServiceClient(grpcConn))
+
+	http.HandleFunc("/url", h.getCodeURL)
+	http.HandleFunc("/token", h.exchangeToken)
+	http.HandleFunc("/userinfo", h.getUserinfo)
+	http.HandleFunc("/userinfo/sync", h.syncUserinfo)
+	http.HandleFunc("/clientcredential", h.getClientCredential)
+
+	return http.ListenAndServe(":"+lisPort, nil)
+}
+
+type restHandler struct {
+	client pb.AuthServiceClient
+}
+
+func NewHandler(client pb.AuthServiceClient) *restHandler {
+	return &restHandler{
+		client: client,
+	}
+}
+
+func (h restHandler) getCodeURL(w http.ResponseWriter, r *http.Request) {
+	resp, err := h.client.GetCodeURL(r.Context(), &pb.GetCodeURLRequest{
+		RedirectUrl: r.FormValue("redirect_url"),
+		State:       r.FormValue("state"),
+		Scope:       pb.GetCodeURLRequest_snsapi_base,
+	})
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	encoder := json.NewEncoder(w)
+	encoder.SetEscapeHTML(false)
+	encoder.Encode(resp)
+}
+
+func (h restHandler) exchangeToken(w http.ResponseWriter, r *http.Request) {
+	code := r.FormValue("code")
+
+	resp, err := h.client.ExchangeToken(r.Context(), &pb.ExchangeTokenRequest{
+		Code: code,
+	})
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	json.NewEncoder(w).Encode(resp)
+}
+
+func (h restHandler) getUserinfo(w http.ResponseWriter, r *http.Request) {
+	openid := r.FormValue("openid")
+	resp, err := h.client.GetUserinfo(r.Context(), &pb.GetUserinfoRequest{
+		OpenId: openid,
+		Lang:   pb.GetUserinfoRequest_zh_CN,
+	})
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	json.NewEncoder(w).Encode(resp)
+}
+
+func (h restHandler) syncUserinfo(w http.ResponseWriter, r *http.Request) {
+	openid := r.FormValue("openid")
+	resp, err := h.client.SyncUserinfo(r.Context(), &pb.SyncUserinfoRequest{
+		OpenId: openid,
+		Lang:   pb.SyncUserinfoRequest_zh_CN,
+	})
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	json.NewEncoder(w).Encode(resp)
+}
+
+func (h restHandler) getClientCredential(w http.ResponseWriter, r *http.Request) {
+	resp, err := h.client.GetClientCredential(r.Context(), &emptypb.Empty{})
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	json.NewEncoder(w).Encode(resp)
+}

db.sql

@@ -0,0 +1,19 @@
+create schema  "identity"
+    create table if not exists "user" (
+        id text primary key,
+        openid text unique not null,
+        created_at timestamp with time zone default current_timestamp,
+        updated_at timestamp with time zone default current_timestamp
+        )
+    create table if not exists "user_token" (
+        user_id text primary key,
+        access_token text,
+        expires_in smallint,
+        refresh_token text,
+        scope text
+        )
+    create table if not exists "user_userinfo" (
+        user_id text primary key,
+        nickname text,
+        head_img_url text
+        )

go.mod

@@ -5,7 +5,7 @@ go 1.17
 require (
 	github.com/golang/protobuf v1.5.2
 	github.com/grpc-ecosystem/grpc-gateway/v2 v2.6.0
-	github.com/rs/zerolog v1.15.0
+	github.com/pkg/errors v0.9.1
 	google.golang.org/genproto v0.0.0-20211104193956-4c6863e31247
 	google.golang.org/grpc v1.42.0
 	google.golang.org/protobuf v1.27.1

go.sum

@@ -209,6 +209,8 @@ github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hd
 github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
 github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
+github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
@@ -216,7 +218,6 @@ github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6L
 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
 github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ=
 github.com/rs/zerolog v1.13.0/go.mod h1:YbFCdg8HfsridGWAh22vktObvhZbQsZXe4/zB0OKkWU=
-github.com/rs/zerolog v1.15.0 h1:uPRuwkWF4J6fGsJ2R0Gn2jB1EQiav9k3S6CSdygQJXY=
 github.com/rs/zerolog v1.15.0/go.mod h1:xYTKnLHcpfU2225ny5qZjxnj9NvkumZYjJHlAThCjNc=
 github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
 github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24/go.mod h1:M+9NzErvs504Cn4c5DxATwIqPbtswREoFCre64PpcG4=

pkg/mp/auth/auth.go

@@ -2,9 +2,9 @@ package auth
 
 import (
 	"context"
-	"errors"
 	"time"
 
+	"github.com/pkg/errors"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
@@ -53,7 +53,7 @@ func (srv Service) PublishEvent(ctx context.Context, subject string, message int
 	return nil
 }
 
-func (srv Service) GetAuthCodeURL(ctx context.Context, req *pb.GetCodeURLRequest) (*pb.GetCodeURLResponse, error) {
+func (srv Service) GetCodeURL(ctx context.Context, req *pb.GetCodeURLRequest) (*pb.GetCodeURLResponse, error) {
 	resp := srv.client.GetCodeURL(req.RedirectUrl, req.State, mpauth.Scope(req.Scope.String()))
 
 	return &pb.GetCodeURLResponse{
@@ -64,7 +64,7 @@ func (srv Service) GetAuthCodeURL(ctx context.Context, req *pb.GetCodeURLRequest
 func (srv Service) ExchangeToken(ctx context.Context, req *pb.ExchangeTokenRequest) (*pb.ExchangeTokenResponse, error) {
 	resp, err := srv.client.ExchangeToken(ctx, req.Code)
 	if err != nil {
-		return nil, status.Errorf(codes.Internal, "exchange token from weixin failed")
+		return nil, status.Errorf(codes.Internal, errors.Wrap(err, "exchange token from weixin failed").Error())
 	}
 
 	var token Token
@@ -76,7 +76,7 @@ func (srv Service) ExchangeToken(ctx context.Context, req *pb.ExchangeTokenReque
 	}
 	token.Assign(resp)
 	if err := srv.db.Save(&token).Error; err != nil {
-		return nil, status.Errorf(codes.Internal, "save token to database failed")
+		return nil, status.Errorf(codes.Internal, errors.Wrap(err, "save token to database failed").Error())
 	}
 
 	go srv.PublishEvent(ctx, "auth.token.exchanged", &token)
@@ -96,13 +96,13 @@ func (srv Service) RefreshToken(ctx context.Context, req *pb.RefreshTokenRequest
 
 	resp, err := srv.client.RefreshToken(ctx, token.RefreshToken)
 	if err != nil {
-		return nil, status.Errorf(codes.Internal, "refresh refreshed token from weixin failed")
+		return nil, status.Errorf(codes.Internal, errors.Wrap(err, "refresh refreshed token from weixin failed").Error())
 	}
 
 	token.Assign(resp)
 
 	if err := srv.db.Save(&token).Error; err != nil {
-		return nil, status.Errorf(codes.Internal, "save refreshed token to database failed")
+		return nil, status.Errorf(codes.Internal, errors.Wrap(err, "save refreshed token to database failed").Error())
 	}
 
 	go srv.PublishEvent(ctx, "auth.token.refreshed", &token)
@@ -127,12 +127,12 @@ func (srv Service) GetUserinfo(ctx context.Context, req *pb.GetUserinfoRequest)
 
 		resp, err := srv.client.GetUserinfo(ctx, token.AccessToken, req.OpenId, mpauth.Lang(req.Lang.String()))
 		if err != nil {
-			return nil, status.Errorf(codes.Internal, "get userinfo token from weixin failed")
+			return nil, status.Errorf(codes.Internal, errors.Wrap(err, "get userinfo token from weixin failed").Error())
 		}
 
 		userinfo = Userinfo{Userinfo: *resp}
 		if err := srv.db.Create(&userinfo).Error; err != nil {
-			return nil, status.Errorf(codes.Internal, "save userinfo to database failed")
+			return nil, status.Errorf(codes.Internal, errors.Wrap(err, "save userinfo to database failed").Error())
 		}
 
 		go srv.PublishEvent(ctx, "auth.userinfo.created", &userinfo)
@@ -160,12 +160,12 @@ func (srv Service) SyncUserinfo(ctx context.Context, req *pb.SyncUserinfoRequest
 
 	resp, err := srv.client.GetUserinfo(ctx, token.AccessToken, req.OpenId, mpauth.Lang(req.Lang.String()))
 	if err != nil {
-		return nil, status.Errorf(codes.Internal, "get userinfo token from weixin failed")
+		return nil, status.Errorf(codes.Internal, errors.Wrap(err, "get userinfo token from weixin failed").Error())
 	}
 
-	userinfo = Userinfo{Userinfo: *resp}
+	userinfo.Userinfo = *resp
 	if err := srv.db.Save(&userinfo).Error; err != nil {
-		return nil, status.Errorf(codes.Internal, "sync userinfo and save to database failed")
+		return nil, status.Errorf(codes.Internal, errors.Wrap(err, "sync userinfo and save to database failed").Error())
 	}
 
 	go srv.PublishEvent(ctx, "auth.userinfo.synchronized", &userinfo)
@@ -188,13 +188,13 @@ func (srv Service) GetClientCredential(ctx context.Context, _ *emptypb.Empty) (*
 	if errors.Is(err, gorm.ErrRecordNotFound) || cred.Expired() {
 		resp, err := srv.client.GetClientCredential(ctx)
 		if err != nil {
-			return nil, status.Errorf(codes.Internal, "get client credential token from weixin failed")
+			return nil, status.Errorf(codes.Internal, errors.Wrap(err, "get client credential token from weixin failed").Error())
 		}
 		cred = ClientCredential{
 			ClientCredential: *resp,
 		}
 		if err := srv.db.Create(&cred).Error; err != nil {
-			return nil, status.Errorf(codes.Internal, "save client credential to database failed")
+			return nil, status.Errorf(codes.Internal, errors.Wrap(err, "save client credential to database failed").Error())
 		}
 
 		go srv.PublishEvent(ctx, "auth.clientcredential.created", &cred)