From 47c33655def80862f4ec8b77fa09c506dc9270b0 Mon Sep 17 00:00:00 2001 From: Alexander Date: Wed, 11 Sep 2024 09:26:50 +0200 Subject: [PATCH] feat(spot): added spot jwt support to authorizer in ee version --- ee/backend/pkg/spot/auth/authorizer.go | 2 +- ee/backend/pkg/spot/auth/storage.go | 7 +++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/ee/backend/pkg/spot/auth/authorizer.go b/ee/backend/pkg/spot/auth/authorizer.go index 2117ef311..244961318 100644 --- a/ee/backend/pkg/spot/auth/authorizer.go +++ b/ee/backend/pkg/spot/auth/authorizer.go @@ -12,7 +12,7 @@ func (a *authImpl) IsAuthorized(authHeader string, permissions []string, isExten return nil, err } - user, err := authUser(a.pgconn, jwtInfo.UserId, jwtInfo.TenantID, int(jwtInfo.IssuedAt.Unix())) + user, err := authUser(a.pgconn, jwtInfo.UserId, jwtInfo.TenantID, int(jwtInfo.IssuedAt.Unix()), isExtension) if err != nil { return nil, err } diff --git a/ee/backend/pkg/spot/auth/storage.go b/ee/backend/pkg/spot/auth/storage.go index 7df89bb1d..25d623c34 100644 --- a/ee/backend/pkg/spot/auth/storage.go +++ b/ee/backend/pkg/spot/auth/storage.go @@ -3,15 +3,18 @@ package auth import ( "fmt" "openreplay/backend/pkg/db/postgres/pool" + "strings" ) -func authUser(conn pool.Pool, userID, tenantID, jwtIAT int) (*User, error) { +func authUser(conn pool.Pool, userID, tenantID, jwtIAT int, isExtension bool) (*User, error) { sql := `SELECT user_id, users.tenant_id, users.name, email, EXTRACT(epoch FROM spot_jwt_iat)::BIGINT AS spot_jwt_iat, roles.permissions FROM users JOIN tenants on users.tenant_id = tenants.tenant_id JOIN roles on users.role_id = roles.role_id WHERE users.user_id = $1 AND users.tenant_id = $2 AND users.deleted_at IS NULL ;` - + if !isExtension { + sql = strings.ReplaceAll(sql, "spot_jwt_iat", "jwt_iat") + } user := &User{} var permissions []string if err := conn.QueryRow(sql, userID, tenantID).