@rivascva/dt-idl 1.1.82 → 1.1.84

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/go/log/utils.go +11 -0
  2. package/go/utils/auth.go +35 -0
  3. package/go/utils/context.go +18 -0
  4. package/package.json +1 -1
package/go/log/utils.go CHANGED
@@ -3,7 +3,9 @@ package log
3
3
  import (
4
4
  "context"
5
5
  "encoding/json"
6
+ "fmt"
6
7
  "maps"
8
+ "runtime"
7
9
  "time"
8
10
 
9
11
  "github.com/RivasCVA/dt-idl/go/utils"
@@ -24,6 +26,15 @@ func toJson(ctx context.Context, m any, kvs map[string]any, lvl string) string {
24
26
  // add the timestamp
25
27
  out["timestamp"] = time.Now().UTC().Format(time.RFC3339)
26
28
 
29
+ // add the caller
30
+ if pc, file, line, ok := runtime.Caller(3); ok {
31
+ fn := runtime.FuncForPC(pc).Name()
32
+ if fn == "" {
33
+ fn = "unknown"
34
+ }
35
+ out["caller"] = fmt.Sprintf("%s:%s:%d", file, fn, line)
36
+ }
37
+
27
38
  // add the actor id
28
39
  if actorId, err := utils.GetActorIdFromContext(ctx); err == nil {
29
40
  out["actorId"] = actorId
package/go/utils/auth.go ADDED
@@ -0,0 +1,35 @@
1
+ package utils
2
+
3
+ import (
4
+ "context"
5
+ "fmt"
6
+ "slices"
7
+ )
8
+
9
+ // approvedServices is a list of services that are allowed to access sensitive data.
10
+ var approvedServices = []string{"dt-trade-service", "dt-portfolio-service", "dt-asset-service", "dt-user-service"}
11
+
12
+ // CanActorAccessUserId checks if the actor is allowed to access data for the user id.
13
+ func CanActorAccessUserId(ctx context.Context, userId string) (bool, error) {
14
+ // get the actor id from the context
15
+ actorId, err := GetActorIdFromContext(ctx)
16
+ if err != nil {
17
+ return false, fmt.Errorf("failed to get the actor id from the context: %w", err)
18
+ }
19
+
20
+ // get the token type from the context
21
+ tokenType, err := GetTokenTypeFromContext(ctx)
22
+ if err != nil {
23
+ return false, fmt.Errorf("failed to get the token type from the context: %w", err)
24
+ }
25
+
26
+ // check if the actor is allowed to access the user id
27
+ switch tokenType {
28
+ case "user":
29
+ return actorId == userId, nil
30
+ case "service":
31
+ return slices.Contains(approvedServices, actorId), nil
32
+ default:
33
+ return false, fmt.Errorf("invalid token type %s", tokenType)
34
+ }
35
+ }
package/go/utils/context.go CHANGED
@@ -39,6 +39,24 @@ func GetActorIdFromContext(ctx context.Context) (string, error) {
39
39
  return subject, nil
40
40
  }
41
41
 
42
+ // GetTokenTypeFromContext retrieves the token type from the JWT token in the given context.
43
+ // The token type is a custom claim in the JWT token, and it represents the type of the token (e.g. user or service).
44
+ func GetTokenTypeFromContext(ctx context.Context) (string, error) {
45
+ // get the token from the context
46
+ token := GetTokenFromContext(ctx)
47
+ if token == nil {
48
+ return "", errors.New("token not found in the context")
49
+ }
50
+
51
+ // get the token type from the token
52
+ tokenType, ok := token.Claims.(jwt.MapClaims)["type"].(string)
53
+ if !ok {
54
+ return "", errors.New("token type not found in the token")
55
+ }
56
+
57
+ return tokenType, nil
58
+ }
59
+
42
60
  // GetRequestPathFromContext retrieves the request path from the given context.
43
61
  func GetRequestPathFromContext(ctx context.Context) (string, error) {
44
62
  requestPath, ok := ctx.Value(models.RequestPathKey).(string)
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@rivascva/dt-idl",
3
- "version": "1.1.82",
3
+ "version": "1.1.84",
4
4
  "description": "Dream Trade - Interface Definition Language",
5
5
  "main": "dist/index.cjs.js",
6
6
  "module": "dist/index.esm.js",