add subject

plgd-dev · Jul 18, 2024 · 33d49b5 · 33d49b5
1 parent 9ddd06e
commit 33d49b5
Show file tree

Hide file tree

Showing 7 changed files with 127 additions and 101 deletions.
diff --git a/m2m-oauth-server/pb/README.md b/m2m-oauth-server/pb/README.md
@@ -134,6 +134,7 @@ driven by resource change event
 | client_id | [string](#string) |  | Client ID |
 | original_token_claims | [google.protobuf.Value](#google-protobuf-Value) |  | Original token claims |
 | blacklisted | [Token.BlackListed](#m2moauthserver-pb-Token-BlackListed) |  | Token black list section |
+| subject | [string](#string) |  | Subject of the token |
 
 
 

diff --git a/m2m-oauth-server/pb/doc.html b/m2m-oauth-server/pb/doc.html
@@ -526,6 +526,13 @@ <h3 id="m2moauthserver.pb.Token">Token</h3>
                   <td><p>Token black list section </p></td>
                 </tr>
 
+                <tr>
+                  <td>subject</td>
+                  <td><a href="#string">string</a></td>
+                  <td></td>
+                  <td><p>Subject of the token </p></td>
+                </tr>
+
             </tbody>
           </table>
 

diff --git a/m2m-oauth-server/pb/service.pb.go b/m2m-oauth-server/pb/service.pb.go
diff --git a/m2m-oauth-server/pb/service.proto b/m2m-oauth-server/pb/service.proto
@@ -58,6 +58,8 @@ message Token { // driven by resource change event
   }
   // Token black list section
   BlackListed blacklisted = 11;
+  // Subject of the token
+  string subject = 12;
 }
 
 

diff --git a/m2m-oauth-server/pb/service.swagger.json b/m2m-oauth-server/pb/service.swagger.json
@@ -314,6 +314,10 @@
         "blacklisted": {
           "$ref": "#/definitions/TokenBlackListed",
           "title": "Token black list section"
+        },
+        "subject": {
+          "type": "string",
+          "title": "Subject of the token"
         }
       },
       "description": "driven by resource change event",

diff --git a/m2m-oauth-server/service/grpc/server.go b/m2m-oauth-server/service/grpc/server.go
@@ -88,6 +88,7 @@ func (s *M2MOAuthServiceServer) CreateToken(ctx context.Context, req *pb.CreateT
 	tokenReq.ownerClaim = s.signer.Config.OwnerClaim
 	tokenReq.id = uuid.NewString()
 	tokenReq.expiration = getExpirationTime(clientCfg, tokenReq)
+	tokenReq.subject = getSubject(clientCfg, tokenReq)
 	accessToken, err := s.generateAccessToken(
 		clientCfg,
 		tokenReq)
@@ -105,6 +106,7 @@ func (s *M2MOAuthServiceServer) CreateToken(ctx context.Context, req *pb.CreateT
 		Expiration:          pkgTime.UnixSec(tokenReq.expiration),
 		ClientId:            tokenReq.CreateTokenRequest.GetClientId(),
 		OriginalTokenClaims: originalTokenClaims,
+		Subject:             tokenReq.subject,
 	})
 	if err != nil {
 		return nil, status.Errorf(getGRPCErrorCode(err), "%v", errCannotCreateConfiguration(err))

diff --git a/m2m-oauth-server/service/grpc/token.go b/m2m-oauth-server/service/grpc/token.go
@@ -27,7 +27,7 @@ func makeAccessToken(clientCfg *oauthsigner.Client, tokenReq tokenRequest) (jwt.
 
 	claims := map[string]interface{}{
 		jwt.JwtIDKey:    tokenReq.id,
-		jwt.SubjectKey:  getSubject(clientCfg, tokenReq),
+		jwt.SubjectKey:  tokenReq.subject,
 		jwt.AudienceKey: tokenReq.host,
 		jwt.IssuedAtKey: tokenReq.issuedAt,
 		uri.ScopeKey:    tokenReq.scopes,