[jwt] add module and config

Author: capcom6

go.mod

@@ -15,6 +15,7 @@ require (
 	github.com/go-sql-driver/mysql v1.7.1
 	github.com/gofiber/fiber/v2 v2.52.9
 	github.com/gofiber/swagger v1.1.1
+	github.com/golang-jwt/jwt/v5 v5.3.0
 	github.com/google/uuid v1.6.0
 	github.com/jaevor/go-nanoid v1.3.0
 	github.com/nyaruka/phonenumbers v1.4.0

go.sum

@@ -128,6 +128,8 @@ github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69
 github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
 github.com/golang-jwt/jwt/v4 v4.5.2 h1:YtQM7lnr8iZ+j5q71MGKkNw9Mn7AjHM68uc9g5fXeUI=
 github.com/golang-jwt/jwt/v4 v4.5.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
+github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo=
+github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
 github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=

internal/config/config.go

@@ -1,5 +1,7 @@
 package config
 
+import "time"
+
 type GatewayMode string
 
 const (
@@ -17,6 +19,7 @@ type Config struct {
 	Messages Messages  `yaml:"messages"` // messages config
 	Cache    Cache     `yaml:"cache"`    // cache (memory or redis) config
 	PubSub   PubSub    `yaml:"pubsub"`   // pubsub (memory or redis) config
+	JWT      JWT       `yaml:"jwt"`      // jwt config
 }
 
 type Gateway struct {
@@ -85,6 +88,12 @@ type PubSub struct {
 	URL string `yaml:"url" envconfig:"PUBSUB__URL"`
 }
 
+type JWT struct {
+	Secret string   `yaml:"secret" envconfig:"JWT__SECRET"`
+	TTL    Duration `yaml:"ttl" envconfig:"JWT__TTL"`
+	Issuer string   `yaml:"issuer" envconfig:"JWT__ISSUER"`
+}
+
 var defaultConfig = Config{
 	Gateway: Gateway{Mode: GatewayModePublic},
 	HTTP: HTTP{
@@ -119,4 +128,8 @@ var defaultConfig = Config{
 	PubSub: PubSub{
 		URL: "memory://",
 	},
+	JWT: JWT{
+		TTL:    Duration(time.Hour * 24),
+		Issuer: "sms-gate.app",
+	},
 }

internal/config/module.go

@@ -6,6 +6,7 @@ import (
 
 	"github.com/android-sms-gateway/server/internal/sms-gateway/cache"
 	"github.com/android-sms-gateway/server/internal/sms-gateway/handlers"
+	"github.com/android-sms-gateway/server/internal/sms-gateway/jwt"
 	"github.com/android-sms-gateway/server/internal/sms-gateway/modules/auth"
 	"github.com/android-sms-gateway/server/internal/sms-gateway/modules/devices"
 	"github.com/android-sms-gateway/server/internal/sms-gateway/modules/messages"
@@ -124,4 +125,11 @@ var Module = fx.Module(
 			BufferSize: 128,
 		}
 	}),
+	fx.Provide(func(cfg Config) jwt.Config {
+		return jwt.Config{
+			Secret: cfg.JWT.Secret,
+			TTL:    time.Duration(cfg.JWT.TTL),
+			Issuer: cfg.JWT.Issuer,
+		}
+	}),
 )

internal/config/types.go

@@ -0,0 +1,48 @@
+package config
+
+import (
+	"encoding"
+	"fmt"
+	"time"
+
+	"gopkg.in/yaml.v3"
+)
+
+type Duration time.Duration
+
+// Duration returns the underlying time.Duration value.
+func (d *Duration) Duration() time.Duration {
+	if d == nil {
+		return 0
+	}
+	return time.Duration(*d)
+}
+
+// String returns the string representation of the duration.
+func (d *Duration) String() string {
+	if d == nil {
+		return ""
+	}
+	return time.Duration(*d).String()
+}
+
+func (d *Duration) UnmarshalText(text []byte) error {
+	t, err := time.ParseDuration(string(text))
+	if err != nil {
+		return fmt.Errorf("can't parse duration: %w", err)
+	}
+	*d = Duration(t)
+	return nil
+}
+
+func (d *Duration) UnmarshalYAML(value *yaml.Node) error {
+	var s string
+	if err := value.Decode(&s); err != nil {
+		return fmt.Errorf("can't unmarshal duration: %w", err)
+	}
+
+	return d.UnmarshalText([]byte(s))
+}
+
+var _ yaml.Unmarshaler = (*Duration)(nil)
+var _ encoding.TextUnmarshaler = (*Duration)(nil)

internal/sms-gateway/app.go

@@ -7,6 +7,7 @@ import (
 	appconfig "github.com/android-sms-gateway/server/internal/config"
 	"github.com/android-sms-gateway/server/internal/sms-gateway/cache"
 	"github.com/android-sms-gateway/server/internal/sms-gateway/handlers"
+	"github.com/android-sms-gateway/server/internal/sms-gateway/jwt"
 	"github.com/android-sms-gateway/server/internal/sms-gateway/modules/auth"
 	appdb "github.com/android-sms-gateway/server/internal/sms-gateway/modules/db"
 	"github.com/android-sms-gateway/server/internal/sms-gateway/modules/devices"
@@ -53,6 +54,7 @@ var Module = fx.Module(
 	metrics.Module,
 	sse.Module,
 	online.Module(),
+	jwt.Module(),
 )
 
 func Run() {

internal/sms-gateway/jwt/config.go

@@ -0,0 +1,24 @@
+package jwt
+
+import (
+	"fmt"
+	"time"
+)
+
+type Config struct {
+	Secret string
+	TTL    time.Duration
+	Issuer string
+}
+
+func (c Config) Validate() error {
+	if c.Secret == "" {
+		return fmt.Errorf("%w: secret is required", ErrInvalidConfig)
+	}
+
+	if c.TTL == 0 {
+		return fmt.Errorf("%w: ttl must be positive", ErrInvalidConfig)
+	}
+
+	return nil
+}

internal/sms-gateway/jwt/disabled.go

@@ -0,0 +1,28 @@
+package jwt
+
+import (
+	"context"
+	"time"
+)
+
+type disabled struct {
+}
+
+func newDisabled() Service {
+	return &disabled{}
+}
+
+// GenerateToken implements Service.
+func (d *disabled) GenerateToken(userID string, scopes []string, ttl time.Duration) (string, error) {
+	return "", ErrDisabled
+}
+
+// ParseToken implements Service.
+func (d *disabled) ParseToken(ctx context.Context, token string) (*Claims, error) {
+	return nil, ErrDisabled
+}
+
+// RevokeToken implements Service.
+func (d *disabled) RevokeToken(ctx context.Context, jti string) error {
+	return ErrDisabled
+}

internal/sms-gateway/jwt/errors.go

@@ -0,0 +1,11 @@
+package jwt
+
+import "errors"
+
+var (
+	ErrDisabled                = errors.New("jwt disabled")
+	ErrInitFailed              = errors.New("failed to initialize jwt")
+	ErrInvalidConfig           = errors.New("invalid config")
+	ErrTokenRevoked            = errors.New("token revoked")
+	ErrUnexpectedSigningMethod = errors.New("unexpected signing method")
+)

internal/sms-gateway/jwt/jwt.go

@@ -0,0 +1,10 @@
+package jwt
+
+import "github.com/golang-jwt/jwt/v5"
+
+type Claims struct {
+	jwt.RegisteredClaims
+
+	UserID string   `json:"user_id"`
+	Scopes []string `json:"scopes"`
+}