Remove unused gRPC and JWT related code, including Woodpecker service definitions and JWT token management.

2026-03-26 11:42:14 +07:00
parent 4de6baee61
commit fbbecd7674
36 changed files with 2708 additions and 4996 deletions
--- a/pkg/token/jwt.go
+++ b/pkg/token/jwt.go
@@ -1,119 +0,0 @@
-package token
-
-import (
-	"fmt"
-	"time"
-
-	"github.com/golang-jwt/jwt/v5"
-	"github.com/google/uuid"
-)
-
-// jwtClaims is an internal struct to satisfy jwt.Claims interface
-type jwtClaims struct {
-	UserID  string `json:"user_id"`
-	Email   string `json:"email"`
-	Role    string `json:"role"`
-	TokenID string `json:"token_id"`
-	jwt.RegisteredClaims
-}
-
-// jwt.go implements the Provider interface using JWT
-
-type jwtProvider struct {
-	secret string
-}
-
-// NewJWTProvider creates a new instance of JWT provider
-func NewJWTProvider(secret string) Provider {
-	return &jwtProvider{
-		secret: secret,
-	}
-}
-
-// GenerateTokenPair generates new access and refresh tokens
-func (p *jwtProvider) GenerateTokenPair(userID, email, role string) (*TokenPair, error) {
-	td := &TokenPair{}
-	td.AtExpires = time.Now().Add(time.Minute * 15).Unix()
-	td.AccessUUID = uuid.New().String()
-
-	td.RtExpires = time.Now().Add(time.Hour * 24 * 7).Unix() // Expires in 7 days
-	td.RefreshUUID = uuid.New().String()
-
-	// Access Token
-	atClaims := &jwtClaims{
-		UserID:  userID,
-		Email:   email,
-		Role:    role,
-		TokenID: td.AccessUUID,
-		RegisteredClaims: jwt.RegisteredClaims{
-			ExpiresAt: jwt.NewNumericDate(time.Unix(td.AtExpires, 0)),
-			Issuer:    "stream.api",
-		},
-	}
-	at := jwt.NewWithClaims(jwt.SigningMethodHS256, atClaims)
-	var err error
-	td.AccessToken, err = at.SignedString([]byte(p.secret))
-	if err != nil {
-		return nil, err
-	}
-
-	// Refresh Token
-	// Refresh token can just be a random string or a JWT.
-	// Common practice: JWT for stateless verification, or Opaque string for stateful.
-	// Here we use JWT so we can carry some metadata if needed, but we check Redis anyway.
-	rtClaims := jwt.MapClaims{}
-	rtClaims["refresh_uuid"] = td.RefreshUUID
-	rtClaims["user_id"] = userID
-	rtClaims["exp"] = td.RtExpires
-	rt := jwt.NewWithClaims(jwt.SigningMethodHS256, rtClaims)
-	td.RefreshToken, err = rt.SignedString([]byte(p.secret))
-	if err != nil {
-		return nil, err
-	}
-
-	return td, nil
-}
-
-// ParseToken parses the access token returning Claims
-func (p *jwtProvider) ParseToken(tokenString string) (*Claims, error) {
-	token, err := jwt.ParseWithClaims(tokenString, &jwtClaims{}, func(token *jwt.Token) (interface{}, error) {
-		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
-			return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
-		}
-		return []byte(p.secret), nil
-	})
-
-	if err != nil {
-		return nil, err
-	}
-
-	if claims, ok := token.Claims.(*jwtClaims); ok && token.Valid {
-		return &Claims{
-			UserID:  claims.UserID,
-			Email:   claims.Email,
-			Role:    claims.Role,
-			TokenID: claims.TokenID,
-		}, nil
-	}
-	return nil, fmt.Errorf("invalid token")
-}
-
-// ParseMapToken parses token returning map[string]interface{} (generic)
-func (p *jwtProvider) ParseMapToken(tokenString string) (map[string]interface{}, error) {
-	token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
-		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
-			return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
-		}
-		return []byte(p.secret), nil
-	})
-
-	if err != nil {
-		return nil, err
-	}
-
-	if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
-		return claims, nil
-	}
-
-	return nil, jwt.ErrTokenInvalidClaims
-}