A demo using go and redis to implement a token manager

使用go-redis实现一个令牌管理器

需求描述

假设我们当前的所有服务需要一个第三方的认证,认证形式为:在发送请求的时候带上第三方颁发的令牌,该令牌具有一个时效性 第三方的令牌可以通过某个接口获取,但是该接口做了单位时间内的同一ip的请求频率的限制,因此在并发的场景下,我们需要控制令牌获取接口的频率

项目结构

├── go.mod
├── go.sum
├── main.go
├── README.go
└── src
    ├── config.go
    ├── connector.go
    ├── token-manager.go
    └── token-server.go
  • src/config.go 管理redis配置
  • src/connector.go 连接并返回redis客户端实例的方法
  • src/token-server.go 模拟向一个第三方的服务器请求令牌
  • src/token-manager.go 令牌管理的对象,负责获取或者更新令牌

实现思路

  • 储存在redis中的令牌的key假定为token
  • 我们设定一个更新者,在redis中的key为updater
  • 当多个请求同时向redis索取令牌,但是令牌过期了或者没有令牌时,尝试去提交一个updater,然后获取redis中updater的值
  • 若redis中updater与自身提交的updater保持一致,说明updater设置成功,获得了更新token的权利,此时向第三方的token服务发起请求,获取一个新的令牌,并设置到redis中
  • 若redis中的updater与自身提交的updater不一致,则直接进入持续获取新令牌的阶段,若获取的令牌为空,则继续尝试获取

效果预览

测试的时候我使用了并发100次,每产生25次并发时中间休息一秒,并且token在redis中的有效时间为5秒

routine c663db9b-7666-4757-885b-bf3b7d19a524 is updating token
NewToken:d153f070-a27b-422e-97ad-8c87222ac1cf  ||  Generated at 2021-10-19 21:19:33.382049711 +0800 CST m=+9.007199601, waiting for 8 second
d153f070-a27b-422e-97ad-8c87222ac1cf
d153f070-a27b-422e-97ad-8c87222ac1cf
.
.
.
d153f070-a27b-422e-97ad-8c87222ac1cf
routine 1b80d9bc-6e6f-4a55-86fa-734df39b605f is updating token
NewToken:d1b30ccf-10d8-4ed6-9565-67b6460a84db  ||  Generated at 2021-10-19 21:19:42.388564039 +0800 CST m=+18.013714046, waiting for 4 second
d1b30ccf-10d8-4ed6-9565-67b6460a84db
d1b30ccf-10d8-4ed6-9565-67b6460a84db
.
.
.
d1b30ccf-10d8-4ed6-9565-67b6460a84db
routine 4179fff5-254f-4325-82af-55f0a33336f2 is updating token
d1b30ccf-10d8-4ed6-9565-67b6460a84db
d1b30ccf-10d8-4ed6-9565-67b6460a84db
.
.
.
d1b30ccf-10d8-4ed6-9565-67b6460a84db
NewToken:a6c8baf0-25fb-40cc-84e6-39af9fd02e29  ||  Generated at 2021-10-19 21:19:50.397202332 +0800 CST m=+26.022352261, waiting for 8 second
a6c8baf0-25fb-40cc-84e6-39af9fd02e29
.
.
.
a6c8baf0-25fb-40cc-84e6-39af9fd02e29
a6c8baf0-25fb-40cc-84e6-39af9fd02e29

可以看到,在redis没有token的情况下,也是仅有一个线程可以获取与更新token,其它线程仅能等待token获取并设置到redis之后才可以去获取

Similar Resources

JSON Web Token library

About … a JSON Web Token (JWT) library for the Go programming language. Feature complete Full test coverage Dependency free Key management The API enf

Dec 19, 2022

This package provides json web token (jwt) middleware for goLang http servers

jwt-auth jwt auth middleware in goLang. If you're interested in using sessions, checkout my sessions library! README Contents: Quickstart Performance

Dec 5, 2022

⛩️ Go library for protecting HTTP handlers with authorization bearer token.

G8, pronounced Gate, is a simple Go library for protecting HTTP handlers with tokens. Tired of constantly re-implementing a security layer for each

Nov 14, 2022

Small Lambda function which performs a Aws:Sts:AssumeRole based on the presented JWT-Token

About This implements a AWS Lambda handler which takes a JWT-Token, validates it and then performs a Aws:Sts:AssumeRole based on preconfigured rules.

Aug 8, 2022

Key-Checker - Go scripts for checking API key / access token validity

Key-Checker - Go scripts for checking API key / access token validity

Key-Checker Go scripts for checking API key / access token validity Update V1.0.0 🚀 Added 37 checkers! Screenshoot 📷 How to Install go get github.co

Dec 19, 2022

A very simple HTTP reverse proxy that checks that requests contain a valid secret as a bearer token

bearproxy -- Authorization enforcing HTTP reverse proxy Bearproxy is a very simple HTTP reverse proxy that checks that requests contain a valid secret

Nov 11, 2021

Cache oci login token for kubectl

oci-token-cache Cache oci login token. This command cache oci login token into ~/.oci/token-cache.json and re-use for kubectl. Usage Currently, your ~

Nov 20, 2021

A command-line tool to visualize a JWT token's content, written in Go

jat A command-line tool to visualize a JWT token's content, written in Go. Usage jat some-jwt Install Navigate to the Releases page; Download the co

Jan 6, 2022

fido-ident: a cli tool for getting the attestation certificate from a fido token.

fido-ident fido-ident is a cli tool for getting the attestation certificate from a fido token. fido-ident will print the raw certificate and the human

Jan 28, 2022
Go module with token package to request Azure Resource Manager and Azure Graph tokens.

azAUTH Go module with token package to request Azure Resource Manager and Azure Graph tokens. prerequisites Install azure cli: https://docs.microsoft.

Dec 1, 2021
Verifier - Golang JWT token verifier with storage(default Redis)

verifier Golang JWT token verifier with storage(default Redis) Usage go get -u g

Nov 6, 2022
Go module that allows you to authenticate to Azure with a well known client ID using interactive logon and grab the token

azureimposter Go module that pretends to be any clientID and grabs an authentication token from Azure using interactive login (w/mfa if enabled) and r

Dec 14, 2022
Go-gin-jwt - Secure web api using jwt token and caching mechanism

Project Description This project demonstrate how to create api and secure it wit

Jan 27, 2022
An example module for k6.io to get a cognito access token using USER_SRP_AUTH flow.

xk6-cognito An example module for k6.io to get a cognito access token using USER_SRP_AUTH flow. See: to create k6 extension: https://github.c

Nov 15, 2022
OauthMicroservice-cassandraCluster - Implement microservice of oauth using golang and cassandra to store user tokens

implement microservice of oauth using golang and cassandra to store user tokens

Jan 24, 2022
Golang implementation of JWT and Refresh Token

Fiber and JWT with Refresh Token Repo ini adalah demostrasi JWT support refresh token tanpa menggunakan storage Branch Main: unlimited refresh token R

Dec 18, 2022
A simple user identify template with jwt token and gin, toy project

Simple Docs Register url : /api/auth/register param type value name string username password string password mailbox string mailbox response: { "sta

Dec 31, 2021
Oct 1, 2022
A demo of authentication and authorization using jwt
A demo of authentication and authorization using jwt

Nogopy Hi, this a demo of how to use jwt for authentication in microservices Keep in mind that this is a demo of how to authenticate using jwt, we don

Nov 1, 2021