1.Echo中使用链路追踪
// 1.) 使用自定义中间件
e.Use(Opentracing)
// 2.) opentracing中间件
func Opentracing(next echo.HandlerFunc) echo.HandlerFunc {
return func(c echo.Context) error {
ctx, span, err := trace.TraceFromHeader(context.Background(),"api:"+c.Request().URL.Path,c.Request().Header)
if err == nil {
defer span.Finish()
c.Set(cinit.TRACE_CONTEXT, ctx)
} else {
c.Set(cinit.TRACE_CONTEXT, context.Background())
}
return next(c)
}
}
// 3.opentracing从header获取,写入context,适用获取http
func TraceFromHeader(ctx context.Context, name string, header http.Header) (context.Context, opentracing.Span, error) {
return traceFromHeaderByGlobalTracer(ctx, opentracing.GlobalTracer(), name, header)
}
//4.具体的方法实现
func traceFromHeaderByGlobalTracer(ctx context.Context, tracer opentracing.Tracer, name string, header http.Header) (context.Context, opentracing.Span, error) {
var sp opentracing.Span
wireContext, err := tracer.Extract(opentracing.TextMap, opentracing.HTTPHeadersCarrier(header))
if err != nil {
sp = tracer.StartSpan(name)
} else {
sp = tracer.StartSpan(name, opentracing.ChildOf(wireContext))
}
md, ok := metadata.FromContext(ctx)
if !ok {
md = make(map[string]string)
}
if err := sp.Tracer().Inject(sp.Context(), opentracing.TextMap, opentracing.TextMapCarrier(md)); err != nil {
return nil, nil, err
}
ctx, sp = tag(ctx, sp)
ctx = metadata.NewContext(ctx, md)
return ctx, sp, nil
}
2.Echo 中使用JWT,验证token
g1 := e.Group("/common/v1", JWT)
//验证jwt
func JWT(next echo.HandlerFunc) echo.HandlerFunc {
return func(c echo.Context) error {
//从请求头获取token信息
jwtString := c.Request().Header.Get(cinit.JWT_NAME)
//log.Debug(jwtString, ctx)
//解析JWT
auths := strings.Split(jwtString, " ")
if strings.ToUpper(auths[0]) != "BEARER" || auths[1] == " " {
return HandleError(c, ReqNoAllow, "token验证失败")
}
jwtmsg, err := jwt.Decode(strings.Trim(auths[1], " ")) // Decode具体实现见下方代码
if err != nil {
log.Info(err.Error(), ctx)
return HandleError(c, ReqNoAllow, "token验证失败")
}
c.Set(cinit.JWT_MSG, jwtmsg)
return next(c)
}
}
// 解密Token
func Decode(tokenString string) (JWTMsg, error) {
// Parse the token
token, err := jwt.ParseWithClaims(tokenString, &MyCustomClaims{}, func(token *jwt.Token) (interface{}, error) {
return secret, nil
})
if err != nil {
return JWTMsg{}, err
}
// Validate the token and return the custom claims
if claims, ok := token.Claims.(*MyCustomClaims); ok && token.Valid {
return claims.JWTMsg, nil
} else {
return JWTMsg{}, err
}
}
- JWT详解
// token生成:由三部分组成,header,payload,secret
token = HMACSHA256(
base64UrlEncode(header) + "." +
base64UrlEncode(payload),
your-256-bit-secret
)
header:
{
"alg": "HS256",
"typ": "JWT"
}
payload:
{
"sub": "1234567890",
"name": "John Doe",
"iat": 1516239022
}
4.JWT验证网站:
https://jwt.io/
https://jwt.io/introduction/
https://zhuanlan.zhihu.com/p/27370773