feat(sentinel): impl sentinel

go.mod

@@ -38,7 +38,7 @@ require (
 	github.com/samber/lo v1.49.1
 	github.com/sony/sonyflake v1.2.0
 	github.com/spf13/afero v1.14.0
-	github.com/tuihub/protos v0.5.2
+	github.com/tuihub/protos v0.5.4
 	go.opentelemetry.io/otel v1.35.0
 	go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.11.0
 	go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.11.0
@@ -55,7 +55,7 @@ require (
 	go.uber.org/zap v1.27.0
 	golang.org/x/crypto v0.36.0
 	golang.org/x/text v0.23.0
-	google.golang.org/grpc v1.71.0
+	google.golang.org/grpc v1.71.1
 	google.golang.org/protobuf v1.36.6
 	gopkg.in/natefinch/lumberjack.v2 v2.2.1
 )

go.sum

@@ -712,8 +712,8 @@ github.com/tklauser/numcpus v0.6.0/go.mod h1:FEZLMke0lhOUG6w2JadTzp0a+Nl8PF/GFkQ
 github.com/tklauser/numcpus v0.6.1 h1:ng9scYS7az0Bk4OZLvrNXNSAO2Pxr1XXRAPyjhIx+Fk=
 github.com/tklauser/numcpus v0.6.1/go.mod h1:1XfjsgE2zo8GVw7POkMbHENHzVg3GzmoZ9fESEdAacY=
 github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
-github.com/tuihub/protos v0.5.2 h1:9FrBH3iz1OCMgHD7rVbcLaylU3Z7Ml9+Tqx0a/cWQJw=
-github.com/tuihub/protos v0.5.2/go.mod h1:NzgjndKsJmA1tPevx2MTFbBLeIVC+ykrW87YpTp/ibA=
+github.com/tuihub/protos v0.5.4 h1:u14CtxUdzehckcGcGzY3LwA19yUysrb2ZpSnJlhqemA=
+github.com/tuihub/protos v0.5.4/go.mod h1:bky4vaFgW6oSHndf0E5KBrzsKDZevB6Tn5SWfo3aZio=
 github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM=
 github.com/ugorji/go v1.1.7 h1:/68gy2h+1mWMrwZFeD1kQialdSzAb432dtpeJ42ovdo=
 github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw=
@@ -1043,8 +1043,8 @@ google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8
 google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk=
 google.golang.org/grpc v1.32.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
 google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM=
-google.golang.org/grpc v1.71.0 h1:kF77BGdPTQ4/JZWMlb9VpJ5pa25aqvVqogsxNHHdeBg=
-google.golang.org/grpc v1.71.0/go.mod h1:H0GRtasmQOh9LkFoCPDu3ZrwUtD1YGE+b2vYBYd/8Ec=
+google.golang.org/grpc v1.71.1 h1:ffsFWr7ygTUscGPI0KKK6TLrGz0476KUvvsbqWK0rPI=
+google.golang.org/grpc v1.71.1/go.mod h1:H0GRtasmQOh9LkFoCPDu3ZrwUtD1YGE+b2vYBYd/8Ec=
 google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
 google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
 google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=

internal/biz/bizgebura/sentinel.go

@@ -0,0 +1,41 @@
+package bizgebura
+
+import (
+	"context"
+
+	"github.com/tuihub/librarian/internal/biz/bizutils"
+	"github.com/tuihub/librarian/internal/lib/libauth"
+	"github.com/tuihub/librarian/internal/model"
+	"github.com/tuihub/librarian/internal/model/modelgebura"
+	pb "github.com/tuihub/protos/pkg/librarian/sephirah/v1"
+)
+
+func (g *Gebura) UpsertSentinelInfo(
+	ctx context.Context, info *modelgebura.SentinelInfo,
+) error {
+	claims := libauth.FromContextAssertUserType(ctx, model.UserTypeSentinel)
+	if claims == nil {
+		return bizutils.NoPermissionError()
+	}
+	info.ID = claims.UserID
+	err := g.repo.UpdateSentinelInfo(ctx, info)
+	if err != nil {
+		return pb.ErrorErrorReasonUnspecified("%s", err.Error())
+	}
+	return nil
+}
+
+func (g *Gebura) UpsertAppBinaries(
+	ctx context.Context, abs []*modelgebura.SentinelAppBinary,
+) error {
+	claims := libauth.FromContextAssertUserType(ctx, model.UserTypeSentinel)
+	if claims == nil {
+		return bizutils.NoPermissionError()
+	}
+	sentinelID := claims.UserID
+	err := g.repo.UpsertAppBinaries(ctx, sentinelID, abs)
+	if err != nil {
+		return pb.ErrorErrorReasonUnspecified("%s", err.Error())
+	}
+	return nil
+}

internal/biz/biztiphereth/token.go

@@ -17,6 +17,9 @@ import (
 const accessTokenExpire = time.Hour
 const refreshTokenExpire = libtime.SevenDays
 const refreshTokenNeedRefresh = libtime.FiveDays
+const sentinelAccessTokenExpire = libtime.ThreeDays
+const sentinelRefreshTokenExpire = libtime.ThirtyDays
+const sentinelRefreshTokenNeedRefresh = libtime.TwentyTwoDays
 
 func (t *Tiphereth) GetToken(
 	ctx context.Context,
@@ -168,6 +171,50 @@ func (t *Tiphereth) RefreshToken( //nolint:gocognit // TODO
 	return model.AccessToken(accessToken), model.RefreshToken(refreshToken), nil
 }
 
+func (t *Tiphereth) SentinelRefreshToken(
+	ctx context.Context,
+) (model.AccessToken, model.RefreshToken, *errors.Error) {
+	claims := libauth.FromContextAssertUserType(ctx, model.UserTypeSentinel)
+	if claims == nil {
+		return "", "", bizutils.NoPermissionError()
+	}
+	oldRefreshToken := libauth.RawFromContext(ctx)
+	if oldRefreshToken == "" {
+		return "", "", bizutils.NoPermissionError()
+	}
+	var err error
+	var accessToken, refreshToken string
+	accessToken, err = t.auth.GenerateToken(
+		claims.UserID,
+		claims.PorterID,
+		libauth.ClaimsTypeAccessToken,
+		claims.UserType,
+		nil,
+		sentinelAccessTokenExpire,
+	)
+	if err != nil {
+		logger.Infof("generate access token failed: %s", err.Error())
+		return "", "", pb.ErrorErrorReasonUnspecified("%s", err.Error())
+	}
+	if claims.ExpiresAt.After(time.Now().Add(sentinelRefreshTokenNeedRefresh)) {
+		refreshToken = oldRefreshToken
+	} else {
+		refreshToken, err = t.auth.GenerateToken(
+			claims.UserID,
+			claims.PorterID,
+			libauth.ClaimsTypeRefreshToken,
+			claims.UserType,
+			nil,
+			sentinelRefreshTokenExpire,
+		)
+		if err != nil {
+			logger.Infof("generate refresh token failed: %s", err.Error())
+			return "", "", pb.ErrorErrorReasonUnspecified("%s", err.Error())
+		}
+	}
+	return model.AccessToken(accessToken), model.RefreshToken(refreshToken), nil
+}
+
 func (t *Tiphereth) AcquireUserToken(
 	ctx context.Context,
 	userID model.InternalID,

internal/data/gebura.go

@@ -11,9 +11,16 @@ import (
 	"github.com/tuihub/librarian/internal/data/internal/ent/appcategory"
 	"github.com/tuihub/librarian/internal/data/internal/ent/appinfo"
 	"github.com/tuihub/librarian/internal/data/internal/ent/appruntime"
+	"github.com/tuihub/librarian/internal/data/internal/ent/sentinelappbinary"
+	"github.com/tuihub/librarian/internal/data/internal/ent/sentinelappbinaryfile"
+	"github.com/tuihub/librarian/internal/data/internal/ent/sentinelinfo"
+	"github.com/tuihub/librarian/internal/data/internal/ent/sentinellibrary"
 	"github.com/tuihub/librarian/internal/data/internal/ent/user"
 	"github.com/tuihub/librarian/internal/model"
 	"github.com/tuihub/librarian/internal/model/modelgebura"
+
+	"entgo.io/ent/dialect/sql"
+	"github.com/samber/lo"
 )
 
 type GeburaRepo struct {
@@ -534,15 +541,7 @@ func (g *GeburaRepo) CreateAppCategory(ctx context.Context, userID model.Interna
 		AddAppIDs(ac.AppIDs...)
 	return q.Exec(ctx)
 }
-func (g *GeburaRepo) GetAppCategory(ctx context.Context, id model.InternalID) (*modelgebura.AppCategory, error) {
-	res, err := g.data.db.AppCategory.Query().
-		Where(appcategory.IDEQ(id)).
-		Only(ctx)
-	if err != nil {
-		return nil, err
-	}
-	return converter.ToBizAppCategory(res), nil
-}
+
 func (g *GeburaRepo) ListAppCategories(ctx context.Context, userID model.InternalID) ([]*modelgebura.AppCategory, error) {
 	acs, err := g.data.db.AppCategory.Query().
 		WithAppAppCategory().
@@ -557,6 +556,7 @@ func (g *GeburaRepo) ListAppCategories(ctx context.Context, userID model.Interna
 	}
 	return res, nil
 }
+
 func (g *GeburaRepo) UpdateAppCategory(
 	ctx context.Context,
 	userID model.InternalID,
@@ -594,6 +594,7 @@ func (g *GeburaRepo) UpdateAppCategory(
 		return q.Exec(ctx)
 	})
 }
+
 func (g *GeburaRepo) DeleteAppCategory(
 	ctx context.Context,
 	userID model.InternalID,
@@ -616,3 +617,138 @@ func (g *GeburaRepo) DeleteAppCategory(
 		return err
 	})
 }
+
+func (g *GeburaRepo) UpdateSentinelInfo(
+	ctx context.Context,
+	info *modelgebura.SentinelInfo,
+) error {
+	return g.data.WithTx(ctx, func(tx *ent.Tx) error {
+		// update sentinel info
+		err := tx.SentinelInfo.UpdateOneID(info.ID).
+			SetURL(info.Url).
+			SetAlternativeUrls(info.AlternativeUrls).
+			SetGetTokenPath(info.GetTokenPath).
+			SetDownloadFileBasePath(info.DownloadFileBasePath).
+			AddLibraryReportSequence(1).
+			Exec(ctx)
+		if err != nil {
+			return err
+		}
+		// upsert libraries
+		sInfo, err := tx.SentinelInfo.Query().
+			Where(sentinelinfo.IDEQ(info.ID)).
+			Only(ctx)
+		if err != nil {
+			return err
+		}
+		newLibs := make([]*ent.SentinelLibraryCreate, 0, len(info.Libraries))
+		for _, lib := range info.Libraries {
+			newLibs = append(newLibs, tx.SentinelLibrary.Create().
+				SetSentinelInfoID(sInfo.ID).
+				SetReportedID(lib.ReportedID).
+				SetDownloadBasePath(lib.DownloadBasePath).
+				SetLibraryReportSequence(sInfo.LibraryReportSequence),
+			)
+		}
+		return tx.SentinelLibrary.CreateBulk(newLibs...).
+			OnConflict(
+				sql.ConflictColumns(
+					sentinellibrary.FieldSentinelInfoID,
+					sentinellibrary.FieldReportedID,
+				),
+			).
+			UpdateNewValues().
+			Exec(ctx)
+	})
+}
+
+func (g *GeburaRepo) UpsertAppBinaries(
+	ctx context.Context,
+	sentinelID model.InternalID,
+	abs []*modelgebura.SentinelAppBinary,
+) error {
+	return g.data.WithTx(ctx, func(tx *ent.Tx) error {
+		// update AppBinaryReportSequence
+		err := tx.SentinelInfo.UpdateOneID(sentinelID).
+			AddAppBinaryReportSequence(1).
+			Exec(ctx)
+		if err != nil {
+			return err
+		}
+		sInfo, err := tx.SentinelInfo.Query().
+			Where(sentinelinfo.IDEQ(sentinelID)).
+			WithSentinelLibrary().
+			Only(ctx)
+		if err != nil {
+			return err
+		}
+		// upsert binaries
+		newAbs := make([]*ent.SentinelAppBinaryCreate, 0, len(abs))
+		for _, ab := range abs {
+			newAbs = append(newAbs, tx.SentinelAppBinary.Create().
+				SetSentinelInfoID(sentinelID).
+				SetSentinelLibraryReportedID(ab.SentinelLibraryID).
+				SetGeneratedID(ab.GeneratedID).
+				SetSizeBytes(ab.SizeBytes).
+				SetNeedToken(ab.NeedToken).
+				SetName(ab.Name).
+				SetVersion(ab.Version).
+				SetDeveloper(ab.Developer).
+				SetPublisher(ab.Publisher).
+				SetAppBinaryReportSequence(sInfo.AppBinaryReportSequence))
+		}
+		err = tx.SentinelAppBinary.CreateBulk(newAbs...).
+			OnConflict(
+				sql.ConflictColumns(
+					sentinelappbinary.FieldSentinelInfoID,
+					sentinelappbinary.FieldSentinelLibraryReportedID,
+					sentinelappbinary.FieldGeneratedID,
+				),
+				resolveWithIgnores([]string{
+					sentinelappbinary.FieldID,
+				}),
+			).
+			UpdateNewValues().
+			Exec(ctx)
+		if err != nil {
+			return err
+		}
+		// upsert binary files
+		abfCount := lo.Sum(lo.Map(abs, func(ab *modelgebura.SentinelAppBinary, _ int) int {
+			return len(ab.Files)
+		}))
+		newAbfs := make([]*ent.SentinelAppBinaryFileCreate, 0, abfCount)
+		for _, ab := range abs {
+			for _, f := range ab.Files {
+				newAbfs = append(newAbfs, tx.SentinelAppBinaryFile.Create().
+					SetSentinelInfoID(sentinelID).
+					SetSentinelLibraryReportedID(ab.SentinelLibraryID).
+					SetSentinelAppBinaryGeneratedID(ab.GeneratedID).
+					SetName(f.Name).
+					SetSizeBytes(f.SizeBytes).
+					SetSha256(f.Sha256).
+					SetServerFilePath(f.ServerFilePath).
+					SetChunksInfo(f.ChunksInfo).
+					SetAppBinaryReportSequence(sInfo.AppBinaryReportSequence))
+			}
+		}
+		err = tx.SentinelAppBinaryFile.CreateBulk(newAbfs...).
+			OnConflict(
+				sql.ConflictColumns(
+					sentinelappbinaryfile.FieldSentinelInfoID,
+					sentinelappbinaryfile.FieldSentinelLibraryReportedID,
+					sentinelappbinaryfile.FieldSentinelAppBinaryGeneratedID,
+					sentinelappbinaryfile.FieldServerFilePath,
+				),
+				resolveWithIgnores([]string{
+					sentinelappbinaryfile.FieldID,
+				}),
+			).
+			UpdateNewValues().
+			Exec(ctx)
+		if err != nil {
+			return err
+		}
+		return nil
+	})
+}