zishuo/golib
1
0
Fork 0
mirror of https://github.com/nabbar/golib.git synced 2025-09-27 04:06:05 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
ca39d7ad26dbd95cdce8d18a3d860cf8d2ca4f8c
golib/router/auth.go
Nicolas JUHEL ca39d7ad26 Refactor package errors + packages names : 
- Refactor ErrorType, list errors managment, codeError
- Add interface Error with error interface implement
- Add type CodeError assign typiclly to const that represent code of error
- Add func to registry func to retrieve message from an uint16 codeError (typicaly a switch of each codeError const)
- Add default errorCode with default errorMessage if no one code or message is found
- Add modeError to manage how to manage compatibility between Error interface and error interface
- Add Error interface that allow parent link (parent as error or Error interface), code and trace management
- Add trace finder to allow find func/file/line caller when Error is call
- Add http 2 transport in httpcli
- Add http 2 transport in httpserver
- Add function to get client http with timeout management in httpcli
- Add function to get Error if occurs of http client in httpcli
- Add test for smtp package
- Chg return error by returning Error in all packages
- Chg package njs-archive by archive
- Chg package njs-certif by certificates
- Chg package njs-console by console
- Chg package njs-crypt by crypt
- Chg package njs-errors by errors
- Chg package njs-httpcli by httpcli
- Chg package njs-httpserver by httpserver
- Chg package njs-ioutils by ioutils
- Chg package njs-ldap by ldap
- Chg package njs-logger by logger
- Chg package njs-password by password
- Chg package njs-progress by progress
- Chg package njs-router by router
- Chg package njs-semaphore by semaphore
- Chg package njs-smtp by smtp
- Chg package njs-static by static
- Chg package njs-status by status
- Chg package njs-version by version
- Fix dependancies gopkg by github/go-ldap for go module compatibility
- Fix gin Abort call by gin Abort with Error in static package
- Fix issue #18 in status package : replace partner by component
- Fix go vet error
- Del deprecated function
- Del useless function & files
- Bump dependancies
- Apply CHG in README.md
2020-07-14 11:00:57 +02:00

146 lines
3.9 KiB
Go
Raw Blame History

/*
* MIT License
*
* Copyright (c) 2019 Nicolas JUHEL
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*
*/
package router
import (
"net/http"
"strings"
"github.com/gin-gonic/gin"
. "github.com/nabbar/golib/errors"
. "github.com/nabbar/golib/logger"
)
type AuthCode uint8
const (
AUTH_CODE_SUCCESS = iota
AUTH_CODE_REQUIRE
AUTH_CODE_FORBIDDEN
)
const (
HEAD_AUTH_REQR = "WWW-Authenticate"
HEAD_AUTH_SEND = "Authorization"
HEAD_AUTH_REAL = "Basic realm=LDAP Authorization Required"
)
func AuthRequire(c *gin.Context, err error) {
if err != nil {
c.Errors = append(c.Errors, &gin.Error{
Err: err,
Type: gin.ErrorTypePrivate,
})
}
// Credentials doesn't match, we return 401 and abort handlers chain.
c.Header(HEAD_AUTH_REQR, HEAD_AUTH_REAL)
c.AbortWithStatus(http.StatusUnauthorized)
}
func AuthForbidden(c *gin.Context, err error) {
if err != nil {
c.Errors = append(c.Errors, &gin.Error{
Err: err,
Type: gin.ErrorTypePrivate,
})
}
c.AbortWithStatus(http.StatusForbidden)
}
type authorization struct {
check func(AuthHeader string) (AuthCode, Error)
router []gin.HandlerFunc
authType string
}
type Authorization interface {
Handler(c *gin.Context)
Register(router ...gin.HandlerFunc) gin.HandlerFunc
Append(router ...gin.HandlerFunc)
}
func NewAuthorization(HeadAuthType string, authCheckFunc func(AuthHeader string) (AuthCode, Error)) Authorization {
return &authorization{
check: authCheckFunc,
authType: HeadAuthType,
router: make([]gin.HandlerFunc, 0),
}
}
func (a *authorization) Register(router ...gin.HandlerFunc) gin.HandlerFunc {
a.router = router
return a.Handler
}
func (a *authorization) Append(router ...gin.HandlerFunc) {
a.router = append(a.router, router...)
}
func (a authorization) Handler(c *gin.Context) {
// Search user in the slice of allowed credentials
auth := c.Request.Header.Get(HEAD_AUTH_SEND)
if auth == "" {
AuthRequire(c, HEADER_AUTH_MISSING.Error(nil).GetErrorFull(""))
return
}
authValue := ""
if strings.ContainsAny(auth, " ") {
sAuth := strings.SplitN(auth, " ", 2)
if len(sAuth) == 2 && strings.ToUpper(sAuth[0]) == a.authType {
authValue = sAuth[1]
}
}
if authValue == "" {
AuthRequire(c, HEADER_AUTH_EMPTY.Error(nil).GetErrorFull(""))
return
} else {
code, err := a.check(authValue)
switch code {
case AUTH_CODE_SUCCESS:
for _, r := range a.router {
DebugLevel.Logf("Calling router '%s=%s'", c.Request.Method, c.Request.URL.RawPath)
r(c)
}
case AUTH_CODE_REQUIRE:
AuthRequire(c, HEADER_AUTH_REQUIRE.Error(err).GetErrorFull(""))
case AUTH_CODE_FORBIDDEN:
AuthForbidden(c, HEADER_AUTH_FORBIDDEN.Error(err).GetErrorFull(""))
default:
c.Errors = append(c.Errors, &gin.Error{
Err: HEADER_AUTH_ERROR.Error(err).GetErrorFull(""),
Type: gin.ErrorTypePrivate,
})
c.AbortWithStatus(http.StatusInternalServerError)
}
}
}
Reference in New Issue View Git Blame Copy Permalink