-
Notifications
You must be signed in to change notification settings - Fork 64
/
subscription.ex
55 lines (45 loc) · 1.26 KB
/
subscription.ex
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
defmodule RIG.AuthorizationCheck.Subscription do
@moduledoc """
Decides whether to allow or reject a subscription request.
"""
use Rig.Config, :custom_validation
alias RIG.AuthorizationCheck.External
alias RIG.AuthorizationCheck.Header
alias RIG.AuthorizationCheck.Request
# Confex callback
defp validate_config!(config) do
validation_type =
config
|> Keyword.fetch!(:validation_type)
|> String.downcase()
|> case do
"" -> :no_check
"no_check" -> :no_check
"jwt_validation" -> :jwt_validation
url -> {:url, url}
end
%{
validation_type: validation_type
}
end
# ---
@spec check_authorization(Request.t()) :: :ok | {:error, :not_authorized}
def check_authorization(request)
# If body is nil, there are no subscriptions to authorize.
def check_authorization(%{body: nil}), do: :ok
def check_authorization(request) do
%{validation_type: validation_type} = config()
case validation_type do
:no_check ->
:ok
:jwt_validation ->
if Header.any_valid_bearer_token?(request) do
:ok
else
{:error, :not_authorized}
end
{:url, base_url} ->
External.check_or_log(base_url, request)
end
end
end