added auth debug info

MG-RAST · Jan 24, 2018 · 89731fc · 89731fc
1 parent 6ff964c
commit 89731fc
Show file tree

Hide file tree

Showing 3 changed files with 80 additions and 44 deletions.
diff --git a/lib/auth/auth.go b/lib/auth/auth.go
@@ -33,14 +33,19 @@ func Authenticate(header string) (u *user.User, err error) {
 		return u, nil
 	} else {
 		for _, auth := range authMethods {
-			u, err := auth(header)
-			if u != nil && err == nil {
-				authCache.add(header, u)
-				return u, nil
-			}
+			u, err = auth(header)
 			if err != nil {
 				// log actual error, return consistant invalid auth to user
-				logger.Error("(auth.Authenticate) err=%s (header=%s)", err.Error(), header)
+				last_position := len(header)
+				if last_position > 10 {
+					last_position = 10
+				}
+				logger.Error("(auth.Authenticate) err=%s (header=%s)", err.Error(), header[0:last_position]+"...")
+				err = nil
+			}
+			if u != nil {
+				authCache.add(header, u)
+				return
 			}
 		}
 	}

diff --git a/lib/auth/oauth/oauth.go b/lib/auth/oauth/oauth.go
@@ -5,6 +5,7 @@ import (
 	"crypto/tls"
 	"encoding/json"
 	"errors"
+	"fmt"
 	"github.com/MG-RAST/AWE/lib/conf"
 	e "github.com/MG-RAST/AWE/lib/errors"
 	"github.com/MG-RAST/AWE/lib/user"
@@ -35,20 +36,29 @@ func authHeaderType(header string) string {
 
 // Auth takes the request authorization header and returns user
 // bearer token "oauth" returns default url (first item in auth_oauth_url conf value)
-func Auth(header string) (*user.User, error) {
+func Auth(header string) (u *user.User, err error) {
 	bearer := authHeaderType(header)
 	if bearer == "" {
-		return nil, errors.New("(oauth) Invalid authentication header, missing bearer token.")
+		return nil, errors.New("(Auth) Invalid authentication header, missing bearer token.")
 	}
 	oauth_url, found_url := conf.AUTH_OAUTH[bearer]
 	if bearer == "basic" {
-		return nil, errors.New("(oauth) This authentication method does not support username/password authentication. Please use your OAuth token.")
+		err = errors.New("(Auth) This authentication method does not support username/password authentication. Please use your OAuth token.")
+		return
 	} else if bearer == "oauth" {
-		return authToken(strings.Split(header, " ")[1], conf.OAUTH_DEFAULT)
+		u, err = authToken(strings.Split(header, " ")[1], conf.OAUTH_DEFAULT)
+		if err != nil {
+			err = fmt.Errorf("(Auth) bearer=oauth error: %s", err.Error())
+		}
+		return
 	} else if found_url {
-		return authToken(strings.Split(header, " ")[1], oauth_url)
+		u, err = authToken(strings.Split(header, " ")[1], oauth_url)
+		if err != nil {
+			err = fmt.Errorf("(Auth) found_url=true error: %s", err.Error())
+		}
+		return
 	} else {
-		return nil, errors.New("(oauth) Invalid authentication header, unknown bearer token: " + bearer)
+		return nil, errors.New("(Auth) Invalid authentication header, unknown bearer token: " + bearer)
 	}
 }
 
@@ -59,40 +69,60 @@ func authToken(token string, url string) (u *user.User, err error) {
 	}
 	req, err := http.NewRequest("GET", url, nil)
 	if err != nil {
-		return nil, errors.New("(oauth) HTTP GET: " + err.Error())
+		return nil, errors.New("(authToken) HTTP GET: " + err.Error())
 	}
 	req.Header.Add("Auth", token)
-	if resp, err := client.Do(req); err == nil {
-		defer resp.Body.Close()
-		if resp.StatusCode == http.StatusOK {
-			if body, err := ioutil.ReadAll(resp.Body); err == nil {
-				u = &user.User{}
-				c := &credentials{}
-				if err = json.Unmarshal(body, &c); err != nil {
-					return nil, errors.New("(oauth) JSON Unmarshal: " + err.Error())
-				} else {
-					if c.Uname == "" {
-						return nil, errors.New("(oauth) " + e.InvalidAuth)
-					}
-					u.Username = c.Uname
-					if c.Name != "" {
-						u.Fullname = c.Name
-					} else {
-						u.Fullname = c.Fname + " " + c.Lname
-					}
-					u.Email = c.Email
-					if err = u.SetMongoInfo(); err != nil {
-						return nil, errors.New("(oauth) MongoDB: " + err.Error())
-					}
-				}
-			}
-		} else if resp.StatusCode == http.StatusForbidden {
-			return nil, errors.New("(oauth) " + e.InvalidAuth)
-		} else {
-			return nil, errors.New("(oauth) Authentication failed: Unexpected response status: " + resp.Status)
-		}
+	resp, err := client.Do(req)
+	if err != nil {
+		err = errors.New("(authToken) " + err.Error())
+		return
+	}
+
+	defer resp.Body.Close()
+
+	if resp.StatusCode == http.StatusForbidden {
+		err = errors.New("(authToken) " + e.InvalidAuth)
+		return
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		err = fmt.Errorf("(authToken) Authentication failed: Unexpected response status: %s", resp.Status)
+		return
+	}
+
+	body, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		err = fmt.Errorf("(authToken) ioutil.ReadAll(resp.Body) failed: %s", err.Error())
+		return
+	}
+
+	u = &user.User{}
+	c := &credentials{}
+	err = json.Unmarshal(body, &c)
+	if err != nil {
+		u = nil
+		err = errors.New("(authToken) JSON Unmarshal: " + err.Error())
+		return
+	}
+
+	if c.Uname == "" {
+		u = nil
+		err = errors.New("(authToken) c.Uname is empty, " + e.InvalidAuth)
+		return
+	}
+	u.Username = c.Uname
+	if c.Name != "" {
+		u.Fullname = c.Name
 	} else {
-		return nil, errors.New("(oauth) " + err.Error())
+		u.Fullname = c.Fname + " " + c.Lname
 	}
+	u.Email = c.Email
+	err = u.SetMongoInfo()
+	if err != nil {
+		u = nil
+		err = errors.New("(authToken) MongoDB: " + err.Error())
+		return
+	}
+
 	return
 }
diff --git a/lib/shock/shock.go b/lib/shock/shock.go
@@ -205,7 +205,8 @@ func (sc *ShockClient) CreateOrUpdate(opts Opts, nodeid string, nodeattr map[str
 	token := sc.Token
 
 	if host == "" {
-		return nil, fmt.Errorf("error: (createOrUpdate) host is not defined in Shock node")
+		err = fmt.Errorf("(createOrUpdate) host is not defined in Shock node")
+		return
 	}
 
 	url := host + "/node"