forked from sensu/sensu-go
/
authentication.go
105 lines (86 loc) · 2.52 KB
/
authentication.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
package client
import (
"encoding/json"
"errors"
"fmt"
"github.com/sensu/sensu-go/types"
)
// CreateAccessToken returns a new access token given userid and password
func (client *RestClient) CreateAccessToken(url, userid, password string) (*types.Tokens, error) {
// Make sure any existing auth token doesn't get injected instead
client.ClearAuthToken()
defer client.Reset()
// Execute
res, err := client.R().SetBasicAuth(userid, password).Get(url + "/auth")
if err != nil {
return nil, err
}
if res.StatusCode() == 401 {
return nil, errors.New(string(res.Body()))
} else if res.StatusCode() >= 400 {
// TODO: (JK) we may want to expose a bit more of the error here
return nil, errors.New("Received an unexpected response from the API")
}
var tokens types.Tokens
if err = json.Unmarshal(res.Body(), &tokens); err != nil {
return nil, errors.New("Unable to unmarshal response from server")
}
return &tokens, err
}
// TestCreds checks if the provided User credentials are valid
func (client *RestClient) TestCreds(userid, password string) error {
client.ClearAuthToken()
res, err := client.R().SetBasicAuth(userid, password).Get("/auth/test")
if err != nil {
return err
}
if res.StatusCode() == 401 {
return errors.New(string(res.Body()))
} else if res.StatusCode() >= 400 {
return errors.New("Received an unexpected response from the API")
}
return nil
}
// Logout performs a logout of the configured user
func (client *RestClient) Logout(token string) error {
res, err := client.R().
SetHeader("Content-Type", "application/json").
SetBody(map[string]string{"refresh_token": token}).
Post("/auth/logout")
if err != nil {
return err
}
if res.StatusCode() >= 400 {
return fmt.Errorf("The server returned the error: %d %s",
res.StatusCode(),
res.String(),
)
}
return nil
}
// RefreshAccessToken returns a new access token given valid refresh token
func (client *RestClient) RefreshAccessToken(token string) (*types.Tokens, error) {
res, err := client.R().
SetHeader("Content-Type", "application/json").
SetBody(map[string]string{"refresh_token": token}).
SetResult(&types.Tokens{}).
Post("/auth/token")
if err != nil {
return nil, err
}
if res.StatusCode() >= 400 {
return nil, fmt.Errorf("The server returned the error: %d %s",
res.StatusCode(),
res.String(),
)
}
tokens, ok := res.Result().(*types.Tokens)
if !ok {
return nil, fmt.Errorf("Unable to unmarshal response from server")
}
err = tokens.Validate()
if err != nil {
return nil, err
}
return tokens, err
}