Skip to content

Commit

Permalink
Feat/err handler (#21)
Browse files Browse the repository at this point in the history 
* add err handling on tenant feature

* Handle illegal token

* disable linter on tenantId matching

Co-authored-by: Jesse Tu <ruifan.cs08g@nctu.edu.tw>
  • Loading branch information
@ianchen0119
ianchen0119 and Jesse Tu committed Feb 9, 2022
1 parent aa182fa commit c26286b
Show file tree
Hide file tree
Showing 3 changed files with 62 additions and 15 deletions.
75 changes: 60 additions & 15 deletions backend/WebUI/api_webui.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,12 +7,13 @@ import (
"net/http"
"os"
"reflect"
"time"
"strings"
"time"

"github.com/dgrijalva/jwt-go"
"github.com/gin-gonic/gin"
"github.com/google/uuid"
"github.com/pkg/errors"
"go.mongodb.org/mongo-driver/bson"
"golang.org/x/crypto/bcrypt"

Expand Down Expand Up @@ -94,7 +95,7 @@ func sendResponseToClientFilterTenant(c *gin.Context, response *http.Response, t

tenantCheck := func(supi string) bool {
for _, amData := range amDataList {
if supi == amData["ueId"] && tenantId == amData["tenantId"] {
if supi == amData["ueId"] {
return true
}
}
Expand Down Expand Up @@ -410,14 +411,18 @@ type AuthSub struct {
}

// Parse JWT
func ParseJWT(tokenStr string) jwt.MapClaims {
token, _ := jwt.Parse(tokenStr, func(token *jwt.Token) (interface{}, error) {
func ParseJWT(tokenStr string) (jwt.MapClaims, error) {
token, err := jwt.Parse(tokenStr, func(token *jwt.Token) (interface{}, error) {
return []byte(os.Getenv("SIGNINGKEY")), nil
})

if err != nil {
return nil, errors.Wrap(err, "ParseJWT error")
}

claims, _ := token.Claims.(jwt.MapClaims)

return claims
return claims, nil
}

// Check of admin user. This should be done with proper JWT token.
Expand All @@ -431,13 +436,16 @@ func CheckAuth(c *gin.Context) bool {
}

// Tenat ID
func GetTenantId(c *gin.Context) string {
func GetTenantId(c *gin.Context) (string, error) {
tokenStr := c.GetHeader("Token")
if tokenStr == "admin" {
return ""
return "", nil
}
claims, err := ParseJWT(tokenStr)
if err != nil {
return "", errors.Wrap(err, "GetTenantId error")
}
claims := ParseJWT(tokenStr)
return claims["tenantId"].(string)
return claims["tenantId"].(string), nil
}

// Tenant
Expand Down Expand Up @@ -737,8 +745,16 @@ func GetSubscribers(c *gin.Context) {
tokenStr := c.GetHeader("Token")

var claims jwt.MapClaims = nil
var err error = nil
if tokenStr != "admin" {
claims = ParseJWT(tokenStr)
claims, err = ParseJWT(tokenStr)
}
if err != nil {
logger.WebUILog.Errorln(err.Error())
c.JSON(http.StatusBadRequest, gin.H{
"cause": "Illegal Token",
})
return
}

var subsList []SubsListIE = make([]SubsListIE, 0)
Expand Down Expand Up @@ -833,14 +849,27 @@ func PostSubscriberByID(c *gin.Context) {
logger.WebUILog.Infoln("Post One Subscriber Data")

var claims jwt.MapClaims = nil
var err error = nil
tokenStr := c.GetHeader("Token")

if tokenStr != "admin" {
claims = ParseJWT(tokenStr)
claims, err = ParseJWT(tokenStr)
}
if err != nil {
logger.WebUILog.Errorln(err.Error())
c.JSON(http.StatusBadRequest, gin.H{
"cause": "Illegal Token",
})
return
}

var subsData SubsData
if err := c.ShouldBindJSON(&subsData); err != nil {
logger.WebUILog.Panic(err.Error())
logger.WebUILog.Errorf("PostSubscriberByID err: %v", err)
c.JSON(http.StatusBadRequest, gin.H{
"cause": "JSON format incorrect",
})
return
}

ueId := c.Param("ueId")
Expand Down Expand Up @@ -924,7 +953,11 @@ func PutSubscriberByID(c *gin.Context) {

var subsData SubsData
if err := c.ShouldBindJSON(&subsData); err != nil {
logger.WebUILog.Panic(err.Error())
logger.WebUILog.Errorf("PutSubscriberByID err: %v", err)
c.JSON(http.StatusBadRequest, gin.H{
"cause": "JSON format incorrect",
})
return
}

ueId := c.Param("ueId")
Expand Down Expand Up @@ -994,7 +1027,11 @@ func PatchSubscriberByID(c *gin.Context) {

var subsData SubsData
if err := c.ShouldBindJSON(&subsData); err != nil {
logger.WebUILog.Panic(err.Error())
logger.WebUILog.Errorf("PatchSubscriberByID err: %v", err)
c.JSON(http.StatusBadRequest, gin.H{
"cause": "JSON format incorrect",
})
return
}

ueId := c.Param("ueId")
Expand Down Expand Up @@ -1096,7 +1133,15 @@ func GetRegisteredUEContext(c *gin.Context) {
}

// Filter by tenant.
tenantId := GetTenantId(c)
tenantId, err := GetTenantId(c)
if err != nil {
logger.WebUILog.Errorln(err.Error())
c.JSON(http.StatusBadRequest, gin.H{
"cause": "Illegal Token",
})
return
}

if tenantId == "" {
sendResponseToClient(c, resp)
} else {
Expand Down
1 change: 1 addition & 0 deletions frontend/src/pages/Users/UserOverview.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ class UserOverview extends Component {
};

async componentDidMount() {
//eslint-disable-next-line
const tenantId = this.props.match.url.replace(/^.*[\\\/]/, '');

ApiHelper.fetchUsers(tenantId).then();
Expand Down
1 change: 1 addition & 0 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ require (
github.com/gin-gonic/gin v1.6.3
github.com/google/uuid v1.3.0
github.com/mitchellh/mapstructure v1.4.0
github.com/pkg/errors v0.9.1 // indirect
github.com/russross/blackfriday/v2 v2.1.0 // indirect
github.com/sirupsen/logrus v1.7.0
github.com/urfave/cli v1.22.5
Expand Down

0 comments on commit c26286b

Please sign in to comment.