/
token.go
82 lines (73 loc) · 2.08 KB
/
token.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
// Copyright 2013 tsuru authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package auth
import (
"strings"
"github.com/pkg/errors"
"github.com/tsuru/tsuru/permission"
authTypes "github.com/tsuru/tsuru/types/auth"
permTypes "github.com/tsuru/tsuru/types/permission"
)
// Token type alias exists to ease refactoring while we move auth types to
// types/auth package. Both this type alias and the Convert*User funcs should
// be eliminated once we convert everyone to use authTypes.User.
type Token authTypes.Token
func ConvertOldUser(u *User, err error) (*authTypes.User, error) {
if u != nil {
wu := authTypes.User(*u)
return &wu, err
}
return nil, err
}
func ConvertNewUser(u *authTypes.User, err error) (*User, error) {
if u != nil {
wu := User(*u)
return &wu, err
}
return nil, err
}
var ErrInvalidToken = errors.New("Invalid token")
// ParseToken extracts token from a header:
// 'type token' or 'token'
func ParseToken(header string) (string, error) {
s := strings.Split(header, " ")
var value string
if len(s) < 3 {
value = s[len(s)-1]
}
if value != "" {
return value, nil
}
return value, ErrInvalidToken
}
func BaseTokenPermission(t Token) ([]permission.Permission, error) {
if t.IsAppToken() {
// TODO(cezarsa): Improve handling of app tokens. These permissions
// listed here are the ones required by deploy-agent and legacy tsuru-
// unit-agent.
return []permission.Permission{
{
Scheme: permission.PermAppUpdateUnitRegister,
Context: permission.Context(permTypes.CtxApp, t.GetAppName()),
},
{
Scheme: permission.PermAppUpdateLog,
Context: permission.Context(permTypes.CtxApp, t.GetAppName()),
},
{
Scheme: permission.PermAppUpdateUnitStatus,
Context: permission.Context(permTypes.CtxApp, t.GetAppName()),
},
{
Scheme: permission.PermAppReadDeploy,
Context: permission.Context(permTypes.CtxApp, t.GetAppName()),
},
}, nil
}
u, err := ConvertNewUser(t.User())
if err != nil {
return nil, err
}
return u.Permissions()
}