-
Notifications
You must be signed in to change notification settings - Fork 35
/
scheme.go
88 lines (73 loc) · 3.04 KB
/
scheme.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
// Copyright (c) Jeevanandam M. (https://github.com/jeevatkm)
// Source code and usage is governed by a MIT style
// license that can be found in the LICENSE file.
package scheme
import (
"fmt"
"strings"
"aahframe.work/ahttp"
"aahframe.work/config"
"aahframe.work/log"
"aahframe.work/security/acrypto"
"aahframe.work/security/authc"
"aahframe.work/security/authz"
)
// Schemer interface is used to create new Auth Scheme for aah framework.
type Schemer interface {
// Init method gets called by aah during an application start.
//
// `keyName` is value of security auth scheme key.
// For e.g.:
// security.auth_schemes.<keyname>
Init(appCfg *config.Config, keyName string) error
// Key method returns auth scheme configuration KeyName.
// For e.g: `security.auth_schemes.<keyname>`.
Key() string
// Scheme method returns auth scheme name. For e.g.: form, basic, oauth2, generic, etc.
Scheme() string
// DoAuthenticate method called by aah SecurityManager to get Subject authentication
// information.
DoAuthenticate(authcToken *authc.AuthenticationToken) (*authc.AuthenticationInfo, error)
// DoAuthorizationInfo method called by aah SecurityManager to get
// Subject's authorization information if successful authentication.
DoAuthorizationInfo(authcInfo *authc.AuthenticationInfo) *authz.AuthorizationInfo
// ExtractAuthenticationToken method called by aah SecurityManager to
// extract identity details from the HTTP request.
ExtractAuthenticationToken(r *ahttp.Request) *authc.AuthenticationToken
}
//‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾
// Package methods
//___________________________________
// New method creates the auth scheme instance for given type.
func New(authSchemeType string) Schemer {
switch strings.ToLower(authSchemeType) {
case "form":
return &FormAuth{}
case "basic":
return &BasicAuth{}
case "oauth2":
return &OAuth2{}
case "generic":
return &GenericAuth{}
}
return nil
}
//‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾
// Unexported methods
//___________________________________
func passwordAlgorithm(cfg *config.Config, keyPrefix string) (acrypto.PasswordEncoder, error) {
var passAlg string
pe, _ := cfg.Get(keyPrefix + ".password_encoder")
if _, ok := pe.(string); !ok {
passAlg = cfg.StringDefault(keyPrefix+".password_encoder.type", "bcrypt")
// DEPRECATED, to be removed in v1.0
log.Warnf("DEPRECATED: Config '%s.password_encoder.type' is deprecated in v0.9, use '%s.password_encoder = \"%s\"' instead. Deprecated config will not break your functionality, its good to update to latest config.", keyPrefix, keyPrefix, passAlg)
} else {
passAlg = cfg.StringDefault(keyPrefix+".password_encoder", "bcrypt")
}
passwordEncoder := acrypto.PasswordAlgorithm(passAlg)
if passwordEncoder == nil {
return nil, fmt.Errorf("'%s' password algorithm is not enabled, please refer to https://docs.aahframework.org/password-encoders.html", passAlg)
}
return passwordEncoder, nil
}