-
Notifications
You must be signed in to change notification settings - Fork 142
/
routes.go
108 lines (88 loc) · 3.13 KB
/
routes.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
package authentication
import (
"fmt"
"net/http"
"time"
"github.com/labstack/echo/v4"
"github.com/pangpanglabs/echoswagger/v2"
"github.com/iotaledger/wasp/packages/authentication/shared"
"github.com/iotaledger/wasp/packages/registry"
"github.com/iotaledger/wasp/packages/users"
"github.com/iotaledger/wasp/packages/webapi/interfaces"
)
const (
AuthNone = "none"
AuthJWT = "jwt"
)
type JWTAuthConfiguration struct {
Duration time.Duration `default:"24h" usage:"jwt token lifetime"`
}
type AuthConfiguration struct {
Scheme string `default:"ip" usage:"selects which authentication to choose"`
JWTConfig JWTAuthConfiguration `name:"jwt" usage:"defines the jwt configuration"`
}
type WebAPI interface {
GET(path string, h echo.HandlerFunc, m ...echo.MiddlewareFunc) *echo.Route
POST(path string, h echo.HandlerFunc, m ...echo.MiddlewareFunc) *echo.Route
Use(middleware ...echo.MiddlewareFunc)
}
func AddAuthentication(
apiRoot echoswagger.ApiRoot,
userManager *users.UserManager,
nodeIdentityProvider registry.NodeIdentityProvider,
authConfig AuthConfiguration,
mocker interfaces.Mocker,
) echo.MiddlewareFunc {
echoRoot := apiRoot.Echo()
authGroup := apiRoot.Group("auth", "")
// initialize AuthContext obj as var in echo.Context
echoRoot.Use(func(next echo.HandlerFunc) echo.HandlerFunc {
return func(c echo.Context) error {
c.Set("auth", &AuthContext{
scheme: authConfig.Scheme,
})
return next(c)
}
})
// set AuthInfo route
authGroup.GET(shared.AuthInfoRoute(), authInfoHandler(authConfig)).
AddResponse(http.StatusOK, "Login was successful", mocker.Get(shared.AuthInfoModel{}), nil).
SetOperationId("authInfo").
SetSummary("Get information about the current authentication mode")
// set Auth route
var middleware echo.MiddlewareFunc
var handler echo.HandlerFunc
switch authConfig.Scheme {
case AuthJWT:
var jwtAuth *JWTAuth
nodeIDKeypair := nodeIdentityProvider.NodeIdentity()
// The primary claim is the one mandatory claim that gives access to api/webapi/alike
jwtAuth, middleware = GetJWTAuthMiddleware(authConfig.JWTConfig, nodeIDKeypair, userManager)
authHandler := &AuthHandler{Jwt: jwtAuth, UserManager: userManager}
handler = authHandler.JWTLoginHandler
case AuthNone:
middleware = GetNoneAuthMiddleware()
handler = nil
default:
panic(fmt.Sprintf("Unknown auth scheme %s", authConfig.Scheme))
}
authGroup.POST(shared.AuthRoute(), handler).
AddParamBody(mocker.Get(shared.LoginRequest{}), "", "The login request", true).
AddResponse(http.StatusUnauthorized, "Unauthorized (Wrong permissions, missing token)", nil, nil).
AddResponse(http.StatusMethodNotAllowed, "auth type: none", nil, nil).
AddResponse(http.StatusOK, "Login was successful", mocker.Get(shared.LoginResponse{}), nil).
SetOperationId("authenticate").
SetSummary("Authenticate towards the node")
return middleware
}
func authInfoHandler(authConfig AuthConfiguration) func(c echo.Context) error {
return func(c echo.Context) error {
model := shared.AuthInfoModel{
Scheme: authConfig.Scheme,
}
if model.Scheme == AuthJWT {
model.AuthURL = shared.AuthRoute()
}
return c.JSON(http.StatusOK, model)
}
}