-
Notifications
You must be signed in to change notification settings - Fork 22
/
authorization.go
88 lines (72 loc) · 2.21 KB
/
authorization.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
// Copyright (C) 2023 Gobalsky Labs Limited
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as
// published by the Free Software Foundation, either version 3 of the
// License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package v2
import (
"net/http"
"strings"
"code.vegaprotocol.io/vega/wallet/service/v2/connections"
)
// VWTPrefix is the scheme that prefixes the token in the Authorization HTTP header
// It is our non-standard scheme that stands for Vega Wallet Token.
const VWTPrefix = "VWT"
// VWT stands for Vega Wallet Token. It has the following format:
//
// VWT <TOKEN>
//
// Example:
//
// VWT QK6QoNLA2XEZdLFLxkFlq2oTX8cp8Xw1GOzxDAM0aSXxQAR33CGkvDh4vh2ZyQSh
type VWT struct {
token connections.Token
}
func (t VWT) Token() connections.Token {
return t.token
}
func (t VWT) String() string {
return VWTPrefix + " " + t.Token().String()
}
func AsVWT(token connections.Token) VWT {
return VWT{
token: token,
}
}
// ParseVWT parses a VWT into a VWT. If malformed, an error is returned.
func ParseVWT(rawVWT string) (VWT, error) {
if !strings.HasPrefix(rawVWT, VWTPrefix+" ") {
return VWT{}, ErrAuthorizationHeaderOnlySupportsVWTScheme
}
if len(rawVWT) < 5 {
return VWT{}, ErrAuthorizationTokenIsNotValidVWT
}
rawToken := trimBlankCharacters(rawVWT[4:])
if rawToken == "" {
return VWT{}, ErrAuthorizationTokenIsNotValidVWT
}
token, err := connections.AsToken(rawToken)
if err != nil {
return VWT{}, err
}
return VWT{
token: token,
}, nil
}
// ExtractVWT extracts the Vega Wallet Token from the `Authorization` header.
func ExtractVWT(r *http.Request) (VWT, error) {
rawToken := r.Header.Get("Authorization")
if rawToken == "" {
return VWT{}, ErrAuthorizationHeaderIsRequired
}
return ParseVWT(rawToken)
}