forked from thecodeteam/libstorage
-
Notifications
You must be signed in to change notification settings - Fork 0
/
handlers_auth_all_services.go
56 lines (46 loc) · 1.35 KB
/
handlers_auth_all_services.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
package handlers
import (
"net/http"
"github.com/codedellemc/libstorage/api/server/auth"
"github.com/codedellemc/libstorage/api/server/services"
"github.com/codedellemc/libstorage/api/types"
)
// authAllSvcsHandler is an HTTP filter for validating the JWT.
type authAllSvcsHandler struct {
handler types.APIFunc
}
// NewAuthAllSvcsHandler returns a new authAllSvcsHandler.
func NewAuthAllSvcsHandler() types.Middleware {
return &authAllSvcsHandler{}
}
func (h *authAllSvcsHandler) Name() string {
return "auth-svc-handler"
}
func (h *authAllSvcsHandler) Handler(m types.APIFunc) types.APIFunc {
return (&authAllSvcsHandler{m}).Handle
}
// Handle is the type's Handler function.
func (h *authAllSvcsHandler) Handle(
ctx types.Context,
w http.ResponseWriter,
req *http.Request,
store types.Store) error {
for svc := range services.StorageServices(ctx) {
if svc.AuthConfig() == nil {
ctx.WithField("service", svc.Name()).Debug(
"skipping service auth handler; empty auth config")
continue
}
if len(svc.AuthConfig().Allow) == 0 && len(svc.AuthConfig().Deny) == 0 {
ctx.Debug("skipping svc auth handler; empty allow & deny lists")
continue
}
_, err := auth.ValidateAuthTokenWithCtxOrReq(
ctx, svc.AuthConfig(), req)
if err != nil {
return err
}
}
ctx.Debug("validated all services access")
return h.handler(ctx, w, req, store)
}