-
Notifications
You must be signed in to change notification settings - Fork 119
/
credentials.go
105 lines (83 loc) · 2.53 KB
/
credentials.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
package yt
import (
"context"
"net/http"
"github.com/golang/protobuf/proto"
"go.ytsaurus.tech/yt/go/proto/core/rpc"
)
const (
// XYaServiceTicket is http header that should be used for service ticket transfer.
XYaServiceTicket = "X-Ya-Service-Ticket"
// XYaUserTicket is http header that should be used for user ticket transfer.
XYaUserTicket = "X-Ya-User-Ticket"
// YTCypressCookie is a cookie that should be used for authentication in open source world.
YTCypressCookie = "YTCypressCookie"
// XCSRFToken is a http header that should be used for CSRF token transfer.
XCSRFToken = "X-Csrf-Token"
)
type Credentials interface {
Set(r *http.Request)
SetExtension(req *rpc.TRequestHeader)
}
type TokenCredentials struct {
Token string
}
func (c *TokenCredentials) Set(r *http.Request) {
r.Header.Add("Authorization", "OAuth "+c.Token)
}
func (c *TokenCredentials) SetExtension(req *rpc.TRequestHeader) {
_ = proto.SetExtension(
req,
rpc.E_TCredentialsExt_CredentialsExt,
&rpc.TCredentialsExt{Token: &c.Token},
)
}
// UserTicketCredentials implements TVM user-tickets authentication.
type UserTicketCredentials struct {
Ticket string
}
func (c *UserTicketCredentials) Set(r *http.Request) {
r.Header.Set(XYaUserTicket, c.Ticket)
}
func (c *UserTicketCredentials) SetExtension(req *rpc.TRequestHeader) {
_ = proto.SetExtension(
req,
rpc.E_TCredentialsExt_CredentialsExt,
&rpc.TCredentialsExt{UserTicket: &c.Ticket},
)
}
// ServiceTicketCredentials implements TVM service-tickets authentication.
type ServiceTicketCredentials struct {
Ticket string
}
func (c *ServiceTicketCredentials) Set(r *http.Request) {
r.Header.Set(XYaServiceTicket, c.Ticket)
}
func (c *ServiceTicketCredentials) SetExtension(req *rpc.TRequestHeader) {
_ = proto.SetExtension(
req,
rpc.E_TCredentialsExt_CredentialsExt,
&rpc.TCredentialsExt{ServiceTicket: &c.Ticket},
)
}
type CookieCredentials struct {
Cookie *http.Cookie
CSRFToken string
}
func (c CookieCredentials) Set(r *http.Request) {
r.AddCookie(c.Cookie)
r.Header.Set(XCSRFToken, c.CSRFToken)
}
func (c CookieCredentials) SetExtension(req *rpc.TRequestHeader) {}
type credentials struct{}
var credentialsKey credentials
func ContextCredentials(ctx context.Context) Credentials {
if v := ctx.Value(&credentialsKey); v != nil {
return v.(Credentials)
}
return nil
}
// WithCredentials allows overriding client credentials on per-call basis.
func WithCredentials(ctx context.Context, credentials Credentials) context.Context {
return context.WithValue(ctx, &credentialsKey, credentials)
}