-
Notifications
You must be signed in to change notification settings - Fork 350
/
basic.go
75 lines (59 loc) · 1.68 KB
/
basic.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
package auth
import (
auth "github.com/abbot/go-http-auth"
"github.com/zalando/skipper/filters"
"net/http"
)
const (
Name = "basicAuth"
ForceBasicAuthHeaderName = "WWW-Authenticate"
ForceBasicAuthHeaderValue = "Basic realm="
DefaultRealmName = "Basic Realm"
)
type basicSpec struct{}
type basic struct {
authenticator *auth.BasicAuth
realmDefinition string
}
func NewBasicAuth() *basicSpec {
return &basicSpec{}
}
//We do not touch response at all
func (a *basic) Response(filters.FilterContext) {}
// check basic auth
func (a *basic) Request(ctx filters.FilterContext) {
username := a.authenticator.CheckAuth(ctx.Request())
if username == "" {
header := http.Header{}
header.Set(ForceBasicAuthHeaderName, a.realmDefinition)
ctx.Serve(&http.Response{
StatusCode: http.StatusUnauthorized,
Header: header,
})
}
}
// Creates out basicAuth Filter
// The first params specifies the used htpasswd file
// The second is optional and defines the realm name
func (spec *basicSpec) CreateFilter(config []interface{}) (filters.Filter, error) {
if len(config) == 0 {
return nil, filters.ErrInvalidFilterParameters
}
configFile, ok := config[0].(string)
if !ok {
return nil, filters.ErrInvalidFilterParameters
}
realmName := DefaultRealmName
if len(config) == 2 {
if definedName, ok := config[1].(string); ok {
realmName = definedName
}
}
htpasswd := auth.HtpasswdFileProvider(configFile)
authenticator := auth.NewBasicAuthenticator(realmName, htpasswd)
return &basic{
authenticator: authenticator,
realmDefinition: ForceBasicAuthHeaderValue + `"` + realmName + `"`,
}, nil
}
func (spec *basicSpec) Name() string { return Name }