-
Notifications
You must be signed in to change notification settings - Fork 316
/
Copy pathmiddleware.go
164 lines (133 loc) · 4.35 KB
/
middleware.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
package web
import (
"net/http"
"github.com/RichardKnop/go-oauth2-server/session"
"github.com/gorilla/context"
)
// parseFormMiddleware parses the form so r.Form becomes available
type parseFormMiddleware struct{}
// ServeHTTP as per the negroni.Handler interface
func (m *parseFormMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
if err := r.ParseForm(); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
next(w, r)
}
// guestMiddleware just initialises session
type guestMiddleware struct {
service ServiceInterface
}
// newGuestMiddleware creates a new guestMiddleware instance
func newGuestMiddleware(service ServiceInterface) *guestMiddleware {
return &guestMiddleware{service: service}
}
// ServeHTTP as per the negroni.Handler interface
func (m *guestMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
// Initialise the session service
m.service.setSessionService(r, w)
sessionService := m.service.GetSessionService()
// Attempt to start the session
if err := sessionService.StartSession(); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
context.Set(r, sessionServiceKey, sessionService)
next(w, r)
}
// loggedInMiddleware initialises session and makes sure the user is logged in
type loggedInMiddleware struct {
service ServiceInterface
}
// newLoggedInMiddleware creates a new loggedInMiddleware instance
func newLoggedInMiddleware(service ServiceInterface) *loggedInMiddleware {
return &loggedInMiddleware{service: service}
}
// ServeHTTP as per the negroni.Handler interface
func (m *loggedInMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
// Initialise the session service
m.service.setSessionService(r, w)
sessionService := m.service.GetSessionService()
// Attempt to start the session
if err := sessionService.StartSession(); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
context.Set(r, sessionServiceKey, sessionService)
// Try to get a user session
userSession, err := sessionService.GetUserSession()
if err != nil {
query := r.URL.Query()
query.Set("login_redirect_uri", r.URL.Path)
redirectWithQueryString("/web/login", query, w, r)
return
}
// Authenticate
if err := m.authenticate(userSession); err != nil {
query := r.URL.Query()
query.Set("login_redirect_uri", r.URL.Path)
redirectWithQueryString("/web/login", query, w, r)
return
}
// Update the user session
sessionService.SetUserSession(userSession)
next(w, r)
}
func (m *loggedInMiddleware) authenticate(userSession *session.UserSession) error {
// Try to authenticate with the stored access token
_, err := m.service.GetOauthService().Authenticate(userSession.AccessToken)
if err == nil {
// Access token valid, return
return nil
}
// Access token might be expired, let's try refreshing...
// Fetch the client
client, err := m.service.GetOauthService().FindClientByClientID(
userSession.ClientID, // client ID
)
if err != nil {
return err
}
// Validate the refresh token
theRefreshToken, err := m.service.GetOauthService().GetValidRefreshToken(
userSession.RefreshToken, // refresh token
client, // client
)
if err != nil {
return err
}
// Log in the user
accessToken, refreshToken, err := m.service.GetOauthService().Login(
theRefreshToken.Client,
theRefreshToken.User,
theRefreshToken.Scope,
)
if err != nil {
return err
}
userSession.AccessToken = accessToken.Token
userSession.RefreshToken = refreshToken.Token
return nil
}
// clientMiddleware takes client_id param from the query string and
// makes a database lookup for a client with the same client ID
type clientMiddleware struct {
service ServiceInterface
}
// newClientMiddleware creates a new clientMiddleware instance
func newClientMiddleware(service ServiceInterface) *clientMiddleware {
return &clientMiddleware{service: service}
}
// ServeHTTP as per the negroni.Handler interface
func (m *clientMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
// Fetch the client
client, err := m.service.GetOauthService().FindClientByClientID(
r.Form.Get("client_id"), // client ID
)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
context.Set(r, clientKey, client)
next(w, r)
}