token-validator: split rawHandler with responseHandler
This commit is contained in:
parent
8d55ecc3af
commit
09552ab516
|
|
@ -88,9 +88,9 @@ func challengeDNS(s *Student, t *givenToken, chid int) error {
|
|||
return err
|
||||
} else if ! hmac.Equal(expectedToken, t.token) {
|
||||
return errors.New("This is not the expected token.")
|
||||
} else {
|
||||
return nil
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func challengeTime(s *Student, t *givenToken, chid int) error {
|
||||
|
|
@ -263,12 +263,12 @@ func init() {
|
|||
}
|
||||
|
||||
router.GET("/challenges", apiHandler(getChallengeList))
|
||||
router.GET("/challenge/:chid", rawHandler(accessibleChallenge))
|
||||
router.POST("/challenge", rawHandler(challengeHandler(receiveToken)))
|
||||
router.POST("/challenge/:chid", rawHandler(receiveChallenge))
|
||||
router.POST("/toctoc", rawHandler(definedChallengeHandler(receiveToken, 6)))
|
||||
router.POST("/echorequest", rawHandler(definedChallengeHandler(receiveToken, 7)))
|
||||
router.POST("/testdisk", rawHandler(definedChallengeHandler(receiveToken, 8)))
|
||||
router.GET("/challenge/:chid", rawHandler(responseHandler(accessibleChallenge)))
|
||||
router.POST("/challenge", rawHandler(responseHandler(challengeHandler(receiveToken))))
|
||||
router.POST("/challenge/:chid", rawHandler(responseHandler(receiveChallenge)))
|
||||
router.POST("/toctoc", rawHandler(responseHandler(definedChallengeHandler(receiveToken, 6))))
|
||||
router.POST("/echorequest", rawHandler(responseHandler(definedChallengeHandler(receiveToken, 7))))
|
||||
router.POST("/testdisk", rawHandler(responseHandler(definedChallengeHandler(receiveToken, 8))))
|
||||
}
|
||||
|
||||
type givenToken struct {
|
||||
|
|
|
|||
|
|
@ -40,21 +40,7 @@ func remoteValidatorHandler(f func(http.ResponseWriter, *http.Request, httproute
|
|||
}
|
||||
}
|
||||
|
||||
func authHandler(f func(http.ResponseWriter, *http.Request, httprouter.Params)) func(http.ResponseWriter, *http.Request, httprouter.Params) {
|
||||
return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
|
||||
if flds := strings.Fields(r.Header.Get("Authorization")); len(flds) != 2 || flds[0] != "Bearer" {
|
||||
http.Error(w, `{"errmsg": "Authorization required"}`, http.StatusUnauthorized)
|
||||
} else if sessionid, err := base64.StdEncoding.DecodeString(flds[1]); err != nil {
|
||||
http.Error(w, fmt.Sprintf(`{"errmsg": %q}`, err), http.StatusNotAcceptable)
|
||||
} else if _, err := getSession(sessionid); err != nil {
|
||||
http.Error(w, fmt.Sprintf(`{"errmsg": %q}`, err), http.StatusUnauthorized)
|
||||
} else {
|
||||
f(w, r, ps)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func rawHandler(f func(*http.Request, httprouter.Params, []byte) (interface{}, error), access ...func(*Student, *http.Request) error) func(http.ResponseWriter, *http.Request, httprouter.Params) {
|
||||
func rawHandler(f func(http.ResponseWriter, *http.Request, httprouter.Params, []byte), access ...func(*Student, *http.Request) error) func(http.ResponseWriter, *http.Request, httprouter.Params) {
|
||||
return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
|
||||
if addr := r.Header.Get("X-Forwarded-For"); addr != "" {
|
||||
r.RemoteAddr = addr
|
||||
|
|
@ -63,9 +49,6 @@ func rawHandler(f func(*http.Request, httprouter.Params, []byte) (interface{}, e
|
|||
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
|
||||
var ret interface{}
|
||||
var err error = nil
|
||||
|
||||
// Read Authorization header
|
||||
var student *Student = nil
|
||||
if flds := strings.Fields(r.Header.Get("Authorization")); len(flds) == 2 && flds[0] == "Bearer" {
|
||||
|
|
@ -109,7 +92,13 @@ func rawHandler(f func(*http.Request, httprouter.Params, []byte) (interface{}, e
|
|||
}
|
||||
}
|
||||
|
||||
ret, err = f(r, ps, body)
|
||||
f(w, r, ps, body)
|
||||
}
|
||||
}
|
||||
|
||||
func responseHandler(f func(*http.Request, httprouter.Params, []byte) (interface{}, error)) func(http.ResponseWriter, *http.Request, httprouter.Params, []byte) {
|
||||
return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params, body []byte) {
|
||||
ret, err := f(r, ps, body)
|
||||
|
||||
// Format response
|
||||
resStatus := http.StatusOK
|
||||
|
|
@ -153,12 +142,20 @@ func definedChallengeHandler(f func (*http.Request, []byte, int) (interface{}, e
|
|||
}
|
||||
}
|
||||
|
||||
func apiRawHandler(f func(http.ResponseWriter, httprouter.Params, []byte) (interface{}, error), access ...func(*Student, *http.Request) error) func(http.ResponseWriter, *http.Request, httprouter.Params) {
|
||||
return rawHandler(func (w http.ResponseWriter, r *http.Request, ps httprouter.Params, b []byte) {
|
||||
responseHandler(func (_ *http.Request, ps httprouter.Params, b []byte)(interface{}, error) {
|
||||
return f(w, ps, b)
|
||||
})(w, r, ps, b)
|
||||
}, access...)
|
||||
}
|
||||
|
||||
func apiHandler(f DispatchFunction, access ...func(*Student, *http.Request) error) func(http.ResponseWriter, *http.Request, httprouter.Params) {
|
||||
return rawHandler(func (_ *http.Request, ps httprouter.Params, b []byte) (interface{}, error) { return f(ps, b) }, access...)
|
||||
return rawHandler(responseHandler(func (_ *http.Request, ps httprouter.Params, b []byte) (interface{}, error) { return f(ps, b) }), access...)
|
||||
}
|
||||
|
||||
func apiAuthHandler(f func(Student, httprouter.Params, []byte) (interface{}, error), access ...func(*Student, *http.Request) error) func(http.ResponseWriter, *http.Request, httprouter.Params) {
|
||||
return rawHandler(func (r *http.Request, ps httprouter.Params, b []byte) (interface{}, error) {
|
||||
return rawHandler(responseHandler(func (r *http.Request, ps httprouter.Params, b []byte) (interface{}, error) {
|
||||
if flds := strings.Fields(r.Header.Get("Authorization")); len(flds) != 2 || flds[0] != "Bearer" {
|
||||
return nil, errors.New("Authorization required")
|
||||
} else if sessionid, err := base64.StdEncoding.DecodeString(flds[1]); err != nil {
|
||||
|
|
@ -170,7 +167,7 @@ func apiAuthHandler(f func(Student, httprouter.Params, []byte) (interface{}, err
|
|||
} else {
|
||||
return f(std, ps, b)
|
||||
}
|
||||
}, access...)
|
||||
}), access...)
|
||||
}
|
||||
|
||||
func studentHandler(f func(Student, []byte) (interface{}, error)) func(httprouter.Params, []byte) (interface{}, error) {
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@ func init() {
|
|||
func(httprouter.Params, []byte) (interface{}, error) {
|
||||
return getStudentKeys()
|
||||
}))
|
||||
router.POST("/sshkeys", rawHandler(receiveKey))
|
||||
router.POST("/sshkeys", rawHandler(responseHandler(receiveKey)))
|
||||
router.GET("/sshkeys/authorizedkeys", func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
|
||||
dumpAuthorizedKeysFile(w)
|
||||
})
|
||||
|
|
|
|||
Reference in New Issue
Block a user