teach/adlin
Archived
0
0
Fork 0
Code Issues 1 Pull requests 4 Releases Activity

split checker from token-validator

Browse source
This commit is contained in:
nemunaire 2020-03-27 14:57:14 +01:00
parent 685dc0b0ea
commit 0c661f36f6
20 changed files with 634 additions and 748 deletions
Download patch file Download diff file Expand all files Collapse all files

42
token-validator/handler.go
View file

@ -14,6 +14,8 @@ import (
"time"
"github.com/julienschmidt/httprouter"
"git.nemunai.re/lectures/adlin/libadlin"
)
var router = httprouter.New()
@ -26,8 +28,8 @@ type DispatchFunction func(httprouter.Params, []byte) (interface{}, error)
func remoteValidatorHandler(f func(http.ResponseWriter, *http.Request, httprouter.Params)) func(http.ResponseWriter, *http.Request, httprouter.Params) {
return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
expectedMAC := hmac.New(sha512.New, []byte(sharedSecret)).Sum([]byte(fmt.Sprintf("%d", time.Now().Unix()/10)))
previousMAC := hmac.New(sha512.New, []byte(sharedSecret)).Sum([]byte(fmt.Sprintf("%d", time.Now().Unix()/10-1)))
expectedMAC := hmac.New(sha512.New, []byte(adlin.SharedSecret)).Sum([]byte(fmt.Sprintf("%d", time.Now().Unix()/10)))
previousMAC := hmac.New(sha512.New, []byte(adlin.SharedSecret)).Sum([]byte(fmt.Sprintf("%d", time.Now().Unix()/10-1)))
if aauth, err := base64.StdEncoding.DecodeString(r.Header.Get("X-ADLIN-Authentication")); err != nil {
http.Error(w, fmt.Sprintf("{\"errmsg\":%q}\n", err), http.StatusUnauthorized)
@ -39,7 +41,7 @@ func remoteValidatorHandler(f func(http.ResponseWriter, *http.Request, httproute
}
}
func rawHandler(f func(http.ResponseWriter, *http.Request, httprouter.Params, []byte), access ...func(*Student, *http.Request) error) func(http.ResponseWriter, *http.Request, httprouter.Params) {
func rawHandler(f func(http.ResponseWriter, *http.Request, httprouter.Params, []byte), access ...func(*adlin.Student, *http.Request) error) func(http.ResponseWriter, *http.Request, httprouter.Params) {
return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
if addr := r.Header.Get("X-Forwarded-For"); addr != "" {
r.RemoteAddr = addr
@ -49,17 +51,17 @@ func rawHandler(f func(http.ResponseWriter, *http.Request, httprouter.Params, []
w.Header().Set("Content-Type", "application/json")
// Read Authorization header
var student *Student = nil
var student *adlin.Student = nil
if cookie, err := r.Cookie("auth"); err == nil {
if sessionid, err := base64.StdEncoding.DecodeString(cookie.Value); err != nil {
http.Error(w, fmt.Sprintf(`{"errmsg": %q}`, err), http.StatusNotAcceptable)
return
} else if session, err := getSession(sessionid); err != nil {
} else if session, err := adlin.GetSession(sessionid); err != nil {
http.Error(w, fmt.Sprintf(`{"errmsg": %q}`, err), http.StatusUnauthorized)
return
} else if session.IdStudent == nil {
student = nil
} else if std, err := getStudent(int(*session.IdStudent)); err != nil {
} else if std, err := adlin.GetStudent(int(*session.IdStudent)); err != nil {
http.Error(w, fmt.Sprintf(`{"errmsg": %q}`, err), http.StatusUnauthorized)
return
} else {
@ -132,41 +134,41 @@ func responseHandler(f func(*http.Request, httprouter.Params, []byte) (interface
}
}
func challengeHandler(f func (*http.Request, []byte, int) (interface{}, error)) func(*http.Request, httprouter.Params, []byte) (interface{}, error) {
func challengeHandler(f func(*http.Request, []byte, int) (interface{}, error)) func(*http.Request, httprouter.Params, []byte) (interface{}, error) {
return func(r *http.Request, ps httprouter.Params, body []byte) (interface{}, error) {
return f(r, body, 0)
}
}
func definedChallengeHandler(f func (*http.Request, []byte, int) (interface{}, error), chid int) func(*http.Request, httprouter.Params, []byte) (interface{}, error) {
func definedChallengeHandler(f func(*http.Request, []byte, int) (interface{}, error), chid int) func(*http.Request, httprouter.Params, []byte) (interface{}, error) {
return func(r *http.Request, ps httprouter.Params, body []byte) (interface{}, error) {
return f(r, body, chid)
}
}
func apiRawHandler(f func(http.ResponseWriter, httprouter.Params, []byte) (interface{}, error), access ...func(*Student, *http.Request) error) func(http.ResponseWriter, *http.Request, httprouter.Params) {
return rawHandler(func (w http.ResponseWriter, r *http.Request, ps httprouter.Params, b []byte) {
responseHandler(func (_ *http.Request, ps httprouter.Params, b []byte)(interface{}, error) {
func apiRawHandler(f func(http.ResponseWriter, httprouter.Params, []byte) (interface{}, error), access ...func(*adlin.Student, *http.Request) error) func(http.ResponseWriter, *http.Request, httprouter.Params) {
return rawHandler(func(w http.ResponseWriter, r *http.Request, ps httprouter.Params, b []byte) {
responseHandler(func(_ *http.Request, ps httprouter.Params, b []byte) (interface{}, error) {
return f(w, ps, b)
})(w, r, ps, b)
}, access...)
}
func apiHandler(f DispatchFunction, access ...func(*Student, *http.Request) error) func(http.ResponseWriter, *http.Request, httprouter.Params) {
return rawHandler(responseHandler(func (_ *http.Request, ps httprouter.Params, b []byte) (interface{}, error) { return f(ps, b) }), access...)
func apiHandler(f DispatchFunction, access ...func(*adlin.Student, *http.Request) error) func(http.ResponseWriter, *http.Request, httprouter.Params) {
return rawHandler(responseHandler(func(_ *http.Request, ps httprouter.Params, b []byte) (interface{}, error) { return f(ps, b) }), access...)
}
func apiAuthHandler(f func(Student, httprouter.Params, []byte) (interface{}, error), access ...func(*Student, *http.Request) error) func(http.ResponseWriter, *http.Request, httprouter.Params) {
return rawHandler(responseHandler(func (r *http.Request, ps httprouter.Params, b []byte) (interface{}, error) {
func apiAuthHandler(f func(adlin.Student, httprouter.Params, []byte) (interface{}, error), access ...func(*adlin.Student, *http.Request) error) func(http.ResponseWriter, *http.Request, httprouter.Params) {
return rawHandler(responseHandler(func(r *http.Request, ps httprouter.Params, b []byte) (interface{}, error) {
if cookie, err := r.Cookie("auth"); err != nil {
return nil, errors.New("Authorization required")
} else if sessionid, err := base64.StdEncoding.DecodeString(cookie.Value); err != nil {
return nil, err
} else if session, err := getSession(sessionid); err != nil {
} else if session, err := adlin.GetSession(sessionid); err != nil {
return nil, err
} else if session.IdStudent == nil {
return nil, errors.New("Authorization required")
} else if std, err := getStudent(int(*session.IdStudent)); err != nil {
} else if std, err := adlin.GetStudent(int(*session.IdStudent)); err != nil {
return nil, err
} else {
return f(std, ps, b)
@ -174,15 +176,15 @@ func apiAuthHandler(f func(Student, httprouter.Params, []byte) (interface{}, err
}), access...)
}
func studentHandler(f func(Student, []byte) (interface{}, error)) func(httprouter.Params, []byte) (interface{}, error) {
func studentHandler(f func(adlin.Student, []byte) (interface{}, error)) func(httprouter.Params, []byte) (interface{}, error) {
return func(ps httprouter.Params, body []byte) (interface{}, error) {
if sid, err := strconv.Atoi(string(ps.ByName("sid"))); err != nil {
if student, err := getStudentByLogin(ps.ByName("sid")); err != nil {
if student, err := adlin.GetStudentByLogin(ps.ByName("sid")); err != nil {
return nil, err
} else {
return f(student, body)
}
} else if student, err := getStudent(sid); err != nil {
} else if student, err := adlin.GetStudent(sid); err != nil {
return nil, err
} else {
return f(student, body)