teach/adlin
Archived
0
0
Fork 0
Code Issues 1 Pull requests 4 Releases Activity

token-validator: handle remote-validator authentication + new student features

Browse source
This commit is contained in:
nemunaire 2018-02-20 14:55:32 +01:00 committed by Pierre-Olivier Mercier
commit fa45457bb7
2 changed files with 61 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

36
token-validator/handler.go
View file

@ -1,11 +1,16 @@
package main
import (
"crypto/hmac"
"crypto/sha512"
"encoding/base64"
"encoding/json"
"fmt"
"io"
"log"
"net/http"
"strconv"
"time"
"github.com/julienschmidt/httprouter"
)
@ -18,6 +23,21 @@ func Router() *httprouter.Router {
type DispatchFunction func(httprouter.Params, []byte) (interface{}, error)
func remoteValidatorHandler(f func(http.ResponseWriter, *http.Request, httprouter.Params)) func(http.ResponseWriter, *http.Request, httprouter.Params) {
return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
expectedMAC := hmac.New(sha512.New, []byte(sharedSecret)).Sum([]byte(fmt.Sprintf("%d", time.Now().Unix()/10)))
previousMAC := hmac.New(sha512.New, []byte(sharedSecret)).Sum([]byte(fmt.Sprintf("%d", time.Now().Unix()/10-1)))
if aauth, err := base64.StdEncoding.DecodeString(r.Header.Get("X-ADLIN-Authentication")); err != nil {
http.Error(w, fmt.Sprintf("{\"errmsg\":%q}", err), http.StatusUnauthorized)
} else if !hmac.Equal(expectedMAC, aauth) && !hmac.Equal(previousMAC, aauth) {
http.Error(w, fmt.Sprintf("{\"errmsg\":%q}", "Bad authentication header"), http.StatusUnauthorized)
} else {
f(w, r, ps)
}
}
}
func apiHandler(f DispatchFunction) func(http.ResponseWriter, *http.Request, httprouter.Params) {
return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
if addr := r.Header.Get("X-Forwarded-For"); addr != "" {
@ -78,3 +98,19 @@ func apiHandler(f DispatchFunction) func(http.ResponseWriter, *http.Request, htt
}
}
}
func studentHandler(f func(Student, []byte) (interface{}, error)) func(httprouter.Params, []byte) (interface{}, error) {
return func(ps httprouter.Params, body []byte) (interface{}, error) {
if sid, err := strconv.Atoi(string(ps.ByName("sid"))); err != nil {
if student, err := getStudentByLogin(ps.ByName("sid")); err != nil {
return nil, err
} else {
return f(student, body)
}
} else if student, err := getStudent(sid); err != nil {
return nil, err
} else {
return f(student, body)
}
}
}