func (h *Handler) Create(w http.ResponseWriter, r *http.Request, _ httprouter.Params) { var p = ladon.DefaultPolicy{ Conditions: ladon.Conditions{}, } ctx := herodot.NewContext() if _, err := h.W.HTTPActionAllowed(ctx, r, &ladon.Request{ Resource: policyResource, Action: "create", }, scope); err != nil { h.H.WriteError(ctx, w, r, err) return } if err := json.NewDecoder(r.Body).Decode(&p); err != nil { h.H.WriteError(ctx, w, r, errors.New(err)) return } if p.ID == "" { p.ID = uuid.New() } if err := h.Manager.Create(&p); err != nil { h.H.WriteError(ctx, w, r, errors.New(err)) return } h.H.WriteCreated(ctx, w, r, "/policies/"+p.ID, &p) }
func (h *WardenHandler) Authorized(w http.ResponseWriter, r *http.Request, _ httprouter.Params) { ctx := herodot.NewContext() clientCtx, err := h.authorizeClient(ctx, w, r, "an:hydra:warden:authorized") if err != nil { h.H.WriteError(ctx, w, r, err) return } var ar WardenAuthorizedRequest if err := json.NewDecoder(r.Body).Decode(&ar); err != nil { h.H.WriteError(ctx, w, r, err) return } defer r.Body.Close() authContext, err := h.Warden.Authorized(ctx, ar.Assertion, ar.Scopes...) if err != nil { h.H.WriteError(ctx, w, r, err) return } authContext.Audience = clientCtx.Subject h.H.Write(ctx, w, r, authContext) }
func (h *Handler) Get(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { ctx := herodot.NewContext() if _, err := h.W.HTTPActionAllowed(ctx, r, &ladon.Request{ Resource: fmt.Sprintf(policiesResource, ps.ByName("id")), Action: "get", }, scope); err != nil { h.H.WriteError(ctx, w, r, err) return } policy, err := h.Manager.Get(ps.ByName("id")) if err != nil { h.H.WriteError(ctx, w, r, errors.New(err)) return } h.H.Write(ctx, w, r, policy) }
func (h *Handler) GetAll(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { var ctx = herodot.NewContext() if _, err := h.W.HTTPActionAllowed(ctx, r, &ladon.Request{ Resource: ClientsResource, Action: "get", }, Scope); err != nil { h.H.WriteError(ctx, w, r, err) return } c, err := h.Manager.GetClients() if err != nil { h.H.WriteError(ctx, w, r, err) return } h.H.Write(ctx, w, r, c) }
func (h *Handler) Delete(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { var ctx = herodot.NewContext() var id = ps.ByName("id") if _, err := h.W.HTTPActionAllowed(ctx, r, &ladon.Request{ Resource: fmt.Sprintf(ClientResource, id), Action: "delete", }, Scope); err != nil { h.H.WriteError(ctx, w, r, err) return } if err := h.Manager.DeleteClient(id); err != nil { h.H.WriteError(ctx, w, r, err) return } w.WriteHeader(http.StatusNoContent) }
func (h *Handler) Delete(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { ctx := herodot.NewContext() id := ps.ByName("id") if _, err := h.W.HTTPActionAllowed(ctx, r, &ladon.Request{ Resource: fmt.Sprintf(policiesResource, id), Action: "get", }, scope); err != nil { h.H.WriteError(ctx, w, r, err) return } if err := h.Manager.Delete(id); err != nil { h.H.WriteError(ctx, w, r, errors.New("Could not delete client")) return } w.WriteHeader(http.StatusNoContent) }
func (h *Handler) Find(w http.ResponseWriter, r *http.Request, _ httprouter.Params) { var subject = r.URL.Query().Get("subject") var ctx = herodot.NewContext() if subject == "" { h.H.WriteErrorCode(ctx, w, r, http.StatusBadRequest, errors.New("Missing query parameter subject")) } if _, err := h.W.HTTPActionAllowed(ctx, r, &ladon.Request{ Resource: policyResource, Action: "find", }, scope); err != nil { h.H.WriteError(ctx, w, r, err) return } policies, err := h.Manager.FindPoliciesForSubject(subject) if err != nil { h.H.WriteError(ctx, w, r, errors.New(err)) return } h.H.Write(ctx, w, r, policies) }
func (h *Handler) Get(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { var ctx = herodot.NewContext() var id = ps.ByName("id") c, err := h.Manager.GetClient(id) if err != nil { h.H.WriteError(ctx, w, r, err) return } if _, err := h.W.HTTPActionAllowed(ctx, r, &ladon.Request{ Resource: fmt.Sprintf(ClientResource, id), Action: "get", Context: ladon.Context{ "owner": c.GetOwner(), }, }, Scope); err != nil { h.H.WriteError(ctx, w, r, err) return } h.H.Write(ctx, w, r, c) }
func (h *Handler) Create(w http.ResponseWriter, r *http.Request, _ httprouter.Params) { var c fosite.DefaultClient var ctx = herodot.NewContext() if err := json.NewDecoder(r.Body).Decode(&c); err != nil { h.H.WriteError(ctx, w, r, errors.New(err)) return } if _, err := h.W.HTTPActionAllowed(ctx, r, &ladon.Request{ Resource: ClientsResource, Action: "create", Context: ladon.Context{ "owner": c.Owner, }, }, Scope); err != nil { h.H.WriteError(ctx, w, r, err) return } if len(c.Secret) < 6 { secret, err := sequence.RuneSequence(12, []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890_-.,:;$%!&/()=?+*#<>")) if err != nil { h.H.WriteError(ctx, w, r, errors.New(err)) return } c.Secret = []byte(string(secret)) } if err := h.Manager.CreateClient(&c); err != nil { h.H.WriteError(ctx, w, r, err) return } h.H.WriteCreated(ctx, w, r, ClientsHandlerPath+"/"+c.GetID(), &c) }