Exemple #1
0
// Authorization represent a middleware handler for a http router.
// For POST or PUT requests, it also parses the request body as a form. The
// claims of a token will be appended to the requests Form map. So you
// can access the token in any http/routing library.
func (a *AuthManager) Authorization(next http.Handler) http.Handler {

	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {

		token, err := jwt.ParseFromRequest(r, a.keyFunc)

		var inBL bool
		if token != nil {
			inBL = a.Blacklist.Has(token.Raw)
		}
		if token != nil && err == nil && token.Valid && !inBL {
			if err := appendTokenToForm(r, token, a.PostFormVarPrefix); err != nil {
				a.HTTPErrorHandler(
					log.Error("userjwt.AuthManager.Authenticate.appendTokenToForm", "err", err, "r", r, "token", token),
				).ServeHTTP(w, r)
			} else {
				next.ServeHTTP(w, r)
			}
		} else {
			if log.IsInfo() {
				log.Info("userjwt.AuthManager.Authenticate", "err", err, "token", token, "blacklist", inBL)
			}
			a.HTTPErrorHandler(err).ServeHTTP(w, r) // is that really thread safe or other bug?
		}
	})
}
Exemple #2
0
func TestNull(t *testing.T) {
	log.SetNull()
	log.SetLevel(-1000)
	if log.IsTrace() {
		t.Error("There should be no trace")
	}
	if log.IsDebug() {
		t.Error("There should be no debug")
	}
	if log.IsInfo() {
		t.Error("There should be no info")
	}
	if log.IsWarn() {
		t.Error("There should be no warn")
	}
	var args []interface{}
	args = append(args, "key1", 1, "key2", 3.14152)

	log.Trace("Hello World", args...)
	log.Debug("Hello World", args...)
	log.Info("Hello World", args...)
	log.Warn("Hello World", args...)
	log.Error("Hello World", args...)
	log.Log(1, "Hello World", args)
}
Exemple #3
0
func TestNull(t *testing.T) {
	log.SetLevel(-1000)
	if !log.IsDebug() {
		t.Error("There should be debug logging")
	}
	if !log.IsInfo() {
		t.Error("There should be info logging")
	}
	var args []interface{}
	args = append(args, "key1", 1, "key2", 3.14152)

	log.Debug("Hello World", args...)
	log.Info("Hello World", args...)
}
Exemple #4
0
// SupportXHTTPMethodOverride adds support for the X-HTTP-Method-Override
// header. Submitted value will be checked against known methods. Adding
// HTTPMethodOverrideFormKey to any form will take precedence before
// HTTP header. If an unknown method will be submitted it gets logged as an
// Info log.
func SupportXHTTPMethodOverride() Adapter {
	return func(h http.Handler) http.Handler {
		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
			mo := r.FormValue(HTTPMethodOverrideFormKey)
			if mo == "" {
				mo = r.Header.Get(HTTPMethodOverrideHeader)
			}
			switch mo {
			case "": // do nothing
			case HTTPMethodHead, HTTPMethodGet, HTTPMethodPost, HTTPMethodPut, HTTPMethodPatch, HTTPMethodDelete, HTTPMethodTrace, HTTPMethodOptions:
				r.Method = mo
			default:
				// not sure if an error is here really needed ...
				if log.IsInfo() {
					log.Info("net.SupportXHTTPMethodOverride.switch", "err", "Unknown http method", "method", mo, "form", r.Form.Encode(), "header", r.Header)
				}
			}

			h.ServeHTTP(w, r)
		})
	}
}
Exemple #5
0
// WithXHTTPMethodOverride adds support for the X-HTTP-Method-Override
// header. Submitted value will be checked against known methods. Adding
// HTTPMethodOverrideFormKey to any form will take precedence before
// HTTP header. If an unknown method will be submitted it gets logged as an
// Info log. This function is chainable.
func WithXHTTPMethodOverride() Middleware {
	return func(h Handler) Handler {
		return HandlerFunc(func(ctx context.Context, w http.ResponseWriter, r *http.Request) error {
			mo := r.FormValue(httputils.MethodOverrideFormKey)
			if mo == "" {
				mo = r.Header.Get(httputils.MethodOverrideHeader)
			}
			switch mo {
			case "": // do nothing
			case httputils.MethodHead, httputils.MethodGet, httputils.MethodPost, httputils.MethodPut, httputils.MethodPatch, httputils.MethodDelete, httputils.MethodTrace, httputils.MethodOptions:
				r.Method = mo
			default:
				// not sure if an error is here really needed ...
				if log.IsInfo() {
					log.Info("ctxhttp.SupportXHTTPMethodOverride.switch", "err", "Unknown http method", "method", mo, "form", r.Form.Encode(), "header", r.Header)
				}
			}

			return h.ServeHTTPContext(ctx, w, r)
		})
	}
}