func (h *Handler) SetRoutes(r *mux.Router, extractor func(h hydcon.ContextHandler) hydcon.ContextHandler) {
r.Handle("/oauth2/connections", hydcon.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
h.m.IsAuthorized(connectionsPermission, "create", nil),
).ThenFunc(h.Create)).Methods("POST")
r.Handle("/oauth2/connections", hydcon.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
).ThenFunc(h.Find)).Queries("subject", "{subject}").Methods("GET")
r.Handle("/oauth2/connections/{id}", hydcon.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
).ThenFunc(h.Get)).Methods("GET")
r.Handle("/oauth2/connections/{id}", hydcon.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
).ThenFunc(h.Delete)).Methods("DELETE")
}
func TestMiddleware(t *testing.T) {
m := &Middleware{}
for k, c := range cases {
h := chd.NewContextAdapter(
context.Background(),
mockContext(c),
m.IsAuthenticated,
).ThenFunc(chd.ContextHandlerFunc(handler(m, c)))
ts := httptest.NewServer(h)
defer ts.Close()
res, err := http.Get(ts.URL)
require.Nil(t, err)
res.Body.Close()
if !c.expectAuthN {
assert.Equal(t, http.StatusUnauthorized, res.StatusCode, "Authentication failed case %d", k)
} else if !c.expectAuthZ {
assert.Equal(t, http.StatusForbidden, res.StatusCode, "Authorization failed case %d", k)
} else {
assert.Equal(t, http.StatusOK, res.StatusCode, "Case %d should be authorized but wasn't.", k)
}
}
}
func (h *Handler) SetRoutes(r *mux.Router, extractor func(h chd.ContextHandler) chd.ContextHandler) {
r.Handle("/clients", chd.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
h.m.IsAuthorized("rn:hydra:clients", "create", nil),
).ThenFunc(h.Create)).Methods("POST")
r.Handle("/clients/{id}", chd.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
).ThenFunc(h.Get)).Methods("GET")
r.Handle("/clients/{id}", chd.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
).ThenFunc(h.Delete)).Methods("DELETE")
}
func (h *Handler) SetRoutes(r *mux.Router, extractor func(h hctx.ContextHandler) hctx.ContextHandler) {
r.Handle("/guard/allowed", hctx.NewContextAdapter(
context.Background(),
).ThenFunc(h.Granted)).Methods("POST")
r.Handle("/policies", hctx.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
h.m.IsAuthorized("rn:hydra:policies", "create", nil),
).ThenFunc(h.Create)).Methods("POST")
r.Handle("/policies/{id}", hctx.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
).ThenFunc(h.Get)).Methods("GET")
r.Handle("/policies/{id}", hctx.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
).ThenFunc(h.Delete)).Methods("DELETE")
}
func (h *Handler) SetRoutes(r *mux.Router, extractor func(h chd.ContextHandler) chd.ContextHandler) {
r.Handle("/accounts", chd.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
h.m.IsAuthorized("rn:hydra:accounts", "create", nil),
).ThenFunc(h.create)).Methods("POST")
r.Handle("/accounts/{id}/password", chd.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
).ThenFunc(h.updatePassword)).Methods("PUT")
r.Handle("/accounts/{id}/data", chd.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
).ThenFunc(h.updateData)).Methods("PUT")
r.Handle("/accounts/{id}/username", chd.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
).ThenFunc(h.updateUsername)).Methods("PUT")
r.Handle("/accounts/{id}", chd.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
).ThenFunc(h.get)).Methods("GET")
r.Handle("/accounts/{id}", chd.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
).ThenFunc(h.delete)).Methods("DELETE")
}