Exemple #1
0
// check if password and username only contain allowed characters
func validateCredentials(request *falcore.Request, username string, password string) *http.Response {
	var response *http.Response

	if username == "" {
		request.CurrentStage.Status = byte(2)
		response = response_messages.ErrorResponse(request, http.StatusBadRequest, "bad request", "username is missing", nil)
	} else if password == "" {
		request.CurrentStage.Status = byte(3)
		response = response_messages.ErrorResponse(request, http.StatusBadRequest, "bad request", "password is missing", nil)
	} else {
		var alnumValidator = regexp.MustCompile("^[a-zA-Z0-9]+$")
		if !alnumValidator.MatchString(username) {
			request.CurrentStage.Status = byte(4)
			response = response_messages.ErrorResponse(request, http.StatusBadRequest, "bad request", "username is invalid", nil)
		} else {
			if !alnumValidator.MatchString(password) {
				request.CurrentStage.Status = byte(5)
				response = response_messages.ErrorResponse(request, http.StatusBadRequest, "bad request", "password is invalid", nil)
			} else {
				// password and username do not contain invalid characters
				request.CurrentStage.Status = byte(6)
				response = generateAccessToken(request, username, password)
			}
		}
	}
	return response
}
// authenticate request
func (f AuthenticationFilter) FilterRequest(request *falcore.Request) *http.Response {
	var response *http.Response

	if len(request.HttpRequest.URL.Path) == 7 && request.HttpRequest.URL.Path[0:7] == "/tokens" {
		// current request is a token request, do not do authentication here
		request.CurrentStage.Status = byte(1)
		response = nil
	} else {
		// check if access token is set in header "Authentication" or parameter "accessToken"
		if getAccessToken(request) == "" {
			// do not allow empty access token
			request.CurrentStage.Status = byte(2)
			response = response_messages.ErrorResponse(request, http.StatusUnauthorized, "unauthorized", "Missing access token", nil)
		} else {
			// check if access token is not expired yet
			if services.MemcacheAccessTokenIsExpired(getAccessToken(request)) {
				request.CurrentStage.Status = byte(3)
				response = response_messages.ErrorResponse(request, http.StatusUnauthorized, "unauthorized", "Invalid access token", nil)
			} else {
				// authentication ok!
				request.CurrentStage.Status = byte(4)
				response = nil
			}
		}
	}
	return response
}
Exemple #3
0
// asks for an usergrid access token with passed username and password
func generateAccessToken(request *falcore.Request, username string, password string) *http.Response {
	var response *http.Response

	uri := fmt.Sprintf("http://localhost:8080/newspeak/newspeak/token?grant_type=password&username=%s&password=%s", username, password)
	usergridResponse, usergridError := http.Get(uri)

	if usergridError != nil {
		request.CurrentStage.Status = byte(7)
		response = response_messages.InternalServerErrorResponse(request, "Could not request credentials", usergridError)
	} else if usergridResponse.StatusCode != http.StatusOK {
		request.CurrentStage.Status = byte(8)
		response = response_messages.ErrorResponse(request, http.StatusUnauthorized, "unauthorized", "Invalid credentials", nil)
		fmt.Println("invalid credentials: " + username + ", " + password)
	} else {
		usergridResponseBody, usergridError := ioutil.ReadAll(usergridResponse.Body)
		usergridResponse.Body.Close()

		if usergridError != nil {
			request.CurrentStage.Status = byte(9)
			response = response_messages.InternalServerErrorResponse(request, "Could not read response when requesting credentials", usergridError)
		} else {
			request.CurrentStage.Status = byte(10)
			response = parseUsergridResponse(request, username, usergridResponseBody)
		}
	}
	return response
}
Exemple #4
0
// register device with apple/google push message server
// @TODO check if message is empty
func sendMessageToUniqush(request *falcore.Request) *http.Response {
	var response *http.Response
	recipient := request.HttpRequest.FormValue("recipient")
	message := request.HttpRequest.FormValue("message")

	fmt.Println(time.Now().Format("2006-01-02 15:04:05") + " delivering message '" + message + "' to '" + recipient + "'")

	uniqushResponse, uniqushError := http.PostForm("http://localhost:9898/push", url.Values{
		"service":    {"newspeak"},
		"subscriber": {recipient},
		"msg":        {message},
	})

	if uniqushError != nil {
		request.CurrentStage.Status = byte(2)
		response = response_messages.InternalServerErrorResponse(request, "Could not read response when registering device", uniqushError)
	} else {
		uniqushResponseBody, uniqushError := ioutil.ReadAll(uniqushResponse.Body)
		uniqushResponse.Body.Close()

		if uniqushError != nil {
			request.CurrentStage.Status = byte(3)
			response = response_messages.InternalServerErrorResponse(request, "Could not process response when registering device", uniqushError)
		} else if uniqushResponse.StatusCode != http.StatusOK {
			request.CurrentStage.Status = byte(4)
			response = response_messages.ErrorResponse(request, http.StatusServiceUnavailable, "service unavailable", "Error while connecting to push message server", errors.New(string(uniqushResponseBody)))
		} else {
			var body = make(map[string]string)
			body["Message"] = "message sent successfully"
			body["Recipient"] = recipient
			body["MessageSent"] = message
			body["Response"] = string(uniqushResponseBody)
			request.CurrentStage.Status = byte(5)
			fmt.Println(time.Now().Format("2006-01-02 15:04:05")+" delivered message '"+message+"' to '", recipient+"' response: "+string(uniqushResponseBody))
			response = response_messages.SuccessResponse(request, body)
		}
	}
	return response
}
Exemple #5
0
// register device with apple/google push message server
func addDeviceToUniqush(request *falcore.Request, deviceToken string) *http.Response {
	var response *http.Response
	username := services.MemcacheGetUsername(getAccessToken(request))

	uniqushResponse, uniqushError := http.PostForm("http://localhost:9898/subscribe", url.Values{
		"service":         {"newspeak"},
		"pushservicetype": {"apns"},
		"subscriber":      {username},
		"devtoken":        {deviceToken},
	})

	if uniqushError != nil {
		request.CurrentStage.Status = byte(1)
		response = response_messages.InternalServerErrorResponse(request, "Could not read response when registering device", uniqushError)
	} else {
		uniqushResponseBody, uniqushError := ioutil.ReadAll(uniqushResponse.Body)
		uniqushResponse.Body.Close()

		if uniqushResponse.StatusCode != http.StatusOK {
			request.CurrentStage.Status = byte(2)
			response = response_messages.ErrorResponse(request, http.StatusServiceUnavailable, "service unavailable", "Error while connecting to push message server", errors.New(string(uniqushResponseBody)))
		} else if uniqushError != nil {
			request.CurrentStage.Status = byte(3)
			response = response_messages.InternalServerErrorResponse(request, "Could not process response when registering device", uniqushError)
		} else {
			var body = make(map[string]string)
			body["Message"] = "device added"
			body["Username"] = username
			body["DeviceToken"] = deviceToken
			body["Response"] = string(uniqushResponseBody)
			request.CurrentStage.Status = byte(4)
			fmt.Println("registered device:", deviceToken, "for:", username)
			response = response_messages.SuccessResponse(request, body)
		}
	}
	return response
}