Esempio n. 1
0
// Auth handles token authentication.
func Auth(h app.Handler) app.Handler {

	// Check if authentication is turned off.
	on, err := cfg.Bool(cfgAuth)
	if err == nil && !on {
		return func(c *app.Context) error {
			log.Dev(c.SessionID, "Auth", "******> Authentication Off")
			return h(c)
		}
	}

	// Turn authentication on.
	return func(c *app.Context) error {
		token := c.Request.Header.Get("Authorization")
		log.Dev(c.SessionID, "Auth", "Started : Token[%s]", token)

		if len(token) < 5 || token[0:5] != "Basic" {
			log.Error(c.SessionID, "Auth", app.ErrNotAuthorized, "Validating token")
			return app.ErrNotAuthorized
		}

		var err error
		if c.User, err = auth.ValidateWebToken(c.SessionID, c.DB, token[6:]); err != nil {
			log.Error(c.SessionID, "Auth", err, "Validating token")
			return app.ErrNotAuthorized
		}

		log.Dev(c.SessionID, "Auth", "Completed")
		return h(c)
	}
}
Esempio n. 2
0
// API returns a handler for a set of routes.
func API() http.Handler {
	mongoURI := cfg.MustURL(cfgMongoURI)

	// The web framework middleware for Mongo is using the name of the
	// database as the name of the master session by convention. So use
	// cfg.DB as the second argument when creating the master session.
	if err := db.RegMasterSession("startup", mongoURI.Path, mongoURI.String(), 25*time.Second); err != nil {
		log.Error("startup", "Init", err, "Initializing MongoDB")
		os.Exit(1)
	}

	w := web.New(logm.Midware, errorm.Midware)

	publicKey, err := cfg.String(cfgAuthPublicKey)
	if err != nil || publicKey == "" {
		log.User("startup", "Init", "%s is missing, internal authentication is disabled", cfgAuthPublicKey)
	}

	// If the public key is provided then add the auth middleware or fail using
	// the provided public key.
	if publicKey != "" {
		log.Dev("startup", "Init", "Initializing Auth")

		authm, err := authm.Midware(publicKey, authm.MidwareOpts{})
		if err != nil {
			log.Error("startup", "Init", err, "Initializing Auth")
			os.Exit(1)
		}

		// Apply the authentication middleware on top of the application as the
		// first middleware.
		w.Use(authm)
	}

	// Add the Mongo and Cayley middlewares possibly after the auth middleware.
	w.Use(mongo.Midware(mongoURI), cayley.Midware(mongoURI))

	if cors, err := cfg.Bool(cfgEnableCORS); err == nil && cors {
		log.Dev("startup", "Init", "Initializing CORS : CORS Enabled")
		w.Use(w.CORS())
	} else {
		log.Dev("startup", "Init", "CORS Disabled")
	}

	log.Dev("startup", "Init", "Initalizing routes")
	routes(w)

	return w
}
Esempio n. 3
0
// API returns a handler for a set of routes.
func API() http.Handler {
	mongoURI := cfg.MustURL(cfgMongoURI)

	// The web framework middleware for Mongo is using the name of the
	// database as the name of the master session by convention. So use
	// cfg.DB as the second argument when creating the master session.
	if err := db.RegMasterSession("startup", mongoURI.Path, mongoURI.String(), 25*time.Second); err != nil {
		log.Error("startup", "Init", err, "Initializing MongoDB")
		os.Exit(1)
	}

	// Ensure that the database indexes are setup on the underlying MongoDB
	// database.
	if err := ensureDBIndexes(mongoURI); err != nil {
		log.Error("startup", "Init", err, "Initializing DB Indexes")
		os.Exit(1)
	}

	w := web.New(logm.Midware, errorm.Midware, mongo.Midware(mongoURI))

	// Load in the recaptcha secret from the config.
	if recaptcha, err := cfg.String(cfgRecaptchaSecret); err == nil && recaptcha != "" {
		w.Ctx["recaptcha"] = recaptcha
		log.Dev("startup", "Init", "Recaptcha Enabled")
	} else {
		log.Dev("startup", "Init", "%s is missing, recaptcha is disabled", cfgRecaptchaSecret)
	}

	if cors, err := cfg.Bool(cfgEnableCORS); err == nil && cors {
		log.Dev("startup", "Init", "Initializing CORS : CORS Enabled")
		w.Use(w.CORS())
	} else {
		log.Dev("startup", "Init", "CORS Disabled")
	}

	log.Dev("startup", "Init", "Initalizing routes")
	routes(w)

	return w
}
Esempio n. 4
0
// TestExists validates the ability to load configuration values
// using the OS-level environment variables and read them back.
func TestExists(t *testing.T) {
	t.Log("Given the need to read environment variables.")
	{
		uStr := "postgres://*****:*****@127.0.0.1:8080/postgres?sslmode=disable"

		os.Setenv("MYAPP_PROC_ID", "322")
		os.Setenv("MYAPP_SOCKET", "./tmp/sockets.po")
		os.Setenv("MYAPP_PORT", "4034")
		os.Setenv("MYAPP_FLAG", "true")
		os.Setenv("MYAPP_DSN", uStr)

		cfg.Init("MYAPP")

		t.Log("\tWhen given a namspace key to search for that exists.")
		{
			proc, err := cfg.Int("PROC_ID")

			if err != nil {
				t.Errorf("\t\t%s Should not return error when valid key %q", failed, "PROC_ID")
			} else {
				t.Logf("\t\t%s Should not return error when valid key %q", succeed, "PROC_ID")

				if proc != 322 {
					t.Errorf("\t\t%s Should have key %q with value %d", failed, "PROC_ID", 322)
				} else {
					t.Logf("\t\t%s Should have key %q with value %d", succeed, "PROC_ID", 322)
				}
			}

			socket, err := cfg.String("SOCKET")

			if err != nil {
				t.Errorf("\t\t%s Should not return error when valid key %q", failed, "SOCKET")
			} else {
				t.Logf("\t\t%s Should not return error when valid key %q", succeed, "SOCKET")

				if socket != "./tmp/sockets.po" {
					t.Errorf("\t\t%s Should have key %q with value %q", failed, "SOCKET", "./tmp/sockets.po")
				} else {
					t.Logf("\t\t%s Should have key %q with value %q", succeed, "SOCKET", "./tmp/sockets.po")
				}
			}

			port, err := cfg.Int("PORT")

			if err != nil {
				t.Errorf("\t\t%s Should not return error when valid key %q", failed, "PORT")
			} else {
				t.Logf("\t\t%s Should not return error when valid key %q", succeed, "PORT")

				if port != 4034 {
					t.Errorf("\t\t%s Should have key %q with value %d", failed, "PORT", 4034)
				} else {
					t.Logf("\t\t%s Should have key %q with value %d", succeed, "PORT", 4034)
				}
			}

			flag, err := cfg.Bool("FLAG")

			if err != nil {
				t.Errorf("\t\t%s Should not return error when valid key %q", failed, "FLAG")
			} else {
				t.Logf("\t\t%s Should not return error when valid key %q", succeed, "FLAG")

				if flag == false {
					t.Errorf("\t\t%s Should have key %q with value %v", failed, "FLAG", true)
				} else {
					t.Logf("\t\t%s Should have key %q with value %v", succeed, "FLAG", true)
				}
			}

			u, err := cfg.URL("DSN")

			if err != nil {
				t.Errorf("\t\t%s Should not return error when valid key %q", failed, "DSN")
			} else {
				t.Logf("\t\t%s Should not return error when valid key %q", succeed, "DSN")

				if u.String() != uStr {
					t.Errorf("\t\t%s Should have key %q with value %v", failed, "DSN", true)
				} else {
					t.Logf("\t\t%s Should have key %q with value %v", succeed, "DSN", true)
				}
			}
		}
	}
}
Esempio n. 5
0
// API returns a handler for a set of routes.
func API() http.Handler {
	w := web.New(logm.Midware, errorm.Midware)

	publicKey, err := cfg.String(cfgAuthPublicKey)
	if err != nil || publicKey == "" {
		log.User("startup", "Init", "%s is missing, internal authentication is disabled", cfgAuthPublicKey)
	}

	// If the public key is provided then add the auth middleware or fail using
	// the provided public key.
	if publicKey != "" {
		log.Dev("startup", "Init", "Initializing Auth")

		authm, err := authm.Midware(publicKey, authm.MidwareOpts{})
		if err != nil {
			log.Error("startup", "Init", err, "Initializing Auth")
			os.Exit(1)
		}

		// Apply the authentication middleware on top of the application as the
		// first middleware.
		w.Use(authm)
	}

	platformPrivateKey, err := cfg.String(cfgPlatformPrivateKey)
	if err != nil || platformPrivateKey == "" {
		log.User("startup", "Init", "%s is missing, downstream platform authentication is disabled", cfgPlatformPrivateKey)
	}

	// If the platformPrivateKey is provided, then we should generate the token
	// signing function to be used when composing requests down to the platform.
	if platformPrivateKey != "" {
		log.Dev("startup", "Init", "Initializing Downstream Platform Auth")

		signer, err := auth.NewSigner(platformPrivateKey)
		if err != nil {
			log.Error("startup", "Init", err, "Initializing Downstream Platform Auth")
			os.Exit(1)
		}

		// Requests can now be signed with the given signer function which we will
		// save on the application wide context. In the event that a function
		// requires a call down to a downstream platform, we will include a signed
		// header using the signer function here.
		w.Ctx["signer"] = signer
	}

	if cors, err := cfg.Bool(cfgEnableCORS); err == nil && cors {
		log.Dev("startup", "Init", "Initializing CORS : CORS Enabled")
		w.Use(w.CORS())
	} else {
		log.Dev("startup", "Init", "CORS Disabled")
	}

	// We need the URL for the services Sponged and Xeniad that needs to be running.
	spongedURL, err = cfg.String(cfgSpongedURL)
	if err != nil || spongedURL == "" {
		log.Error("startup", "Init", err, "Service Sponged needs to be setup.")
		os.Exit(1)
	}
	w.Ctx["spongedURL"] = cfg.MustURL(cfgSpongedURL).String()

	xeniadURL, err = cfg.String(cfgXeniadURL)
	if err != nil || xeniadURL == "" {
		log.Error("startup", "Init", err, "Service Xeniad needs to be setup.")
		os.Exit(1)
	}
	w.Ctx["xeniadURL "] = cfg.MustURL(cfgXeniadURL).String()

	log.Dev("startup", "Init", "Initalizing routes")
	routes(w)

	return w
}
Esempio n. 6
0
// TestSets validates the ability to manually set configuration values.
func TestSets(t *testing.T) {
	t.Log("Given the need to manually set configuration values.")
	{
		/*
					uStr := "postgres://*****:*****@127.0.0.1:8080/postgres?sslmode=disable"
			Map: map[string]string{
							"PROC_ID": "322",
							"SOCKET":  "./tmp/sockets.po",
							"PORT":    "4034",
							"FLAG":    "on",
							"DSN":     uStr,
						},
		*/

		cfg.Init(cfg.MapProvider{
			Map: map[string]string{},
		})

		t.Log("\tWhen setting values.")
		{
			key := "key1"
			strVal := "bill"
			cfg.SetString(key, strVal)

			retStrVal, err := cfg.String(key)
			if err != nil {
				t.Errorf("\t\t%s Should find a value for the specified key %q.", failed, key)
			} else {
				t.Logf("\t\t%s Should find a value for the specified key %q.", success, key)
			}
			if strVal != retStrVal {
				t.Log(strVal)
				t.Log(retStrVal)
				t.Errorf("\t\t%s Should return the string value %q that was set.", failed, strVal)
			} else {
				t.Logf("\t\t%s Should return the string value %q that was set.", success, strVal)
			}

			key = "key2"
			intVal := 223
			cfg.SetInt(key, intVal)

			retIntVal, err := cfg.Int(key)
			if err != nil {
				t.Errorf("\t\t%s Should find a value for the specified key %q.", failed, key)
			} else {
				t.Logf("\t\t%s Should find a value for the specified key %q.", success, key)
			}
			if intVal != retIntVal {
				t.Log(intVal)
				t.Log(retIntVal)
				t.Errorf("\t\t%s Should return the int value %d that was set.", failed, intVal)
			} else {
				t.Logf("\t\t%s Should return the int value %d that was set.", success, intVal)
			}

			key = "key3"
			timeVal, _ := time.Parse(time.UnixDate, "Mon Oct 27 20:18:15 EST 2016")
			cfg.SetTime(key, timeVal)

			retTimeVal, err := cfg.Time(key)
			if err != nil {
				t.Errorf("\t\t%s Should find a value for the specified key %q.", failed, key)
			} else {
				t.Logf("\t\t%s Should find a value for the specified key %q.", success, key)
			}
			if timeVal != retTimeVal {
				t.Log(timeVal)
				t.Log(retTimeVal)
				t.Errorf("\t\t%s Should return the time value %q that was set.", failed, timeVal)
			} else {
				t.Logf("\t\t%s Should return the time value %q that was set.", success, timeVal)
			}

			key = "key4"
			boolVal := true
			cfg.SetBool(key, boolVal)

			retBoolVal, err := cfg.Bool(key)
			if err != nil {
				t.Errorf("\t\t%s Should find a value for the specified key %q.", failed, key)
			} else {
				t.Logf("\t\t%s Should find a value for the specified key %q.", success, key)
			}
			if boolVal != retBoolVal {
				t.Log(boolVal)
				t.Log(retBoolVal)
				t.Errorf("\t\t%s Should return the bool value \"%v\" that was set.", failed, boolVal)
			} else {
				t.Logf("\t\t%s Should return the bool value \"%v\" that was set.", success, boolVal)
			}

			key = "key5"
			urlVal, _ := url.Parse("postgres://*****:*****@127.0.0.1:8080/postgres?sslmode=disable")
			cfg.SetURL(key, urlVal)

			retURLVal, err := cfg.URL(key)
			if err != nil {
				t.Errorf("\t\t%s Should find a value for the specified key %q.", failed, key)
			} else {
				t.Logf("\t\t%s Should find a value for the specified key %q.", success, key)
			}
			if urlVal.String() != retURLVal.String() {
				t.Log(urlVal)
				t.Log(retURLVal)
				t.Errorf("\t\t%s Should return the bool value \"%v\" that was set.", failed, urlVal)
			} else {
				t.Logf("\t\t%s Should return the bool value \"%v\" that was set.", success, urlVal)
			}
		}
	}
}