Esempio n. 1
0
func (v *APIKeyValidator) Handle(w http.ResponseWriter, r *vertex.Request, next vertex.HandlerFunc) (interface{}, error) {

	if _, found := v.validKeys[r.FormValue(v.paramName)]; !found {
		return nil, vertex.UnauthorizedError("missing or invalid api key '%s'", r.FormValue(v.paramName))
	}

	return next(w, r)

}
Esempio n. 2
0
// ForceSecure validates that a request is sent over SSL regardless of the global API config
func (f ForceSecure) Handle(w http.ResponseWriter, r *vertex.Request, next vertex.HandlerFunc) (interface{}, error) {

	if !r.Secure {

		if !r.IsLocal() || !f.AllowLocalInsecure {

			return nil, vertex.UnauthorizedError("Insecure Access Forbidden")
		}
	}

	return next(w, r)
}
Esempio n. 3
0
// Handle checks the current requests IP against the allowed and blocked IP ranges in the filter
func (f *IPRangeFilter) Handle(w http.ResponseWriter, r *vertex.Request, next vertex.HandlerFunc) (interface{}, error) {
	ip := net.ParseIP(r.RemoteIP)

	if f.denied != nil {
		for _, ipnet := range f.denied {
			if ipnet.Contains(ip) {
				return nil, vertex.UnauthorizedError("IP Address %s blocked", r.RemoteIP)
			}
		}

	}

	for _, ipnet := range f.allowed {
		if ipnet.Contains(ip) {
			logging.Info("IP Address %s allowed", r.RemoteIP)
			return next(w, r)
		}

	}
	return nil, vertex.UnauthorizedError("IP Address %s not allowed", r.RemoteIP)
}
Esempio n. 4
0
func (o *OAuthMiddleware) LoginHandler() vertex.Route {

	handler := func(w http.ResponseWriter, r *vertex.Request) (interface{}, error) {
		code := r.FormValue("code")
		logging.Info("Got code: %s", code)

		tok, err := o.conf.Exchange(oauth2.NoContext, code)
		if err != nil {
			return nil, vertex.UnauthorizedError("Could not log you in: %s", err)
		}

		user, err := o.userValidator.Login(tok)
		if err != nil {
			return nil, vertex.UnauthorizedError("Could not validate user for login: %s", err)
		}

		enc, err := o.userValidator.EncodeToken(user)
		if err != nil {
			return nil, vertex.UnauthorizedError("Could not validate encode user token: %s", err)
		}

		o.setCookie(w, enc, r.Host)

		if cook, err := r.Cookie(nextUrl); err == nil && cook != nil && cook.Value != "" {
			logging.Info("Found nextUrl from before auth denied. Redirecting to %s", cook.Value)
			http.Redirect(w, r.Request, cook.Value, http.StatusTemporaryRedirect)
			return nil, vertex.Hijacked
		}

		return "Success Logging In", nil
	}
	return vertex.Route{
		Path:        loginPath,
		Description: "OAuth Login",
		Handler:     vertex.HandlerFunc(handler),
		Methods:     vertex.GET,
	}

}
Esempio n. 5
0
func APIKeyValidator(r *vertex.Request) error {
	if r.FormValue("apiKey") != config.APIKey {
		return vertex.UnauthorizedError("Inalid API key")
	}
	return nil
}