Esempio n. 1
0
func isCookieAuthenticated(r *http.Request, application *stormpath.Application) stormpath.AuthResult {
	isRefresh := false

	cookie, err := r.Cookie(Config.AccessTokenCookieName)
	if err == http.ErrNoCookie {
		cookie, err = r.Cookie(Config.RefreshTokenCookieName)
		if err != nil {
			return nil
		}
		isRefresh = true
	}

	if isRefresh {
		authenticationResult, err := stormpath.NewOAuthRefreshTokenAuthenticator(application).Authenticate(cookie.Value)
		if err != nil {
			return nil
		}
		return authenticationResult
	}
	//Validate the token to make sure it hasn't expire yet
	authenticationResult, err := stormpath.NewOAuthBearerAuthenticator(application).Authenticate(cookie.Value)
	if err != nil {
		return nil
	}

	return authenticationResult
}
Esempio n. 2
0
func isTokenBearerAuthenticated(r *http.Request, application *stormpath.Application) stormpath.AuthResult {
	authorizationHeader := r.Header.Get("Authorization")
	if authorizationHeader == "" {
		return nil
	}

	token := authorizationHeader[strings.Index(authorizationHeader, "bearer ")+7:]

	authenticationResult, err := stormpath.NewOAuthBearerAuthenticator(application).Authenticate(token)
	if err != nil {
		return nil
	}

	return authenticationResult
}