コード例 #1
0
// NewRequestAuthenticator creates an http handler that tries to authenticate the given request as a user, and then
// stores any such user found onto the provided context for the request. If authentication fails or returns an error
// the failed handler is used. On success, handler is invoked to serve the request.
func NewRequestAuthenticator(context RequestContext, auth authenticator.Request, failed http.Handler, handler http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
		user, ok, err := auth.AuthenticateRequest(req)
		if err != nil || !ok {
			if err != nil {
				glog.Errorf("Unable to authenticate the request due to an error: %v", err)
			}
			failed.ServeHTTP(w, req)
			return
		}

		context.Set(req, user)
		defer context.Remove(req)

		handler.ServeHTTP(w, req)
	})
}
コード例 #2
0
ファイル: handlers.go プロジェクト: chenzhen411/kubernetes
// NewRequestAuthenticator creates an http handler that tries to authenticate the given request as a user, and then
// stores any such user found onto the provided context for the request. If authentication fails or returns an error
// the failed handler is used. On success, handler is invoked to serve the request.
func NewRequestAuthenticator(mapper api.RequestContextMapper, auth authenticator.Request, failed http.Handler, handler http.Handler) (http.Handler, error) {
	return api.NewRequestContextFilter(
		mapper,
		http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
			user, ok, err := auth.AuthenticateRequest(req)
			if err != nil || !ok {
				if err != nil {
					glog.Errorf("Unable to authenticate the request due to an error: %v", err)
				}
				failed.ServeHTTP(w, req)
				return
			}

			if ctx, ok := mapper.Get(req); ok {
				mapper.Update(req, api.WithUser(ctx, user))
			}

			handler.ServeHTTP(w, req)
		}),
	)
}
コード例 #3
0
ファイル: handlers.go プロジェクト: ericcapricorn/kubernetes
// handleWhoAmI returns the user-string which this request is authenticated as (if any).
// Useful for debugging authentication.  Always returns HTTP status okay and a human
// readable (not intended as API) description of authentication state of request.
func handleWhoAmI(auth authenticator.Request) func(w http.ResponseWriter, req *http.Request) {
	return func(w http.ResponseWriter, req *http.Request) {
		w.Header().Set("Content-Type", "text/plain")
		w.WriteHeader(http.StatusOK)
		if auth == nil {
			w.Write([]byte("NO AUTHENTICATION SUPPORT"))
			return
		}
		userInfo, ok, err := auth.AuthenticateRequest(req)
		if err != nil {
			w.Write([]byte("ERROR WHILE AUTHENTICATING"))
			return
		}
		if !ok {
			w.Write([]byte("NOT AUTHENTICATED"))
			return
		}
		w.Write([]byte("AUTHENTICATED AS " + userInfo.GetName()))
		return
	}
}
コード例 #4
0
ファイル: handlers.go プロジェクト: TencentSA/kubernetes-0.5
// handleWhoAmI returns the user-string which this request is authenticated as (if any).
// Useful for debugging authentication.  Always returns HTTP status okay and a human
// readable (not intended as API) description of authentication state of request.
func handleWhoAmI(auth authenticator.Request) restful.RouteFunction {
	return func(req *restful.Request, resp *restful.Response) {
		// This is supposed to go away, so it's not worth the effort to convert to restful
		w := resp.ResponseWriter
		w.Header().Set("Content-Type", "text/plain")
		w.WriteHeader(http.StatusOK)
		if auth == nil {
			w.Write([]byte("NO AUTHENTICATION SUPPORT"))
			return
		}
		userInfo, ok, err := auth.AuthenticateRequest(req.Request)
		if err != nil {
			w.Write([]byte("ERROR WHILE AUTHENTICATING"))
			return
		}
		if !ok {
			w.Write([]byte("NOT AUTHENTICATED"))
			return
		}
		w.Write([]byte("AUTHENTICATED AS " + userInfo.GetName()))
		return
	}
}