예제 #1
0
파일: secure.go 프로젝트: 18F/cg-dashboard
// OAuth is a middle ware that checks whether or not the user has a valid token.
// If the token is present and still valid, it just passes it on.
// If the token is 1) present and expired or 2) not present, it will return unauthorized.
func (c *SecureContext) OAuth(rw web.ResponseWriter, req *web.Request, next web.NextMiddlewareFunc) {
	// Get valid token if it exists from session store.
	if token := helpers.GetValidToken(req.Request, c.Settings); token != nil {
		c.Token = *token
	} else {
		// If no token, return unauthorized.
		http.Error(rw, "{\"status\": \"unauthorized\"}", http.StatusUnauthorized)
		return
	}
	// Proceed to the next middleware or to the handler if last middleware.
	next(rw, req)
}
예제 #2
0
파일: root.go 프로젝트: 18F/cg-dashboard
// LoginHandshake is the handler where we authenticate the user and the user authorizes this application access to information.
func (c *Context) LoginHandshake(rw web.ResponseWriter, req *web.Request) {
	if token := helpers.GetValidToken(req.Request, c.Settings); token != nil {
		// We should just go to dashboard if the user already has a valid token.
		http.Redirect(rw, req.Request, "/#/dashboard", http.StatusFound)

	} else {
		// Redirect to the Cloud Foundry Login place.
		err := c.redirect(rw, req)
		if err != nil {
			fmt.Println("Error on oauth redirect: ", err.Error())
		}
	}
}
예제 #3
0
func TestGetValidToken(t *testing.T) {
	mockRequest, _ := http.NewRequest("GET", "", nil)
	mockSettings := helpers.Settings{}
	mockSettings.TokenContext = context.TODO()

	for _, test := range getValidTokenTests {
		// Initialize a new session store.
		store := testhelpers.MockSessionStore{}
		store.ResetSessionData(test.sessionData, test.sessionName)
		mockSettings.Sessions = store

		value := helpers.GetValidToken(mockRequest, &mockSettings)
		if (value == nil) == test.returnValueNull {
		} else {
			t.Errorf("Test %s did not meet expected value. Expected: %t. Actual: %t\n", test.testName, test.returnValueNull, (value == nil))
		}
	}
}
예제 #4
0
파일: root.go 프로젝트: 18F/cg-dashboard
// LoginRequired is a middleware that requires a valid toker or redirects to the handshake page.
func (c *Context) LoginRequired(rw web.ResponseWriter, r *web.Request, next web.NextMiddlewareFunc) {

	// If there is no request just continue
	if r == nil {
		next(rw, r)
		return
	}

	// Don't cache anything
	// right now, there's a problem where when you initially logout and then
	// revisit the server, you will get a bad view due to a caching issue.
	// for now, we clear the cache for everything.
	// TODO: revist and cache static assets.
	rw.Header().Set("cache-control", "no-cache, no-store, must-revalidate, private")
	rw.Header().Set("pragma", "no-cache")
	rw.Header().Set("expires", "-1")

	token := helpers.GetValidToken(r.Request, c.Settings)
	tokenPresent := token != nil
	publicUrls := map[string]struct{}{
		"/handshake":      {},
		"/oauth2callback": {},
		"/ping":           {},
		"/assets/img/dashboard-uaa-icon.jpg": {},
	}
	// Check if URL is public so we skip validation
	_, public := publicUrls[r.URL.EscapedPath()]
	if public || tokenPresent {
		next(rw, r)
	} else {
		err := c.redirect(rw, r)
		if err != nil {
			fmt.Println("Error on oauth redirect: ", err.Error())
		}
	}
}