예제 #1
0
파일: endpoints.go 프로젝트: jtolds/cwbench
func (a *Endpoints) NewAPIKey(ctx context.Context, w webhelp.ResponseWriter,
	req *http.Request, user *UserInfo) error {

	_, err := a.Data.NewAPIKey(user.Id)
	if err != nil {
		return err
	}

	return webhelp.Redirect(w, req, fmt.Sprintf("/account/apikeys"))
}
예제 #2
0
파일: auth.go 프로젝트: jtolds/cwbench
func (lr loginRequired) HandleHTTP(ctx context.Context,
	w webhelp.ResponseWriter, r *http.Request) error {
	user, err := lr.a.LoadUser(ctx, r)
	if err != nil {
		return err
	}
	if user == nil {
		return webhelp.Redirect(w, r, oauth2.LoginURL(r.RequestURI, false))
	}
	return lr.h.HandleHTTP(context.WithValue(ctx, userKey, user), w, r)
}
예제 #3
0
func (g *ProviderGroup) logoutAll(ctx context.Context,
	w webhelp.ResponseWriter, r *http.Request) error {
	err := g.LogoutAll(ctx, w)
	if err != nil {
		return err
	}
	redirect_to := r.FormValue("redirect_to")
	if redirect_to == "" {
		redirect_to = g.urls.DefaultLogoutURL
	}
	return webhelp.Redirect(w, r, redirect_to)
}
예제 #4
0
func (lr loginRequired) HandleHTTP(ctx context.Context,
	w webhelp.ResponseWriter, r *http.Request) error {
	token, err := lr.o.Token(ctx)
	if err != nil {
		return err
	}
	if token != nil {
		return lr.h.HandleHTTP(ctx, w, r)
	} else {
		return webhelp.Redirect(w, r, lr.o.LoginURL(r.RequestURI, false))
	}
}
예제 #5
0
// LoginRequired is a middleware for redirecting users to a login page if
// they aren't logged in yet. login_redirect should take the URL to redirect
// to after logging in and return a URL that will actually do the logging in.
// If you already know which provider a user should use, consider using
// (*ProviderHandler).LoginRequired instead, which doesn't require a
// login_redirect URL.
func (g *ProviderGroup) LoginRequired(h webhelp.Handler,
	login_redirect func(redirect_to string) (url string)) webhelp.Handler {
	return webhelp.HandlerFunc(func(ctx context.Context,
		w webhelp.ResponseWriter, r *http.Request) error {
		tokens, err := g.Tokens(ctx)
		if err != nil {
			return err
		}
		if len(tokens) > 0 {
			return h.HandleHTTP(ctx, w, r)
		} else {
			return webhelp.Redirect(w, r, login_redirect(r.RequestURI))
		}
	})
}
예제 #6
0
func (o *ProviderHandler) login(ctx context.Context, w webhelp.ResponseWriter,
	r *http.Request) error {
	session, err := o.Session(ctx)
	if err != nil {
		return err
	}

	redirect_to := r.FormValue("redirect_to")
	if redirect_to == "" {
		redirect_to = o.urls.DefaultLoginURL
	}

	force_prompt, err := strconv.ParseBool(r.FormValue("force_prompt"))
	if err != nil {
		force_prompt = false
	}

	if !force_prompt && o.token(session) != nil {
		return webhelp.Redirect(w, r, redirect_to)
	}

	state := newState()
	session.Values["_state"] = state
	session.Values["_redirect_to"] = redirect_to
	err = session.Save(w)
	if err != nil {
		return err
	}

	opts := []oauth2.AuthCodeOption{oauth2.AccessTypeOnline}
	if force_prompt {
		opts = append(opts, oauth2.ApprovalForce)
	}

	return webhelp.Redirect(w, r, o.provider.AuthCodeURL(state, opts...))
}
예제 #7
0
파일: endpoints.go 프로젝트: jtolds/cwbench
func (a *Endpoints) NewProject(ctx context.Context, w webhelp.ResponseWriter,
	req *http.Request, user *UserInfo) error {
	proj_id, err := a.Data.NewProject(user.Id, req.FormValue("name"),
		func(deliver func(dim string) error) error {
			for _, dim := range strings.Fields(req.FormValue("dimensions")) {
				err := deliver(dim)
				if err != nil {
					return err
				}
			}
			return nil
		})
	if err != nil {
		return err
	}
	return webhelp.Redirect(w, req, fmt.Sprintf("/project/%d", proj_id))
}
예제 #8
0
파일: endpoints.go 프로젝트: jtolds/cwbench
func (a *Endpoints) newSample(ctx context.Context, w webhelp.ResponseWriter,
	req *http.Request, user *UserInfo, proj_id, control_id int64) error {

	sample_id, err := a.Data.NewSample(user.Id, proj_id, control_id,
		req.FormValue("name"),
		func(deliver func(dim_id int64, value float64) error) error {
			dimlookup, err := a.Data.DimLookup(proj_id)
			if err != nil {
				return err
			}
			for _, row := range strings.Split(req.FormValue("values"), "\n") {
				fields := strings.Fields(row)
				if len(fields) == 0 {
					continue
				}
				if len(fields) != 2 {
					return webhelp.ErrBadRequest.New("malformed data: %#v", row)
				}
				id, err := dimlookup.LookupId(fields[0])
				if err != nil {
					return err
				}
				val, err := strconv.ParseFloat(fields[1], 64)
				if err != nil {
					return webhelp.ErrBadRequest.New("malformed data: %#v", row)
				}
				err = deliver(id, val)
				if err != nil {
					return err
				}
			}
			return nil
		})
	if err != nil {
		return err
	}
	return webhelp.Redirect(w, req, fmt.Sprintf("/project/%d/sample/%d",
		proj_id, sample_id))
}
예제 #9
0
func (o *ProviderHandler) cb(ctx context.Context, w webhelp.ResponseWriter,
	r *http.Request) error {
	session, err := o.Session(ctx)
	if err != nil {
		return err
	}

	val, exists := session.Values["_state"]
	existing_state, correct := val.(string)
	if !exists || !correct {
		return webhelp.ErrBadRequest.New("invalid session storage state")
	}

	val, exists = session.Values["_redirect_to"]
	redirect_to, correct := val.(string)
	if !exists || !correct {
		return webhelp.ErrBadRequest.New("invalid redirect_to")
	}

	if existing_state != r.FormValue("state") {
		return webhelp.ErrBadRequest.New("csrf detected")
	}

	token, err := o.provider.Exchange(context.Background(), r.FormValue("code"))
	if err != nil {
		return err
	}

	session.Values["_token"] = token
	err = session.Save(w)
	if err != nil {
		return err
	}

	return webhelp.Redirect(w, r, redirect_to)
}
예제 #10
0
func main() {
	flag.Parse()

	secret, err := hex.DecodeString(*cookieSecret)
	if err != nil {
		panic(err)
	}
	store := sessions.NewCookieStore(secret)

	group, err := oauth2.NewProviderGroup(
		"oauth", "/auth", oauth2.RedirectURLs{},
		oauth2.Github(oauth2.Config{
			ClientID:     *githubClientId,
			ClientSecret: *githubClientSecret}),
		oauth2.Facebook(oauth2.Config{
			ClientID:     *facebookClientId,
			ClientSecret: *facebookClientSecret,
			RedirectURL:  "http://localhost:8080/auth/facebook/_cb"}))
	if err != nil {
		panic(err)
	}

	webhelp.ListenAndServe(*listenAddr,
		webhelp.LoggingHandler(
			sessions.HandlerWithStore(store,
				webhelp.DirMux{
					"":      &SampleHandler{Group: group, Restricted: false},
					"login": &LoginHandler{Group: group},
					"logout": webhelp.HandlerFunc(func(ctx context.Context,
						w webhelp.ResponseWriter, r *http.Request) error {
						return webhelp.Redirect(w, r, "/auth/all/logout")
					}),
					"restricted": group.LoginRequired(
						&SampleHandler{Group: group, Restricted: true}, loginurl),
					"auth": group})))
}