"code.google.com/p/go.net/context"
"github.com/armab/drone/server/datastore"
"github.com/armab/drone/shared/httputil"
"github.com/armab/drone/shared/model"
"github.com/dgrijalva/jwt-go"
"github.com/drone/config"
"github.com/gorilla/securecookie"
)
// random key used to create jwt if none
// provided in the configuration.
var random = securecookie.GenerateRandomKey(32)
var (
secret = config.String("session-secret", string(random))
expires = config.Duration("session-expires", time.Hour*72)
)
// GetUser gets the currently authenticated user for the
// http.Request. The user details will be stored as either
// a simple API token or JWT bearer token.
func GetUser(c context.Context, r *http.Request) *model.User {
switch {
case r.Header.Get("Authorization") != "":
return getUserBearer(c, r)
case r.FormValue("access_token") != "":
return getUserToken(c, r)
default:
return nil
}
}
"fmt"
"log"
"net/http"
"net/url"
"strings"
"time"
"github.com/crowdmob/goamz/sts"
"github.com/dgrijalva/jwt-go"
"github.com/drone/config"
"golang.org/x/oauth2"
)
var trustXForwarded = config.Bool("trust-x-forwarded", false)
var loginTimeout = config.Duration("google-login-timeout", time.Second*120)
// We reuse the Google client secret as the web secret.
var secret = googleClientSecret
// getOriginUrl returns the HTTP origin string (i.e.
// https://alice.example.com, or http://localhost:8000)
func getOriginURL(r *http.Request) string {
scheme := "https"
if r.TLS == nil {
scheme = "http"
}
if *trustXForwarded {
scheme = r.Header.Get("X-Forwarded-Proto")
}
return fmt.Sprintf("%s://%s", scheme, r.Host)
