Exemplo n.º 1
0
	"code.google.com/p/go.net/context"
	"github.com/armab/drone/server/datastore"
	"github.com/armab/drone/shared/httputil"
	"github.com/armab/drone/shared/model"
	"github.com/dgrijalva/jwt-go"
	"github.com/drone/config"
	"github.com/gorilla/securecookie"
)

// random key used to create jwt if none
// provided in the configuration.
var random = securecookie.GenerateRandomKey(32)

var (
	secret  = config.String("session-secret", string(random))
	expires = config.Duration("session-expires", time.Hour*72)
)

// GetUser gets the currently authenticated user for the
// http.Request. The user details will be stored as either
// a simple API token or JWT bearer token.
func GetUser(c context.Context, r *http.Request) *model.User {
	switch {
	case r.Header.Get("Authorization") != "":
		return getUserBearer(c, r)
	case r.FormValue("access_token") != "":
		return getUserToken(c, r)
	default:
		return nil
	}
}
Exemplo n.º 2
0
	"fmt"
	"log"
	"net/http"
	"net/url"
	"strings"
	"time"

	"github.com/crowdmob/goamz/sts"
	"github.com/dgrijalva/jwt-go"
	"github.com/drone/config"
	"golang.org/x/oauth2"
)

var trustXForwarded = config.Bool("trust-x-forwarded", false)

var loginTimeout = config.Duration("google-login-timeout", time.Second*120)

// We reuse the Google client secret as the web secret.
var secret = googleClientSecret

// getOriginUrl returns the HTTP origin string (i.e.
// https://alice.example.com, or http://localhost:8000)
func getOriginURL(r *http.Request) string {
	scheme := "https"
	if r.TLS == nil {
		scheme = "http"
	}
	if *trustXForwarded {
		scheme = r.Header.Get("X-Forwarded-Proto")
	}
	return fmt.Sprintf("%s://%s", scheme, r.Host)