Пример #1
0
// match policy path to the a request url path
// policy path can be full path and can have wildcard `*`
func (pol *policy) IsMatch(policyPath, requestPath string, reqMethod string) bool {

	// determine request method of policy path
	method := "get"
	if services.StringStartsWith(strings.ToLower(policyPath), "post") {
		method = "post"
	}

	// ensure policy path request method matches the actual request method
	if method != strings.ToLower(reqMethod) {
		services.Println("matches not ", method, reqMethod)
		return false
	}

	// reassign policy path to the second substr of policyPath passesed in
	// if it contains a request method declaration
	policyPathSplit := services.StringSplitBySpace(policyPath)
	if len(policyPathSplit) > 1 {
		policyPath = policyPathSplit[1]
	}

	// change any wildcard to proper regex repeating operator `.*`
	policyPath = strings.Replace(policyPath, "*", ".*", -1)

	// check if policy path matches request path
	matched, err := regexp.MatchString(policyPath, requestPath)
	if err != nil {
		panic(err)
	}

	return matched
}
Пример #2
0
// ensures authorizaion header is a `Bearer` scheme
func MustBeBearer(res http.ResponseWriter, arc services.AuxRequestContext, log *config.CustomLog) {
	authorization := strings.ToLower(arc.Header.Get("Authorization"))
	if !services.StringStartsWith(authorization, "bearer") {
		services.Res(res).Error(401, "invalid_request", "authorization scheme must be Bearer")
	}
}