Пример #1
0
func newMacaroonStore() *macaroonStore {
	key, err := bakery.GenerateKey()
	if err != nil {
		panic(err)
	}
	locator := httpbakery.NewThirdPartyLocator(nil, nil)
	locator.AllowInsecure()
	return &macaroonStore{
		store:   bakery.NewMemStorage(),
		key:     key,
		locator: locator,
	}
}
Пример #2
0
func authHandler(h http.Handler) http.Handler {
	key, _ := bakery.GenerateKey() // TODO check error!
	b := bakery.New(bakery.BakeryParams{
		Key: key,
	})
	return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
		ops := opsForRequest(req)
		_, err := b.Checker.Auth().Allow(req.Context(), ops...)
		if err != nil {
			http.Error(w, err.Error(), http.StatusUnauthorized)
			return
		}
		h.ServeHTTP(w, req)
	})
}
Пример #3
0
func authHandler(h http.Handler, authorizer bakery.Authorizer, identity bakery.IdentityClient) http.Handler {
	key, _ := bakery.GenerateKey() // TODO check error!
	b := bakery.New(bakery.BakeryParams{
		Key:        key,
		Authorizer: authorizer,
		Identity:   identity,
	})
	return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
		ops := opsForRequest(req)
		macaroons := httpbakery.RequestMacaroons(req)
		_, err := b.Checker.Auth(macaroons...).Allow(req.Context(), ops...)
		if err != nil {
			http.Error(w, err.Error(), http.StatusUnauthorized)
			return
		}
		h.ServeHTTP(w, req)
	})
}