func checkAuth12Headers(user actor.Actor, r *http.Request, headToCheck, signedHeaders string) util.Gerror {
sig, err := base64.StdEncoding.DecodeString(signedHeaders)
if err != nil {
gerr := util.CastErr(err)
return gerr
}
sigSha := sha1.Sum([]byte(headToCheck))
err = chefcrypto.Auth12HeaderVerify(user.PublicKey(), sigSha[:], sig)
if err != nil {
return util.CastErr(err)
}
return nil
}
func checkAuthHeaders(user actor.Actor, r *http.Request, headToCheck, signedHeaders string) util.Gerror {
decHead, berr := chefcrypto.HeaderDecrypt(user.PublicKey(), signedHeaders)
if berr != nil {
gerr := util.Errorf(berr.Error())
gerr.SetStatus(http.StatusUnauthorized)
return gerr
}
if string(decHead) != headToCheck {
gerr := util.Errorf("failed to verify authorization")
gerr.SetStatus(http.StatusUnauthorized)
return gerr
}
return nil
}
// LogEvent writes an event of the action type, performed by the given actor,
// against the given object.
func LogEvent(doer actor.Actor, obj util.GoiardiObj, action string) error {
if !config.Config.LogEvents {
logger.Debugf("Not logging this event")
return nil
}
logger.Debugf("Logging event")
var actorType string
if doer.IsUser() {
actorType = "user"
} else {
actorType = "client"
}
le := new(LogInfo)
le.Action = action
le.Actor = doer
le.ActorType = actorType
le.ObjectName = obj.GetName()
le.ObjectType = reflect.TypeOf(obj).String()
le.Time = time.Now()
extInfo, err := datastore.EncodeToJSON(obj)
if err != nil {
return err
}
le.ExtendedInfo = extInfo
actorInfo, err := datastore.EncodeToJSON(doer)
if err != nil {
return err
}
le.ActorInfo = actorInfo
if config.Config.SerfEventAnnounce {
qle := make(map[string]interface{}, 4)
qle["time"] = le.Time
qle["action"] = le.Action
qle["object_type"] = le.ObjectType
qle["object_name"] = le.ObjectName
go serfin.SendEvent("log-event", qle)
}
if config.UsingDB() {
return le.writeEventSQL()
}
return le.writeEventInMem()
}
// LogEvent writes an event of the action type, performed by the given actor,
// against the given object.
func LogEvent(doer actor.Actor, obj util.GoiardiObj, action string) error {
if !config.Config.LogEvents {
logger.Debugf("Not logging this event")
return nil
}
logger.Debugf("Logging event")
var actorType string
if doer.IsUser() {
actorType = "user"
} else {
actorType = "client"
}
le := new(LogInfo)
le.Action = action
le.Actor = doer
le.ActorType = actorType
le.ObjectName = obj.GetName()
le.ObjectType = reflect.TypeOf(obj).String()
le.Time = time.Now()
extInfo, err := datastore.EncodeToJSON(obj)
if err != nil {
return err
}
le.ExtendedInfo = extInfo
actorInfo, err := datastore.EncodeToJSON(doer)
if err != nil {
return err
}
le.ActorInfo = actorInfo
if config.UsingDB() {
return le.writeEventSQL()
}
return le.writeEventInMem()
}