// Authorize authorizes the request
func (c *Context) Authorize(request *http.Request, route *MatchedRoute) (interface{}, error) {
if len(route.Authenticators) == 0 {
return nil, nil
}
if v, ok := context.GetOk(request, ctxSecurityPrincipal); ok {
return v, nil
}
for _, authenticator := range route.Authenticators {
applies, usr, err := authenticator.Authenticate(request)
if !applies || err != nil || usr == nil {
continue
}
context.Set(request, ctxSecurityPrincipal, usr)
return usr, nil
}
return nil, errors.Unauthenticated("invalid credentials")
}
package security
import (
"net/http"
"testing"
"github.com/go-swagger/go-swagger/errors"
"github.com/stretchr/testify/assert"
)
var tokenAuth = TokenAuthentication(func(token string) (interface{}, error) {
if token == "token123" {
return "admin", nil
}
return nil, errors.Unauthenticated("token")
})
func TestInvalidApiKeyAuthInitialization(t *testing.T) {
assert.Panics(t, func() { APIKeyAuth("api_key", "qery", tokenAuth) })
}
func TestValidApiKeyAuth(t *testing.T) {
ta := APIKeyAuth("api_key", "query", tokenAuth)
ta2 := APIKeyAuth("X-API-KEY", "header", tokenAuth)
req1, _ := http.NewRequest("GET", "/blah?api_key=token123", nil)
ok, usr, err := ta.Authenticate(req1)
assert.True(t, ok)
assert.Equal(t, "admin", usr)
assert.NoError(t, err)
package security
import (
"net/http"
"testing"
"github.com/go-swagger/go-swagger/errors"
"github.com/stretchr/testify/assert"
)
var basicAuthHandler = UserPassAuthentication(func(user, pass string) (interface{}, error) {
if user == "admin" && pass == "123456" {
return "admin", nil
}
return "", errors.Unauthenticated("basic")
})
func TestValidBasicAuth(t *testing.T) {
ba := BasicAuth(basicAuthHandler)
req, _ := http.NewRequest("GET", "/blah", nil)
req.SetBasicAuth("admin", "123456")
ok, usr, err := ba.Authenticate(req)
assert.NoError(t, err)
assert.True(t, ok)
assert.Equal(t, "admin", usr)
}
func TestInvalidBasicAuth(t *testing.T) {
ba := BasicAuth(basicAuthHandler)