示例#1
0
文件: auth.go 项目: orktes/captainhub
// For invalid Authorization header it sends "404 - Bad Request" response.
// For invalid credentials, it sends "401 - Unauthorized" response.
func BasicAuth(fn AuthFunc) echo.HandlerFunc {
	return func(c *echo.Context) error {
		// Skip for WebSocket
		if (c.Request().Header.Get(echo.Upgrade)) == echo.WebSocket {
			return nil
		}

		auth := c.Request().Header.Get(echo.Authorization)
		i := 0
		code := http.StatusBadRequest

		for ; i < len(auth); i++ {
			c := auth[i]
			// Ignore empty spaces
			if c == ' ' {
				continue
			}

			// Check scheme
			if i < len(Basic) {
				// Ignore case
				if i == 0 {
					if c != Basic[i] && c != 'b' {
						break
					}
				} else {
					if c != Basic[i] {
						break
					}
				}
			} else {
				// Extract credentials
				b, err := base64.StdEncoding.DecodeString(auth[i:])
				if err != nil {
					break
				}
				cred := string(b)
				for i := 0; i < len(cred); i++ {
					if cred[i] == ':' {
						// Verify credentials
						if fn(cred[:i], cred[i+1:]) {
							return nil
						}
						code = http.StatusUnauthorized
						break
					}
				}
			}
		}
		return echo.NewHTTPError(code)
	}
}
示例#2
0
文件: main.go 项目: orktes/captainhub
	"github.com/orktes/captainhub/Godeps/_workspace/src/github.com/garyburd/redigo/redis"
	"github.com/orktes/captainhub/Godeps/_workspace/src/github.com/google/go-github/github"
	"github.com/orktes/captainhub/Godeps/_workspace/src/github.com/labstack/echo"
	mw "github.com/orktes/captainhub/Godeps/_workspace/src/github.com/labstack/echo/middleware"
	"github.com/orktes/captainhub/Godeps/_workspace/src/github.com/robertkrimen/otto"
	"github.com/orktes/captainhub/Godeps/_workspace/src/github.com/ryanuber/go-glob"
	"github.com/orktes/captainhub/Godeps/_workspace/src/golang.org/x/oauth2"

	_ "github.com/orktes/captainhub/Godeps/_workspace/src/github.com/robertkrimen/otto/underscore"
)

//go:generate go-bindata -prefix=plugins/ -pkg=main plugins/...

var redisPool *redis.Pool
var hookSecret string
var errMissingSig = echo.NewHTTPError(http.StatusForbidden, "Missing X-Hub-Signature")
var errInvalidSig = echo.NewHTTPError(http.StatusForbidden, "Invalid X-Hub-Signature")

func matchFilePath(call otto.FunctionCall) otto.Value {
	pattern := call.Argument(0).String()
	name := call.Argument(1).String()

	match := glob.Glob(pattern, name)
	val, _ := otto.ToValue(match)
	return val
}

func getGithubClient() *github.Client {
	ts := oauth2.StaticTokenSource(
		&oauth2.Token{AccessToken: os.Getenv("GITHUB_ACCESS_TOKEN")},
	)