func (h *Handler) SetRoutes(r *mux.Router, extractor func(h hctx.ContextHandler) hctx.ContextHandler) {
r.Handle("/allowed", hctx.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
).ThenFunc(h.Granted)).Methods("POST")
r.Handle("/policies", hctx.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
h.m.IsAuthorized("rn:hydra:policies", "create", nil),
).ThenFunc(h.Create)).Methods("POST")
// r.Handle("/policies", hctx.NewContextAdapter(
// context.Background(),
// extractor,
// h.m.IsAuthenticated,
// ).ThenFunc(h.FindBySubject)).Query("subject").Methods("GET")
r.Handle("/policies/{id}", hctx.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
).ThenFunc(h.Get)).Methods("GET")
r.Handle("/policies/{id}", hctx.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
).ThenFunc(h.Delete)).Methods("DELETE")
}
func (h *Handler) SetRoutes(r *mux.Router, extractor func(h hydcon.ContextHandler) hydcon.ContextHandler) {
r.Handle("/oauth2/connections", hydcon.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
h.m.IsAuthorized(connectionsPermission, "create", nil),
).ThenFunc(h.Create)).Queries("subject", "{subject}").Methods("POST")
r.Handle("/oauth2/connections", hydcon.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
).ThenFunc(h.Find)).Queries("subject", "{subject}").Methods("GET")
r.Handle("/oauth2/connections/{id}", hydcon.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
).ThenFunc(h.Get)).Methods("GET")
r.Handle("/oauth2/connections/{id}", hydcon.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
).ThenFunc(h.Delete)).Methods("DELETE")
}
func TestMiddleware(t *testing.T) {
m := &Middleware{}
for k, c := range cases {
h := hcon.NewContextAdapter(
context.Background(),
mockContext(c),
m.IsAuthenticated,
).ThenFunc(hcon.ContextHandlerFunc(handler(m, c)))
ts := httptest.NewServer(h)
defer ts.Close()
res, err := http.Get(ts.URL)
require.Nil(t, err)
res.Body.Close()
if !c.expectAuthN {
assert.Equal(t, http.StatusUnauthorized, res.StatusCode, "Authentication failed case %d", k)
} else if !c.expectAuthZ {
assert.Equal(t, http.StatusForbidden, res.StatusCode, "Authorization failed case %d", k)
} else {
assert.Equal(t, http.StatusOK, res.StatusCode, "Case %d should be authorized but wasn't.", k)
}
}
}
func (h *Handler) SetRoutes(r *mux.Router, extractor func(h hydcon.ContextHandler) hydcon.ContextHandler) {
r.Handle("/clients", hydcon.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
h.m.IsAuthorized("rn:hydra:clients", "create", nil),
).ThenFunc(h.Create)).Methods("POST")
r.Handle("/clients/{id}", hydcon.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
).ThenFunc(h.Get)).Methods("GET")
r.Handle("/clients/{id}", hydcon.NewContextAdapter(
context.Background(),
extractor,
h.m.IsAuthenticated,
).ThenFunc(h.Delete)).Methods("DELETE")
}