// Super is an AuthCheck that grants access to the superuser (that is, the user // identified by `Authorization: <secret>`). func Super(ctx context.Context, w http.ResponseWriter, r *http.Request) error { var acct account.Account if err := GetAccount(ctx, &acct); err != nil { return err } else if !acct.Super() { return ErrForbidden } else { return nil } }
// AccountMatchesParam returns an AuthCheck that grants access if paramName is the same // as the account's ID; so, for instance, on a route to /accounts/:accountId, with // a request to /accounts/asdf, the AuthCheck will return true if the account's ID is asdf. // As a special case, account.Nobody and account.Super will never match in this method. func AccountMatchesParam(paramName string) AuthCheck { return func(ctx context.Context, w http.ResponseWriter, r *http.Request) error { var acct account.Account if err := GetAccount(ctx, &acct); err != nil { return err } else if acct.Super() || acct.Nobody() { return ErrAccountIDDoesNotMatch } else if acct.Key(ctx).Encode() != kami.Param(ctx, paramName) { return ErrAccountIDDoesNotMatch } else { return nil } } }
func TestMiddleware(t *testing.T) { var acct account.Account ctx := test.WithConfig(context.Background(), map[string]interface{}{"AuthSecret": "foo"}) // a user is no one (i.e., no Authorization header) w := httptest.NewRecorder() r, _ := http.NewRequest("GET", "/", nil) resultCtx := Middleware(ctx, w, r) err := GetAccount(resultCtx, &acct) if err != nil { t.Errorf("Unexpected error %s", err) } if !acct.Nobody() { t.Errorf("acct should have been the zero value, but got %+v", acct) } // bad jwt w = httptest.NewRecorder() r, _ = http.NewRequest("GET", "/", nil) r.Header.Set("Authorization", "wrong") resultCtx = Middleware(ctx, w, r) err = GetAccount(resultCtx, &acct) if err != InvalidJWTError { t.Errorf("Unexpected error %s", err) } // super (i.e., they passed in the secret itself) w = httptest.NewRecorder() r, _ = http.NewRequest("GET", "/", nil) r.Header.Set("Authorization", "foo") resultCtx = Middleware(ctx, w, r) err = GetAccount(resultCtx, &acct) if err != nil { t.Errorf("Unexpected error %s", err) } if !acct.Super() { t.Errorf("Expected the super account, but got %+v", acct) } // super (i.e., they passed in the secret itself) w = httptest.NewRecorder() r, _ = http.NewRequest("GET", "/", nil) r.Header.Set("Authorization", "foo") resultCtx = Middleware(ctx, w, r) err = GetAccount(resultCtx, &acct) if err != nil { t.Errorf("Unexpected error %s", err) } if !acct.Super() { t.Errorf("Expected the super account, but got %+v", acct) } // test against App Engine dev environment from this point forward realCtx, done, _ := aetest.NewContext() defer done() account.New(realCtx, "*****@*****.**", "foobar") realCtx = test.WithConfig(realCtx, map[string]interface{}{"AuthSecret": "foo"}) // nonexistent account w = httptest.NewRecorder() r, _ = http.NewRequest("GET", "/", nil) r.Header.Set("Authorization", test.JWT(&jws.ClaimSet{Sub: "*****@*****.**"}, "foo")) resultCtx = Middleware(realCtx, w, r) if resultCtx != nil { t.Errorf("Expected Middleware to terminate (i.e. to return nil), but it didn't", err) } // existent account (i.e., the happy path) w = httptest.NewRecorder() r, _ = http.NewRequest("GET", "/", nil) r.Header.Set("Authorization", test.JWT(&jws.ClaimSet{Sub: "*****@*****.**"}, "foo")) resultCtx = Middleware(realCtx, w, r) if resultCtx == nil { t.Errorf("Expected Middleware not to terminate (i.e. to return another context), but it terminated") } else if err = GetAccount(resultCtx, &acct); err != nil { t.Errorf("Expected no error when getting a properly authenticated account, but got %s", err) } else if acct.Email != "*****@*****.**" { t.Errorf("Unexpected account on retrieval: %+v", acct) } }