func authHandler(h http.Handler) http.Handler {
key, _ := bakery.GenerateKey() // TODO check error!
b := bakery.New(bakery.BakeryParams{
Key: key,
})
return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
ops := opsForRequest(req)
_, err := b.Checker.Auth().Allow(req.Context(), ops...)
if err != nil {
http.Error(w, err.Error(), http.StatusUnauthorized)
return
}
h.ServeHTTP(w, req)
})
}
func authHandler(h http.Handler, authorizer bakery.Authorizer, identity bakery.IdentityClient) http.Handler {
key, _ := bakery.GenerateKey() // TODO check error!
b := bakery.New(bakery.BakeryParams{
Key: key,
Authorizer: authorizer,
Identity: identity,
})
return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
ops := opsForRequest(req)
macaroons := httpbakery.RequestMacaroons(req)
_, err := b.Checker.Auth(macaroons...).Allow(req.Context(), ops...)
if err != nil {
http.Error(w, err.Error(), http.StatusUnauthorized)
return
}
h.ServeHTTP(w, req)
})
}