Browse Source

Merge commit '6ac87dc7dcdf4d3be4a40f7ab19b46ffc1a8cf2f' into HEAD

feature/update-route-registration
Jenkins 3 years ago
committed by Fabian Vowie
parent
commit
dee7d7a488
No known key found for this signature in database GPG Key ID: C27317C33B27C410
  1. 28
      auth/authorization.go
  2. 40
      auth/authorization_test.go
  3. 16
      main.go

28
auth/authorization.go

@ -0,0 +1,28 @@
package auth
import (
"net/http"
"strings"
)
type AuthenticationMiddleware struct {
secret string
}
func (middleware AuthenticationMiddleware) Middleware(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
authToken := r.Header.Get("Authorization")
if authToken == "" || strings.HasPrefix(authToken, "Bearer ") == false || authToken[7:] != middleware.secret {
http.Error(w, "Forbidden", http.StatusForbidden)
} else {
next.ServeHTTP(w, r)
}
})
}
func CreateAuthenticationMiddleware(secret string) AuthenticationMiddleware {
return AuthenticationMiddleware{
secret: secret,
}
}

40
auth/authorization_test.go

@ -0,0 +1,40 @@
package auth
import (
"net/http"
"net/http/httptest"
"testing"
"github.com/bxcodec/faker/v3"
"github.com/stretchr/testify/assert"
)
func TestAuthorizationMiddleware(t *testing.T) {
token := faker.Word()
middleware := CreateAuthenticationMiddleware(token)
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
})
middlewareHandler := middleware.Middleware(handler)
t.Run("AuthorizationMiddleware returns 403 response when authorization header is incorrect", func(t *testing.T) {
request, _ := http.NewRequest("GET", "/", nil)
responseRecorder := httptest.NewRecorder()
middlewareHandler.ServeHTTP(responseRecorder, request)
assert.Equal(t, 403, responseRecorder.Code)
})
t.Run("AuthorizationMiddleware continues when authorization header is correct", func(t *testing.T) {
request, _ := http.NewRequest("GET", "/", nil)
request.Header.Set("Authorization", "Bearer "+token)
responseRecorder := httptest.NewRecorder()
middlewareHandler.ServeHTTP(responseRecorder, request)
assert.Equal(t, 200, responseRecorder.Code)
})
}

16
main.go

@ -4,9 +4,12 @@ import (
"encoding/json"
"net/http"
"github.com/geplauder/lithium/auth"
"github.com/geplauder/lithium/pipelines"
"github.com/geplauder/lithium/settings"
"github.com/geplauder/lithium/storage"
"github.com/gorilla/mux"
"github.com/spf13/afero"
)
const Name string = "Lithium"
@ -42,13 +45,22 @@ func RegisterPipelineRoutes(r *mux.Router, pipelines []pipelines.IPipeline, stor
}
func main() {
storageProvider := storage.GetFileSystemStorageProvider("test", "")
settings := settings.LoadSettings(afero.NewOsFs())
storageProvider.StoreRaw("abc", "def.test", []byte{0x12, 0x10})
var storageProvider storage.IStorageProvider
if settings.StorageProvider.Type == 0 {
storageProvider = storage.GetFileSystemStorageProvider(settings.StorageProvider.BasePath, "")
} else {
panic("Invalid file system provided!")
}
pipes := pipelines.LoadPipelines()
authMiddleware := auth.CreateAuthenticationMiddleware(settings.Token)
r := mux.NewRouter()
r.Use(authMiddleware.Middleware)
r.HandleFunc("/", IndexHandler)
RegisterPipelineRoutes(r, pipes, storageProvider)

Loading…
Cancel
Save