From 4df647baac4fb06be53383b8e0bcdba72290228a Mon Sep 17 00:00:00 2001 From: Denis Kirillov Date: Fri, 11 Jun 2021 19:29:55 +0300 Subject: [PATCH] [#65] Added NoAuthorizationHeader error Signed-off-by: Denis Kirillov --- api/auth/center.go | 4 +++- api/user-auth.go | 18 +++++++++--------- 2 files changed, 12 insertions(+), 10 deletions(-) diff --git a/api/auth/center.go b/api/auth/center.go index aa3a501..0d968af 100644 --- a/api/auth/center.go +++ b/api/auth/center.go @@ -44,6 +44,8 @@ type ( prs int ) +var ErrNoAuthorizationHeader = errors.New("no authorization header") + func (p prs) Read(_ []byte) (n int, err error) { panic("implement me") } @@ -70,7 +72,7 @@ func (c *center) Authenticate(r *http.Request) (*token.BearerToken, error) { authHeaderField := r.Header["Authorization"] if len(authHeaderField) != 1 { - return nil, nil + return nil, ErrNoAuthorizationHeader } sms1 := c.reg.getSubmatches(authHeaderField[0]) diff --git a/api/user-auth.go b/api/user-auth.go index 0d8f5a0..df150a4 100644 --- a/api/user-auth.go +++ b/api/user-auth.go @@ -19,17 +19,17 @@ var BearerTokenKey = KeyWrapper("__context_bearer_token_key") func AttachUserAuth(router *mux.Router, center auth.Center, log *zap.Logger) { router.Use(func(h http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + var ctx context.Context token, err := center.Authenticate(r) if err != nil { - log.Error("failed to pass authentication", zap.Error(err)) - WriteErrorResponse(r.Context(), w, GetAPIError(ErrAccessDenied), r.URL) - return - } - - var ctx context.Context - if token == nil { - log.Info("couldn't receive bearer token, switch to use neofs-key") - ctx = r.Context() + if err == auth.ErrNoAuthorizationHeader { + log.Debug("couldn't receive bearer token, using neofs-key") + ctx = r.Context() + } else { + log.Error("failed to pass authentication", zap.Error(err)) + WriteErrorResponse(r.Context(), w, GetAPIError(ErrAccessDenied), r.URL) + return + } } else { ctx = context.WithValue(r.Context(), BearerTokenKey, token) }