frostfs-http-gw/header.go

package main

import (
	"bytes"
	"encoding/base64"

	"github.com/nspcc-dev/neofs-api-go/pkg/token"
	"github.com/pkg/errors"
	"github.com/valyala/fasthttp"
)

const bearerToken = "Bearer"

// BearerToken usage:
//
// if tkn, err = BearerToken(c); err != nil && tkn == nil {
// 	log.Error("could not fetch bearer token", zap.Error(err))
// 	c.Error("could not fetch bearer token", fasthttp.StatusBadRequest)
// 	return
// }
var _ = BearerToken

func headerAuth(h *fasthttp.RequestHeader) (*token.BearerToken, error) {
	auth := h.Peek(fasthttp.HeaderAuthorization)
	if auth == nil || !bytes.Contains(auth, []byte(bearerToken)) {
		return nil, nil
	}

	auth = bytes.ReplaceAll(auth, []byte(bearerToken+" "), nil)

	data, err := base64.StdEncoding.DecodeString(string(auth))
	if err != nil {
		return nil, errors.Wrap(err, "could not fetch marshaled from base64")
	}

	tkn := new(token.BearerToken)
	if err = tkn.Unmarshal(data); err != nil {
		return nil, errors.Wrap(err, "could unmarshal bearer token")
	}

	return tkn, nil
}

func cookieAuth(h *fasthttp.RequestHeader) (*token.BearerToken, error) {
	auth := h.Cookie(bearerToken)
	if auth == nil {
		return nil, nil
	}

	data, err := base64.StdEncoding.DecodeString(string(auth))
	if err != nil {
		return nil, errors.Wrap(err, "could not fetch marshaled from base64")
	}

	tkn := new(token.BearerToken)
	if err = tkn.Unmarshal(data); err != nil {
		return nil, errors.Wrap(err, "could unmarshal bearer token")
	}

	return tkn, nil
}

func BearerToken(ctx *fasthttp.RequestCtx) (*token.BearerToken, error) {
	// ignore empty value
	if ctx == nil {
		return nil, nil
	}

	if tkn, err := headerAuth(&ctx.Request.Header); err != nil {
		return nil, err
	} else if tkn != nil {
		return tkn, nil
	}

	return cookieAuth(&ctx.Request.Header)
}
Add method to fetch BearerToken from Header / Cookies - `BearerToken` allow to parse header/cookies to fetch bearer token - `headerAuth` allow to parse header to fetch bearer token - `cookieAuth` allow to parse header to fetch bearer token closes #2 closes #11 Signed-off-by: Evgeniy Kulikov <kim@nspcc.ru> 2021-01-25 13:20:08 +00:00			`package main`

			`import (`
			`"bytes"`
			`"encoding/base64"`

			`"github.com/nspcc-dev/neofs-api-go/pkg/token"`
			`"github.com/pkg/errors"`
			`"github.com/valyala/fasthttp"`
			`)`

			`const bearerToken = "Bearer"`

			`// BearerToken usage:`
			`//`
			`// if tkn, err = BearerToken(c); err != nil && tkn == nil {`
			`// log.Error("could not fetch bearer token", zap.Error(err))`
			`// c.Error("could not fetch bearer token", fasthttp.StatusBadRequest)`
			`// return`
			`// }`
			`var _ = BearerToken`

			`func headerAuth(h fasthttp.RequestHeader) (token.BearerToken, error) {`
			`auth := h.Peek(fasthttp.HeaderAuthorization)`
			`if auth == nil \|\| !bytes.Contains(auth, []byte(bearerToken)) {`
			`return nil, nil`
			`}`

			`auth = bytes.ReplaceAll(auth, []byte(bearerToken+" "), nil)`

			`data, err := base64.StdEncoding.DecodeString(string(auth))`
			`if err != nil {`
			`return nil, errors.Wrap(err, "could not fetch marshaled from base64")`
			`}`

			`tkn := new(token.BearerToken)`
			`if err = tkn.Unmarshal(data); err != nil {`
			`return nil, errors.Wrap(err, "could unmarshal bearer token")`
			`}`

			`return tkn, nil`
			`}`

			`func cookieAuth(h fasthttp.RequestHeader) (token.BearerToken, error) {`
			`auth := h.Cookie(bearerToken)`
			`if auth == nil {`
			`return nil, nil`
			`}`

			`data, err := base64.StdEncoding.DecodeString(string(auth))`
			`if err != nil {`
			`return nil, errors.Wrap(err, "could not fetch marshaled from base64")`
			`}`

			`tkn := new(token.BearerToken)`
			`if err = tkn.Unmarshal(data); err != nil {`
			`return nil, errors.Wrap(err, "could unmarshal bearer token")`
			`}`

			`return tkn, nil`
			`}`

			`func BearerToken(ctx fasthttp.RequestCtx) (token.BearerToken, error) {`
			`// ignore empty value`
			`if ctx == nil {`
			`return nil, nil`
			`}`

			`if tkn, err := headerAuth(&ctx.Request.Header); err != nil {`
			`return nil, err`
			`} else if tkn != nil {`
			`return tkn, nil`
			`}`

			`return cookieAuth(&ctx.Request.Header)`
			`}`