forked from TrueCloudLab/frostfs-s3-gw
[#65] Added NoAuthorizationHeader error
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
This commit is contained in:
parent
8185b71462
commit
4df647baac
2 changed files with 12 additions and 10 deletions
api
|
@ -44,6 +44,8 @@ type (
|
|||
prs int
|
||||
)
|
||||
|
||||
var ErrNoAuthorizationHeader = errors.New("no authorization header")
|
||||
|
||||
func (p prs) Read(_ []byte) (n int, err error) {
|
||||
panic("implement me")
|
||||
}
|
||||
|
@ -70,7 +72,7 @@ func (c *center) Authenticate(r *http.Request) (*token.BearerToken, error) {
|
|||
|
||||
authHeaderField := r.Header["Authorization"]
|
||||
if len(authHeaderField) != 1 {
|
||||
return nil, nil
|
||||
return nil, ErrNoAuthorizationHeader
|
||||
}
|
||||
|
||||
sms1 := c.reg.getSubmatches(authHeaderField[0])
|
||||
|
|
|
@ -19,17 +19,17 @@ var BearerTokenKey = KeyWrapper("__context_bearer_token_key")
|
|||
func AttachUserAuth(router *mux.Router, center auth.Center, log *zap.Logger) {
|
||||
router.Use(func(h http.Handler) http.Handler {
|
||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
var ctx context.Context
|
||||
token, err := center.Authenticate(r)
|
||||
if err != nil {
|
||||
log.Error("failed to pass authentication", zap.Error(err))
|
||||
WriteErrorResponse(r.Context(), w, GetAPIError(ErrAccessDenied), r.URL)
|
||||
return
|
||||
}
|
||||
|
||||
var ctx context.Context
|
||||
if token == nil {
|
||||
log.Info("couldn't receive bearer token, switch to use neofs-key")
|
||||
ctx = r.Context()
|
||||
if err == auth.ErrNoAuthorizationHeader {
|
||||
log.Debug("couldn't receive bearer token, using neofs-key")
|
||||
ctx = r.Context()
|
||||
} else {
|
||||
log.Error("failed to pass authentication", zap.Error(err))
|
||||
WriteErrorResponse(r.Context(), w, GetAPIError(ErrAccessDenied), r.URL)
|
||||
return
|
||||
}
|
||||
} else {
|
||||
ctx = context.WithValue(r.Context(), BearerTokenKey, token)
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue