Mirror
/
go-neb
mirror of https://github.com/matrix-org/go-neb.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
573 Commits
120 Branches
3 Tags
12 MiB
Tree: 1e297c50ad
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1e297c50ad'
${ noResults }
go-neb/api/handlers/auth.go

311 lines
8.7 KiB
Raw Normal View History

Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Use github.com/matrix-org/util
7 years ago
Re-format project as a Go module (#310) * Define project as a Go module and update dependency versions Signed-off-by: Nikos Filippakis <me@nfil.dev> * Update docs, configs and dockerfile to use latest Go version Signed-off-by: Nikos Filippakis <me@nfil.dev> * Add postgres database driver Signed-off-by: Nikos Filippakis <me@nfil.dev>
4 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
  1. package handlers
  3. import (
  4. "database/sql"
  5. "encoding/base64"
  6. "encoding/json"
  7. "net/http"
  8. "strings"
  10. "github.com/matrix-org/go-neb/api"
  11. "github.com/matrix-org/go-neb/database"
  12. "github.com/matrix-org/go-neb/metrics"
  13. "github.com/matrix-org/go-neb/types"
  14. "github.com/matrix-org/util"
  15. log "github.com/sirupsen/logrus"
  16. )
  18. // RequestAuthSession represents an HTTP handler capable of processing /admin/requestAuthSession requests.
  19. type RequestAuthSession struct {
  20. Db *database.ServiceDB
  21. }
  23. // OnIncomingRequest handles POST requests to /admin/requestAuthSession. The HTTP body MUST be
  24. // a JSON object representing type "api.RequestAuthSessionRequest".
  25. //
  26. // This will return HTTP 400 if there are missing fields or the Realm ID is unknown.
  27. // For the format of the response, see the specific AuthRealm that the Realm ID corresponds to.
  28. //
  29. // Request:
  30. // POST /admin/requestAuthSession
  31. // {
  32. // "RealmID": "github_realm_id",
  33. // "UserID": "@my_user:localhost",
  34. // "Config": {
  35. // // AuthRealm specific config info
  36. // }
  37. // }
  38. // Response:
  39. // HTTP/1.1 200 OK
  40. // {
  41. // // AuthRealm-specific information
  42. // }
  43. func (h *RequestAuthSession) OnIncomingRequest(req *http.Request) util.JSONResponse {
  44. logger := util.GetLogger(req.Context())
  45. if req.Method != "POST" {
  46. return util.MessageResponse(405, "Unsupported Method")
  47. }
  48. var body api.RequestAuthSessionRequest
  49. if err := json.NewDecoder(req.Body).Decode(&body); err != nil {
  50. return util.MessageResponse(400, "Error parsing request JSON")
  51. }
  52. logger.WithFields(log.Fields{
  53. "realm_id": body.RealmID,
  54. "user_id": body.UserID,
  55. }).Print("Incoming auth session request")
  57. if err := body.Check(); err != nil {
  58. logger.WithError(err).Info("Failed Check")
  59. return util.MessageResponse(400, err.Error())
  60. }
  62. realm, err := h.Db.LoadAuthRealm(body.RealmID)
  63. if err != nil {
  64. logger.WithError(err).Info("Failed to LoadAuthRealm")
  65. return util.MessageResponse(400, "Unknown RealmID")
  66. }
  68. response := realm.RequestAuthSession(body.UserID, body.Config)
  69. if response == nil {
  70. logger.WithField("body", body).Error("Failed to RequestAuthSession")
  71. return util.MessageResponse(500, "Failed to request auth session")
  72. }
  74. metrics.IncrementAuthSession(realm.Type())
  76. return util.JSONResponse{
  77. Code: 200,
  78. JSON: response,
  79. }
  80. }
  82. // RemoveAuthSession represents an HTTP handler capable of processing /admin/removeAuthSession requests.
  83. type RemoveAuthSession struct {
  84. Db *database.ServiceDB
  85. }
  87. // OnIncomingRequest handles POST requests to /admin/removeAuthSession.
  88. //
  89. // The JSON object MUST contain the keys "RealmID" and "UserID" to identify the session to remove.
  90. //
  91. // Request
  92. // POST /admin/removeAuthSession
  93. // {
  94. // "RealmID": "github-realm",
  95. // "UserID": "@my_user:localhost"
  96. // }
  97. // Response:
  98. // HTTP/1.1 200 OK
  99. // {}
  100. func (h *RemoveAuthSession) OnIncomingRequest(req *http.Request) util.JSONResponse {
  101. logger := util.GetLogger(req.Context())
  102. if req.Method != "POST" {
  103. return util.MessageResponse(405, "Unsupported Method")
  104. }
  105. var body struct {
  106. RealmID string
  107. UserID string
  108. }
  109. if err := json.NewDecoder(req.Body).Decode(&body); err != nil {
  110. return util.MessageResponse(400, "Error parsing request JSON")
  111. }
  112. logger.WithFields(log.Fields{
  113. "realm_id": body.RealmID,
  114. "user_id": body.UserID,
  115. }).Print("Incoming remove auth session request")
  117. if body.UserID == "" || body.RealmID == "" {
  118. return util.MessageResponse(400, `Must supply a "UserID", a "RealmID"`)
  119. }
  121. _, err := h.Db.LoadAuthRealm(body.RealmID)
  122. if err != nil {
  123. return util.MessageResponse(400, "Unknown RealmID")
  124. }
  126. if err := h.Db.RemoveAuthSession(body.RealmID, body.UserID); err != nil {
  127. logger.WithError(err).Error("Failed to RemoveAuthSession")
  128. return util.MessageResponse(500, "Failed to remove auth session")
  129. }
  131. return util.JSONResponse{
  132. Code: 200,
  133. JSON: struct{}{},
  134. }
  135. }
  137. // RealmRedirect represents an HTTP handler which can process incoming redirects for auth realms.
  138. type RealmRedirect struct {
  139. Db *database.ServiceDB
  140. }
  142. // Handle requests for an auth realm.
  143. //
  144. // The last path segment of the URL MUST be the base64 form of the Realm ID. What response
  145. // this returns depends on the specific AuthRealm implementation.
  146. func (rh *RealmRedirect) Handle(w http.ResponseWriter, req *http.Request) {
  147. segments := strings.Split(req.URL.Path, "/")
  148. // last path segment is the base64d realm ID which we will pass the incoming request to
  149. base64realmID := segments[len(segments)-1]
  150. bytesRealmID, err := base64.RawURLEncoding.DecodeString(base64realmID)
  151. realmID := string(bytesRealmID)
  152. if err != nil {
  153. log.WithError(err).WithField("base64_realm_id", base64realmID).Print(
  154. "Not a b64 encoded string",
  155. )
  156. w.WriteHeader(400)
  157. return
  158. }
  160. realm, err := rh.Db.LoadAuthRealm(realmID)
  161. if err != nil {
  162. log.WithError(err).WithField("realm_id", realmID).Print("Failed to load realm")
  163. w.WriteHeader(404)
  164. return
  165. }
  166. log.WithFields(log.Fields{
  167. "realm_id": realmID,
  168. }).Print("Incoming realm redirect request")
  169. realm.OnReceiveRedirect(w, req)
  170. }
  172. // ConfigureAuthRealm represents an HTTP handler capable of processing /admin/configureAuthRealm requests.
  173. type ConfigureAuthRealm struct {
  174. Db *database.ServiceDB
  175. }
  177. // OnIncomingRequest handles POST requests to /admin/configureAuthRealm. The JSON object
  178. // provided is of type "api.ConfigureAuthRealmRequest".
  179. //
  180. // Request:
  181. // POST /admin/configureAuthRealm
  182. // {
  183. // "ID": "my-realm-id",
  184. // "Type": "github",
  185. // "Config": {
  186. // // Realm-specific configuration information
  187. // }
  188. // }
  189. // Response:
  190. // HTTP/1.1 200 OK
  191. // {
  192. // "ID": "my-realm-id",
  193. // "Type": "github",
  194. // "OldConfig": {
  195. // // Old auth realm config information
  196. // },
  197. // "NewConfig": {
  198. // // New auth realm config information
  199. // },
  200. // }
  201. func (h *ConfigureAuthRealm) OnIncomingRequest(req *http.Request) util.JSONResponse {
  202. logger := util.GetLogger(req.Context())
  203. if req.Method != "POST" {
  204. return util.MessageResponse(405, "Unsupported Method")
  205. }
  206. var body api.ConfigureAuthRealmRequest
  207. if err := json.NewDecoder(req.Body).Decode(&body); err != nil {
  208. return util.MessageResponse(400, "Error parsing request JSON")
  209. }
  211. if err := body.Check(); err != nil {
  212. return util.MessageResponse(400, err.Error())
  213. }
  215. realm, err := types.CreateAuthRealm(body.ID, body.Type, body.Config)
  216. if err != nil {
  217. return util.MessageResponse(400, "Error parsing config JSON")
  218. }
  220. if err = realm.Register(); err != nil {
  221. return util.MessageResponse(400, "Error registering auth realm")
  222. }
  224. oldRealm, err := h.Db.StoreAuthRealm(realm)
  225. if err != nil {
  226. logger.WithError(err).Error("Failed to StoreAuthRealm")
  227. return util.MessageResponse(500, "Error storing realm")
  228. }
  230. return util.JSONResponse{
  231. Code: 200,
  232. JSON: struct {
  233. ID string
  234. Type string
  235. OldConfig types.AuthRealm
  236. NewConfig types.AuthRealm
  237. }{body.ID, body.Type, oldRealm, realm},
  238. }
  239. }
  241. // GetSession represents an HTTP handler capable of processing /admin/getSession requests.
  242. type GetSession struct {
  243. Db *database.ServiceDB
  244. }
  246. // OnIncomingRequest handles POST requests to /admin/getSession.
  247. //
  248. // The JSON object provided MUST have a "RealmID" and "UserID" in order to fetch the
  249. // correct AuthSession. If there is no session for this tuple of realm and user ID,
  250. // a 200 OK is still returned with "Authenticated" set to false.
  251. //
  252. // Request:
  253. // POST /admin/getSession
  254. // {
  255. // "RealmID": "my-realm",
  256. // "UserID": "@my_user:localhost"
  257. // }
  258. // Response:
  259. // HTTP/1.1 200 OK
  260. // {
  261. // "ID": "session_id",
  262. // "Authenticated": true,
  263. // "Info": {
  264. // // Session-specific config info
  265. // }
  266. // }
  267. // Response if session not found:
  268. // HTTP/1.1 200 OK
  269. // {
  270. // "Authenticated": false
  271. // }
  272. func (h *GetSession) OnIncomingRequest(req *http.Request) util.JSONResponse {
  273. logger := util.GetLogger(req.Context())
  274. if req.Method != "POST" {
  275. return util.MessageResponse(405, "Unsupported Method")
  276. }
  277. var body struct {
  278. RealmID string
  279. UserID string
  280. }
  281. if err := json.NewDecoder(req.Body).Decode(&body); err != nil {
  282. return util.MessageResponse(400, "Error parsing request JSON")
  283. }
  285. if body.RealmID == "" || body.UserID == "" {
  286. return util.MessageResponse(400, `Must supply a "RealmID" and "UserID"`)
  287. }
  289. session, err := h.Db.LoadAuthSessionByUser(body.RealmID, body.UserID)
  290. if err != nil && err != sql.ErrNoRows {
  291. logger.WithError(err).WithField("body", body).Error("Failed to LoadAuthSessionByUser")
  292. return util.MessageResponse(500, `Failed to load session`)
  293. }
  294. if err == sql.ErrNoRows {
  295. return util.JSONResponse{
  296. Code: 200,
  297. JSON: struct {
  298. Authenticated bool
  299. }{false},
  300. }
  301. }
  303. return util.JSONResponse{
  304. Code: 200,
  305. JSON: struct {
  306. ID string
  307. Authenticated bool
  308. Info interface{}
  309. }{session.ID(), session.Authenticated(), session.Info()},
  310. }
  311. }