Mirror
/
go-neb
mirror of https://github.com/matrix-org/go-neb.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
585 Commits
120 Branches
3 Tags
12 MiB
Tree: 6879960d22
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '6879960d22'
${ noResults }
go-neb/api/handlers/auth.go

312 lines
8.7 KiB
Raw Normal View History

Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Use github.com/matrix-org/util
7 years ago
Re-format project as a Go module (#310) * Define project as a Go module and update dependency versions Signed-off-by: Nikos Filippakis <me@nfil.dev> * Update docs, configs and dockerfile to use latest Go version Signed-off-by: Nikos Filippakis <me@nfil.dev> * Add postgres database driver Signed-off-by: Nikos Filippakis <me@nfil.dev>
4 years ago
[WIP] Switch Gomatrix for Mautrix (#322) * Switch core functionality to Mautrix Signed-off-by: Nikos Filippakis <me@nfil.dev> * Convert and re-enable rssbot Signed-off-by: Nikos Filippakis <me@nfil.dev> * Convert and re-enable giphy service Signed-off-by: Nikos Filippakis <me@nfil.dev> * Convert and re-enable wikipedia, imgur and guggy services Signed-off-by: Nikos Filippakis <me@nfil.dev> * Convert and re-enable Github realm and service, and update go-github version Signed-off-by: Nikos Filippakis <me@nfil.dev> * Convert and add the rest of the services Re-enables the services: alertmanager, google, jira, slackapi, travisci Signed-off-by: Nikos Filippakis <me@nfil.dev>
4 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Replace golint with staticcheck golint has been deprecated and archived. There's no 1:1 match for it, but staticcheck is a checker the golint README recommends and has tons of useful checks. This commit enables all checks, and then disables: * ST1000: Incorrect or missing package comment * ST1005: Incorrectly formatted error string, necessary due to the fact that all our error strings are capitalised, which they should not be * SA1019: Locally in goneb.go because we have to rework how we use the prometheus package there It also fixes a number of other errors surfaced by staticheck.
3 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Replace golint with staticcheck golint has been deprecated and archived. There's no 1:1 match for it, but staticcheck is a checker the golint README recommends and has tons of useful checks. This commit enables all checks, and then disables: * ST1000: Incorrect or missing package comment * ST1005: Incorrectly formatted error string, necessary due to the fact that all our error strings are capitalised, which they should not be * SA1019: Locally in goneb.go because we have to rework how we use the prometheus package there It also fixes a number of other errors surfaced by staticheck.
3 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Replace golint with staticcheck golint has been deprecated and archived. There's no 1:1 match for it, but staticcheck is a checker the golint README recommends and has tons of useful checks. This commit enables all checks, and then disables: * ST1000: Incorrect or missing package comment * ST1005: Incorrectly formatted error string, necessary due to the fact that all our error strings are capitalised, which they should not be * SA1019: Locally in goneb.go because we have to rework how we use the prometheus package there It also fixes a number of other errors surfaced by staticheck.
3 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
[WIP] Switch Gomatrix for Mautrix (#322) * Switch core functionality to Mautrix Signed-off-by: Nikos Filippakis <me@nfil.dev> * Convert and re-enable rssbot Signed-off-by: Nikos Filippakis <me@nfil.dev> * Convert and re-enable giphy service Signed-off-by: Nikos Filippakis <me@nfil.dev> * Convert and re-enable wikipedia, imgur and guggy services Signed-off-by: Nikos Filippakis <me@nfil.dev> * Convert and re-enable Github realm and service, and update go-github version Signed-off-by: Nikos Filippakis <me@nfil.dev> * Convert and add the rest of the services Re-enables the services: alertmanager, google, jira, slackapi, travisci Signed-off-by: Nikos Filippakis <me@nfil.dev>
4 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Replace golint with staticcheck golint has been deprecated and archived. There's no 1:1 match for it, but staticcheck is a checker the golint README recommends and has tons of useful checks. This commit enables all checks, and then disables: * ST1000: Incorrect or missing package comment * ST1005: Incorrectly formatted error string, necessary due to the fact that all our error strings are capitalised, which they should not be * SA1019: Locally in goneb.go because we have to rework how we use the prometheus package there It also fixes a number of other errors surfaced by staticheck.
3 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Replace golint with staticcheck golint has been deprecated and archived. There's no 1:1 match for it, but staticcheck is a checker the golint README recommends and has tons of useful checks. This commit enables all checks, and then disables: * ST1000: Incorrect or missing package comment * ST1005: Incorrectly formatted error string, necessary due to the fact that all our error strings are capitalised, which they should not be * SA1019: Locally in goneb.go because we have to rework how we use the prometheus package there It also fixes a number of other errors surfaced by staticheck.
3 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Replace golint with staticcheck golint has been deprecated and archived. There's no 1:1 match for it, but staticcheck is a checker the golint README recommends and has tons of useful checks. This commit enables all checks, and then disables: * ST1000: Incorrect or missing package comment * ST1005: Incorrectly formatted error string, necessary due to the fact that all our error strings are capitalised, which they should not be * SA1019: Locally in goneb.go because we have to rework how we use the prometheus package there It also fixes a number of other errors surfaced by staticheck.
3 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Replace golint with staticcheck golint has been deprecated and archived. There's no 1:1 match for it, but staticcheck is a checker the golint README recommends and has tons of useful checks. This commit enables all checks, and then disables: * ST1000: Incorrect or missing package comment * ST1005: Incorrectly formatted error string, necessary due to the fact that all our error strings are capitalised, which they should not be * SA1019: Locally in goneb.go because we have to rework how we use the prometheus package there It also fixes a number of other errors surfaced by staticheck.
3 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Replace golint with staticcheck golint has been deprecated and archived. There's no 1:1 match for it, but staticcheck is a checker the golint README recommends and has tons of useful checks. This commit enables all checks, and then disables: * ST1000: Incorrect or missing package comment * ST1005: Incorrectly formatted error string, necessary due to the fact that all our error strings are capitalised, which they should not be * SA1019: Locally in goneb.go because we have to rework how we use the prometheus package there It also fixes a number of other errors surfaced by staticheck.
3 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Replace golint with staticcheck golint has been deprecated and archived. There's no 1:1 match for it, but staticcheck is a checker the golint README recommends and has tons of useful checks. This commit enables all checks, and then disables: * ST1000: Incorrect or missing package comment * ST1005: Incorrectly formatted error string, necessary due to the fact that all our error strings are capitalised, which they should not be * SA1019: Locally in goneb.go because we have to rework how we use the prometheus package there It also fixes a number of other errors surfaced by staticheck.
3 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Replace golint with staticcheck golint has been deprecated and archived. There's no 1:1 match for it, but staticcheck is a checker the golint README recommends and has tons of useful checks. This commit enables all checks, and then disables: * ST1000: Incorrect or missing package comment * ST1005: Incorrectly formatted error string, necessary due to the fact that all our error strings are capitalised, which they should not be * SA1019: Locally in goneb.go because we have to rework how we use the prometheus package there It also fixes a number of other errors surfaced by staticheck.
3 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Add lots of HTTP and API docs This all gets formatted right by godoc so we can point the README to that instead of having the docs so far away from the code.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
[WIP] Switch Gomatrix for Mautrix (#322) * Switch core functionality to Mautrix Signed-off-by: Nikos Filippakis <me@nfil.dev> * Convert and re-enable rssbot Signed-off-by: Nikos Filippakis <me@nfil.dev> * Convert and re-enable giphy service Signed-off-by: Nikos Filippakis <me@nfil.dev> * Convert and re-enable wikipedia, imgur and guggy services Signed-off-by: Nikos Filippakis <me@nfil.dev> * Convert and re-enable Github realm and service, and update go-github version Signed-off-by: Nikos Filippakis <me@nfil.dev> * Convert and add the rest of the services Re-enables the services: alertmanager, google, jira, slackapi, travisci Signed-off-by: Nikos Filippakis <me@nfil.dev>
4 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Replace golint with staticcheck golint has been deprecated and archived. There's no 1:1 match for it, but staticcheck is a checker the golint README recommends and has tons of useful checks. This commit enables all checks, and then disables: * ST1000: Incorrect or missing package comment * ST1005: Incorrectly formatted error string, necessary due to the fact that all our error strings are capitalised, which they should not be * SA1019: Locally in goneb.go because we have to rework how we use the prometheus package there It also fixes a number of other errors surfaced by staticheck.
3 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
Update go-neb to use util.JSONResponse
7 years ago
Split up the enormous handlers.go into more manageable files Split them up based on the HTTP API they are implementing.
8 years ago
  1. package handlers
  3. import (
  4. "database/sql"
  5. "encoding/base64"
  6. "encoding/json"
  7. "net/http"
  8. "strings"
  10. "github.com/matrix-org/go-neb/api"
  11. "github.com/matrix-org/go-neb/database"
  12. "github.com/matrix-org/go-neb/metrics"
  13. "github.com/matrix-org/go-neb/types"
  14. "github.com/matrix-org/util"
  15. log "github.com/sirupsen/logrus"
  16. "maunium.net/go/mautrix/id"
  17. )
  19. // RequestAuthSession represents an HTTP handler capable of processing /admin/requestAuthSession requests.
  20. type RequestAuthSession struct {
  21. DB *database.ServiceDB
  22. }
  24. // OnIncomingRequest handles POST requests to /admin/requestAuthSession. The HTTP body MUST be
  25. // a JSON object representing type "api.RequestAuthSessionRequest".
  26. //
  27. // This will return HTTP 400 if there are missing fields or the Realm ID is unknown.
  28. // For the format of the response, see the specific AuthRealm that the Realm ID corresponds to.
  29. //
  30. // Request:
  31. // POST /admin/requestAuthSession
  32. // {
  33. // "RealmID": "github_realm_id",
  34. // "UserID": "@my_user:localhost",
  35. // "Config": {
  36. // // AuthRealm specific config info
  37. // }
  38. // }
  39. // Response:
  40. // HTTP/1.1 200 OK
  41. // {
  42. // // AuthRealm-specific information
  43. // }
  44. func (h *RequestAuthSession) OnIncomingRequest(req *http.Request) util.JSONResponse {
  45. logger := util.GetLogger(req.Context())
  46. if req.Method != "POST" {
  47. return util.MessageResponse(405, "Unsupported Method")
  48. }
  49. var body api.RequestAuthSessionRequest
  50. if err := json.NewDecoder(req.Body).Decode(&body); err != nil {
  51. return util.MessageResponse(400, "Error parsing request JSON")
  52. }
  53. logger.WithFields(log.Fields{
  54. "realm_id": body.RealmID,
  55. "user_id": body.UserID,
  56. }).Print("Incoming auth session request")
  58. if err := body.Check(); err != nil {
  59. logger.WithError(err).Info("Failed Check")
  60. return util.MessageResponse(400, err.Error())
  61. }
  63. realm, err := h.DB.LoadAuthRealm(body.RealmID)
  64. if err != nil {
  65. logger.WithError(err).Info("Failed to LoadAuthRealm")
  66. return util.MessageResponse(400, "Unknown RealmID")
  67. }
  69. response := realm.RequestAuthSession(body.UserID, body.Config)
  70. if response == nil {
  71. logger.WithField("body", body).Error("Failed to RequestAuthSession")
  72. return util.MessageResponse(500, "Failed to request auth session")
  73. }
  75. metrics.IncrementAuthSession(realm.Type())
  77. return util.JSONResponse{
  78. Code: 200,
  79. JSON: response,
  80. }
  81. }
  83. // RemoveAuthSession represents an HTTP handler capable of processing /admin/removeAuthSession requests.
  84. type RemoveAuthSession struct {
  85. DB *database.ServiceDB
  86. }
  88. // OnIncomingRequest handles POST requests to /admin/removeAuthSession.
  89. //
  90. // The JSON object MUST contain the keys "RealmID" and "UserID" to identify the session to remove.
  91. //
  92. // Request
  93. // POST /admin/removeAuthSession
  94. // {
  95. // "RealmID": "github-realm",
  96. // "UserID": "@my_user:localhost"
  97. // }
  98. // Response:
  99. // HTTP/1.1 200 OK
  100. // {}
  101. func (h *RemoveAuthSession) OnIncomingRequest(req *http.Request) util.JSONResponse {
  102. logger := util.GetLogger(req.Context())
  103. if req.Method != "POST" {
  104. return util.MessageResponse(405, "Unsupported Method")
  105. }
  106. var body struct {
  107. RealmID string
  108. UserID id.UserID
  109. }
  110. if err := json.NewDecoder(req.Body).Decode(&body); err != nil {
  111. return util.MessageResponse(400, "Error parsing request JSON")
  112. }
  113. logger.WithFields(log.Fields{
  114. "realm_id": body.RealmID,
  115. "user_id": body.UserID,
  116. }).Print("Incoming remove auth session request")
  118. if body.UserID == "" || body.RealmID == "" {
  119. return util.MessageResponse(400, `Must supply a "UserID", a "RealmID"`)
  120. }
  122. _, err := h.DB.LoadAuthRealm(body.RealmID)
  123. if err != nil {
  124. return util.MessageResponse(400, "Unknown RealmID")
  125. }
  127. if err := h.DB.RemoveAuthSession(body.RealmID, body.UserID); err != nil {
  128. logger.WithError(err).Error("Failed to RemoveAuthSession")
  129. return util.MessageResponse(500, "Failed to remove auth session")
  130. }
  132. return util.JSONResponse{
  133. Code: 200,
  134. JSON: struct{}{},
  135. }
  136. }
  138. // RealmRedirect represents an HTTP handler which can process incoming redirects for auth realms.
  139. type RealmRedirect struct {
  140. DB *database.ServiceDB
  141. }
  143. // Handle requests for an auth realm.
  144. //
  145. // The last path segment of the URL MUST be the base64 form of the Realm ID. What response
  146. // this returns depends on the specific AuthRealm implementation.
  147. func (rh *RealmRedirect) Handle(w http.ResponseWriter, req *http.Request) {
  148. segments := strings.Split(req.URL.Path, "/")
  149. // last path segment is the base64d realm ID which we will pass the incoming request to
  150. base64realmID := segments[len(segments)-1]
  151. bytesRealmID, err := base64.RawURLEncoding.DecodeString(base64realmID)
  152. realmID := string(bytesRealmID)
  153. if err != nil {
  154. log.WithError(err).WithField("base64_realm_id", base64realmID).Print(
  155. "Not a b64 encoded string",
  156. )
  157. w.WriteHeader(400)
  158. return
  159. }
  161. realm, err := rh.DB.LoadAuthRealm(realmID)
  162. if err != nil {
  163. log.WithError(err).WithField("realm_id", realmID).Print("Failed to load realm")
  164. w.WriteHeader(404)
  165. return
  166. }
  167. log.WithFields(log.Fields{
  168. "realm_id": realmID,
  169. }).Print("Incoming realm redirect request")
  170. realm.OnReceiveRedirect(w, req)
  171. }
  173. // ConfigureAuthRealm represents an HTTP handler capable of processing /admin/configureAuthRealm requests.
  174. type ConfigureAuthRealm struct {
  175. DB *database.ServiceDB
  176. }
  178. // OnIncomingRequest handles POST requests to /admin/configureAuthRealm. The JSON object
  179. // provided is of type "api.ConfigureAuthRealmRequest".
  180. //
  181. // Request:
  182. // POST /admin/configureAuthRealm
  183. // {
  184. // "ID": "my-realm-id",
  185. // "Type": "github",
  186. // "Config": {
  187. // // Realm-specific configuration information
  188. // }
  189. // }
  190. // Response:
  191. // HTTP/1.1 200 OK
  192. // {
  193. // "ID": "my-realm-id",
  194. // "Type": "github",
  195. // "OldConfig": {
  196. // // Old auth realm config information
  197. // },
  198. // "NewConfig": {
  199. // // New auth realm config information
  200. // },
  201. // }
  202. func (h *ConfigureAuthRealm) OnIncomingRequest(req *http.Request) util.JSONResponse {
  203. logger := util.GetLogger(req.Context())
  204. if req.Method != "POST" {
  205. return util.MessageResponse(405, "Unsupported Method")
  206. }
  207. var body api.ConfigureAuthRealmRequest
  208. if err := json.NewDecoder(req.Body).Decode(&body); err != nil {
  209. return util.MessageResponse(400, "Error parsing request JSON")
  210. }
  212. if err := body.Check(); err != nil {
  213. return util.MessageResponse(400, err.Error())
  214. }
  216. realm, err := types.CreateAuthRealm(body.ID, body.Type, body.Config)
  217. if err != nil {
  218. return util.MessageResponse(400, "Error parsing config JSON")
  219. }
  221. if err = realm.Register(); err != nil {
  222. return util.MessageResponse(400, "Error registering auth realm")
  223. }
  225. oldRealm, err := h.DB.StoreAuthRealm(realm)
  226. if err != nil {
  227. logger.WithError(err).Error("Failed to StoreAuthRealm")
  228. return util.MessageResponse(500, "Error storing realm")
  229. }
  231. return util.JSONResponse{
  232. Code: 200,
  233. JSON: struct {
  234. ID string
  235. Type string
  236. OldConfig types.AuthRealm
  237. NewConfig types.AuthRealm
  238. }{body.ID, body.Type, oldRealm, realm},
  239. }
  240. }
  242. // GetSession represents an HTTP handler capable of processing /admin/getSession requests.
  243. type GetSession struct {
  244. DB *database.ServiceDB
  245. }
  247. // OnIncomingRequest handles POST requests to /admin/getSession.
  248. //
  249. // The JSON object provided MUST have a "RealmID" and "UserID" in order to fetch the
  250. // correct AuthSession. If there is no session for this tuple of realm and user ID,
  251. // a 200 OK is still returned with "Authenticated" set to false.
  252. //
  253. // Request:
  254. // POST /admin/getSession
  255. // {
  256. // "RealmID": "my-realm",
  257. // "UserID": "@my_user:localhost"
  258. // }
  259. // Response:
  260. // HTTP/1.1 200 OK
  261. // {
  262. // "ID": "session_id",
  263. // "Authenticated": true,
  264. // "Info": {
  265. // // Session-specific config info
  266. // }
  267. // }
  268. // Response if session not found:
  269. // HTTP/1.1 200 OK
  270. // {
  271. // "Authenticated": false
  272. // }
  273. func (h *GetSession) OnIncomingRequest(req *http.Request) util.JSONResponse {
  274. logger := util.GetLogger(req.Context())
  275. if req.Method != "POST" {
  276. return util.MessageResponse(405, "Unsupported Method")
  277. }
  278. var body struct {
  279. RealmID string
  280. UserID id.UserID
  281. }
  282. if err := json.NewDecoder(req.Body).Decode(&body); err != nil {
  283. return util.MessageResponse(400, "Error parsing request JSON")
  284. }
  286. if body.RealmID == "" || body.UserID == "" {
  287. return util.MessageResponse(400, `Must supply a "RealmID" and "UserID"`)
  288. }
  290. session, err := h.DB.LoadAuthSessionByUser(body.RealmID, body.UserID)
  291. if err != nil && err != sql.ErrNoRows {
  292. logger.WithError(err).WithField("body", body).Error("Failed to LoadAuthSessionByUser")
  293. return util.MessageResponse(500, `Failed to load session`)
  294. }
  295. if err == sql.ErrNoRows {
  296. return util.JSONResponse{
  297. Code: 200,
  298. JSON: struct {
  299. Authenticated bool
  300. }{false},
  301. }
  302. }
  304. return util.JSONResponse{
  305. Code: 200,
  306. JSON: struct {
  307. ID string
  308. Authenticated bool
  309. Info interface{}
  310. }{session.ID(), session.Authenticated(), session.Info()},
  311. }
  312. }