lza_menace
/
wg-access-server
mirror of https://github.com/Place1/wg-access-server
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
dependabot/npm_and_yarn/website/json5-1.0.2
dependabot/npm_and_yarn/website/async-2.6.4
dependabot/npm_and_yarn/website/url-parse-1.5.10
dependabot/npm_and_yarn/website/minimist-1.2.6
dependabot/npm_and_yarn/website/follow-redirects-1.14.8
dependabot/npm_and_yarn/website/tmpl-1.0.5
dependabot/npm_and_yarn/website/path-parse-1.0.7
dependabot/npm_and_yarn/website/lodash-4.17.21
dependabot/npm_and_yarn/website/ssri-6.0.2
dependabot/npm_and_yarn/website/y18n-4.0.1
master
gh-pages
remove-file-storage-backend
postgresql-ha
login-page-style-update
50-fix-oidc-email-domain-validation
48-fix-client-status-indicator
44-fix-routing-rules
config-options-for-ports
client-network-config
show-owner-name-in-ui
administration
big-refactor
embedded-dns
dns-support
add-license-1
auth
v0.4.6
v0.4.5
v0.4.4
v0.4.3
v0.4.2
v0.4.1
v0.4.0
v0.3.0
v0.3.0-rc2
v0.3.0-rc1
0.2.5
0.2.5-rc3
0.2.5-rc2
0.2.5-rc1
0.2.4
0.2.4-rc1
0.2.3
0.2.2
0.2.1
0.2.0
0.2.0-rc8
0.2.0-rc7
0.2.0-rc6
0.2.0-rc5
0.2.0-rc4
0.2.0-rc3
0.1.1
0.1.0
v0.1.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '304a6526cc'
${ noResults }
wg-access-server/pkg/authnz/router.go

87 lines
2.4 KiB
Go
Raw Blame History

package authnz
import (
"fmt"
"net/http"
"strconv"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"github.com/place1/wg-access-server/pkg/authnz/authconfig"
"github.com/place1/wg-access-server/pkg/authnz/authruntime"
"github.com/place1/wg-access-server/pkg/authnz/authsession"
"github.com/place1/wg-access-server/pkg/authnz/authtemplates"
"github.com/place1/wg-access-server/pkg/authnz/authutil"
"github.com/gorilla/mux"
"github.com/gorilla/sessions"
)
type AuthMiddleware struct {
config authconfig.AuthConfig
claimsMiddleware authsession.ClaimsMiddleware
}
func New(config authconfig.AuthConfig, claimsMiddleware authsession.ClaimsMiddleware) *AuthMiddleware {
return &AuthMiddleware{config, claimsMiddleware}
}
func (m *AuthMiddleware) Wrap(next http.Handler) http.Handler {
runtime := authruntime.NewProviderRuntime(sessions.NewCookieStore([]byte(authutil.RandomString(32))))
router := mux.NewRouter()
providers := m.config.Providers()
for _, p := range providers {
if p.RegisterRoutes != nil {
p.RegisterRoutes(router, runtime)
}
}
router.HandleFunc("/signin", func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
fmt.Fprint(w, authtemplates.RenderLoginPage(w, authtemplates.LoginPage{
Providers: providers,
}))
})
router.HandleFunc("/signin/{index}", func(w http.ResponseWriter, r *http.Request) {
index, err := strconv.Atoi(mux.Vars(r)["index"])
if err != nil || (index < 0 || index >= len(providers)) {
fmt.Fprintf(w, "unknown provider")
w.WriteHeader(http.StatusBadRequest)
return
}
provider := providers[index]
provider.Invoke(w, r, runtime)
})
router.HandleFunc("/signout", func(w http.ResponseWriter, r *http.Request) {
runtime.ClearSession(w, r)
runtime.Restart(w, r)
})
router.PathPrefix("/").Handler(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if s, err := runtime.GetSession(r); err == nil {
if m.claimsMiddleware != nil {
if err := m.claimsMiddleware(s.Identity); err != nil {
logrus.Error(errors.Wrap(err, "authz middleware failure"))
http.Error(w, "internal server error", http.StatusInternalServerError)
return
}
}
next.ServeHTTP(w, r.WithContext(authsession.SetIdentityCtx(r.Context(), s)))
} else {
next.ServeHTTP(w, r)
}
}))
return router
}
func indexHandler(w http.ResponseWriter, r *http.Request) {
fmt.Fprintln(w, "Index")
}
Reference in New Issue View Git Blame Copy Permalink