2019-01-24 16:26:36 +00:00
|
|
|
// Copyright (C) 2019 Storj Labs, Inc.
|
2018-11-15 12:00:08 +00:00
|
|
|
// See LICENSE for copying information.
|
|
|
|
|
2019-01-15 13:03:24 +00:00
|
|
|
package console
|
2018-11-14 10:50:15 +00:00
|
|
|
|
|
|
|
import (
|
2018-11-27 14:20:58 +00:00
|
|
|
"context"
|
2018-11-14 10:50:15 +00:00
|
|
|
"encoding/base64"
|
|
|
|
|
2018-11-27 14:20:58 +00:00
|
|
|
"github.com/zeebo/errs"
|
|
|
|
|
2019-01-15 13:03:24 +00:00
|
|
|
"storj.io/storj/satellite/console/consoleauth"
|
2018-11-14 10:50:15 +00:00
|
|
|
)
|
|
|
|
|
2020-10-13 13:47:55 +01:00
|
|
|
// TODO: change to JWT or Macaroon based auth
|
2018-11-14 10:50:15 +00:00
|
|
|
|
2020-07-16 15:18:02 +01:00
|
|
|
// Signer creates signature for provided data.
|
2018-11-14 10:50:15 +00:00
|
|
|
type Signer interface {
|
|
|
|
Sign(data []byte) ([]byte, error)
|
|
|
|
}
|
|
|
|
|
2020-07-16 15:18:02 +01:00
|
|
|
// signToken signs token with given signer.
|
2019-01-15 13:03:24 +00:00
|
|
|
func signToken(token *consoleauth.Token, signer Signer) error {
|
2018-11-14 10:50:15 +00:00
|
|
|
encoded := base64.URLEncoding.EncodeToString(token.Payload)
|
|
|
|
|
|
|
|
signature, err := signer.Sign([]byte(encoded))
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
token.Signature = signature
|
|
|
|
return nil
|
|
|
|
}
|
2018-11-27 14:20:58 +00:00
|
|
|
|
2020-07-16 15:18:02 +01:00
|
|
|
// key is a context value key type.
|
2018-11-27 14:20:58 +00:00
|
|
|
type key int
|
|
|
|
|
2020-07-16 15:18:02 +01:00
|
|
|
// authKey is context key for Authorization.
|
2018-11-27 14:20:58 +00:00
|
|
|
const authKey key = 0
|
|
|
|
|
2020-09-06 02:56:07 +01:00
|
|
|
// requestKey is context key for Requests.
|
|
|
|
const requestKey key = 1
|
|
|
|
|
2020-07-16 15:18:02 +01:00
|
|
|
// ErrUnauthorized is error class for authorization related errors.
|
2018-11-27 14:20:58 +00:00
|
|
|
var ErrUnauthorized = errs.Class("unauthorized error")
|
|
|
|
|
2020-07-16 15:18:02 +01:00
|
|
|
// Authorization contains auth info of authorized User.
|
2018-11-27 14:20:58 +00:00
|
|
|
type Authorization struct {
|
|
|
|
User User
|
2019-01-15 13:03:24 +00:00
|
|
|
Claims consoleauth.Claims
|
2018-11-27 14:20:58 +00:00
|
|
|
}
|
|
|
|
|
2020-07-16 15:18:02 +01:00
|
|
|
// WithAuth creates new context with Authorization.
|
2018-11-27 14:20:58 +00:00
|
|
|
func WithAuth(ctx context.Context, auth Authorization) context.Context {
|
|
|
|
return context.WithValue(ctx, authKey, auth)
|
|
|
|
}
|
|
|
|
|
2020-07-16 15:18:02 +01:00
|
|
|
// WithAuthFailure creates new context with authorization failure.
|
2018-11-27 14:20:58 +00:00
|
|
|
func WithAuthFailure(ctx context.Context, err error) context.Context {
|
|
|
|
return context.WithValue(ctx, authKey, err)
|
|
|
|
}
|
|
|
|
|
2020-07-16 15:18:02 +01:00
|
|
|
// GetAuth gets Authorization from context.
|
2018-11-27 14:20:58 +00:00
|
|
|
func GetAuth(ctx context.Context) (Authorization, error) {
|
|
|
|
value := ctx.Value(authKey)
|
|
|
|
|
|
|
|
if auth, ok := value.(Authorization); ok {
|
|
|
|
return auth, nil
|
|
|
|
}
|
|
|
|
|
2019-09-04 16:02:39 +01:00
|
|
|
if err, ok := value.(error); ok {
|
2020-02-03 16:55:44 +00:00
|
|
|
return Authorization{}, ErrUnauthorized.Wrap(err)
|
2018-11-27 14:20:58 +00:00
|
|
|
}
|
|
|
|
|
2019-11-05 11:55:26 +00:00
|
|
|
return Authorization{}, ErrUnauthorized.New(unauthorizedErrMsg)
|
2018-11-27 14:20:58 +00:00
|
|
|
}
|