Página inicial Explorar Ajuda
Entrar
cloudflare
/
cloudflared
mirror de https://github.com/cloudflare/cloudflared
Observar 1
Favorito 0
Fork 0
Arquivos Issues
Branch: dcarr/TUN-8640-refactor-icmp-datagram-v3
Branches Tags
cloudflared
/
management
/
middleware.go

middleware.go 2.1 KB
Link permanente Histórico Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677 
  1. package management
    2. 

  2. 

  3. import (
    4. 

  4. 	"context"
    5. 

  5. 	"fmt"
    6. 

  6. 	"net/http"
    7. 

  7. )
    8. 

  8. 

  9. type ctxKey int
    10. 

  10. 

  11. const (
    12. 

  12. 	accessClaimsCtxKey ctxKey = iota
    13. 

  13. )
    14. 

  14. 

  15. const (
    16. 

  16. 	connectorIDQuery = "connector_id"
    17. 

  17. 	accessTokenQuery = "access_token"
    18. 

  18. )
    19. 

  19. 

  20. var (
    21. 

  21. 	errMissingAccessToken = managementError{Code: 1001, Message: "missing access_token query parameter"}
    22. 

  22. )
    23. 

  23. 

  24. // HTTP middleware setting the parsed access_token claims in the request context
    25. 

  25. func ValidateAccessTokenQueryMiddleware(next http.Handler) http.Handler {
    26. 

  26. 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
    27. 

  27. 		// Validate access token
    28. 

  28. 		accessToken := r.URL.Query().Get("access_token")
    29. 

  29. 		if accessToken == "" {
    30. 

  30. 			writeHTTPErrorResponse(w, errMissingAccessToken)
    31. 

  31. 			return
    32. 

  32. 		}
    33. 

  33. 		token, err := parseToken(accessToken)
    34. 

  34. 		if err != nil {
    35. 

  35. 			writeHTTPErrorResponse(w, errMissingAccessToken)
    36. 

  36. 			return
    37. 

  37. 		}
    38. 

  38. 		r = r.WithContext(context.WithValue(r.Context(), accessClaimsCtxKey, token))
    39. 

  39. 		next.ServeHTTP(w, r)
    40. 

  40. 	})
    41. 

  41. }
    42. 

  42. 

  43. // Middleware validation error struct for returning to the eyeball
    44. 

  44. type managementError struct {
    45. 

  45. 	Code    int    `json:"code,omitempty"`
    46. 

  46. 	Message string `json:"message,omitempty"`
    47. 

  47. }
    48. 

  48. 

  49. func (m *managementError) Error() string {
    50. 

  50. 	return m.Message
    51. 

  51. }
    52. 

  52. 

  53. // Middleware validation error HTTP response JSON for returning to the eyeball
    54. 

  54. type managementErrorResponse struct {
    55. 

  55. 	Success bool              `json:"success,omitempty"`
    56. 

  56. 	Errors  []managementError `json:"errors,omitempty"`
    57. 

  57. }
    58. 

  58. 

  59. // writeErrorResponse will respond to the eyeball with basic HTTP JSON payloads with validation failure information
    60. 

  60. func writeHTTPErrorResponse(w http.ResponseWriter, errResp managementError) {
    61. 

  61. 	w.Header().Set("Content-Type", "application/json")
    62. 

  62. 	w.WriteHeader(http.StatusBadRequest)
    63. 

  63. 	err := json.NewEncoder(w).Encode(managementErrorResponse{
    64. 

  64. 		Success: false,
    65. 

  65. 		Errors:  []managementError{errResp},
    66. 

  66. 	})
    67. 

  67. 	// we have already written the header, so write a basic error response if unable to encode the error
    68. 

  68. 	if err != nil {
    69. 

  69. 		// fallback to text message
    70. 

  70. 		http.Error(w, fmt.Sprintf(
    71. 

  71. 			"%d %s",
    72. 

  72. 			http.StatusBadRequest,
    73. 

  73. 			http.StatusText(http.StatusBadRequest),
    74. 

  74. 		), http.StatusBadRequest)
    75. 

  75. 	}
    76. 

  76. }
    77. 

  77.