github/paralus
1
0
Fork 0
mirror of https://github.com/paralus/paralus.git synced 2026-05-06 08:26:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix returning ordering in authenticate

Browse Source
This commit is contained in:
Abin Simon
2022-04-12 19:25:05 +05:30
parent cf501a2dd8
commit 610a7da953
1 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
pkg/auth/v3/service.go
View File

@@ -26,7 +26,7 @@ func (ac *authContext) IsRequestAllowed(ctx context.Context, httpreq *http.Reque
}
// Authenticate request
err, succ := ac.authenticate(ctx, httpreq, req, res)
succ, err := ac.authenticate(ctx, httpreq, req, res)
if err != nil {
return nil, err
}
@@ -46,14 +46,14 @@ func (ac *authContext) IsRequestAllowed(ctx context.Context, httpreq *http.Reque
// authenticate validate whether the request is from a legitimate user
// and populate relevant information in res.
func (ac *authContext) authenticate(ctx context.Context, httpreq *http.Request, req *commonv3.IsRequestAllowedRequest, res *commonv3.IsRequestAllowedResponse) (error, bool) {
func (ac *authContext) authenticate(ctx context.Context, httpreq *http.Request, req *commonv3.IsRequestAllowedRequest, res *commonv3.IsRequestAllowedResponse) (bool, error) {
if len(req.XApiKey) > 0 && len(req.XSessionToken) == 0 {
resp, err := ac.ks.GetByKey(ctx, &rpcv3.ApiKeyRequest{
Id: req.XApiKey,
})
if err != nil {
_log.Infow("unable to get api key", "key", req.XApiKey, "error", err)
return ErrInvalidAPIKey, false
return false, ErrInvalidAPIKey
}
var kg httpsig.KeyGetterFunc = func(id string) interface{} {
return []byte(resp.Secret)
@@ -63,7 +63,7 @@ func (ac *authContext) authenticate(ctx context.Context, httpreq *http.Request,
verifier.SetRequiredHeaders([]string{"content-md5", "date", "host", "nonce"})
err = verifier.Verify(httpreq)
if err != nil {
return ErrInvalidSignature, false
return false, ErrInvalidSignature
}
res.Status = commonv3.RequestStatus_RequestAllowed
res.SessionData.Username = resp.Name
@@ -78,9 +78,9 @@ func (ac *authContext) authenticate(ctx context.Context, httpreq *http.Request,
if strings.Contains(err.Error(), "401 Unauthorized") {
res.Status = commonv3.RequestStatus_RequestNotAuthenticated
res.Reason = "no or invalid credentials"
return nil, false
return false, nil
} else {
return err, false
return false, nil
}
}
if session.GetActive() {
@@ -95,7 +95,7 @@ func (ac *authContext) authenticate(ctx context.Context, httpreq *http.Request,
res.Reason = "no active session"
}
}
return nil, true
return true, nil
}
// authorize performs authorization of the request