mirror of
https://github.com/nais/wonderwall.git
synced 2026-05-07 00:46:56 +00:00
refactor(handler/reverseproxy): retrieve both session and token
This commit is contained in:
Trong Huu Nguyen
@@ -90,13 +90,8 @@ func NewStandalone(
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (s *Standalone) GetAccessToken(r *http.Request) (string, error) {
|
||||
sess, err := s.SessionManager.GetOrRefresh(r)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
return sess.AccessToken()
|
||||
func (s *Standalone) GetSession(r *http.Request) (*session.Session, error) {
|
||||
return s.SessionManager.GetOrRefresh(r)
|
||||
}
|
||||
|
||||
func (s *Standalone) GetAutoLogin() *autologin.AutoLogin {
|
||||
|
||||
@@ -70,13 +70,8 @@ func NewSSOProxy(cfg *config.Config, crypter crypto.Crypter) (*SSOProxy, error)
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (s *SSOProxy) GetAccessToken(r *http.Request) (string, error) {
|
||||
sess, err := s.SessionReader.Get(r)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
return sess.AccessToken()
|
||||
func (s *SSOProxy) GetSession(r *http.Request) (*session.Session, error) {
|
||||
return s.SessionReader.Get(r)
|
||||
}
|
||||
|
||||
func (s *SSOProxy) GetAutoLogin() *autologin.AutoLogin {
|
||||
|
||||
@@ -17,9 +17,9 @@ import (
|
||||
)
|
||||
|
||||
type ReverseProxySource interface {
|
||||
GetAccessToken(r *http.Request) (string, error)
|
||||
GetAutoLogin() *autologin.AutoLogin
|
||||
GetPath(r *http.Request) string
|
||||
GetSession(r *http.Request) (*session.Session, error)
|
||||
}
|
||||
|
||||
type ReverseProxy struct {
|
||||
@@ -65,10 +65,10 @@ func (rp *ReverseProxy) Handler(src ReverseProxySource, w http.ResponseWriter, r
|
||||
logger := mw.LogEntryFrom(r)
|
||||
isAuthenticated := false
|
||||
|
||||
accessToken, err := src.GetAccessToken(r)
|
||||
_, accessToken, err := getSessionWithValidToken(src, r)
|
||||
switch {
|
||||
case err == nil:
|
||||
// add authentication if session cookie and token checks out
|
||||
// add authentication if session checks out
|
||||
isAuthenticated = true
|
||||
case errors.Is(err, context.Canceled):
|
||||
logger.Debugf("default: unauthenticated: %+v (client disconnected before we could respond)", err)
|
||||
@@ -106,6 +106,20 @@ func (rp *ReverseProxy) Handler(src ReverseProxySource, w http.ResponseWriter, r
|
||||
rp.ServeHTTP(w, r.WithContext(ctx))
|
||||
}
|
||||
|
||||
func getSessionWithValidToken(src ReverseProxySource, r *http.Request) (*session.Session, string, error) {
|
||||
sess, err := src.GetSession(r)
|
||||
if err != nil {
|
||||
return nil, "", err
|
||||
}
|
||||
|
||||
accessToken, err := sess.AccessToken()
|
||||
if err != nil {
|
||||
return nil, "", err
|
||||
}
|
||||
|
||||
return sess, accessToken, nil
|
||||
}
|
||||
|
||||
type logrusErrorWriter struct{}
|
||||
|
||||
func (w logrusErrorWriter) Write(p []byte) (n int, err error) {
|
||||
|
||||
Reference in New Issue
Block a user